-
Notifications
You must be signed in to change notification settings - Fork 44
/
Copy pathapplication_controller.rb
77 lines (63 loc) · 1.96 KB
/
application_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
class ApplicationController < ActionController::Base
include Lelylan::Rescue::Helpers
protect_from_forgery
before_filter :authenticate
helper_method :current_user
helper_method :admin_does_not_exist
rescue_from BSON::InvalidObjectId, with: :bson_invalid_object_id
rescue_from JSON::ParserError, with: :json_parse_error
rescue_from Mongoid::Errors::InvalidType, with: :mongoid_errors_invalid_type
protected
def json_body
@body = HashWithIndifferentAccess.new(JSON.parse(request.body.read.to_s))
end
def authenticate
if api_request
# oauth_authorized # uncomment to make all json API protected
else
session_auth
end
end
def api_request
json?
end
def json?
request.format == "application/json"
end
def session_auth
@current_user ||= User.criteria.id(session[:user_id]).first if session[:user_id]
unless current_user
session[:back] = request.url
redirect_to(log_in_path) and return false
end
return @current_user
end
def current_user
@current_user
end
def oauth_authorized
action = params[:controller] + "/" + params[:action]
normalize_token
@token = OauthToken.where(token: params[:token]).all_in(scope: [action]).first
if @token.nil? or @token.blocked?
render text: "Unauthorized access.", status: 401
return false
else
access = OauthAccess.where(client_uri: @token.client_uri , resource_owner_uri: @token.resource_owner_uri).first
access.accessed!
end
end
def normalize_token
# Token in the body
if (json_body and @body[:token])
params[:token] = @body[:token]
end
# Token in the header
if request.env["Authorization"]
params[:token] = request.env["Authorization"].split(" ").last
end
end
def admin_does_not_exist
User.where(admin: true).first.nil?
end
end