tap/app/controllers/application_controller.rb

61 lines
1.5 KiB
Ruby
Raw Normal View History

2014-11-06 14:46:59 +01:00
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
2019-05-07 22:45:05 +02:00
skip_before_action :verify_authenticity_token, if: :api_request?
before_filter :authenticate_user_from_token!
before_filter :authenticate_user!
before_filter :set_user!
def api_request?
(user_token.present?) && request.format.json?
end
2014-12-09 17:17:11 +01:00
2014-12-15 19:43:02 +01:00
rescue_from CanCan::AccessDenied do |exception|
2019-05-07 23:58:43 +02:00
Rails.logger.debug "Access denied on #{exception.action} #{exception.subject.inspect}"
2019-04-08 16:41:19 +02:00
respond_to do |format|
format.json { render json: [ "Diefstal is een misdrijf." ], status: :forbidden }
format.html { redirect_to root_path, flash: { error: message_for(exception) } }
end
2014-12-15 19:43:02 +01:00
end
2014-12-09 17:17:11 +01:00
def after_sign_in_path_for(resource)
2014-12-09 17:28:24 +01:00
root_path
2014-12-09 17:17:11 +01:00
end
def after_sign_up_path_for(resource)
root_path
2014-12-09 17:17:11 +01:00
end
2016-02-29 11:27:05 +01:00
private
def message_for exception
if exception.subject.class == Order && [:new, :create].include?(exception.action)
"Betaal uw fucking schulden!"
else
exception.message
end
end
2019-05-07 22:45:05 +02:00
def authenticate_user_from_token!
user = user_token
if user
# Notice we are passing store false, so the user is not
# actually stored in the session and a token is needed
# for every request. If you want the token to work as a
# sign in token, you can simply remove store: false.
sign_in user, store: false
end
end
def set_user!
@user = current_user
end
def user_token
@user_token ||= authenticate_with_http_token do |token, options|
User.find_by userkey: token
end
end
2014-11-06 14:46:59 +01:00
end