Module: ExvoAuth::Controllers::Base

Defined in:
lib/exvo_auth/controllers/base.rb

Instance Method Summary collapse

Instance Method Details

#auth_hashObject 



101
102
103
 
# File 'lib/exvo_auth/controllers/base.rb', line 101

def auth_hash
  request.env["omniauth.auth"]
end

#authenticate_app_in_scope!(scope) ⇒ Object 



61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
# File 'lib/exvo_auth/controllers/base.rb', line 61

def authenticate_app_in_scope!(scope)
  raise("SSL not configured. Your api needs to be exposed using https protocol.") unless request.ssl? || Exvo::Helpers.auth_require_ssl == false

  send(basic_authentication_method_name) do |app_id, access_token|
    current_scopes = ExvoAuth::Autonomous::Provider.new(
      :app_id       => app_id,
      :access_token => access_token
    ).scopes

    @current_app_id = app_id

    current_scopes.include?(scope.to_s)
  end
end

#authenticate_user!(opts = {}) ⇒ Object

A before filter to protect your sensitive actions.



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
 
# File 'lib/exvo_auth/controllers/base.rb', line 3

def authenticate_user!(opts = {})
  authenticate_user_from_cookie

  if !signed_in?
    store_request!

    callback_value = params[callback_key]

    if callback_value
      redirect_to (callback_key => callback_value)
    else
      redirect_to opts[:redirect_to] || 
    end
  end
end

#authenticate_user_from_cookieObject

Single Sign On - Authenticate user from cookie if a cookie is present and delete local session if it’s not (this should prevent orphan session problem, when user signs out, but his session remains in one or more apps)



22
23
24
25
26
27
28
 
# File 'lib/exvo_auth/controllers/base.rb', line 22

def authenticate_user_from_cookie
  if cookies[:user_uid]
    set_user_session_from_cookie
  else
    sign_out_user
  end
end

#callback_keyObject 



84
85
86
 
# File 'lib/exvo_auth/controllers/base.rb', line 84

def callback_key
  "_callback"
end

#current_app_idObject 



93
94
95
 
# File 'lib/exvo_auth/controllers/base.rb', line 93

def current_app_id
  @current_app_id
end

#current_userObject 



88
89
90
91
 
# File 'lib/exvo_auth/controllers/base.rb', line 88

def current_user
  return @current_user unless @current_user.nil?
  @current_user = session[:user_uid] && find_or_create_user_by_uid(session[:user_uid])
end

#sign_in_and_redirect!Object

Omniauth - Usually this method is called from your sessions#create.



39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
# File 'lib/exvo_auth/controllers/base.rb', line 39

def 
  set_user_session_from_oauth
  set_user_cookie

  url = if params[:state] == "popup"
    Exvo::Helpers.auth_uri + "/close_popup.html"
  elsif params[:state] # if not popup then an url
    params[:state]
  else
    session[:user_return_to] || "/"
  end

  redirect_to url
end

#sign_in_pathObject 



76
77
78
 
# File 'lib/exvo_auth/controllers/base.rb', line 76

def 
  "/auth/exvo"
end

#sign_out_and_redirect!(return_to = "/") ⇒ Object

Redirect to sign_out_url, signs out and redirects back to “/” (by default). Usuallly this method is called from your sessions#destroy.



56
57
58
59
 
# File 'lib/exvo_auth/controllers/base.rb', line 56

def sign_out_and_redirect!(return_to = "/")
  sign_out_user
  redirect_to sign_out_url(return_to)
end

#sign_up_pathObject 



80
81
82
 
# File 'lib/exvo_auth/controllers/base.rb', line 80

def 
  "/auth/exvo?x_sign_up=true"
end

#signed_in?Boolean

Returns:

  • (Boolean) 


97
98
99
 
# File 'lib/exvo_auth/controllers/base.rb', line 97

def signed_in?
  !!current_user
end

#unobtrusively_authenticate_user_from_cookieObject

Single Sign On - Authenticate user from cookie if cookie is present but don’t do anything if the cookie is not present



32
33
34
35
36
 
# File 'lib/exvo_auth/controllers/base.rb', line 32

def unobtrusively_authenticate_user_from_cookie
  if cookies[:user_uid]
    set_user_session_from_cookie
  end
end