Module: Kraut::Rails::Authentication

Defined in:

lib/kraut/rails/authentication.rb

Constant Summary

CROWD_SESSION_TIMEOUT_MINUTES =

The timeout for a Crowd session in minutes.

25

Class Method Summary

• .included(base) ⇒ Object

Instance Method Summary

• #allowed_to?(action) ⇒ Boolean
• #authenticate_application ⇒ Object
• #check_for_crowd_token ⇒ Object
• #logged_in? ⇒ Boolean
• #store_current_location ⇒ Object
• #stored_location! ⇒ Object
• #switch_user(user) ⇒ Object
• #user ⇒ Object
• #verify_access ⇒ Object
• #verify_login ⇒ Object

Class Method Details

.included(base) ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 7

def self.included(base)
  base.helper_method :user, :logged_in?, :allowed_to?
  base.rescue_from SecurityError do |e|
    reset_session
    redirect_to new_kraut_sessions_path, :alert => I18n.t("errors.kraut.session_expired")
  end
end

Instance Method Details

#allowed_to?(action) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/kraut/rails/authentication.rb', line 30

def allowed_to?(action)
  authenticate_application
  !!user && user.allowed_to?(action)
end

#authenticate_application ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 62

def authenticate_application
  if Kraut::Application.authentication_required? CROWD_SESSION_TIMEOUT_MINUTES
    Kraut::Application.authenticate Kraut::Rails::Engine.config.webservice[:user], Kraut::Rails::Engine.config.webservice[:password]
  end
end

#check_for_crowd_token ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 35

def check_for_crowd_token
  if params[:crowd_token]
    begin
      authenticate_application
      switch_user(Session.find_by_token(params[:crowd_token]))
    rescue Kraut::InvalidPrincipalToken
      reset_session
      redirect_to new_kraut_sessions_path, :alert => I18n.t("errors.kraut.token_not_found")
    end
  end
end

#logged_in? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/kraut/rails/authentication.rb', line 26

def logged_in?
  !user.nil?
end

#store_current_location ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 68

def store_current_location
  session[:stored_location] = request.fullpath if request.get?
end

#stored_location! ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 72

def stored_location!
  session.delete(:stored_location)
end

#switch_user(user) ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 18

def switch_user(user)
  session[:user] = user
end

#user ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 22

def user
  session[:user]
end

#verify_access ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 54

def verify_access
  authenticate_application
  unless logged_in? && user.allowed_to?("#{params[:controller]}_#{params[:action]}")
    store_current_location
    redirect_to new_kraut_sessions_path, :alert => I18n.t("errors.kraut.access_denied")
  end
end

#verify_login ⇒ Object

# File 'lib/kraut/rails/authentication.rb', line 47

def verify_login
  unless logged_in?
    store_current_location
    redirect_to new_kraut_sessions_path
  end
end