From 1b3190ba6c821a01752b7fa12509ae79c1b87218 Mon Sep 17 00:00:00 2001 From: Martin Edenhofer Date: Fri, 25 Mar 2016 14:28:45 +0100 Subject: [PATCH] Also log GET/OPTIONS/HEAD requests as device activities. --- app/controllers/application_controller.rb | 24 +++++++++-------------- 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 5fdf1622e..ded2e306b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -113,13 +113,14 @@ class ApplicationController < ActionController::Base end # check if entry exists / only if write action + diff = Time.zone.now - 10.minutes method = request.method - return if method == 'GET' - return if method == 'OPTIONS' - return if method == 'HEAD' + if method == 'GET' || method == 'OPTIONS' || method == 'HEAD' + diff = Time.zone.now - 30.minutes + end # only update if needed - return if session[:user_device_update_at] && session[:user_device_update_at] > Time.zone.now - 5.minutes + return if session[:user_device_update_at] && session[:user_device_update_at] > diff session[:user_device_update_at] = Time.zone.now UserDevice.action( @@ -161,10 +162,10 @@ class ApplicationController < ActionController::Base # already logged in, early exit if session.id && session[:user_id] - + logger.debug 'session based auth check' userdata = User.lookup(id: session[:user_id]) current_user_set(userdata) - + logger.debug "session based auth for '#{userdata.login}'" return { auth: true } @@ -176,7 +177,6 @@ class ApplicationController < ActionController::Base sso_userdata = User.sso(params) if sso_userdata session[:persistent] = true - return { auth: true } @@ -185,14 +185,11 @@ class ApplicationController < ActionController::Base # check http basic based authentication authenticate_with_http_basic do |username, password| logger.debug "http basic auth check '#{username}'" - userdata = User.authenticate(username, password) - next if !userdata - current_user_set(userdata) user_device_log(userdata, 'basic_auth') - + logger.debug "http basic auth for '#{userdata.login}'" return { auth: true } @@ -202,17 +199,14 @@ class ApplicationController < ActionController::Base if auth_param[:token_action] authenticate_with_http_token do |token, _options| logger.debug "token auth check '#{token}'" - userdata = Token.check( action: auth_param[:token_action], name: token, ) - next if !userdata - current_user_set(userdata) user_device_log(userdata, 'token_auth') - + logger.debug "token auth for '#{userdata.login}'" return { auth: true }