module SnipSnap::AuthExtension::Helpers

Public Instance Methods

authorized?() click to toggle source

XXX cache result after going through logic once?

# File lib/snipsnap/extensions/auth.rb, line 45
def authorized?
  current_user.authorized?
end
current_user() click to toggle source
# File lib/snipsnap/extensions/auth.rb, line 49
def current_user
  @current_user ||= begin
    auth ||=  Rack::Auth::Basic::Request.new(request.env)

    user = nil

    if auth.provided? && auth.basic? && auth.credentials
      email, password, _ = auth.credentials

      logger.info "Credentials for #{email}"

      # XXX URGENT NEED TO CHECK ACTUAL FACEBOOK TOKEN!
      @facebook_user = password.size > 16

      user = User.for(email)

      unless @facebook_user
        user = user.authenticate(password)
      end
    else
      logger.info "No credentials"
    end
    user || Guest.new
  end
end
protected!() click to toggle source
# File lib/snipsnap/extensions/auth.rb, line 40
def protected!
  halt 401 unless authorized?
end
restricted!() click to toggle source
# File lib/snipsnap/extensions/auth.rb, line 36
def restricted!
  halt 403 unless current_user.admin?
end
user_for_id(id) click to toggle source
# File lib/snipsnap/extensions/auth.rb, line 75
def user_for_id(id)
  id == 'me' ?  current_user : User.find(id)
end