Class: Devise::FailureApp
- Inherits:
-
ActionController::Metal
- Object
- ActionController::Metal
- Devise::FailureApp
show all
- Includes:
- ActionController::Redirecting, ActionController::UrlFor, Controllers::StoreLocation
- Defined in:
- lib/devise/failure_app.rb
Overview
Failure application that will be called every time :warden is thrown from any strategy or hook. Responsible for redirect the user to the sign in page based on current scope and mapping. If no scope is given, redirect to the default_url.
Class Method Summary
collapse
Instance Method Summary
collapse
#store_location_for, #stored_location_for
Class Method Details
.call(env) ⇒ Object
19
20
21
22
|
# File 'lib/devise/failure_app.rb', line 19
def self.call(env)
@respond ||= action(:respond)
@respond.call(env)
end
|
.default_url_options(*args) ⇒ Object
Try retrieving the URL options from the parent controller (usually ApplicationController). Instance methods are not supported at the moment, so only the class-level attribute is used.
27
28
29
30
31
32
33
|
# File 'lib/devise/failure_app.rb', line 27
def self.default_url_options(*args)
if defined?(Devise.parent_controller.constantize)
Devise.parent_controller.constantize.try(:default_url_options) || {}
else
{}
end
end
|
Instance Method Details
#attempted_path ⇒ Object
228
229
230
|
# File 'lib/devise/failure_app.rb', line 228
def attempted_path
warden_options[:attempted_path]
end
|
#http_auth ⇒ Object
45
46
47
48
49
50
|
# File 'lib/devise/failure_app.rb', line 45
def http_auth
self.status = 401
self.["WWW-Authenticate"] = %(Basic realm=#{Devise.http_authentication_realm.inspect}) if
self.content_type = request.format.to_s
self.response_body = http_auth_body
end
|
#http_auth? ⇒ Boolean
Choose whether we should respond in a http authentication fashion, including 401 and optional headers.
This method allows the user to explicitly disable http authentication on ajax requests in case they want to redirect on failures instead of handling the errors on their own. This is useful in case your ajax API is the same as your public API and uses a format like JSON (so you cannot mark JSON as a navigational format).
175
176
177
178
179
180
181
|
# File 'lib/devise/failure_app.rb', line 175
def http_auth?
if request.xhr?
Devise.http_authenticatable_on_xhr
else
!(request_format && is_navigational_format?)
end
end
|
#http_auth_body ⇒ Object
189
190
191
192
193
194
195
196
197
198
199
|
# File 'lib/devise/failure_app.rb', line 189
def http_auth_body
return i18n_message unless request_format
method = "to_#{request_format}"
if method == "to_xml"
{ error: i18n_message }.to_xml(root: "errors")
elsif {}.respond_to?(method)
{ error: i18n_message }.send(method)
else
i18n_message
end
end
|
It does not make sense to send authenticate headers in ajax requests or if the user disabled them.
185
186
187
|
# File 'lib/devise/failure_app.rb', line 185
def
scope_class.http_authenticatable && !request.xhr?
end
|
#i18n_message(default = nil) ⇒ Object
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
# File 'lib/devise/failure_app.rb', line 97
def i18n_message(default = nil)
message = warden_message || default || :unauthenticated
if message.is_a?(Symbol)
options = {}
options[:resource_name] = scope
options[:scope] = "devise.failure"
options[:default] = [message]
auth_keys = scope_class.authentication_keys
keys = (auth_keys.respond_to?(:keys) ? auth_keys.keys : auth_keys).map { |key| scope_class.human_attribute_name(key) }
options[:authentication_keys] = keys.join(I18n.translate(:"support.array.words_connector"))
options = i18n_options(options)
I18n.t(:"#{scope}.#{message}", options)
else
message.to_s
end
end
|
#i18n_options(options) ⇒ Object
93
94
95
|
# File 'lib/devise/failure_app.rb', line 93
def i18n_options(options)
options
end
|
Check if flash messages should be emitted. Default is to do it on navigational formats
246
247
248
|
# File 'lib/devise/failure_app.rb', line 246
def is_flashing_format?
is_navigational_format?
end
|
240
241
242
|
# File 'lib/devise/failure_app.rb', line 240
def is_navigational_format?
Devise.navigational_formats.include?(request_format)
end
|
#recall ⇒ Object
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
# File 'lib/devise/failure_app.rb', line 52
def recall
config = Rails.application.config
= if config.try(:relative_url_root)
base_path = Pathname.new(config.relative_url_root)
full_path = Pathname.new(attempted_path)
{ "SCRIPT_NAME" => config.relative_url_root,
"PATH_INFO" => '/' + full_path.relative_path_from(base_path).to_s }
else
{ "PATH_INFO" => attempted_path }
end
.each do | var, value|
if request.respond_to?(:set_header)
request.(var, value)
else
env[var] = value
end
end
flash.now[:alert] = i18n_message(:invalid) if is_flashing_format?
self.response = recall_app(warden_options[:recall]).call(request.env)
end
|
#recall_app(app) ⇒ Object
201
202
203
204
205
206
|
# File 'lib/devise/failure_app.rb', line 201
def recall_app(app)
controller, action = app.split("#")
controller_name = ActiveSupport::Inflector.camelize(controller)
controller_klass = ActiveSupport::Inflector.constantize("#{controller_name}Controller")
controller_klass.action(action)
end
|
#redirect ⇒ Object
78
79
80
81
82
83
84
85
86
87
88
89
|
# File 'lib/devise/failure_app.rb', line 78
def redirect
store_location!
if is_flashing_format?
if flash[:timedout] && flash[:alert]
flash.keep(:timedout)
flash.keep(:alert)
else
flash[:alert] = i18n_message
end
end
redirect_to redirect_url
end
|
#redirect_url ⇒ Object
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
# File 'lib/devise/failure_app.rb', line 116
def redirect_url
if warden_message == :timeout
flash[:timedout] = true if is_flashing_format?
path = if request.get?
attempted_path
else
request.referrer
end
path || scope_url
else
scope_url
end
end
|
250
251
252
|
# File 'lib/devise/failure_app.rb', line 250
def request_format
@request_format ||= request.format.try(:ref)
end
|
#respond ⇒ Object
35
36
37
38
39
40
41
42
43
|
# File 'lib/devise/failure_app.rb', line 35
def respond
if http_auth?
http_auth
elsif warden_options[:recall]
recall
else
redirect
end
end
|
#route(scope) ⇒ Object
132
133
134
|
# File 'lib/devise/failure_app.rb', line 132
def route(scope)
:"new_#{scope}_session_url"
end
|
#scope ⇒ Object
220
221
222
|
# File 'lib/devise/failure_app.rb', line 220
def scope
@scope ||= warden_options[:scope] || Devise.default_scope
end
|
#scope_class ⇒ Object
224
225
226
|
# File 'lib/devise/failure_app.rb', line 224
def scope_class
@scope_class ||= Devise.mappings[scope].to
end
|
#scope_url ⇒ Object
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
# File 'lib/devise/failure_app.rb', line 136
def scope_url
opts = {}
route = route(scope)
opts[:format] = request_format unless skip_format?
config = Rails.application.config
if config.respond_to?(:relative_url_root)
rails_4_2 = (Rails::VERSION::MAJOR >= 4) && (Rails::VERSION::MINOR >= 2)
if config.relative_url_root.present? || rails_4_2
opts[:script_name] = config.relative_url_root
end
end
router_name = Devise.mappings[scope].router_name || Devise.available_router_name
context = send(router_name)
if context.respond_to?(route)
context.send(route, opts)
elsif respond_to?(:root_url)
root_url(opts)
else
"/"
end
end
|
163
164
165
|
# File 'lib/devise/failure_app.rb', line 163
def skip_format?
%w(html */*).include? request_format.to_s
end
|
#store_location! ⇒ Object
Stores requested uri to redirect the user after signing in. We cannot use scoped session provided by warden here, since the user is not authenticated yet, but we still need to store the uri based on scope, so different scopes would never use the same uri to redirect.
236
237
238
|
# File 'lib/devise/failure_app.rb', line 236
def store_location!
store_location_for(scope, attempted_path) if request.get? && !http_auth?
end
|
#warden ⇒ Object
208
209
210
|
# File 'lib/devise/failure_app.rb', line 208
def warden
request.respond_to?(:get_header) ? request.("warden") : env["warden"]
end
|
#warden_message ⇒ Object
216
217
218
|
# File 'lib/devise/failure_app.rb', line 216
def warden_message
@message ||= warden.message || warden_options[:message]
end
|
#warden_options ⇒ Object
212
213
214
|
# File 'lib/devise/failure_app.rb', line 212
def warden_options
request.respond_to?(:get_header) ? request.("warden.options") : env["warden.options"]
end
|