[refs #396] Devise token auth update for atom feed. Some atom feed fixes.

This commit is contained in:
konstantin.grabar 2012-04-18 19:15:04 +04:00
parent 3d1cb4bfee
commit cd153375dd
5 changed files with 10 additions and 17 deletions

View File

@ -1,10 +1,10 @@
# -*- encoding : utf-8 -*- # -*- encoding : utf-8 -*-
class ActivityFeedsController < ApplicationController class ActivityFeedsController < ApplicationController
before_filter :custom_authenticate! before_filter :authenticate_user!
def index def index
@filter = t('feed_menu').has_key?(params[:filter].try(:to_sym)) ? params[:filter].to_sym : :all @filter = t('feed_menu').has_key?(params[:filter].try(:to_sym)) ? params[:filter].to_sym : :all
@activity_feeds = @user.activity_feeds @activity_feeds = current_user.activity_feeds
@activity_feeds = @activity_feeds.where(:kind => "ActivityFeed::#{@filter.upcase}".constantize) unless @filter == :all @activity_feeds = @activity_feeds.where(:kind => "ActivityFeed::#{@filter.upcase}".constantize) unless @filter == :all
@activity_feeds = @activity_feeds.paginate :page => params[:page] @activity_feeds = @activity_feeds.paginate :page => params[:page]
respond_to do |format| respond_to do |format|
@ -12,15 +12,4 @@ class ActivityFeedsController < ApplicationController
format.atom format.atom
end end
end end
private
def custom_authenticate!
if params[:token]
@user = User.find_by_authentication_token params[:token]
redirect_to(new_user_session_path) unless @user.present?
else
@user = current_user if authenticate_user!
end
end
end end

View File

@ -4,6 +4,9 @@ class ApplicationController < ActionController::Base
layout :layout_by_resource layout :layout_by_resource
# Hack to prevent token auth on all pages except atom feed:
prepend_before_filter lambda { redirect_to(new_user_session_path) if params[:token] && params[:format] != 'atom'}
before_filter :set_locale before_filter :set_locale
before_filter lambda { EventLog.current_controller = self }, before_filter lambda { EventLog.current_controller = self },
:only => [:create, :destroy, :open_id, :cancel, :publish, :change_visibility] # :update :only => [:create, :destroy, :open_id, :cancel, :publish, :change_visibility] # :update

View File

@ -9,6 +9,7 @@
= javascript_include_tag "application" = javascript_include_tag "application"
= csrf_meta_tag = csrf_meta_tag
= display_meta_tags :site => APP_CONFIG['project_name'], :reverse => true, :separator => '-' = display_meta_tags :site => APP_CONFIG['project_name'], :reverse => true, :separator => '-'
= auto_discovery_link_tag :atom, root_path + '.atom', :title => "Rosalab News Feed"
%body %body
.wrap{:class => content_for?(:sidebar) ? 'columns' : ''} .wrap{:class => content_for?(:sidebar) ? 'columns' : ''}

View File

@ -181,14 +181,12 @@ Rosa::Application.routes.draw do
match '/forbidden', :to => 'pages#forbidden', :as => 'forbidden' match '/forbidden', :to => 'pages#forbidden', :as => 'forbidden'
match '/terms-of-service', :to => 'pages#tos', :as => 'tos' match '/terms-of-service', :to => 'pages#tos', :as => 'tos'
match '/.atom', :to => "activity_feeds#index", :format => :atom, :as => :atom_feed
if APP_CONFIG['anonymous_access'] if APP_CONFIG['anonymous_access']
authenticated do authenticated do
root :to => "activity_feeds#index" get "/(.:format)" => "activity_feeds#index", :as => :root
end end
root :to => 'pages#root' root :to => 'pages#root'
else else
root :to => "activity_feeds#index" get "/(.:format)" => "activity_feeds#index", :as => :root
end end
end end

View File

@ -4,6 +4,8 @@ class AddTokenAuthenticatableToUsers < ActiveRecord::Migration
t.token_authenticatable t.token_authenticatable
end end
add_index :users, :authentication_token
User.all.each do |user| User.all.each do |user|
user.ensure_authentication_token! user.ensure_authentication_token!
end end