2009-10-12 07:37:42 -04:00
|
|
|
module Devise
|
|
|
|
module Controllers
|
2010-01-13 12:12:13 -05:00
|
|
|
# Those helpers are convenience methods added to ApplicationController.
|
2009-10-12 07:37:42 -04:00
|
|
|
module Helpers
|
2010-02-17 06:35:38 -05:00
|
|
|
extend ActiveSupport::Concern
|
2009-10-12 07:37:42 -04:00
|
|
|
|
2010-02-17 06:35:38 -05:00
|
|
|
included do
|
2010-06-11 11:15:30 -04:00
|
|
|
helper_method :warden, :signed_in?, :devise_controller?, :anybody_signed_in?,
|
2010-04-25 03:40:07 -04:00
|
|
|
*Devise.mappings.keys.map { |m| [:"current_#{m}", :"#{m}_signed_in?", :"#{m}_session"] }.flatten
|
2009-10-12 07:37:42 -04:00
|
|
|
end
|
|
|
|
|
2010-07-13 07:11:04 -04:00
|
|
|
# Define authentication filters and accessor helpers based on mappings.
|
|
|
|
# These filters should be used inside the controllers as before_filters,
|
|
|
|
# so you can control the scope of the user who should be signed in to
|
|
|
|
# access that specific controller/action.
|
|
|
|
# Example:
|
|
|
|
#
|
|
|
|
# Roles:
|
|
|
|
# User
|
|
|
|
# Admin
|
|
|
|
#
|
|
|
|
# Generated methods:
|
|
|
|
# authenticate_user! # Signs user in or redirect
|
|
|
|
# authenticate_admin! # Signs admin in or redirect
|
|
|
|
# user_signed_in? # Checks whether there is an user signed in or not
|
|
|
|
# admin_signed_in? # Checks whether there is an admin signed in or not
|
|
|
|
# current_user # Current signed in user
|
|
|
|
# current_admin # Currend signed in admin
|
|
|
|
# user_session # Session data available only to the user scope
|
|
|
|
# admin_session # Session data available only to the admin scope
|
|
|
|
#
|
|
|
|
# Use:
|
|
|
|
# before_filter :authenticate_user! # Tell devise to use :user map
|
|
|
|
# before_filter :authenticate_admin! # Tell devise to use :admin map
|
|
|
|
#
|
|
|
|
def self.define_helpers(mapping) #:nodoc:
|
2010-07-15 12:13:55 -04:00
|
|
|
mapping = mapping.name
|
|
|
|
|
2010-07-13 07:11:04 -04:00
|
|
|
class_eval <<-METHODS, __FILE__, __LINE__ + 1
|
|
|
|
def authenticate_#{mapping}!
|
|
|
|
warden.authenticate!(:scope => :#{mapping})
|
|
|
|
end
|
|
|
|
|
|
|
|
def #{mapping}_signed_in?
|
|
|
|
warden.authenticate?(:scope => :#{mapping})
|
|
|
|
end
|
|
|
|
|
|
|
|
def current_#{mapping}
|
|
|
|
@current_#{mapping} ||= warden.authenticate(:scope => :#{mapping})
|
|
|
|
end
|
|
|
|
|
|
|
|
def #{mapping}_session
|
|
|
|
current_#{mapping} && warden.session(:#{mapping})
|
|
|
|
end
|
|
|
|
METHODS
|
|
|
|
end
|
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# The main accessor for the warden proxy instance
|
|
|
|
def warden
|
|
|
|
request.env['warden']
|
2009-10-12 07:37:42 -04:00
|
|
|
end
|
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# Return true if it's a devise_controller. false to all controllers unless
|
|
|
|
# the controllers defined inside devise. Useful if you want to apply a before
|
|
|
|
# filter to all controller, except the ones in devise:
|
|
|
|
#
|
|
|
|
# before_filter :my_filter, :unless => { |c| c.devise_controller? }
|
|
|
|
def devise_controller?
|
|
|
|
false
|
2009-10-12 07:37:42 -04:00
|
|
|
end
|
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# Check if the given scope is signed in session, without running
|
|
|
|
# authentication hooks.
|
|
|
|
def signed_in?(scope)
|
2010-01-14 07:38:02 -05:00
|
|
|
warden.authenticate?(:scope => scope)
|
2009-11-06 06:33:18 -05:00
|
|
|
end
|
|
|
|
|
2010-06-11 10:51:48 -04:00
|
|
|
# Check if the any scope is signed in session, without running
|
|
|
|
# authentication hooks.
|
|
|
|
def anybody_signed_in?
|
|
|
|
Devise.mappings.keys.any? { |scope| signed_in?(scope) }
|
|
|
|
end
|
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# Sign in an user that already was authenticated. This helper is useful for logging
|
|
|
|
# users in after sign up.
|
|
|
|
#
|
|
|
|
# Examples:
|
|
|
|
#
|
2010-07-13 04:09:55 -04:00
|
|
|
# sign_in :user, @user # sign_in(scope, resource)
|
|
|
|
# sign_in @user # sign_in(resource)
|
|
|
|
# sign_in @user, :event => :authentication # sign_in(resource, options)
|
|
|
|
#
|
|
|
|
def sign_in(resource_or_scope, *args)
|
|
|
|
options = args.extract_options!
|
|
|
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
|
|
resource = args.last || resource_or_scope
|
2010-07-14 11:55:14 -04:00
|
|
|
expire_session_data_after_sign_in!
|
2010-07-13 04:09:55 -04:00
|
|
|
warden.set_user(resource, options.merge!(:scope => scope))
|
2010-01-13 12:12:13 -05:00
|
|
|
end
|
2009-10-12 07:37:42 -04:00
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# Sign out a given user or scope. This helper is useful for signing out an user
|
|
|
|
# after deleting accounts.
|
|
|
|
#
|
|
|
|
# Examples:
|
|
|
|
#
|
|
|
|
# sign_out :user # sign_out(scope)
|
|
|
|
# sign_out @user # sign_out(resource)
|
|
|
|
#
|
|
|
|
def sign_out(resource_or_scope)
|
|
|
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
|
|
warden.user(scope) # Without loading user here, before_logout hook is not called
|
|
|
|
warden.raw_session.inspect # Without this inspect here. The session does not clear.
|
|
|
|
warden.logout(scope)
|
2009-10-12 08:56:12 -04:00
|
|
|
end
|
2009-10-12 07:37:42 -04:00
|
|
|
|
2010-06-24 08:02:27 -04:00
|
|
|
# Sign out all active users or scopes. This helper is useful for signing out all roles
|
|
|
|
# in one click.
|
2010-06-24 09:38:49 -04:00
|
|
|
def sign_out_all_scopes
|
2010-06-23 15:03:27 -04:00
|
|
|
# Not "warden.logout" since we need to sign_out only devise-defined scopes.
|
2010-06-23 15:06:32 -04:00
|
|
|
scopes = Devise.mappings.keys
|
|
|
|
scopes.each { |scope| warden.user(scope) }
|
2010-06-23 15:03:27 -04:00
|
|
|
warden.raw_session.inspect
|
2010-06-24 09:41:24 -04:00
|
|
|
warden.logout(*scopes)
|
2010-06-23 15:03:27 -04:00
|
|
|
end
|
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# Returns and delete the url stored in the session for the given scope. Useful
|
|
|
|
# for giving redirect backs after sign up:
|
|
|
|
#
|
|
|
|
# Example:
|
|
|
|
#
|
|
|
|
# redirect_to stored_location_for(:user) || root_path
|
|
|
|
#
|
|
|
|
def stored_location_for(resource_or_scope)
|
|
|
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
2010-04-03 05:43:31 -04:00
|
|
|
session.delete(:"#{scope}_return_to")
|
2009-10-12 08:56:12 -04:00
|
|
|
end
|
2009-10-12 07:37:42 -04:00
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# The default url to be used after signing in. This is used by all Devise
|
|
|
|
# controllers and you can overwrite it in your ApplicationController to
|
|
|
|
# provide a custom hook for a custom resource.
|
|
|
|
#
|
|
|
|
# By default, it first tries to find a resource_root_path, otherwise it
|
|
|
|
# uses the root path. For a user scope, you can define the default url in
|
|
|
|
# the following way:
|
|
|
|
#
|
|
|
|
# map.user_root '/users', :controller => 'users' # creates user_root_path
|
|
|
|
#
|
2010-07-13 21:21:57 -04:00
|
|
|
# map.namespace :user do |user|
|
|
|
|
# user.root :controller => 'users' # creates user_root_path
|
2010-01-13 12:12:13 -05:00
|
|
|
# end
|
|
|
|
#
|
2010-01-16 04:56:35 -05:00
|
|
|
#
|
2010-07-13 21:21:57 -04:00
|
|
|
# If the resource root path is not defined, root_path is used. However,
|
|
|
|
# if this default is not enough, you can customize it, for example:
|
2010-01-16 04:56:35 -05:00
|
|
|
#
|
|
|
|
# def after_sign_in_path_for(resource)
|
|
|
|
# if resource.is_a?(User) && resource.can_publish?
|
2010-01-20 14:46:14 -05:00
|
|
|
# publisher_url
|
2010-01-16 04:56:35 -05:00
|
|
|
# else
|
|
|
|
# super
|
|
|
|
# end
|
|
|
|
# end
|
|
|
|
#
|
2010-01-13 12:12:13 -05:00
|
|
|
def after_sign_in_path_for(resource_or_scope)
|
|
|
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
|
|
home_path = :"#{scope}_root_path"
|
|
|
|
respond_to?(home_path, true) ? send(home_path) : root_path
|
2009-10-27 19:31:12 -04:00
|
|
|
end
|
|
|
|
|
2010-05-23 19:50:42 -04:00
|
|
|
# The default url to be used after updating a resource. This is used by all Devise
|
|
|
|
# controllers and you can overwrite it in your ApplicationController to
|
|
|
|
# provide a custom hook for a custom resource.
|
|
|
|
#
|
|
|
|
# By default, it first tries to find a resource_root_path, otherwise it
|
|
|
|
# uses the root path. For a user scope, you can define the default url in
|
|
|
|
# the following way:
|
|
|
|
#
|
|
|
|
# map.user_root '/users', :controller => 'users' # creates user_root_path
|
|
|
|
#
|
|
|
|
# map.resources :users do |users|
|
|
|
|
# users.root # creates user_root_path
|
|
|
|
# end
|
|
|
|
#
|
|
|
|
#
|
|
|
|
# If none of these are defined, root_path is used. However, if this default
|
|
|
|
# is not enough, you can customize it, for example:
|
|
|
|
#
|
|
|
|
# def after_update_path_for(resource)
|
|
|
|
# if resource.is_a?(User) && resource.can_publish?
|
|
|
|
# publisher_url
|
|
|
|
# else
|
|
|
|
# super
|
|
|
|
# end
|
|
|
|
# end
|
|
|
|
#
|
|
|
|
def after_update_path_for(resource_or_scope)
|
2010-05-24 16:50:25 -04:00
|
|
|
after_sign_in_path_for(resource_or_scope)
|
2010-05-23 19:50:42 -04:00
|
|
|
end
|
|
|
|
|
2010-01-16 04:56:35 -05:00
|
|
|
# Method used by sessions controller to sign out an user. You can overwrite
|
|
|
|
# it in your ApplicationController to provide a custom hook for a custom
|
|
|
|
# scope. Notice that differently from +after_sign_in_path_for+ this method
|
|
|
|
# receives a symbol with the scope, and not the resource.
|
2009-10-27 19:26:40 -04:00
|
|
|
#
|
2010-01-13 12:12:13 -05:00
|
|
|
# By default is the root_path.
|
|
|
|
def after_sign_out_path_for(resource_or_scope)
|
|
|
|
root_path
|
2009-10-27 19:26:40 -04:00
|
|
|
end
|
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# Sign in an user and tries to redirect first to the stored location and
|
2010-07-13 04:09:55 -04:00
|
|
|
# then to the url specified by after_sign_in_path_for. It accepts the same
|
|
|
|
# parameters as the sign_in method.
|
|
|
|
def sign_in_and_redirect(resource_or_scope, *args)
|
|
|
|
options = args.extract_options!
|
|
|
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
|
|
resource = args.last || resource_or_scope
|
|
|
|
sign_in(scope, resource, options) unless warden.user(scope) == resource
|
|
|
|
redirect_for_sign_in(scope, resource)
|
|
|
|
end
|
|
|
|
|
|
|
|
def redirect_for_sign_in(scope, resource) #:nodoc:
|
2010-01-16 04:56:35 -05:00
|
|
|
redirect_to stored_location_for(scope) || after_sign_in_path_for(resource)
|
2009-10-12 08:56:12 -04:00
|
|
|
end
|
2009-10-12 07:37:42 -04:00
|
|
|
|
2010-01-13 12:12:13 -05:00
|
|
|
# Sign out an user and tries to redirect to the url specified by
|
|
|
|
# after_sign_out_path_for.
|
|
|
|
def sign_out_and_redirect(resource_or_scope)
|
2010-01-16 04:56:35 -05:00
|
|
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
2010-06-24 09:38:49 -04:00
|
|
|
if Devise.sign_out_all_scopes
|
|
|
|
sign_out_all_scopes
|
2010-06-24 10:05:53 -04:00
|
|
|
else
|
|
|
|
sign_out(scope)
|
2010-06-24 09:38:49 -04:00
|
|
|
end
|
2010-07-13 04:09:55 -04:00
|
|
|
redirect_for_sign_out(scope)
|
|
|
|
end
|
|
|
|
|
|
|
|
def redirect_for_sign_out(scope) #:nodoc:
|
2010-01-16 04:56:35 -05:00
|
|
|
redirect_to after_sign_out_path_for(scope)
|
2009-10-21 09:20:10 -04:00
|
|
|
end
|
2010-07-14 11:55:14 -04:00
|
|
|
|
|
|
|
# A hook called to expire session data after sign up/in. This is used
|
|
|
|
# by a few extensions, like oauth, to expire tokens stored in session.
|
|
|
|
def expire_session_data_after_sign_in!
|
|
|
|
end
|
2009-10-12 07:37:42 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|