tyrel/vidpush
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fec3064162
vidpush/app/controllers/application_controller.rb

33 lines
1.0 KiB
Ruby
Raw Blame History

class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :null_session
before_action :authenticate_user_from_token!
before_action :authenticate_user! #unless Rails.env.test?
private
def authenticate_user_from_token!
if request.headers["HTTP_AUTHORIZATION"]
authenticate_or_request_with_http_token do |token, options|
email = token.split[1].split("=")[1]
token = token.split[0]
user_email = email.presence
user = user_email && User.find_by_email(user_email)
if user && Devise.secure_compare(user.authentication_token, token)
sign_in user, store:false
end
end
else
user_email = params[:user_email].presence
token = params[:user_token]
user = user_email && User.find_by_email(user_email)
if user && Devise.secure_compare(user.authentication_token, token)
sign_in user, store:false
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink