Module: BookingSync::Engine::AuthHelpers

Extended by:
ActiveSupport::Concern
Defined in:
lib/bookingsync/engine/auth_helpers.rb

Instance Method Summary collapse

Instance Method Details

#account_authorized(account) ⇒ Object (private)

Callback after account is authorized.

Stores the authorized account's synced_id in the session.

Parameters:

  • account (Account)

    the just authorized account


22
23
24
# File 'lib/bookingsync/engine/auth_helpers.rb', line 22

def ()
  session[:account_id] = .synced_id.to_s
end

#after_bookingsync_sign_in_pathObject (private)

Path to which the user should be redirected after successful authorization. This method should be overridden in applications using this engine.

Defaults to root_path.


116
117
118
# File 'lib/bookingsync/engine/auth_helpers.rb', line 116

def 
  root_path
end

#after_bookingsync_sign_out_pathObject (private)

Path to which the user should be redirected after sign out. This method should be overridden in applications using this engine.

Defaults to root_path.


124
125
126
# File 'lib/bookingsync/engine/auth_helpers.rb', line 124

def after_bookingsync_sign_out_path
  root_path
end

#authenticate_account!Object (private)

Requests authorization if not currently authorized.


129
130
131
132
133
134
# File 'lib/bookingsync/engine/auth_helpers.rb', line 129

def authenticate_account!
   if BookingSync::Engine.embedded
  sign_out_if_inactive
  
  request_authorization! unless 
end

#clear_authorization!Object (private)

Removes the authorization from session. Will not redirect to any other page, see #reset_authorization!


41
42
43
# File 'lib/bookingsync/engine/auth_helpers.rb', line 41

def clear_authorization!
  session[:account_id] = nil
end

#current_accountAccount? (private)

Returns currently authorized Account or nil if unauthorized

Returns:

  • (Account, nil)

    currently authorized Account or nil if unauthorized


13
14
15
# File 'lib/bookingsync/engine/auth_helpers.rb', line 13

def 
  @current_account ||= ::Account.find_by(synced_id: session[:account_id]) if session[:account_id].present?
end

#enforce_requested_account_authorized!Object (private)

Clear authorization if the account passed from the BookingSync app store embed doesn't match the currently authorized account


28
29
30
# File 'lib/bookingsync/engine/auth_helpers.rb', line 28

def 
  clear_authorization! unless 
end

#handle_oauth_error(error) ⇒ Object (private)

Handler to rescue OAuth errors

Parameters:

  • error (OAuth2::Error)

    the rescued error


103
104
105
106
107
108
109
110
# File 'lib/bookingsync/engine/auth_helpers.rb', line 103

def handle_oauth_error(error)
  if error.code == "Not authorized"
    .try(:clear_token!)
    reset_authorization!
  else
    raise
  end
end

#new_authorization_pathObject (private)

Path to which the user should be redirected to start a new Authorization process.

Default to /auth/bookingsync/?account_id=SESSION_BOOKINGSYNC_ACCOUNT_ID


92
93
94
# File 'lib/bookingsync/engine/auth_helpers.rb', line 92

def new_authorization_path
  "/auth/bookingsync/?account_id=#{session[:_bookingsync_account_id]}"
end

#new_authorization_urlObject (private)


96
97
98
# File 'lib/bookingsync/engine/auth_helpers.rb', line 96

def new_authorization_url
  request.base_url + new_authorization_path
end

#request_authorization!Object (private)

Request a new authorization.


55
56
57
58
59
60
61
62
63
# File 'lib/bookingsync/engine/auth_helpers.rb', line 55

def request_authorization!
  if request.xhr?
    request_authorization_for_xhr!
  elsif BookingSync::Engine.embedded
    request_authorization_for_embedded!
  else
    request_authorization_for_standalone!
  end
end

#request_authorization_for_embedded!Object (private)

Request a new authorization for Embedded Apps.

Load the new authorization path using Javascript by default.


75
76
77
78
79
# File 'lib/bookingsync/engine/auth_helpers.rb', line 75

def request_authorization_for_embedded!
  allow_bookingsync_iframe
  render html: ("<script type='text/javascript'>top.location.href = " +
    "'#{new_authorization_path}';</script>").html_safe
end

#request_authorization_for_standalone!Object (private)

Request a new authorization for Standalone Apps.

Redirects to new authorization path by default.


84
85
86
# File 'lib/bookingsync/engine/auth_helpers.rb', line 84

def request_authorization_for_standalone!
  redirect_to new_authorization_path
end

#request_authorization_for_xhr!Object (private)

Request a new authorization for Ajax requests.

Renders the new authorization path with 401 Unauthorized status by default.


68
69
70
# File 'lib/bookingsync/engine/auth_helpers.rb', line 68

def request_authorization_for_xhr!
  render plain: new_authorization_url, status: :unauthorized
end

#requested_account_authorized?Boolean (private)

Checks if the account requested from the BookingSync app store embed matches currently authorized account.

Returns:

  • (Boolean)

34
35
36
37
# File 'lib/bookingsync/engine/auth_helpers.rb', line 34

def 
  session[:_bookingsync_account_id].blank? ||
    session[:_bookingsync_account_id] == session[:account_id]
end

#reset_authorization!Object (private)

Removes authorization from session and requests new authorization. For removing authorization without redirecting, see #clear_authorization!.


47
48
49
50
51
52
# File 'lib/bookingsync/engine/auth_helpers.rb', line 47

def reset_authorization!
  session[:_bookingsync_account_id] =
    params[:account_id].presence || session[:account_id]
  clear_authorization!
  request_authorization!
end

#store_bookingsync_account_idObject (private)

:nodoc:


136
137
138
# File 'lib/bookingsync/engine/auth_helpers.rb', line 136

def  # :nodoc:
  session[:_bookingsync_account_id] = params.delete(:_bookingsync_account_id)
end