Module: Authpwn::HttpBasicControllerInstanceMethods
- Includes:
- CurrentUser
- Defined in:
- lib/authpwn_rails/http_basic.rb
Overview
Included in controllers that call authenticates_using_http_basic.
Instance Attribute Summary
Attributes included from CurrentUser
Instance Method Summary collapse
-
#bounce_to_http_basic ⇒ Object
Inform the user that their request is forbidden.
Instance Method Details
#bounce_to_http_basic ⇒ Object
Inform the user that their request is forbidden.
If a user is logged on, this renders the session/forbidden view with a HTTP 403 code.
If no user is logged in, a HTTP 403 code is returned, together with an HTTP Authentication header causing the user-agent (browser) to initiate http basic authentication.
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'lib/authpwn_rails/http_basic.rb', line 47 def bounce_to_http_basic() unless current_user request_http_basic_authentication return end respond_to do |format| format.html do render 'session/forbidden', layout: false, status: :forbidden end format.json do render json: { error: "You're not allowed to access that" } end end end |