Module: ExvoAuth::Controllers::Base
- Defined in:
- lib/exvo_auth/controllers/base.rb
Instance Method Summary collapse
- #auth_hash ⇒ Object
- #authenticate_app_in_scope!(scope) ⇒ Object
-
#authenticate_user!(opts = {}) ⇒ Object
A before filter to protect your sensitive actions.
- #callback_key ⇒ Object
- #current_app_id ⇒ Object
- #current_user ⇒ Object
-
#handle_unverified_request ⇒ Object
CSRF protection for SSO (weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/).
-
#sign_in_and_redirect! ⇒ Object
Omniauth - Usually this method is called from your sessions#create.
- #sign_in_path ⇒ Object
-
#sign_out_and_redirect!(return_to = "/") ⇒ Object
Redirect to sign_out_url, signs out and redirects back to “/” (by default).
- #sign_up_path ⇒ Object
- #signed_in? ⇒ Boolean
-
#unobtrusively_authenticate_user! ⇒ Object
Single Sign On - Authenticate user from cookie if a cookie is present and delete local session if it’s not (this should prevent orphan session problem, when user signs out, but his session remains in one or more apps) unobtrusively means that there is no redirect to Exvo Auth if user is not logged in.
Instance Method Details
#auth_hash ⇒ Object
85 86 87 |
# File 'lib/exvo_auth/controllers/base.rb', line 85 def auth_hash request.env["omniauth.auth"] end |
#authenticate_app_in_scope!(scope) ⇒ Object
45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/exvo_auth/controllers/base.rb', line 45 def authenticate_app_in_scope!(scope) raise("SSL not configured. Your api needs to be exposed using https protocol.") unless request.ssl? || Exvo::Helpers.auth_require_ssl == false send(basic_authentication_method_name) do |app_id, access_token| current_scopes = ExvoAuth::Autonomous::Provider.new( :app_id => app_id, :access_token => access_token ).scopes @current_app_id = app_id current_scopes.include?(scope.to_s) end end |
#authenticate_user!(opts = {}) ⇒ Object
A before filter to protect your sensitive actions.
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
# File 'lib/exvo_auth/controllers/base.rb', line 3 def authenticate_user!(opts = {}) unobtrusively_authenticate_user! if !signed_in? store_request! callback_value = params[callback_key] if callback_value redirect_to non_interactive_sign_in_path(callback_key => callback_value) else redirect_to opts[:redirect_to] || sign_in_path end end end |
#callback_key ⇒ Object
68 69 70 |
# File 'lib/exvo_auth/controllers/base.rb', line 68 def callback_key "_callback" end |
#current_app_id ⇒ Object
77 78 79 |
# File 'lib/exvo_auth/controllers/base.rb', line 77 def current_app_id @current_app_id end |
#current_user ⇒ Object
72 73 74 75 |
# File 'lib/exvo_auth/controllers/base.rb', line 72 def current_user return @current_user unless @current_user.nil? @current_user = session[:user_uid] && find_or_create_user_by_uid(session[:user_uid]) end |
#handle_unverified_request ⇒ Object
CSRF protection for SSO (weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/)
90 91 92 93 |
# File 'lib/exvo_auth/controllers/base.rb', line 90 def handle_unverified_request super sign_out_user end |
#sign_in_and_redirect! ⇒ Object
Omniauth - Usually this method is called from your sessions#create.
32 33 34 35 36 |
# File 'lib/exvo_auth/controllers/base.rb', line 32 def sign_in_and_redirect! set_user_session_from_oauth redirect_to session[:user_return_to] || "/" end |
#sign_in_path ⇒ Object
60 61 62 |
# File 'lib/exvo_auth/controllers/base.rb', line 60 def sign_in_path "/auth/exvo" end |
#sign_out_and_redirect!(return_to = "/") ⇒ Object
Redirect to sign_out_url, signs out and redirects back to “/” (by default). Usuallly this method is called from your sessions#destroy.
40 41 42 43 |
# File 'lib/exvo_auth/controllers/base.rb', line 40 def sign_out_and_redirect!(return_to = "/") sign_out_user redirect_to sign_out_url(return_to) end |
#sign_up_path ⇒ Object
64 65 66 |
# File 'lib/exvo_auth/controllers/base.rb', line 64 def sign_up_path "/auth/exvo?x_sign_up=true" end |
#signed_in? ⇒ Boolean
81 82 83 |
# File 'lib/exvo_auth/controllers/base.rb', line 81 def signed_in? !!current_user end |
#unobtrusively_authenticate_user! ⇒ Object
Single Sign On - Authenticate user from cookie if a cookie is present and delete local session if it’s not (this should prevent orphan session problem, when user signs out, but his session remains in one or more apps) unobtrusively means that there is no redirect to Exvo Auth if user is not logged in
23 24 25 26 27 28 29 |
# File 'lib/exvo_auth/controllers/base.rb', line 23 def unobtrusively_authenticate_user! if [:user_uid] else sign_out_user end end |