Module: Isaca::Rails::Authentication

Extended by:

ActiveSupport::Concern

Included in:

Controller

Defined in:

lib/isaca/rails/authentication.rb

Instance Method Summary

• #authenticate(username, password) ⇒ Boolean

  Method used to to login a user and set the token.

• #authenticate_isaca_user ⇒ Object

  Checks to see if there is a current_isaca_user, if not it redirects to the new_session_path.

• #current_isaca_user ⇒ ActiveModel::Model|nil

  A helper method for referencing the user who is currently logged in.

• #isaca_requires_consent? ⇒ Boolean
• #isaca_sign_out(**params) ⇒ Object

  Destroys the user token and sets the current_isaca_user attribute to nil.

• #redirect_after_sign_in_or(fallback) ⇒ Object

  Helper method to redirect to a saved path or fallback.

• #redirect_for_consent? ⇒ Boolean

  Helper method used to check the conditions for redirecting for consent.

• #user_signed_in? ⇒ Boolean

  Helper method to check and see if the current_isaca_user attribute exists.

Instance Method Details

#authenticate(username, password) ⇒ Boolean

Method used to to login a user and set the token

Parameters:

• username (String) —

  The user’s username

• password (String) —

  The user’s password

Returns:

• (Boolean) —

  Whether or not the user’s record was updated with the last_sign_in_at datetime

Raises:

• (Isaca::SessionError)

# File 'lib/isaca/rails/authentication.rb', line 54

def authenticate(username, password)
  session = Isaca::Request::AuthenticateUser.get(username, password)
  raise Isaca::SessionError.new(session.value) unless session.is_valid?
  isaca_sign_in(session.value)
  current_isaca_user.update_attribute(:last_sign_in_at, DateTime.current)
end

#authenticate_isaca_user ⇒ Object

Checks to see if there is a current_isaca_user, if not it redirects to the new_session_path. This method is intended to be used with before_action.

Returns:

• nil

# File 'lib/isaca/rails/authentication.rb', line 17

def authenticate_isaca_user
  if user_signed_in?
    if request.path != user_consent_path && redirect_for_consent?
      session[:after_sign_in_path] = request.fullpath if request.get? && request.format.html?
      flash.alert = t('isaca.rails.user_consent.consent_required')
      redirect_to user_consent_path
    end
  else
    session[:after_sign_in_path] = request.fullpath if request.get?
    flash.alert = t('isaca.rails.sessions.sign_in_required')

    respond_to do |format|
      format.html {redirect_to sign_in_path}
      format.json do
        render json: {error: t('isaca.rails.sessions.sign_in_required')}.to_json, status: :unauthorized
      end
    end
  end
end

#current_isaca_user ⇒ ActiveModel::Model|nil

A helper method for referencing the user who is currently logged in.

Returns:

• (ActiveModel::Model|nil)

# File 'lib/isaca/rails/authentication.rb', line 40

def current_isaca_user
  if @current_isaca_user
    @current_isaca_user
  else
    set_current_isaca_user if token_cookie_exists?
  end
end

#isaca_requires_consent? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/isaca/rails/authentication.rb', line 85

def isaca_requires_consent?
  user_signed_in? && !current_isaca_user.privacy
end

#isaca_sign_out(**params) ⇒ Object

Destroys the user token and sets the current_isaca_user attribute to nil

Parameters:

• params (Hash) —

  Optional

Options Hash (**params):

• token (String) —

  The session token to be deleted.

Returns:

• nil

# File 'lib/isaca/rails/authentication.rb', line 67

def isaca_sign_out(**params)
  token = nil
  params && params[:token] ? (token = params[:token]) : (token = cookies['Token'] if token_cookie_exists?)

  if token && Isaca::Request::LogOut.get(token)
    cookies.delete('Token', domain: :all) if token_cookie_exists?
    @current_isaca_user = nil
    reset_session
  end
end

#redirect_after_sign_in_or(fallback) ⇒ Object

Helper method to redirect to a saved path or fallback

Parameters:

• fallback (String) —

  Path to visit if session does not exist

# File 'lib/isaca/rails/authentication.rb', line 92

def redirect_after_sign_in_or(fallback)
  redirect_to(session[:after_sign_in_path] || fallback)
  session.delete(:after_sign_in_path)
end

#redirect_for_consent? ⇒ Boolean

Helper method used to check the conditions for redirecting for consent

Returns:

• (Boolean) —

  Whether or not a redirect is required

# File 'lib/isaca/rails/authentication.rb', line 100

def redirect_for_consent?
  isaca_requires_consent? && Isaca::Rails.configuration.redirect_for_consent
end

#user_signed_in? ⇒ Boolean

Helper method to check and see if the current_isaca_user attribute exists

Returns:

• (Boolean) —

  The truthiness of the current_isaca_user attribute

# File 'lib/isaca/rails/authentication.rb', line 81

def user_signed_in?
  !current_isaca_user.nil?
end