github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-09 23:08:05 -05:00
Code Issues Packages Projects Releases Wiki Activity

Returning WWW-authenticate on ajaxs calls depends only on Devise.http_authenticatable_on_xhr config

Browse Source
This commit is contained in:
Santiago Pastorino
2010-08-31 23:44:19 +08:00
committed by José Valim
parent bf122d8fea
commit 5fb5efbd42
2 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/devise/failure_app.rb
View File

@@ -68,7 +68,11 @@ module Devise
end
def http_auth?
!Devise.navigational_formats.include?(request.format.to_sym) || (Devise.http_authenticatable_on_xhr && request.xhr?)
if request.xhr?
Devise.http_authenticatable_on_xhr
else
!Devise.navigational_formats.include?(request.format.to_sym)
end
end
def http_auth_body

9
test/failure_app_test.rb
View File

@@ -86,6 +86,15 @@ class FailureTest < ActiveSupport::TestCase
end
end
test 'dont return WWW-authenticate on ajax call with formats => json if http_authenticatable_on_xhr false' do
swap Devise, :http_authenticatable_on_xhr => false do
call_failure('formats' => :json, 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest')
assert_equal 302, @response.first
assert_equal 'http://test.host/users/sign_in', @response.second["Location"]
assert_nil @response.second['WWW-Authenticate']
end
end
test 'return WWW-authenticate on ajax call if http_authenticatable_on_xhr true' do
swap Devise, :http_authenticatable_on_xhr => true do
call_failure('formats' => :html, 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest')