module AuthLh::AuthManagement

Public Instance Methods

change_password_url() click to toggle source
# File lib/auth_lh/auth_management.rb, line 62
def change_password_url
  @auth_api.change_password_url(request.original_url)
end
check_access_grants() click to toggle source
# File lib/auth_lh/auth_management.rb, line 46
def check_access_grants
  if current_user
    if !current_user.can_access?(params[:controller], params[:action])
      if request.xhr?
        render status: :forbidden
      else
        render file: 'public/403.html', layout: false
      end
    end
  end
end
check_local_access() click to toggle source
# File lib/auth_lh/auth_management.rb, line 36
def check_local_access
  if current_user
    allowed_shop_codes = current_user.allowed_local_shop_codes(current_shop.try(:code))

    if !allowed_shop_codes.include?(local_shop.code)
      render file: 'public/403.html', layout: false
    end
  end
end
current_shop() click to toggle source
# File lib/auth_lh/auth_management.rb, line 28
def current_shop
  @current_shop
end
current_user() click to toggle source
# File lib/auth_lh/auth_management.rb, line 16
def current_user
  @current_user
end
local_shop() click to toggle source
# File lib/auth_lh/auth_management.rb, line 32
def local_shop
  @local_shop
end
logout_url() click to toggle source
# File lib/auth_lh/auth_management.rb, line 58
def logout_url
  @auth_api.logout_url(request.protocol + request.host_with_port)
end
set_current_shop() click to toggle source
# File lib/auth_lh/auth_management.rb, line 20
def set_current_shop
  if request.local?
    @current_shop = @local_shop
  else
    @current_shop = @auth_api.get_current_shop(request.remote_ip)
  end
end
set_current_user() click to toggle source
# File lib/auth_lh/auth_management.rb, line 3
def set_current_user
  session_response = @auth_api.get_current_user(cookies[:session_token], request.remote_ip, request.original_url)

  if session_response.user
    @current_user = ::User.find_or_create_by(login: session_response.user.login)
    @current_user.auth_user = session_response.user
  end

  if session_response.destination_url.present?
    redirect_to session_response.destination_url
  end
end