kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

Titleize header [ci skip]

Browse source 
Sync style with Basic Authentication and Digest Authentication headers.
This commit is contained in:
Ryuta Kamizono 2019-11-24 10:01:56 +09:00
parent d558febe32
commit 93e154ac2c
1 changed files with 1 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
guides/source/action_controller_overview.md
View file

@ -889,7 +889,6 @@ class AdminsController < ApplicationController
before_action :authenticate before_action :authenticate
private private
def authenticate def authenticate
authenticate_or_request_with_http_digest do |username| authenticate_or_request_with_http_digest do |username|
USERS[username] USERS[username]
@ -900,7 +899,7 @@ end
As seen in the example above, the `authenticate_or_request_with_http_digest` block takes only one argument - the username. And the block returns the password. Returning `false` or `nil` from the `authenticate_or_request_with_http_digest` will cause authentication failure. As seen in the example above, the `authenticate_or_request_with_http_digest` block takes only one argument - the username. And the block returns the password. Returning `false` or `nil` from the `authenticate_or_request_with_http_digest` will cause authentication failure.
### HTTP Token authentication ### HTTP Token Authentication
HTTP token authentication is a scheme to enable the usage of Bearer tokens in the HTTP `Authorization` header. There are many token formats available and describing them is outside the scope of this document. HTTP token authentication is a scheme to enable the usage of Bearer tokens in the HTTP `Authorization` header. There are many token formats available and describing them is outside the scope of this document.
@ -913,7 +912,6 @@ class PostsController < ApplicationController
before_action :authenticate before_action :authenticate
private private
def authenticate def authenticate
authenticate_or_request_with_http_token do |token, options| authenticate_or_request_with_http_token do |token, options|
ActiveSupport::SecurityUtils.secure_compare(token, TOKEN) ActiveSupport::SecurityUtils.secure_compare(token, TOKEN)
@ -944,7 +942,6 @@ class ClientsController < ApplicationController
end end
private private
def generate_pdf(client) def generate_pdf(client)
Prawn::Document.new do Prawn::Document.new do
text client.name, align: :center text client.name, align: :center
@ -1156,7 +1153,6 @@ class ApplicationController < ActionController::Base
rescue_from ActiveRecord::RecordNotFound, with: :record_not_found rescue_from ActiveRecord::RecordNotFound, with: :record_not_found
private private
def record_not_found def record_not_found
render plain: "404 Not Found", status: 404 render plain: "404 Not Found", status: 404
end end
@ -1170,7 +1166,6 @@ class ApplicationController < ActionController::Base
rescue_from User::NotAuthorized, with: :user_not_authorized rescue_from User::NotAuthorized, with: :user_not_authorized
private private
def user_not_authorized def user_not_authorized
flash[:error] = "You don't have access to this section." flash[:error] = "You don't have access to this section."
redirect_back(fallback_location: root_path) redirect_back(fallback_location: root_path)
@ -1187,7 +1182,6 @@ class ClientsController < ApplicationController
end end
private private
# If the user is not authorized, just throw the exception. # If the user is not authorized, just throw the exception.
def check_authorization def check_authorization
raise User::NotAuthorized unless current_user.admin? raise User::NotAuthorized unless current_user.admin?