Module: DuodealerApp::LoginProtection
Defined Under Namespace
Classes: DuodealerDomainNotFound
Instance Method Summary
collapse
Instance Method Details
#account_session ⇒ Object
29
30
31
32
33
34
35
36
37
|
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 29
def account_session
if DuodealerApp.configuration.per_user_tokens?
return unless session[:duodealer_user]
@account_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer_user]["id"])
else
return unless session[:duodealer]
@account_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer])
end
end
|
#duodealer_session ⇒ Object
17
18
19
20
21
22
23
24
25
26
27
|
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 17
def duodealer_session
return redirect_to_login unless account_session
clear_top_level_oauth_cookie
begin
DuodealerAPI::Base.activate_session(account_session)
yield
ensure
DuodealerAPI::Base.clear_session
end
end
|
#login_again_if_different_user_or_account ⇒ Object
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 39
def login_again_if_different_user_or_account
if DuodealerApp.configuration.per_user_tokens?
valid_session_data = session[:user_session].present? && params[:session].present? sessions_do_not_match = session[:user_session] != params[:session]
if valid_session_data && sessions_do_not_match
clear_session = true
end
end
if account_session && params[:account] && params[:account].is_a?(String) && (account_session.domain != params[:account])
clear_session = true
end
if clear_session
clear_account_session
redirect_to_login
end
end
|