X-Git-Url: https://projects.mako.cc/source/selectricity-live/blobdiff_plain/a12d4f62752f546f57421244e370e79965706ffb..f7aee769411a893c1059c529a220c0d25c72974f:/vendor/plugins/login_engine/lib/login_engine/authenticated_system.rb

diff --git a/vendor/plugins/login_engine/lib/login_engine/authenticated_system.rb b/vendor/plugins/login_engine/lib/login_engine/authenticated_system.rb
new file mode 100644
index 0000000..cbe3e78
--- /dev/null
+++ b/vendor/plugins/login_engine/lib/login_engine/authenticated_system.rb
@@ -0,0 +1,113 @@
+module LoginEngine
+  module AuthenticatedSystem
+    
+    protected
+
+    # overwrite this if you want to restrict access to only a few actions
+    # or if you want to check if the user has the correct rights  
+    # example:
+    #
+    #  # only allow nonbobs
+    #  def authorize?(user)
+    #    user.login != "bob"
+    #  end
+    def authorize?(user)
+       true
+    end
+  
+    # overwrite this method if you only want to protect certain actions of the controller
+    # example:
+    # 
+    #  # don't protect the login and the about method
+    #  def protect?(action)
+    #    if ['action', 'about'].include?(action)
+    #       return false
+    #    else
+    #       return true
+    #    end
+    #  end
+    def protect?(action)
+      true
+    end
+   
+    # login_required filter. add 
+    #
+    #   before_filter :login_required
+    #
+    # if the controller should be under any rights management. 
+    # for finer access control you can overwrite
+    #   
+    #   def authorize?(user)
+    # 
+    def login_required
+      if not protect?(action_name)
+        return true  
+      end
+
+      if user? and authorize?(session[:user])
+        return true
+      end
+
+      # store current location so that we can 
+      # come back after the user logged in
+      store_location
+  
+      # call overwriteable reaction to unauthorized access
+      access_denied
+    end
+
+    # overwrite if you want to have special behavior in case the user is not authorized
+    # to access the current operation. 
+    # the default action is to redirect to the login screen
+    # example use :
+    # a popup window might just close itself for instance
+    def access_denied
+      redirect_to :controller => "/user", :action => "login"
+    end  
+  
+    # store current uri in  the session.
+    # we can return to this location by calling return_location
+    def store_location
+      session['return-to'] = request.request_uri
+    end
+
+    # move to the last store_location call or to the passed default one
+    def redirect_to_stored_or_default(default=nil)
+      if session['return-to'].nil?
+        redirect_to default
+      else
+        redirect_to_url session['return-to']
+        session['return-to'] = nil
+      end
+    end
+
+    def redirect_back_or_default(default=nil)
+      if request.env["HTTP_REFERER"].nil?
+        redirect_to default
+      else
+        redirect_to(request.env["HTTP_REFERER"]) # same as redirect_to :back
+      end
+    end
+
+    def user?
+      # First, is the user already authenticated?
+      return true if not session[:user].nil?
+
+      # If not, is the user being authenticated by a token?
+      id = params[:user_id]
+      key = params[:key]
+      if id and key
+        session[:user] = User.authenticate_by_token(id, key)
+        return true if not session[:user].nil?
+      end
+
+      # Everything failed
+      return false
+    end
+  
+    # Returns the current user from the session, if any exists
+    def current_user
+      session[:user]
+    end
+  end
+end