Stores the requested page before signing in and redirect the user to the stored uri after.

2026-01-22 21:28:01 -05:00 · 2009-10-17 11:12:50 -03:00
parent abfb33a040
commit a5cb147eb2
8 changed files with 60 additions and 32 deletions
--- a/lib/devise/controllers/filters.rb
+++ b/lib/devise/controllers/filters.rb
@@ -10,31 +10,26 @@ module Devise
      end

      # The main accessor for the warden proxy instance
-      #
      def warden
        request.env['warden']
      end

      # Sign in a user through warden
-      #
      def sign_in(scope)
        warden.authenticate(:scope => scope)
      end

      # Check if a user is authenticated or not performing the proper action.
-      #
      def sign_in!(scope)
        warden.authenticate!(:scope => scope)
      end

      # Proxy to the authenticated? method on warden
-      #
      def signed_in?(scope)
        warden.authenticated?(scope)
      end

      # Sign out based on scope
-      #
      def sign_out(scope, *args)
        warden.raw_session.inspect # Without this inspect here. The session does not clear.
        warden.logout(scope, *args)
@@ -58,7 +53,6 @@ module Devise
      #   Use:
      #     before_filter :sign_in_user! # Tell devise to use :user map
      #     before_filter :sign_in_admin! # Tell devise to use :admin map
-      #
      Devise.mappings.each_key do |mapping|
        class_eval <<-METHODS, __FILE__, __LINE__
          def sign_in_#{mapping}!
@@ -79,15 +73,31 @@ module Devise
      #
      # Example:
      #   before_filter :require_no_authentication, :only => :new
-      #
      def require_no_authentication
        redirect_to root_path if warden.authenticated?(resource_name)
      end

+      # Checks whether it's a devise mapped resource or not.
      def is_devise_resource?
        raise ActionController::UnknownAction unless devise_mapping && devise_mapping.allows?(controller_name)
      end

+      # Redirects to stored uri before signing in or the default path and clear
+      # return to.
+      def redirect_back_or_to(default)
+        redirect_to(return_to || default)
+        clear_return_to
+      end
+
+      # Access to scoped stored uri
+      def return_to
+        session[:"#{resource_name}.return_to"]
+      end
+
+      # Clear scoped stored uri
+      def clear_return_to
+        session[:"#{resource_name}.return_to"] = nil
+      end
    end
  end
 end
--- a/lib/devise/initializers/warden.rb
+++ b/lib/devise/initializers/warden.rb
@@ -1,6 +1,5 @@
 # Taken from RailsWarden, thanks to Hassox.
 # http://github.com/hassox/rails_warden
-#
 module Warden::Mixins::Common
  # Gets the rails request object by default if it's available
  def request
@@ -25,19 +24,16 @@ end
 # Session Serialization in. This block determines how the user will be stored
 # in the session. If you're using a complex object like an ActiveRecord model,
 # it is not a good idea to store the complete object. An ID is sufficient.
-#
 Warden::Manager.serialize_into_session{ |user| [user.class, user.id] }

 # Session Serialization out. This block gets the user out of the session.
 # It should be the reverse of serializing the object into the session
-#
 Warden::Manager.serialize_from_session do |klass, id|
  klass.find(id)
 end

 # Default strategy for signing in a user, based on his email and password.
-# If no email and no password are present, no authentication is tryed.
-#
+# If no email and no password are present, no authentication is attempted.
 Warden::Strategies.add(:authenticable) do

  def valid?
@@ -48,33 +44,37 @@ Warden::Strategies.add(:authenticable) do

  # Authenticate a user based on email and password params, returning to warden
  # success and the authenticated user if everything is okay. Otherwise redirect
-  # to login page.
-  #
+  # to sign in page.
  def authenticate!
-    if valid_session? && resource = @mapping.to.authenticate(session)
+    if valid_attributes? && resource = @mapping.to.authenticate(attributes)
      success!(resource)
    else
+      store_location
      redirect!("/#{@mapping.as}/sign_in", :unauthenticated => true)
    end
  end

-  # Find the session for the current mapping.
-  #
-  def session
-    @session ||= request.params[scope]
+  # Find the attributes for the current mapping.
+  def attributes
+    @attributes ||= request.params[scope]
  end

  # Check for the right keys.
-  #
-  def valid_session?
-    session && session[:email].present? && session[:password].present?
+  def valid_attributes?
+    attributes && attributes[:email].present? && attributes[:password].present?
  end

+  # Stores requested uri to redirect the user after signing in. We cannot use
+  # scoped session provided by warden here, since the user is not authenticated
+  # yet, but we still need to store the uri based on scope, so different scopes
+  # would never use the same uri to redirect.
+  def store_location
+    session[:"#{@mapping.name}.return_to"] = request.request_uri if request.get?
+  end
 end

 # Adds Warden Manager to Rails middleware stack, configuring default devise
 # strategy and also the controller who will manage not authenticated users.
-#
 Rails.configuration.middleware.use Warden::Manager do |manager|
  manager.default_strategies :authenticable
  manager.failure_app = SessionsController