2014-04-07 18:41:34 +00:00
|
|
|
class ApplicationController < ActionController::Base
|
|
|
|
# Prevent CSRF attacks by raising an exception.
|
|
|
|
# For APIs, you may want to use :null_session instead.
|
2014-04-08 19:27:38 +00:00
|
|
|
protect_from_forgery with: :null_session
|
2014-04-15 17:04:58 +00:00
|
|
|
before_action :authenticate_user_from_token!
|
2014-04-14 18:41:53 +00:00
|
|
|
before_action :authenticate_user! #unless Rails.env.test?
|
|
|
|
|
2014-04-15 17:04:58 +00:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def authenticate_user_from_token!
|
|
|
|
user_token = params[:user_token].presence
|
|
|
|
user = user_token && User.find_by_authentication_token(user_token.to_s)
|
|
|
|
|
|
|
|
if user
|
|
|
|
sign_in user, store: false
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
2014-04-07 18:41:34 +00:00
|
|
|
end
|