Module: Aker::Rails::SecuredController

Defined in:: lib/aker/rails/secured_controller.rb

Overview

This mixin tags a controller as always requiring authentication.

It also adds a method which allows you to mark a controller as only accessible to a particular group or groups. For example:

class SecretController
  include Aker::Rails::SecuredController
  permit :confidential
end

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

.included(controller_class) ⇒ void

Instance Method Summary collapse

#aker_authorize ⇒ void

The filter which actually forces any user accessing a controller which mixes this in to be authenticated.
#handle_unverified_request ⇒ Object

Class Method Details

.included(controller_class) ⇒ `void`

This method returns an undefined value.

# File 'lib/aker/rails/secured_controller.rb', line 21

def self.included(controller_class)
  controller_class.before_filter :aker_authorize
  controller_class.extend ClassMethods
end

Instance Method Details

#aker_authorize ⇒ `void`

This method returns an undefined value.

The filter which actually forces any user accessing a controller which mixes this in to be authenticated.

It delegates to Aker::Rack::Facade#authentication_required!; see that method’s documentation for more information.



34
35
36

# File 'lib/aker/rails/secured_controller.rb', line 34

def aker_authorize
  request.env['aker.check'].authentication_required!
end

#handle_unverified_request ⇒ `Object`

# File 'lib/aker/rails/secured_controller.rb', line 38

def handle_unverified_request
  super

  if request.env['aker.interactive']
    request.env['aker.check'].user = nil
  end
end