This commit is contained in:
0
app/controllers/concerns/.keep
Normal file
0
app/controllers/concerns/.keep
Normal file
80
app/controllers/concerns/authentication.rb
Normal file
80
app/controllers/concerns/authentication.rb
Normal file
@@ -0,0 +1,80 @@
|
||||
module Authentication
|
||||
extend ActiveSupport::Concern
|
||||
include SessionLookup
|
||||
|
||||
included do
|
||||
before_action :require_authentication
|
||||
helper_method :signed_in?
|
||||
|
||||
protect_from_forgery with: :exception, unless: -> { authenticated_by.bot_key? }
|
||||
end
|
||||
|
||||
class_methods do
|
||||
def require_unauthenticated_access(**options)
|
||||
allow_unauthenticated_access **options
|
||||
before_action :redirect_signed_in_user_to_root, **options
|
||||
end
|
||||
|
||||
def allow_unauthenticated_access(**options)
|
||||
skip_before_action :require_authentication, **options
|
||||
before_action :restore_authentication, **options
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
def signed_in?
|
||||
Current.user.present?
|
||||
end
|
||||
|
||||
def require_authentication
|
||||
restore_authentication || request_authentication
|
||||
end
|
||||
|
||||
def restore_authentication
|
||||
if session = find_session_by_cookie
|
||||
resume_session session
|
||||
end
|
||||
end
|
||||
|
||||
def request_authentication
|
||||
session[:return_to_after_authenticating] = request.url
|
||||
redirect_to new_session_url
|
||||
end
|
||||
|
||||
def redirect_signed_in_user_to_root
|
||||
redirect_to root_url if signed_in?
|
||||
end
|
||||
|
||||
def start_new_session_for(user)
|
||||
user.sessions.start!(user_agent: request.user_agent, ip_address: request.remote_ip).tap do |session|
|
||||
authenticated_as session
|
||||
end
|
||||
end
|
||||
|
||||
def resume_session(session)
|
||||
session.resume user_agent: request.user_agent, ip_address: request.remote_ip
|
||||
authenticated_as session
|
||||
end
|
||||
|
||||
def authenticated_as(session)
|
||||
Current.user = session.user
|
||||
set_authenticated_by(:session)
|
||||
cookies.signed.permanent[:session_token] = { value: session.token, httponly: true, same_site: :lax }
|
||||
end
|
||||
|
||||
def post_authenticating_url
|
||||
session.delete(:return_to_after_authenticating) || root_url
|
||||
end
|
||||
|
||||
def reset_authentication
|
||||
cookies.delete(:session_token)
|
||||
end
|
||||
|
||||
def set_authenticated_by(method)
|
||||
@authenticated_by = method.to_s.inquiry
|
||||
end
|
||||
|
||||
def authenticated_by
|
||||
@authenticated_by ||= "".inquiry
|
||||
end
|
||||
end
|
||||
@@ -0,0 +1,7 @@
|
||||
module Authentication::SessionLookup
|
||||
def find_session_by_cookie
|
||||
if token = cookies.signed[:session_token]
|
||||
Session.find_by(token: token)
|
||||
end
|
||||
end
|
||||
end
|
||||
14
app/controllers/concerns/book_scoped.rb
Normal file
14
app/controllers/concerns/book_scoped.rb
Normal file
@@ -0,0 +1,14 @@
|
||||
module BookScoped extend ActiveSupport::Concern
|
||||
included do
|
||||
before_action :set_book
|
||||
end
|
||||
|
||||
private
|
||||
def set_book
|
||||
@book = Book.accessable_or_published.find(params[:book_id])
|
||||
end
|
||||
|
||||
def ensure_editable
|
||||
head :forbidden unless @book.editable?
|
||||
end
|
||||
end
|
||||
10
app/controllers/concerns/page_leaf_scoped.rb
Normal file
10
app/controllers/concerns/page_leaf_scoped.rb
Normal file
@@ -0,0 +1,10 @@
|
||||
module PageLeafScoped extend ActiveSupport::Concern
|
||||
included do
|
||||
before_action :set_leaf
|
||||
end
|
||||
|
||||
private
|
||||
def set_leaf
|
||||
@leaf = Current.user.leaves.find(params[:page_id])
|
||||
end
|
||||
end
|
||||
37
app/controllers/concerns/set_book_leaf.rb
Normal file
37
app/controllers/concerns/set_book_leaf.rb
Normal file
@@ -0,0 +1,37 @@
|
||||
module SetBookLeaf
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
before_action :set_book
|
||||
before_action :set_leaf, :set_leafable, only: %i[ show edit update destroy ]
|
||||
end
|
||||
|
||||
private
|
||||
def set_book
|
||||
@book = Book.accessable_or_published.find(params[:book_id])
|
||||
end
|
||||
|
||||
def set_leaf
|
||||
@leaf = @book.leaves.active.find(params[:id])
|
||||
end
|
||||
|
||||
def set_leafable
|
||||
instance_variable_set "@#{instance_name}", @leaf.leafable
|
||||
end
|
||||
|
||||
def ensure_editable
|
||||
head :forbidden unless @book.editable?
|
||||
end
|
||||
|
||||
def model_class
|
||||
controller_leafable_name.constantize
|
||||
end
|
||||
|
||||
def instance_name
|
||||
controller_leafable_name.underscore
|
||||
end
|
||||
|
||||
def controller_leafable_name
|
||||
self.class.to_s.remove("Controller").demodulize.singularize
|
||||
end
|
||||
end
|
||||
12
app/controllers/concerns/user_scoped.rb
Normal file
12
app/controllers/concerns/user_scoped.rb
Normal file
@@ -0,0 +1,12 @@
|
||||
module UserScoped
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
before_action :set_user
|
||||
end
|
||||
|
||||
private
|
||||
def set_user
|
||||
@user = User.active.find(params[:user_id])
|
||||
end
|
||||
end
|
||||
13
app/controllers/concerns/version_headers.rb
Normal file
13
app/controllers/concerns/version_headers.rb
Normal file
@@ -0,0 +1,13 @@
|
||||
module VersionHeaders
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
before_action :set_version_headers
|
||||
end
|
||||
|
||||
private
|
||||
def set_version_headers
|
||||
response.headers["X-Version"] = Rails.application.config.app_version
|
||||
response.headers["X-Rev"] = Rails.application.config.git_revision
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user