2010-02-19 03:52:04 -05:00
|
|
|
require "action_controller/metal"
|
|
|
|
|
2009-10-22 18:12:00 -04:00
|
|
|
module Devise
|
2009-11-21 21:49:23 -05:00
|
|
|
# Failure application that will be called every time :warden is thrown from
|
|
|
|
# any strategy or hook. Responsible for redirect the user to the sign in
|
|
|
|
# page based on current scope and mapping. If no scope is given, redirect
|
|
|
|
# to the default_url.
|
2010-02-19 03:52:04 -05:00
|
|
|
class FailureApp < ActionController::Metal
|
|
|
|
include ActionController::RackDelegation
|
|
|
|
include ActionController::UrlFor
|
|
|
|
include ActionController::Redirecting
|
2010-05-15 18:38:40 -04:00
|
|
|
include Rails.application.routes.url_helpers
|
2009-11-21 21:49:23 -05:00
|
|
|
|
2010-04-03 05:43:31 -04:00
|
|
|
delegate :flash, :to => :request
|
|
|
|
|
2009-10-22 18:12:00 -04:00
|
|
|
def self.call(env)
|
2010-02-19 03:52:04 -05:00
|
|
|
action(:respond).call(env)
|
2009-11-21 21:49:23 -05:00
|
|
|
end
|
2009-11-16 11:31:09 -05:00
|
|
|
|
2010-02-19 03:52:04 -05:00
|
|
|
def self.default_url_options(*args)
|
|
|
|
ApplicationController.default_url_options(*args)
|
2009-11-21 21:49:23 -05:00
|
|
|
end
|
|
|
|
|
2010-02-19 03:52:04 -05:00
|
|
|
def respond
|
2010-03-29 09:16:14 -04:00
|
|
|
if http_auth?
|
2010-04-03 05:43:31 -04:00
|
|
|
http_auth
|
|
|
|
elsif warden_options[:recall]
|
|
|
|
recall
|
2010-03-29 09:16:14 -04:00
|
|
|
else
|
2010-04-03 05:43:31 -04:00
|
|
|
redirect
|
2010-03-29 09:16:14 -04:00
|
|
|
end
|
2009-10-22 18:12:00 -04:00
|
|
|
end
|
2009-11-21 21:49:23 -05:00
|
|
|
|
2010-04-03 05:43:31 -04:00
|
|
|
def http_auth
|
|
|
|
self.status = 401
|
|
|
|
self.headers["WWW-Authenticate"] = %(Basic realm=#{Devise.http_authentication_realm.inspect})
|
|
|
|
self.content_type = request.format.to_s
|
|
|
|
self.response_body = http_auth_body
|
2010-04-01 11:30:55 -04:00
|
|
|
end
|
|
|
|
|
2010-04-03 05:43:31 -04:00
|
|
|
def recall
|
|
|
|
env["PATH_INFO"] = attempted_path
|
|
|
|
flash.now[:alert] = i18n_message(:invalid)
|
|
|
|
self.response = recall_controller.action(warden_options[:recall]).call(env)
|
2010-03-29 09:16:14 -04:00
|
|
|
end
|
|
|
|
|
2010-04-03 05:43:31 -04:00
|
|
|
def redirect
|
|
|
|
store_location!
|
|
|
|
flash[:alert] = i18n_message unless flash[:notice]
|
2010-07-05 09:22:44 -04:00
|
|
|
redirect_to redirect_url
|
2010-03-29 09:16:14 -04:00
|
|
|
end
|
|
|
|
|
2010-04-03 05:43:31 -04:00
|
|
|
protected
|
|
|
|
|
|
|
|
def i18n_message(default = nil)
|
|
|
|
message = warden.message || warden_options[:message] || default || :unauthenticated
|
|
|
|
|
|
|
|
if message.is_a?(Symbol)
|
|
|
|
I18n.t(:"#{scope}.#{message}", :resource_name => scope,
|
2010-04-03 07:11:45 -04:00
|
|
|
:scope => "devise.failure", :default => [message, message.to_s])
|
2010-03-29 09:16:14 -04:00
|
|
|
else
|
|
|
|
message.to_s
|
|
|
|
end
|
2010-04-03 05:43:31 -04:00
|
|
|
end
|
2010-03-29 09:16:14 -04:00
|
|
|
|
2010-07-05 09:22:44 -04:00
|
|
|
def redirect_url
|
|
|
|
send(:"new_#{scope}_session_path")
|
|
|
|
end
|
|
|
|
|
2010-04-03 05:43:31 -04:00
|
|
|
def http_auth?
|
2010-08-31 11:44:19 -04:00
|
|
|
if request.xhr?
|
|
|
|
Devise.http_authenticatable_on_xhr
|
|
|
|
else
|
|
|
|
!Devise.navigational_formats.include?(request.format.to_sym)
|
|
|
|
end
|
2010-03-29 09:16:14 -04:00
|
|
|
end
|
|
|
|
|
2010-04-03 05:43:31 -04:00
|
|
|
def http_auth_body
|
|
|
|
method = :"to_#{request.format.to_sym}"
|
|
|
|
{}.respond_to?(method) ? { :error => i18n_message }.send(method) : i18n_message
|
2010-02-19 03:52:04 -05:00
|
|
|
end
|
|
|
|
|
2010-04-01 11:30:55 -04:00
|
|
|
def recall_controller
|
|
|
|
"#{params[:controller].camelize}Controller".constantize
|
|
|
|
end
|
|
|
|
|
2010-02-19 03:52:04 -05:00
|
|
|
def warden
|
|
|
|
env['warden']
|
|
|
|
end
|
2009-11-21 21:49:23 -05:00
|
|
|
|
2010-02-19 03:52:04 -05:00
|
|
|
def warden_options
|
|
|
|
env['warden.options']
|
2009-11-21 21:49:23 -05:00
|
|
|
end
|
|
|
|
|
2010-04-03 05:43:31 -04:00
|
|
|
def scope
|
2010-07-14 11:55:14 -04:00
|
|
|
@scope ||= warden_options[:scope] || Devise.default_scope
|
2010-04-03 05:43:31 -04:00
|
|
|
end
|
|
|
|
|
2010-03-11 12:39:32 -05:00
|
|
|
def attempted_path
|
|
|
|
warden_options[:attempted_path]
|
|
|
|
end
|
|
|
|
|
2009-11-21 21:49:23 -05:00
|
|
|
# Stores requested uri to redirect the user after signing in. We cannot use
|
|
|
|
# scoped session provided by warden here, since the user is not authenticated
|
|
|
|
# yet, but we still need to store the uri based on scope, so different scopes
|
|
|
|
# would never use the same uri to redirect.
|
2010-04-03 05:43:31 -04:00
|
|
|
def store_location!
|
2010-07-14 11:55:14 -04:00
|
|
|
session["#{scope}_return_to"] = attempted_path if request.get? && !http_auth?
|
2009-11-21 21:49:23 -05:00
|
|
|
end
|
2009-10-22 18:12:00 -04:00
|
|
|
end
|
|
|
|
end
|