3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
# File 'lib/rack_warden/routes.rb', line 3
def self.included(base)
base.instance_eval do
if defined? ::RACK_WARDEN_STANDALONE
get '/?' do
default_page
end
end
get '/auth/?' do
default_page
end
get '/auth/login' do
if User.count > 0
erb :'rw_login.html', :layout=>settings.layout
else
flash(:rwarden)[:error] = warden.message || "Please create an admin account"
redirect url('/auth/new', false)
end
end
post '/auth/login' do
warden.authenticate!
flash(:rwarden)[:success] = warden.message || "Successful login"
return_to
end
get '/auth/logout' do
warden.raw_session.inspect
warden.logout
flash(:rwarden)[:success] = 'You have been logged out'
redirect url(settings.default_route, false)
end
get '/auth/new' do
halt 403 unless settings.allow_public_signup or !(User.count > 0)
erb :'rw_new_user.html', :layout=>settings.layout, :locals=>{:recaptcha_sitekey=>settings.recaptcha['sitekey']}
end
post '/auth/create' do
verify_recaptcha if settings.recaptcha[:secret]
Halt "Could not create account", :layout=>settings.layout unless params[:user]
params[:user].delete_if {|k,v| v.nil? || v==''}
@user = User.new(params['user'])
if @user.save
warden.set_user(@user)
flash(:rwarden)[:success] = warden.message || "Account created"
return_to
else
flash(:rwarden)[:error] = "#{warden.message} => #{@user.errors.entries.join('. ')}"
puts "RW /auth/create #{@user.errors.entries}"
redirect back end
end
post '/auth/unauthenticated' do
session[:return_to] = env['warden.options'][:attempted_path] if !request.xhr? && !env['warden.options'][:attempted_path][/login|new|create/]
puts "RW attempted path: #{env['warden.options'][:attempted_path]}"
puts "RW will return-to #{session[:return_to]}"
puts warden
flash(:rwarden)[:error] = warden.message || "Please login to continue"
redirect url('/auth/login', false)
end
get '/auth/protected' do
warden.authenticate!
erb :'rw_protected.html', :layout=>settings.layout
end
get "/auth/dbinfo" do
warden.authenticate!
authorized?
nested_erb :'rw_dbinfo.html', :'rw_layout_admin.html', settings.layout
end
get '/auth/admin' do
warden.authenticate!
authorized?
nested_erb :'rw_admin.html', :'rw_layout_admin.html', settings.layout
end
end
end
|