technoweenie / mephisto fork watch download tarball
public
Fork of halorgium/mephisto
Description: A mirror of the mephisto code-base
Homepage: http://mephistoblog.com/
Clone URL: git://github.com/technoweenie/mephisto.git
Click here to lend your support to: mephisto and make a donation at www.pledgie.com ! 
Merge commit 'floppy/master'
rick (author)
Fri May 09 08:58:16 -0700 2008
commit  aa50252c19b28969e3bc217e70bed6a2f16d3a78
tree    00e55ac84e45ff7c913a24226bb14385647a65ef
parent  42a9c9a97ac3a61a5d031a11bab598c3585969b5 parent  0ca6f9a34bc9e23cd1f882426d29b887a59b6be9
mephisto / lib / authenticated_system.rb
100644 91 lines (77 sloc) 3.046 kb
raw history 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

module AuthenticatedSystem
  protected
    def logged_in?
      current_user != :false
    end
    
    # Accesses the current user from the session.
    def current_user
      @current_user ||= (session[:user] && User.find_by_site(site, session[:user])) || :false
    end
    
    # Store the given user in the session.
    def current_user=(new_user)
      session[:user] = (new_user.nil? || new_user.is_a?(Symbol)) ? nil : new_user.id
      @current_user = new_user
    end
    
    def authorized?
      true
    end
    
    def login_required
      username, passwd = get_auth_data
      self.current_user ||= User.authenticate_for(site, username, passwd) || :false if username && passwd
      logged_in? && authorized? ? true : access_denied
    end
 
    def access_denied
      respond_to do |accepts|
        accepts.html do
          store_location
          redirect_to :controller => "/account", :action => "login"
        end
        accepts.xml { access_denied_with_basic_auth }
      end
      false
    end
 
    # store current uri in  the session.
    # we can return to this location by calling return_location
    # Options:
    # * :overwrite - (default = true) Overwrite existing stored location
    # * :uri - Return to the specified URI (defaults to request.request_uri)
    def store_location(uri = nil)
      session[:return_to] = uri || request.request_uri
    end
    
    def location_stored?
      !session[:return_to].nil?
    end
 
    # move to the last store_location call or to the passed default one
    def redirect_back_or_default(default)
      redirect_to(location_stored? ? session[:return_to] : default)
      session[:return_to] = nil
    end
    
    def basic_auth_required
      User.authenticate_for(*get_auth_data.unshift(site)) || access_denied_with_basic_auth
    end
    
    # adds ActionView helper methods
    def self.included(base)
      base.send :helper_method, :current_user, :logged_in?
    end
 
    # When called with before_filter :login_from_cookie will check for an :auth_token
    # cookie and log the user back in if apropriate
    def login_from_cookie
      return unless cookies[:token] && !logged_in?
      self.current_user = site.user_by_token(cookies[:token])
      cookies[:token] = { :value => self.current_user.reset_token! , :expires => self.current_user.token_expires_at } if logged_in?
      true
    end
 
  private
    def access_denied_with_basic_auth
      headers["Status"]           = "Unauthorized"
      headers["WWW-Authenticate"] = %(Basic realm="Web Password")
      render :text => "Could't authenticate you", :status => '401 Unauthorized'
    end
 
    @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION Authorization)
    # gets BASIC auth info
    def get_auth_data
      auth_key  = @@http_auth_headers.detect { |h| request.env.has_key?(h) }
      auth_data = request.env[auth_key].to_s.split unless auth_key.blank?
      return auth_data && auth_data[0] == 'Basic' ? Base64.decode64(auth_data[1]).split(':')[0..1] : [nil, nil] 
    end
end