Changesets can be listed by changeset number.
The Git repository is here.
- Revision:
- 173
- Log:
Updated to latest release of Beast according to the "getting started with
Beast" guide at:http://beast.caboo.se/forums/1/topics/381
This check-in includes frozen Edge Rails and has the beginnings of
configuration for the ROOL site included.
- Author:
- rool
- Date:
- Fri Mar 02 15:59:12 +0000 2007
- Size:
- 2724 Bytes
1 | module AuthenticationSystem |
2 | protected |
3 | # this is used to keep track of the last time a user has been seen (reading a topic) |
4 | # it is used to know when topics are new or old and which should have the green |
5 | # activity light next to them |
6 | # |
7 | # we cheat by not calling it all the time, but rather only when a user views a topic |
8 | # which means it isn't truly "last seen at" but it does serve it's intended purpose |
9 | # |
10 | # this could be a filter for the entire app and keep with it's true meaning, but that |
11 | # would just slow things down without any forseeable benefit since we already know |
12 | # who is online from the user/session connection |
13 | # |
14 | # This is now also used to show which users are online... not at accurate as the |
15 | # session based approach, but less code and less overhead. |
16 | def update_last_seen_at |
17 | return unless logged_in? |
18 | User.update_all ['last_seen_at = ?', Time.now.utc], ['id = ?', current_user.id] |
19 | current_user.last_seen_at = Time.now.utc |
20 | end |
21 | |
22 | def login_required |
23 | login_by_token unless logged_in? |
24 | login_by_basic_auth unless logged_in? |
25 | respond_to do |format| |
26 | format.html { redirect_to login_path } |
27 | format.js { render(:update) { |p| p.redirect_to login_path } } |
28 | format.xml do |
29 | headers["WWW-Authenticate"] = %(Basic realm="Beast") |
30 | render :text => "HTTP Basic: Access denied.\n", :status => :unauthorized |
31 | end |
32 | end unless logged_in? && authorized? |
33 | end |
34 | |
35 | def login_by_token |
36 | self.current_user = User.find_by_id_and_login_key(*cookies[:login_token].split(";")) if cookies[:login_token] and not logged_in? |
37 | end |
38 | |
39 | @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION Authorization) |
40 | def login_by_basic_auth |
41 | auth_key = @@http_auth_headers.detect { |h| request.env.has_key?(h) } |
42 | auth_data = request.env[auth_key].to_s.split unless auth_key.blank? |
43 | self.current_user = User.authenticate *Base64.decode64(auth_data[1]).split(':')[0..1] if auth_data && auth_data[0] == 'Basic' |
44 | end |
45 | |
46 | def authorized?() true end |
47 | |
48 | def current_user=(value) |
49 | if @current_user = value |
50 | session[:user_id] = @current_user.id |
51 | # this is used while we're logged in to know which threads are new, etc |
52 | session[:last_active] = @current_user.last_seen_at |
53 | session[:topics] = session[:forums] = {} |
54 | update_last_seen_at |
55 | end |
56 | end |
57 | |
58 | def current_user |
59 | @current_user ||= ((session[:user_id] && User.find_by_id(session[:user_id])) || 0) |
60 | end |
61 | |
62 | def logged_in? |
63 | current_user != 0 |
64 | end |
65 | |
66 | def admin? |
67 | logged_in? && current_user.admin? |
68 | end |
69 | end |