From 510e3aabec4cd018cea6774c8bc6726c0fa22dd8 Mon Sep 17 00:00:00 2001 From: Yan Date: Tue, 20 Mar 2018 14:32:08 +0630 Subject: [PATCH] check current user session --- app/controllers/base_crm_controller.rb | 8 ++++++-- app/controllers/base_inventory_controller.rb | 8 ++++++-- app/controllers/base_oqs_controller.rb | 10 +++++++--- app/controllers/base_origami_controller.rb | 8 +++++--- app/controllers/base_report_controller.rb | 8 ++++++++ app/controllers/base_waiter_controller.rb | 16 ++++++++++++---- app/controllers/concerns/login_verification.rb | 6 +++--- app/controllers/home_controller.rb | 13 +++++++++++++ 8 files changed, 60 insertions(+), 17 deletions(-) diff --git a/app/controllers/base_crm_controller.rb b/app/controllers/base_crm_controller.rb index 3b9e0176..65350605 100755 --- a/app/controllers/base_crm_controller.rb +++ b/app/controllers/base_crm_controller.rb @@ -2,6 +2,8 @@ class BaseCrmController < ActionController::Base include LoginVerification layout "CRM" + before_action :check_user + #before_action :check_installation protect_from_forgery with: :exception @@ -22,8 +24,10 @@ class BaseCrmController < ActionController::Base { locale: I18n.locale } end - def current_user - @current_user ||= Employee.find_by_token_session(session[:session_token]) if session[:session_token] + def check_user + if current_user.nil? + redirect_to root_path + end end #Shop Name in Navbor diff --git a/app/controllers/base_inventory_controller.rb b/app/controllers/base_inventory_controller.rb index a88a3abb..ebbd32e3 100755 --- a/app/controllers/base_inventory_controller.rb +++ b/app/controllers/base_inventory_controller.rb @@ -2,6 +2,8 @@ class BaseInventoryController < ActionController::Base include LoginVerification layout "inventory" + before_action :check_user + #before_action :check_installation protect_from_forgery with: :exception @@ -12,8 +14,10 @@ class BaseInventoryController < ActionController::Base redirect_to root_path end - def current_user - @current_user ||= Employee.find_by_token_session(session[:session_token]) if session[:session_token] + def check_user + if current_user.nil? + redirect_to root_path + end end #Shop Name in Navbor diff --git a/app/controllers/base_oqs_controller.rb b/app/controllers/base_oqs_controller.rb index 0f093913..2b621cf1 100755 --- a/app/controllers/base_oqs_controller.rb +++ b/app/controllers/base_oqs_controller.rb @@ -2,6 +2,8 @@ class BaseOqsController < ActionController::Base include LoginVerification layout "OQS" + before_action :check_user + #before_action :check_installation protect_from_forgery with: :exception @@ -21,9 +23,11 @@ class BaseOqsController < ActionController::Base def default_url_options { locale: I18n.locale } end - - def current_user - @current_user ||= Employee.find_by_token_session(session[:session_token]) if session[:session_token] + + def check_user + if current_user.nil? + redirect_to root_path + end end #Shop Name in Navbor diff --git a/app/controllers/base_origami_controller.rb b/app/controllers/base_origami_controller.rb index 8c4f3aaa..e14a6959 100755 --- a/app/controllers/base_origami_controller.rb +++ b/app/controllers/base_origami_controller.rb @@ -2,7 +2,7 @@ class BaseOrigamiController < ActionController::Base include LoginVerification layout "origami" - # before_action :checkin_process + before_action :check_user #before_action :check_installation protect_from_forgery with: :exception @@ -14,8 +14,10 @@ class BaseOrigamiController < ActionController::Base redirect_to origami_dashboard_path end - def current_user - @current_user ||= Employee.find_by_token_session(session[:session_token]) if session[:session_token] + def check_user + if current_user.nil? + redirect_to root_path + end end # def checkin_process diff --git a/app/controllers/base_report_controller.rb b/app/controllers/base_report_controller.rb index e96e97c8..51c250f8 100755 --- a/app/controllers/base_report_controller.rb +++ b/app/controllers/base_report_controller.rb @@ -2,6 +2,8 @@ class BaseReportController < ActionController::Base include LoginVerification layout "application" + before_action :check_user + #before_action :check_installation protect_from_forgery with: :exception @@ -83,6 +85,12 @@ class BaseReportController < ActionController::Base return from, to end + def check_user + if current_user.nil? + redirect_to root_path + end + end + #Shop Name in Navbor def shop_detail @shop = Shop.first diff --git a/app/controllers/base_waiter_controller.rb b/app/controllers/base_waiter_controller.rb index 71303213..94d1cd45 100755 --- a/app/controllers/base_waiter_controller.rb +++ b/app/controllers/base_waiter_controller.rb @@ -2,13 +2,21 @@ class BaseWaiterController < ActionController::Base include LoginVerification layout "waiter" + before_action :check_user + #before_action :check_installation protect_from_forgery with: :exception helper_method :shop_detail - #Shop Name in Navbor - def shop_detail - @shop = Shop.first - end + def check_user + if current_user.nil? + redirect_to root_path + end + end + + #Shop Name in Navbor + def shop_detail + @shop = Shop.first + end end diff --git a/app/controllers/concerns/login_verification.rb b/app/controllers/concerns/login_verification.rb index bb9df067..14b1e2e1 100755 --- a/app/controllers/concerns/login_verification.rb +++ b/app/controllers/concerns/login_verification.rb @@ -33,10 +33,10 @@ module LoginVerification protected # Authenticate the user with token based authentication def authenticate - authenticate_session_token || render_unauthorized + authenticate_session_token || render_unauthorized end - def authenticate_session_token + def authenticate_session_token token = session[:session_token] if (token) #@current_user = User.find_by(api_key: token) @@ -50,7 +50,7 @@ module LoginVerification end end - def render_unauthorized() + def render_unauthorized redirect_to root_path end diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb index 147b2ee4..f097ba6f 100755 --- a/app/controllers/home_controller.rb +++ b/app/controllers/home_controller.rb @@ -2,8 +2,21 @@ class HomeController < ApplicationController # layout "application", except: [:index, :show] # skip_before_action :authenticate, only: [:index, :show, :create, :update, :destroy] + before_action :check_user, only: :dashboard + helper_method :shop_detail + # Special check for only dashboard + def check_user + if current_user.nil? + redirect_to root_path + end + end + + def current_user + @current_user ||= Employee.find_by_token_session(session[:session_token]) if session[:session_token] + end + def index # @employees = Employee.all_emp_except_waiter.order("name asc") @employees = Employee.all.order("name asc")