Use warden scopes

9 years ago · 448f0eb899
parent 3af9bfd7c1
commit 448f0eb899
7 changed files with 49 additions and 30 deletions
--- a/2
+++ b/2
@ -26,7 +26,7 @@ gem 'active_model_serializers', '~> 0.8.1'
 gem 'yajl-ruby',            '~> 1.1.0', :require => 'yajl'
 gem 'newrelic_rpm'
 gem 'virtus',               '~> 1.0.1'
-gem 'warden',               '~> 1.2.3'
+gem 'rails_warden',         '~> 0.5.8'
 gem 'pundit',               '~> 0.3.0'
 gem 'rack-robustness',      '~> 1.1.0'
 gem 'rack-rewrite',         '~> 1.5.0'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -211,6 +211,8 @@ GEM
      bundler (>= 1.3.0, < 2.0)
      railties (= 4.1.5)
      sprockets-rails (~> 2.0)
+    rails_warden (0.5.8)
+      warden (>= 1.0.0)
    railties (4.1.5)
      actionpack (= 4.1.5)
      activesupport (= 4.1.5)
@ -379,6 +381,7 @@ DEPENDENCIES
  rack-rewrite (~> 1.5.0)
  rack-robustness (~> 1.1.0)
  rails (= 4.1.5)
+  rails_warden (~> 0.5.8)
  rake (~> 10.0.4)
  rb-inotify
  redcarpet (~> 2.2.2)
@ -399,5 +402,4 @@ DEPENDENCIES
  unicorn (~> 4.7)
  unicorn-worker-killer (~> 0.4.2)
  virtus (~> 1.0.1)
-  warden (~> 1.2.3)
  yajl-ruby (~> 1.1.0)
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -1,12 +1,14 @@
+require 'authentication/warden_authentication'
+
 module Api
-  class BaseController < ApplicationController
+  class BaseController < ActionController::Base

-    skip_before_filter :verify_authenticity_token
+    include WardenAuthentication

    private

-    def warden_strategies
-      [:api_token]
+    def warden_scope
+      :api
    end

  end
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -12,20 +12,25 @@ class ApplicationController < ActionController::Base
  include WardenAuthentication
  include Pundit

+  def unauthenticated_user
+    store_location
+    redirect_to new_login_path, notice: "Please log in to proceed"
+  end
+
+  def unauthenticated_api
+    render json: "Unauthenticated", status: 401
+  end
+
  private

-  def warden_strategies
-    [:auth_cookie]
+  def warden_scope
+    :user
  end

  def decorated_current_user
    current_user && CurrentUserDecorator.new(current_user)
  end

-  def ensure_authenticated!
-    handle_unauthenticated unless current_user
-  end
-
  def store_location
    session[:return_to] = request.path
  end
@ -52,15 +57,6 @@ class ApplicationController < ActionController::Base
    end
  end

-  def handle_unauthenticated
-    if request.xhr?
-      render json: "Unauthenticated", status: 401
-    else
-      store_location
-      redirect_to new_login_path, notice: "Please log in to proceed"
-    end
-  end
-
  def handle_not_found
    respond_to do |format|
      format.any do
--- a/config/application.rb
+++ b/config/application.rb
@ -50,7 +50,22 @@ module Asciinema

    config.middleware.use 'MetadataParser'
    config.middleware.use 'ApiTokenRegistrator'
-    config.middleware.use 'Warden::Manager'
+
+    config.middleware.use 'Warden::Manager' do |manager|
+      manager.failure_app = ApplicationController
+      manager.scope_defaults(
+        :user,
+        strategies: [:auth_cookie],
+        store: true,
+        action: "unauthenticated_user"
+      )
+      manager.scope_defaults(
+        :api,
+        strategies: [:api_token],
+        store: false,
+        action: "unauthenticated_api"
+      )
+    end

    config.action_mailer.default_url_options = { protocol: CFG.scheme, host: CFG.host }

--- a/lib/authentication/warden_authentication.rb
+++ b/lib/authentication/warden_authentication.rb
@ -2,18 +2,22 @@ module WardenAuthentication

  private

+  def ensure_authenticated!
+    warden.authenticate!(scope: warden_scope) unless warden.authenticated?(warden_scope)
+  end
+
  def current_user
-    warden.authenticate(*warden_strategies) unless warden.authenticated?
-    warden.user
+    warden.authenticate(scope: warden_scope) unless warden.authenticated?(warden_scope)
+    warden.user(warden_scope)
  end

  def current_user=(user)
    if user
-      warden.set_user(user)
+      warden.set_user(user, scope: warden_scope)
      cookies[:auth_token] =
        { value: user.auth_token, expires: 1.year.from_now }
    else
-      warden.logout
+      warden.logout(warden_scope)
      cookies.delete(:auth_token)
    end
  end
@ -22,8 +26,4 @@ module WardenAuthentication
    request.env['warden']
  end

-  def warden_strategies
-    raise NotImplementedError
-  end
-
 end
--- a/spec/support/authentication.rb
+++ b/spec/support/authentication.rb
@ -2,6 +2,10 @@ module Asciinema
  module Test
    module Authentication
      attr_accessor :current_user
+
+      def ensure_authenticated!
+        unauthenticated_user unless current_user
+      end
    end

    module ControllerHelpers