[refs #396] Devise token auth update for atom feed. Some atom feed fixes.

2012-04-18 19:15:04 +04:00 · 2012-04-18 19:15:04 +04:00 · cd153375dd
parent 3d1cb4bfee
commit cd153375dd
5 changed files with 10 additions and 17 deletions
--- a/app/controllers/activity_feeds_controller.rb
+++ b/app/controllers/activity_feeds_controller.rb
@ -1,10 +1,10 @@
 # -*- encoding : utf-8 -*-
 class ActivityFeedsController < ApplicationController
-  before_filter :custom_authenticate!
+  before_filter :authenticate_user!

  def index
    @filter = t('feed_menu').has_key?(params[:filter].try(:to_sym)) ? params[:filter].to_sym : :all
-    @activity_feeds = @user.activity_feeds
+    @activity_feeds = current_user.activity_feeds
    @activity_feeds = @activity_feeds.where(:kind => "ActivityFeed::#{@filter.upcase}".constantize) unless @filter == :all
    @activity_feeds = @activity_feeds.paginate :page => params[:page]
    respond_to do |format|
@ -12,15 +12,4 @@ class ActivityFeedsController < ApplicationController
      format.atom
    end
  end
-
-  private
-
-  def custom_authenticate!
-    if params[:token]
-      @user = User.find_by_authentication_token params[:token]
-      redirect_to(new_user_session_path) unless @user.present?
-    else
-      @user = current_user if authenticate_user!
-    end
-  end
 end
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -4,6 +4,9 @@ class ApplicationController < ActionController::Base

  layout :layout_by_resource

+  # Hack to prevent token auth on all pages except atom feed:
+  prepend_before_filter lambda { redirect_to(new_user_session_path) if params[:token] && params[:format] != 'atom'}
+
  before_filter :set_locale
  before_filter lambda { EventLog.current_controller = self },
                :only => [:create, :destroy, :open_id, :cancel, :publish, :change_visibility] # :update
--- a/app/views/layouts/application.html.haml
+++ b/app/views/layouts/application.html.haml
@ -9,6 +9,7 @@
    = javascript_include_tag "application"
    = csrf_meta_tag
    = display_meta_tags :site => APP_CONFIG['project_name'], :reverse => true, :separator => '-'
+    = auto_discovery_link_tag :atom, root_path + '.atom', :title => "Rosalab News Feed"

  %body
    .wrap{:class => content_for?(:sidebar) ? 'columns' : ''}
--- a/config/routes.rb
+++ b/config/routes.rb
@ -181,14 +181,12 @@ Rosa::Application.routes.draw do
  match '/forbidden', :to => 'pages#forbidden', :as => 'forbidden'
  match '/terms-of-service', :to => 'pages#tos', :as => 'tos'

-  match '/.atom', :to => "activity_feeds#index", :format => :atom, :as => :atom_feed
-
  if APP_CONFIG['anonymous_access']
    authenticated do
-      root :to => "activity_feeds#index"
+      get "/(.:format)" => "activity_feeds#index", :as => :root
    end
    root :to => 'pages#root'
  else
-    root :to => "activity_feeds#index"
+    get "/(.:format)" => "activity_feeds#index", :as => :root
  end
 end
--- a/db/migrate/20120418100619_add_token_authenticatable_to_users.rb
+++ b/db/migrate/20120418100619_add_token_authenticatable_to_users.rb
@ -4,6 +4,8 @@ class AddTokenAuthenticatableToUsers < ActiveRecord::Migration
      t.token_authenticatable
    end

+    add_index :users, :authentication_token
+
    User.all.each do |user|
      user.ensure_authentication_token!
    end