Module: DuodealerApp::LoginProtection

Extended by:
ActiveSupport::Concern
Includes:
Itp
Included in:
CallbackController, SessionsController
Defined in:
lib/duodealer_app/controller_concerns/login_protection.rb

Defined Under Namespace

Classes: DuodealerDomainNotFound

Instance Method Summary collapse

Instance Method Details

#account_sessionObject



29
30
31
32
33
34
35
36
37
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 29

def 
  if DuodealerApp.configuration.per_user_tokens?
    return unless session[:duodealer_user]
    @account_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer_user]["id"])
  else
    return unless session[:duodealer]
    @account_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer])
  end
end

#duodealer_sessionObject



17
18
19
20
21
22
23
24
25
26
27
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 17

def duodealer_session
  return  unless 
  clear_top_level_oauth_cookie

  begin
    DuodealerAPI::Base.activate_session()
    yield
  ensure
    DuodealerAPI::Base.clear_session
  end
end

#login_again_if_different_user_or_accountObject



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# File 'lib/duodealer_app/controller_concerns/login_protection.rb', line 39

def 
  if DuodealerApp.configuration.per_user_tokens?
    valid_session_data = session[:user_session].present? && params[:session].present? # session data was sent/stored correctly
    sessions_do_not_match = session[:user_session] != params[:session] # current user is different from stored user

    if valid_session_data && sessions_do_not_match
      clear_session = true
    end
  end

  if  && params[:account] && params[:account].is_a?(String) && (.domain != params[:account])
    clear_session = true
  end

  if clear_session
    
    
  end
end