Module: LatoCore::Interface::Authentication

Included in:: LatoCore::Interface

Defined in:: lib/lato_core/interfaces/authentication.rb

Overview

This module contains a list of functions used to authenticate a superuser.

Instance Method Summary collapse

#core__check_superuser_session_valid ⇒ Object

This function tells if the current session is valid.
#core__create_superuser_session(superuser, lifetime) ⇒ Object

This function set a cookie to create the superuser session.
#core__destroy_superuser_session ⇒ Object

This function delete a cookie to destroy the superuser session.
#core__manage_superuser_session(permission = nil) ⇒ Object

This function check the session for a superuser and set the variable @core__current_superuser.

Instance Method Details

#core__check_superuser_session_valid ⇒ `Object`

This function tells if the current session is valid.

# File 'lib/lato_core/interfaces/authentication.rb', line 20

def core__check_superuser_session_valid
  decoded_token = core__decode_token(session[:lato_core__superuser_session_token])
  return false unless decoded_token
  true
end

#core__create_superuser_session(superuser, lifetime) ⇒ `Object`

This function set a cookie to create the superuser session.

# File 'lib/lato_core/interfaces/authentication.rb', line 9

def core__create_superuser_session(superuser, lifetime)
  token = core__encode_token(lifetime, superuser_id: superuser.id)
  session[:lato_core__superuser_session_token] = token
end

#core__destroy_superuser_session ⇒ `Object`

This function delete a cookie to destroy the superuser session.



15
16
17

# File 'lib/lato_core/interfaces/authentication.rb', line 15

def core__destroy_superuser_session
  session[:lato_core__superuser_session_token] = nil
end

#core__manage_superuser_session(permission = nil) ⇒ `Object`

This function check the session for a superuser and set the variable @core__current_superuser. If session is not valid the user should be redirect to login path.

# File 'lib/lato_core/interfaces/authentication.rb', line 28

def core__manage_superuser_session(permission = nil)
  decoded_token = core__decode_token(session[:lato_core__superuser_session_token])

  if decoded_token
    @core__current_superuser = LatoCore::Superuser.find_by(id: decoded_token[:superuser_id])
    unless @core__current_superuser
      core__destroy_superuser_session
      redirect_to lato_core.login_path
    end

    if permission && @core__current_superuser.permission < permission
      flash[:danger] = 'PERMISSION ERROR'
      redirect_to lato_core.root_path
    end
  else
    redirect_to lato_core.login_path
  end
end

Module: LatoCore::Interface::Authentication

Overview

Instance Method Summary collapse

Instance Method Details

#core__check_superuser_session_valid ⇒ Object

#core__create_superuser_session(superuser, lifetime) ⇒ Object

#core__destroy_superuser_session ⇒ Object

#core__manage_superuser_session(permission = nil) ⇒ Object

#core__check_superuser_session_valid ⇒ `Object`

#core__create_superuser_session(superuser, lifetime) ⇒ `Object`

#core__destroy_superuser_session ⇒ `Object`

#core__manage_superuser_session(permission = nil) ⇒ `Object`