Change koelkast login to login with token

This commit is contained in:
benji 2015-09-22 07:13:35 +02:00
parent 046b2c382c
commit 71659e246d
7 changed files with 13 additions and 12 deletions

View file

@ -1,6 +1,5 @@
class ApplicationController < ActionController::Base class ApplicationController < ActionController::Base
protect_from_forgery with: :exception protect_from_forgery with: :exception
check_authorization
rescue_from CanCan::AccessDenied do |exception| rescue_from CanCan::AccessDenied do |exception|
redirect_to root_path, flash: { error: exception.message } redirect_to root_path, flash: { error: exception.message }

View file

@ -1,6 +1,4 @@
class CallbacksController < Devise::OmniauthCallbacksController class CallbacksController < Devise::OmniauthCallbacksController
skip_authorization_check
def zeuswpi def zeuswpi
@user = User.from_omniauth(request.env["omniauth.auth"]) @user = User.from_omniauth(request.env["omniauth.auth"])
sign_in_and_redirect @user sign_in_and_redirect @user

View file

@ -1,3 +0,0 @@
class SessionsController < Devise::SessionsController
skip_authorization_check
end

View file

@ -1,6 +1,12 @@
class WelcomeController < ApplicationController class WelcomeController < ApplicationController
skip_authorization_check skip_before_filter :verify_authenticity_token, only: :token_sign_in
def index def index
end end
def token_sign_in
return head(:unauthorized) unless params[:token] == Rails.application.secrets.koelkast_token
koelkast = User.find_by(name: "koelkast")
sign_in_and_redirect koelkast
end
end end

View file

@ -23,7 +23,7 @@ class User < ActiveRecord::Base
include Statistics, Avatarable, FriendlyId include Statistics, Avatarable, FriendlyId
friendly_id :name, use: :finders friendly_id :name, use: :finders
devise :database_authenticatable, :omniauthable, :omniauth_providers => [:zeuswpi] devise :omniauthable, :omniauth_providers => [:zeuswpi]
has_many :orders, -> { includes :products } has_many :orders, -> { includes :products }
has_many :products, through: :orders has_many :products, through: :orders

View file

@ -1,10 +1,9 @@
Rails.application.routes.draw do Rails.application.routes.draw do
devise_for :users, controllers: { devise_for :users, controllers: { omniauth_callbacks: "callbacks" }
omniauth_callbacks: "callbacks",
sessions: "sessions"
}
devise_scope :user do devise_scope :user do
get 'sign_out', to: 'devise/sessions#destroy', as: :destroy_user_session
post 'sign_in', to: 'welcome#token_sign_in'
unauthenticated :user do unauthenticated :user do
root to: 'welcome#index' root to: 'welcome#index'
end end

View file

@ -16,6 +16,7 @@ development:
omniauth_client_secret: blargh omniauth_client_secret: blargh
access_token: "token" access_token: "token"
tab_api_key: "HriaktSIhRaB5CJzD71uLQ==" tab_api_key: "HriaktSIhRaB5CJzD71uLQ=="
koelkast_token: ""
test: test:
secret_key_base: 961437e28e7d6055ffaad9cf1f8d614354f57f10cb2d7601c9d6ede72a03b9c9535ad9e63507e3eb31252c4895970a63117493408f2e9a46c7a0c4a5a7836b81 secret_key_base: 961437e28e7d6055ffaad9cf1f8d614354f57f10cb2d7601c9d6ede72a03b9c9535ad9e63507e3eb31252c4895970a63117493408f2e9a46c7a0c4a5a7836b81
@ -29,3 +30,4 @@ production:
omniauth_client_secret: "" omniauth_client_secret: ""
access_token: "" access_token: ""
tab_api_key: "" tab_api_key: ""
koelkast_token: ""