vidpush/app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :null_session
  before_action :authenticate_user_from_token!, except: [:publish]
  before_action :authenticate_user!, except: [:publish] #unless Rails.env.test?


  def set_by_options(name, field)
    what = params[field]
    model = name.to_s.classify.constantize
    if params[name]
      object =  model.find_by(field => params[name][field]) || not_found
    else
      object = model.find_by(field=>what) || not_found
    end
  end

  private
    def authenticate_user_from_token!
      user_email = params[:user_email].presence
      token = params[:user_token]
      user = user_email && User.find_by_email(user_email)
      if user && Devise.secure_compare(user.authentication_token, token)
        sign_in user, store: false
      end
    end
end
Initial Commit 2014-04-07 18:41:34 +00:00			`class ApplicationController < ActionController::Base`
			`# Prevent CSRF attacks by raising an exception.`
			`# For APIs, you may want to use :null_session instead.`
updates 2014-04-08 19:27:38 +00:00			`protect_from_forgery with: :null_session`
allowing publishing 2014-04-24 19:17:23 +00:00			`before_action :authenticate_user_from_token!, except: [:publish]`
			`before_action :authenticate_user!, except: [:publish] #unless Rails.env.test?`
all tests pass with devise added. bootstrap cleanup. 2014-04-14 18:41:53 +00:00
abstract finding of object 2014-04-25 15:32:58 +00:00
			`def set_by_options(name, field)`
			`what = params[field]`
			`model = name.to_s.classify.constantize`
			`if params[name]`
			`object = model.find_by(field => params[name][field]) \|\| not_found`
			`else`
			`object = model.find_by(field=>what) \|\| not_found`
			`end`
			`end`

add auth token 2014-04-15 17:04:58 +00:00			`private`
testing 2014-04-25 16:03:33 +00:00			`def authenticate_user_from_token!`
fix types, coverage up to 99.26% 2014-04-25 20:35:42 +00:00			`user_email = params[:user_email].presence`
			`token = params[:user_token]`
testing 2014-04-25 16:03:33 +00:00			`user = user_email && User.find_by_email(user_email)`
			`if user && Devise.secure_compare(user.authentication_token, token)`
			`sign_in user, store: false`
			`end`
add auth token 2014-04-15 17:04:58 +00:00			`end`
Initial Commit 2014-04-07 18:41:34 +00:00			`end`