1module Authentication |
|
2 extend ActiveSupport::Concern |
|
4 included do |
|
5 before_action :set_login_timeout |
|
6 before_action :logout_stale_session |
|
8 before_action :require_admin |
|
9 before_action :check_for_password_change |
|
11 helper_method :current_user, :current_session, :logged_in? |
|
12 end |
|
|
14 def current_session |
15 return @current_session if defined?(@current_session) |
|
16 @current_session = AdminUserSession.find |
|
17 end |
|
|
19 def current_user |
20 return @current_user if defined?(@current_user) |
|
21 @current_user = current_session && current_session.record |
|
22 end |
|
|
24 def logged_in? |
25 current_user
|
|
26 end |
|
|
28 def redirect_to_target_or_default |
29 redirect_to(session[:return_to] || admin_root_url) |
|
30 session[:return_to] = nil |
|
31 end |
|
|
33 def require_admin |
34 unless current_user |
|
35 redirect_to admin_login_url, alert: :admin_required |
|
36 end |
|
37 end |
|
|
39 def check_for_password_change |
40 if current_user.has_to_change_password? |
|
41 redirect_to edit_admin_profile_url(current_user), alert: :change_password |
|
42 end |
|
43 end |
|
|
45 def require_sysadmin |
46 unless current_user.is_a_sysadmin? |
|
47 redirect_to admin_root_url, alert: :sysadmin_required |
|
48 end |
|
49 end |
|
51 private
|
|
|
53 def store_target_location |
54 session[:return_to] = request.fullpath |
|
55 end |
|
|
57 def set_login_timeout |
58 AdminUser.logged_in_timeout = Site.login_timeout |
|
59 end |
|
|
61 def logout_stale_session |
62 current_session.destroy if current_session && current_session.stale? |
|
63 end |
|
64end |