Module: ExvoAuth::Controllers::Base

Defined in:
lib/exvo_auth/controllers/base.rb

Instance Method Summary collapse

Instance Method Details

#auth_hashObject 



85
86
87
 
# File 'lib/exvo_auth/controllers/base.rb', line 85

def auth_hash
  request.env["omniauth.auth"]
end

#authenticate_app_in_scope!(scope) ⇒ Object 



45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'lib/exvo_auth/controllers/base.rb', line 45

def authenticate_app_in_scope!(scope)
  raise("SSL not configured. Your api needs to be exposed using https protocol.") unless request.ssl? || Exvo::Helpers.auth_require_ssl == false

  send(basic_authentication_method_name) do |app_id, access_token|
    current_scopes = ExvoAuth::Autonomous::Provider.new(
      :app_id       => app_id,
      :access_token => access_token
    ).scopes

    @current_app_id = app_id

    current_scopes.include?(scope.to_s)
  end
end

#authenticate_user!(opts = {}) ⇒ Object

A before filter to protect your sensitive actions.



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
 
# File 'lib/exvo_auth/controllers/base.rb', line 3

def authenticate_user!(opts = {})
  unobtrusively_authenticate_user!

  if !signed_in?
    store_request!

    callback_value = params[callback_key]

    if callback_value
      redirect_to (callback_key => callback_value)
    else
      redirect_to opts[:redirect_to] || 
    end
  end
end

#callback_keyObject 



68
69
70
 
# File 'lib/exvo_auth/controllers/base.rb', line 68

def callback_key
  "_callback"
end

#current_app_idObject 



77
78
79
 
# File 'lib/exvo_auth/controllers/base.rb', line 77

def current_app_id
  @current_app_id
end

#current_userObject 



72
73
74
75
 
# File 'lib/exvo_auth/controllers/base.rb', line 72

def current_user
  return @current_user unless @current_user.nil?
  @current_user = session[:user_uid] && find_or_create_user_by_uid(session[:user_uid])
end

#handle_unverified_requestObject

CSRF protection for SSO (weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/)



90
91
92
93
 
# File 'lib/exvo_auth/controllers/base.rb', line 90

def handle_unverified_request
  super
  sign_out_user
end

#sign_in_and_redirect!Object

Omniauth - Usually this method is called from your sessions#create.



32
33
34
35
36
 
# File 'lib/exvo_auth/controllers/base.rb', line 32

def 
  set_user_session_from_oauth
  set_user_cookie
  redirect_to session[:user_return_to] || "/"
end

#sign_in_pathObject 



60
61
62
 
# File 'lib/exvo_auth/controllers/base.rb', line 60

def 
  "/auth/exvo"
end

#sign_out_and_redirect!(return_to = "/") ⇒ Object

Redirect to sign_out_url, signs out and redirects back to “/” (by default). Usuallly this method is called from your sessions#destroy.



40
41
42
43
 
# File 'lib/exvo_auth/controllers/base.rb', line 40

def sign_out_and_redirect!(return_to = "/")
  sign_out_user
  redirect_to sign_out_url(return_to)
end

#sign_up_pathObject 



64
65
66
 
# File 'lib/exvo_auth/controllers/base.rb', line 64

def 
  "/auth/exvo?x_sign_up=true"
end

#signed_in?Boolean

Returns:

  • (Boolean) 


81
82
83
 
# File 'lib/exvo_auth/controllers/base.rb', line 81

def signed_in?
  !!current_user
end

#unobtrusively_authenticate_user!Object

Single Sign On - Authenticate user from cookie if a cookie is present and delete local session if it’s not (this should prevent orphan session problem, when user signs out, but his session remains in one or more apps) unobtrusively means that there is no redirect to Exvo Auth if user is not logged in



23
24
25
26
27
28
29
 
# File 'lib/exvo_auth/controllers/base.rb', line 23

def unobtrusively_authenticate_user!
  if cookies[:user_uid]
    set_user_session_from_cookie
  else
    sign_out_user
  end
end