#345: updated authenticate_user!

This commit is contained in:
Vokhmin Alexey V 2014-03-25 22:32:46 +04:00
parent 237df48f94
commit 4adae8319b
1 changed files with 12 additions and 2 deletions

View File

@ -17,7 +17,11 @@ class Api::V1::BaseController < ApplicationController
# via parameters. However, anyone could use Rails's token
# authentication features to get the token from a header.
def authenticate_user!
user_token = params[:user_token].presence
user_token = params[:authentication_token].presence
unless user_token
credentials = decode_credentials.select(&:present?)
user_token = credentials.first if credentials.size == 1
end
user = user_token && User.find_by_authentication_token(user_token.to_s)
if user
@ -31,6 +35,12 @@ class Api::V1::BaseController < ApplicationController
end
end
# Helper to decode credentials from HTTP.
def decode_credentials
return [] unless request.authorization && request.authorization =~ /^Basic (.*)/m
Base64.decode64($1).split(/:/, 2)
end
def set_csv_file_headers(file_name)
headers['Content-Type'] = 'text/csv'
headers['Content-disposition'] = "attachment; filename=\"#{file_name}.csv\""