Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

- Refactored authentication_check_only.

Browse source 
- Replaced session[:request_type] with session[:persistent].
This commit is contained in:
Thorsten Eckel 2015-06-24 10:48:48 +02:00
parent c49792513e
commit e91553d164
5 changed files with 86 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

121
app/controllers/application_controller.rb
View file

@ -98,122 +98,98 @@ class ApplicationController < ActionController::Base
def authentication_check_only(auth_param)
logger.debug 'authentication_check'
session[:request_type] = 1
#logger.debug params.inspect
#logger.debug session.inspect
#logger.debug cookies.inspect
# check http basic auth
authenticate_with_http_basic do |username, password|
logger.debug 'http basic auth check'
session[:request_type] = 2
# already logged in, early exit
if session.id && session[:user_id]
userdata = User.find( session[:user_id] )
current_user_set(userdata)
userdata = User.authenticate( username, password )
message = ''
if !userdata
message = 'authentication failed'
end
return {
auth: true
}
end
# return auth ok
if message == ''
error_message = 'authentication failed'
# remember user
session[:user_id] = userdata.id
# check logon session
if params['logon_session']
logon_session = ActiveRecord::SessionStore::Session.where( session_id: params['logon_session'] ).first
# set basic auth user to current user
# set logon session user to current user
if logon_session
userdata = User.find( logon_session.data[:user_id] )
current_user_set(userdata)
session[:persistent] = true
return {
auth: true
}
end
# return auth not ok
error_message = 'no valid session, user_id'
end
# check sso
sso_userdata = User.sso(params)
if sso_userdata
current_user_set(sso_userdata)
session[:persistent] = true
return {
auth: false,
message: message,
auth: true
}
end
# check logon session
if params['logon_session']
logon_session = ActiveRecord::SessionStore::Session.where( session_id: params['logon_session'] ).first
if logon_session
userdata = User.find( logon_session.data[:user_id] )
end
# check http basic auth
authenticate_with_http_basic do |username, password|
logger.debug "http basic auth check '#{username}'"
session[:request_type] = 3
userdata = User.authenticate( username, password )
# set logon session user to current user
next if !userdata
# set basic auth user to current user
current_user_set(userdata)
return {
auth: true
}
end
# check sso
if !session[:user_id]
user = User.sso(params)
# Log the authorizing user in.
if user
session[:user_id] = user.id
end
end
# check token
if auth_param[:token_action]
authenticate_with_http_token do |token, options|
logger.debug 'token auth check'
session[:request_type] = 4
authenticate_with_http_token do |token, _options|
logger.debug "token auth check #{token}"
userdata = Token.check(
action: auth_param[:token_action],
name: token,
)
message = ''
if !userdata
message = 'authentication failed'
end
next if !userdata
# return auth ok
if message == ''
# set token user to current user
current_user_set(userdata)
# remember user
session[:user_id] = userdata.id
# set token user to current user
current_user_set(userdata)
return {
auth: true
}
end
# return auth not ok
return {
auth: false,
message: message,
auth: true
}
end
end
# return auth not ok (no session exists)
if !session[:user_id]
logger.debug 'no valid session, user_id'
message = 'no valid session, user_id'
return {
auth: false,
message: message,
}
end
logger.debug error_message
{
auth: true
auth: false,
message: error_message,
}
end
def authentication_check( auth_param = { basic_auth_promt: false } )
def authentication_check( auth_param = {} )
result = authentication_check_only(auth_param)
# check if basic_auth fallback is possible
@ -233,6 +209,9 @@ class ApplicationController < ActionController::Base
return false
end
# store current user id into the session
session[:user_id] = current_user.id
# return auth ok
true
end

4
app/controllers/sessions_controller.rb
View file

@ -54,6 +54,10 @@ class SessionsController < ApplicationController
# )
end
# sessions created via this
# controller are persistent
session[:persistent] = true
# return new session data
render status: :created,
json: {

12
app/models/observer/session.rb
View file

@ -13,15 +13,17 @@ class Observer::Session < ActiveRecord::Observer
check(record)
end
# move the persistent attribute from the sub structure
# to the first level so it gets stored in the database
# column to make the cleanup lookup more performant
def check(record)
return if !record.data
return if record[:request_type]
return if record[:persistent]
# remember request type
return if !record.data['request_type']
return if !record.data['persistent']
record[:request_type] = record.data['request_type']
record.data.delete('request_type')
record[:persistent] = record.data['persistent']
record.data.delete('persistent')
end
end

24
db/migrate/20150623145511_session_changes.rb Normal file
View file

@ -0,0 +1,24 @@
class SessionChanges < ActiveRecord::Migration
def up
ActiveRecord::SessionStore::Session.delete_all
remove_index :sessions, :request_type
remove_column :sessions, :request_type
add_column :sessions, :persistent, :boolean, null: true
add_index :sessions, :persistent
end
def down
ActiveRecord::SessionStore::Session.delete_all
remove_index :sessions, :persistent
remove_column :sessions, :persistent
add_column :sessions, :request_type, :integer, null: true
add_index :sessions, :request_type
end
end

2
lib/session_helper.rb
View file

@ -29,7 +29,7 @@ module SessionHelper
def self.cleanup_expired
# delete temp. sessions
ActiveRecord::SessionStore::Session.where('request_type IS NULL AND updated_at < ?', Time.zone.now - 1.days ).delete_all
ActiveRecord::SessionStore::Session.where('persistent IS NULL AND updated_at < ?', Time.zone.now - 1.days ).delete_all
# web sessions older the x days
ActiveRecord::SessionStore::Session.where('updated_at < ?', Time.zone.now - 90.days ).delete_all