Module: DuodealerApp::LoginProtection
Defined Under Namespace
Classes: DuodealerDomainNotFound
Instance Method Summary
collapse
Instance Method Details
#duodealer_session ⇒ Object
17
18
19
20
21
22
23
24
25
26
27
|
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 17
def duodealer_session
return redirect_to_login unless shop_session
clear_top_level_oauth_cookie
begin
DuodealerAPI::Base.activate_session(shop_session)
yield
ensure
DuodealerAPI::Base.clear_session
end
end
|
#login_again_if_different_user_or_shop ⇒ Object
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 39
def login_again_if_different_user_or_shop
if DuodealerApp.configuration.per_user_tokens?
valid_session_data = session[:user_session].present? && params[:session].present? sessions_do_not_match = session[:user_session] != params[:session]
if valid_session_data && sessions_do_not_match
clear_session = true
end
end
if shop_session && params[:shop] && params[:shop].is_a?(String) && (shop_session.domain != params[:shop])
clear_session = true
end
if clear_session
clear_shop_session
redirect_to_login
end
end
|
#shop_session ⇒ Object
29
30
31
32
33
34
35
36
37
|
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 29
def shop_session
if DuodealerApp.configuration.per_user_tokens?
return unless session[:duodealer_user]
@shop_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer_user]["id"])
else
return unless session[:duodealer]
@shop_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer])
end
end
|