Module: Workarea::Authentication

Extended by:

ActiveSupport::Concern

Included in:

AdminGuestBrowsing

Defined in:

app/controllers/workarea/authentication.rb

Instance Method Summary

• #current_user ⇒ Object
• #logged_in? ⇒ Boolean
• #login(user) ⇒ Object
• #logout ⇒ Object
• #redirect_back_or(default = root_path) ⇒ Object
• #remember_location(value = request.fullpath) ⇒ Object
• #require_login(should_remember_location = true) ⇒ Object
• #require_logout ⇒ Object
• #require_password_changes ⇒ Object
• #return_to ⇒ Object
• #touch_auth_cookie ⇒ Object (also: #keep_auth_alive)

Instance Method Details

#current_user ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 13

def current_user
  return @current_user if defined?(@current_user)
  @current_user = User.find(cookies.signed[:user_id]) rescue nil
end

#logged_in? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/controllers/workarea/authentication.rb', line 43

def logged_in?
  current_user.present? && current_user.valid_logged_in_request?(request)
end

#login(user) ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 18

def login(user)
  @current_user = user
  user.update_login!(request)
  touch_auth_cookie
  user
end

#logout ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 25

def logout
  cookies.delete(:user_id)
  cookies.delete(:cache)
  cookies.delete(:completed_order)
  @current_user = nil
end

#redirect_back_or(default = root_path) ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 101

def redirect_back_or(default = root_path)
  remembered = return_to.presence || session[:return_to].presence
  session.delete(:return_to)
  redirect_to remembered || default
end

#remember_location(value = request.fullpath) ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 80

def remember_location(value = request.fullpath)
  url = URI.parse(return_to.presence || value).request_uri
  session[:return_to] = url[0..Workarea.config.return_to_url_max_length]
end

#require_login(should_remember_location = true) ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 47

def require_login(should_remember_location = true)
  return if logged_in?

  flash[:info] = t('workarea.authentication.login')
  remember_location if request.get? && should_remember_location
  redirect_to storefront.login_path, turbolinks: false
  false
end

#require_logout ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 56

def require_logout
  if logged_in?
    flash[:info] = t('workarea.authentication.logout')
    redirect_to storefront.login_path
    return false
  end
end

#require_password_changes ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 64

def require_password_changes
  return unless logged_in?

  if current_user.force_password_change?
    flash[:warning] = t('workarea.authentication.password_expired')

    if request.xhr?
      head :unauthorized
    else
      redirect_to storefront.change_password_path
    end

    return false
  end
end

#return_to ⇒ Object

# File 'app/controllers/workarea/authentication.rb', line 85

def return_to
  return nil unless params[:return_to].present?

  if params[:return_to].respond_to?(:to_h)
    url_for(params[:return_to].to_h.merge(only_path: true))
  else
    uri = URI.parse(params[:return_to])

    if uri.fragment.present?
      "#{uri.request_uri}##{uri.fragment}"
    else
      uri.request_uri
    end
  end
end

#touch_auth_cookie ⇒ Object Also known as: keep_auth_alive

# File 'app/controllers/workarea/authentication.rb', line 32

def touch_auth_cookie
  return if current_user.blank?

  cookies.signed[:user_id] = { value: current_user.id, expires: auth_expiry }

  if current_user.admin?
    cookies[:cache] = { value: 'false', expires: auth_expiry }
  end
end