diff --git a/app/controllers/api/restaurant/item_sets_controller.rb b/app/controllers/api/restaurant/item_sets_controller.rb index a7ad9efc..99581550 100755 --- a/app/controllers/api/restaurant/item_sets_controller.rb +++ b/app/controllers/api/restaurant/item_sets_controller.rb @@ -1,5 +1,4 @@ class Api::Restaurant::ItemSetsController < Api::ApiController - #Description # Pull the default menu details and also other available (active) menus # Input Params - order_id diff --git a/app/controllers/api/restaurant/menu_categories_controller.rb b/app/controllers/api/restaurant/menu_categories_controller.rb index f1f3e6d0..644a38a8 100755 --- a/app/controllers/api/restaurant/menu_categories_controller.rb +++ b/app/controllers/api/restaurant/menu_categories_controller.rb @@ -1,5 +1,4 @@ -class Api::Restaurant::MenuCategoriesController < Api::ApiController - skip_before_action :authenticate +class Api::Restaurant::MenuCategoriesController < Api::ApiController #Description # Pull the default menu details and also other available (active) menus # Input Params - order_id diff --git a/app/controllers/api/restaurant/menu_controller.rb b/app/controllers/api/restaurant/menu_controller.rb index ad8ad7f9..96ba3cc0 100755 --- a/app/controllers/api/restaurant/menu_controller.rb +++ b/app/controllers/api/restaurant/menu_controller.rb @@ -1,5 +1,4 @@ class Api::Restaurant::MenuController < Api::ApiController - skip_before_action :authenticate #Description # Pull the default menu details and also other available (active) menus # Input Params - order_id diff --git a/app/controllers/api/restaurant/menu_item_attributes_controller.rb b/app/controllers/api/restaurant/menu_item_attributes_controller.rb index 37719c37..d0469924 100755 --- a/app/controllers/api/restaurant/menu_item_attributes_controller.rb +++ b/app/controllers/api/restaurant/menu_item_attributes_controller.rb @@ -1,5 +1,4 @@ -class Api::Restaurant::MenuItemAttributesController < Api::ApiController - skip_before_action :authenticate +class Api::Restaurant::MenuItemAttributesController < Api::ApiController #Description # Pull the default menu details and also other available (active) menus # Input Params - order_id diff --git a/app/controllers/api/restaurant/menu_item_instances_controller.rb b/app/controllers/api/restaurant/menu_item_instances_controller.rb index be38f782..cfe75b19 100755 --- a/app/controllers/api/restaurant/menu_item_instances_controller.rb +++ b/app/controllers/api/restaurant/menu_item_instances_controller.rb @@ -1,5 +1,4 @@ -class Api::Restaurant::MenuItemInstancesController < Api::ApiController - skip_before_action :authenticate +class Api::Restaurant::MenuItemInstancesController < Api::ApiController #Description # Pull the default menu details and also other available (active) menus # Input Params - order_id diff --git a/app/controllers/base_origami_controller.rb b/app/controllers/base_origami_controller.rb index 86fb4ec3..66cc2880 100755 --- a/app/controllers/base_origami_controller.rb +++ b/app/controllers/base_origami_controller.rb @@ -15,19 +15,16 @@ class BaseOrigamiController < ActionController::Base redirect_to origami_dashboard_path end - def check_user - token_status = false - authenticate_with_http_token do |token, options| - if token - token_status = true - session[:webview] = true - session[:session_token] = token - end - end - - if !token_status + def check_user + if check_mobile if current_user.nil? - redirect_to root_path + return render status: 401, json: { + message: "User using other device!" + }.to_json + end + else + if current_user.nil? + redirect_to root_path end end end @@ -49,9 +46,13 @@ class BaseOrigamiController < ActionController::Base #check webview def check_mobile status = false - puts "check mobile" - puts session[:session_token] - puts session[:webview] + authenticate_with_http_token do |token, options| + if token + session[:webview] = true + session[:session_token] = token + end + end + if session[:webview] && request.user_agent =~ /android|blackberry|iphone|ipad|ipod|iemobile|mobile|webos/i status = true end diff --git a/app/controllers/concerns/token_verification.rb b/app/controllers/concerns/token_verification.rb index 66658b6a..1d700c8b 100755 --- a/app/controllers/concerns/token_verification.rb +++ b/app/controllers/concerns/token_verification.rb @@ -9,7 +9,7 @@ module TokenVerification protected # Authenticate the user with token based authentication - def authenticate + def authenticate authenticate_token || render_unauthorized end