Module: Sorcery::Controller::InstanceMethods
- Defined in:
- lib/sorcery/controller.rb
Instance Method Summary collapse
-
#auto_login(user) ⇒ Object
login a user instance.
-
#current_user ⇒ Object
attempts to auto-login from the sources defined (session, basic_auth, cookie, etc.) returns the logged in user if found, false if not (using old restful-authentication trick, nil != false).
- #current_user=(user) ⇒ Object
-
#handle_unverified_request ⇒ Object
Overwrite Rails’ handle unverified request.
- #logged_in? ⇒ Boolean
-
#login(*credentials) ⇒ Object
Takes credentials and returns a user on successful authentication.
-
#logout ⇒ Object
Resets the session and runs hooks before and after.
-
#not_authenticated ⇒ Object
The default action for denying non-authenticated users.
-
#redirect_back_or_to(url, flash_hash = {}) ⇒ Object
used when a user tries to access a page while logged out, is asked to login, and we want to return him back to the page he originally wanted.
-
#require_login ⇒ Object
To be used as before_filter.
Instance Method Details
#auto_login(user) ⇒ Object
login a user instance
91 92 93 94 |
# File 'lib/sorcery/controller.rb', line 91 def auto_login(user) session[:user_id] = user.id @current_user = user end |
#current_user ⇒ Object
attempts to auto-login from the sources defined (session, basic_auth, cookie, etc.) returns the logged in user if found, false if not (using old restful-authentication trick, nil != false).
65 66 67 |
# File 'lib/sorcery/controller.rb', line 65 def current_user @current_user ||= login_from_session || login_from_other_sources unless @current_user == false end |
#current_user=(user) ⇒ Object
69 70 71 |
# File 'lib/sorcery/controller.rb', line 69 def current_user=(user) @current_user = user end |
#handle_unverified_request ⇒ Object
Overwrite Rails’ handle unverified request
97 98 99 100 101 |
# File 'lib/sorcery/controller.rb', line 97 def handle_unverified_request [:remember_me_token] = nil @current_user = nil super # call the default behaviour which resets the session end |
#logged_in? ⇒ Boolean
59 60 61 |
# File 'lib/sorcery/controller.rb', line 59 def logged_in? !!current_user end |
#login(*credentials) ⇒ Object
Takes credentials and returns a user on successful authentication. Runs hooks after login or failed login.
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/sorcery/controller.rb', line 31 def login(*credentials) @current_user = nil user = user_class.authenticate(*credentials) if user old_session = session.dup.to_hash reset_session # protect from session fixation attacks old_session.each_pair do |k,v| session[k.to_sym] = v end auto_login(user) after_login!(user, credentials) current_user else after_failed_login!(credentials) nil end end |
#logout ⇒ Object
Resets the session and runs hooks before and after.
50 51 52 53 54 55 56 57 |
# File 'lib/sorcery/controller.rb', line 50 def logout if logged_in? before_logout!(current_user) reset_session after_logout! @current_user = nil end end |
#not_authenticated ⇒ Object
The default action for denying non-authenticated users. You can override this method in your controllers, or provide a different method in the configuration.
83 84 85 |
# File 'lib/sorcery/controller.rb', line 83 def not_authenticated redirect_to root_path end |
#redirect_back_or_to(url, flash_hash = {}) ⇒ Object
used when a user tries to access a page while logged out, is asked to login, and we want to return him back to the page he originally wanted.
75 76 77 78 |
# File 'lib/sorcery/controller.rb', line 75 def redirect_back_or_to(url, flash_hash = {}) redirect_to(session[:return_to_url] || url, :flash => flash_hash) session[:return_to_url] = nil end |
#require_login ⇒ Object
To be used as before_filter. Will trigger auto-login attempts via the call to logged_in? If all attempts to auto-login fail, the failure callback will be called.
22 23 24 25 26 27 |
# File 'lib/sorcery/controller.rb', line 22 def require_login if !logged_in? session[:return_to_url] = request.url if Config.save_return_to_url && request.get? self.send(Config.not_authenticated_action) end end |