1 module AuthenticatedSystem
3 # Returns true or false if the user is logged in.
4 # Preloads @current_<%= file_name %> with the user model if they're logged in.
7 current_<%= file_name %> != :false
10 # Accesses the current <%= file_name %> from the session.
11 def current_<%= file_name %>
12 @current_<%= file_name %> ||= (session[:<%= file_name %>] && <%= class_name %>.find_by_id(session[:<%= file_name %>])) || :false
15 # Store the given <%= file_name %> in the session.
16 def current_<%= file_name %>=(new_<%= file_name %>)
17 session[:<%= file_name %>] = (new_<%= file_name %>.nil? || new_<%= file_name %>.is_a?(Symbol)) ? nil : new_<%= file_name %>.id
18 @current_<%= file_name %> = new_<%= file_name %>
21 # Check if the <%= file_name %> is authorized.
23 # Override this method in your controllers if you want to restrict access
24 # to only a few actions or if you want to check if the <%= file_name %>
25 # has the correct rights.
29 # # only allow nonbobs
31 # current_<%= file_name %>.login != "bob"
37 # Filter method to enforce a login requirement.
39 # To require logins for all actions, use this in your controllers:
41 # before_filter :login_required
43 # To require logins for specific actions, use this in your controllers:
45 # before_filter :login_required, :only => [ :edit, :update ]
47 # To skip this in a subclassed controller:
49 # skip_before_filter :login_required
52 username, passwd = get_auth_data
53 self.current_<%= file_name %> ||= <%= class_name %>.authenticate(username, passwd) || :false if username && passwd
54 logged_in? && authorized? ? true : access_denied
57 # Redirect as appropriate when an access request fails.
59 # The default action is to redirect to the login screen.
61 # Override this method in your controllers if you want to have special
62 # behavior in case the <%= file_name %> is not authorized
63 # to access the requested action. For example, a popup window might
64 # simply close itself.
66 respond_to do |accepts|
69 redirect_to :controller => '/<%= controller_file_name %>', :action => 'login'
72 headers["Status"] = "Unauthorized"
73 headers["WWW-Authenticate"] = %(Basic realm="Web Password")
74 render :text => "Could't authenticate you", :status => '401 Unauthorized'
80 # Store the URI of the current request in the session.
82 # We can return to this location by calling #redirect_back_or_default.
84 session[:return_to] = request.request_uri
87 # Redirect to the URI stored by the most recent store_location call or
88 # to the passed default.
89 def redirect_back_or_default(default)
90 session[:return_to] ? redirect_to_url(session[:return_to]) : redirect_to(default)
91 session[:return_to] = nil
94 # Inclusion hook to make #current_<%= file_name %> and #logged_in?
95 # available as ActionView helper methods.
96 def self.included(base)
97 base.send :helper_method, :current_<%= file_name %>, :logged_in?
100 # When called with before_filter :login_from_cookie will check for an :auth_token
101 # cookie and log the user back in if apropriate
102 def login_from_cookie
103 return unless cookies[:auth_token] && !logged_in?
104 user = <%= class_name %>.find_by_remember_token(cookies[:auth_token])
105 if user && user.remember_token?
107 self.current_<%= file_name %> = user
108 cookies[:auth_token] = { :value => self.current_<%= file_name %>.remember_token , :expires => self.current_<%= file_name %>.remember_token_expires_at }
109 flash[:notice] = "Logged in successfully"
114 @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION Authorization)
115 # gets BASIC auth info
117 auth_key = @@http_auth_headers.detect { |h| request.env.has_key?(h) }
118 auth_data = request.env[auth_key].to_s.split unless auth_key.blank?
119 return auth_data && auth_data[0] == 'Basic' ? Base64.decode64(auth_data[1]).split(':')[0..1] : [nil, nil]