Software
/
rosa-build
mirror of https://github.com/OpenMandrivaSoftware/rosa-build.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

#345: fixed auntification by token

This commit is contained in:
Vokhmin Alexey V 2014-03-25 22:02:53 +04:00
parent 64f969274d
commit b85d6c4c2d
3 changed files with 50 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/controllers/api/v1/base_controller.rb
View File

@ -13,6 +13,24 @@ class Api::V1::BaseController < ApplicationController
protected protected
# For this example, we are simply using token authentication
# via parameters. However, anyone could use Rails's token
# authentication features to get the token from a header.
def authenticate_user!
user_token = params[:user_token].presence
user = user_token && User.find_by_authentication_token(user_token.to_s)
if user
# Notice we are passing store false, so the user is not
# actually stored in the session and a token is needed
# for every request. If you want the token to work as a
# sign in token, you can simply remove store: false.
sign_in user, store: false
else
super
end
end
def set_csv_file_headers(file_name) def set_csv_file_headers(file_name)
headers['Content-Type'] = 'text/csv' headers['Content-Type'] = 'text/csv'
headers['Content-disposition'] = "attachment; filename=\"#{file_name}.csv\"" headers['Content-disposition'] = "attachment; filename=\"#{file_name}.csv\""

31
app/models/concerns/token_authenticatable.rb Normal file
View File

@ -0,0 +1,31 @@
module TokenAuthenticatable
extend ActiveSupport::Concern
module ClassMethods
def find_by_authentication_token(authentication_token = nil)
if authentication_token
where(authentication_token: authentication_token).first
end
end
end
def ensure_authentication_token
if authentication_token.blank?
self.authentication_token = generate_authentication_token
end
end
def reset_authentication_token!
self.authentication_token = generate_authentication_token
save
end
private
def generate_authentication_token
loop do
token = Devise.friendly_token
break token unless self.class.unscoped.where(authentication_token: token).first
end
end
end

14
app/models/user.rb
View File

@ -3,6 +3,7 @@ class User < Avatar
include ActsLikeMember include ActsLikeMember
include Feed::User include Feed::User
include EventLoggable include EventLoggable
include TokenAuthenticatable
ROLES = ['', 'admin', 'banned', 'tester'] ROLES = ['', 'admin', 'banned', 'tester']
EXTENDED_ROLES = ROLES | ['system'] EXTENDED_ROLES = ROLES | ['system']
@ -160,12 +161,6 @@ class User < Avatar
end end
end end
def ensure_authentication_token
if authentication_token.blank?
self.authentication_token = generate_authentication_token
end
end
protected protected
def target_roles target def target_roles target
@ -182,11 +177,4 @@ class User < Avatar
roles.map(&:role).uniq roles.map(&:role).uniq
end end
def generate_authentication_token
loop do
token = Devise.friendly_token
break token unless User.where(authentication_token: token).first
end
end
end end