Author: tchemit Date: 2014-04-16 11:38:49 +0200 (Wed, 16 Apr 2014) New Revision: 441 Url: http://forge.nuiton.org/projects/jredmine/repository/revisions/441 Log: refs #3151 (fix old login way) Modified: trunk/jredmine-client/src/main/redmine/jredmine-2.x/app/controllers/jredmine_controller.rb Modified: trunk/jredmine-client/src/main/redmine/jredmine-2.x/app/controllers/jredmine_controller.rb =================================================================== --- trunk/jredmine-client/src/main/redmine/jredmine-2.x/app/controllers/jredmine_controller.rb 2014-04-16 08:42:27 UTC (rev 440) +++ trunk/jredmine-client/src/main/redmine/jredmine-2.x/app/controllers/jredmine_controller.rb 2014-04-16 09:38:49 UTC (rev 441) @@ -54,6 +54,7 @@ end # Login request and validation + # Deprecated since 1.7, will be removed in version 2.0 def login if !request.post? # Logout user : get method not possible @@ -81,6 +82,7 @@ end # Log out current user and redirect to welcome page + # Deprecated since 1.7, will be removed in version 2.0 def logout cookies.delete :autologin Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged? @@ -488,6 +490,35 @@ User.current = user end + # Returns the current user or nil if no user is logged in + # Deprecated since 1.7, will be removed in version 2.0 + def find_current_user + user = nil + if session[:user_id] + # existing session + user = (User.active.find(session[:user_id]) rescue nil) + elsif cookies[:autologin] + # auto-login feature + user = User.find_by_autologin_key(cookies[:autologin]) + end + if user.nil? && Setting.rest_api_enabled? + if (key = api_key_from_request) + # Use API key + user = User.find_by_api_key(key) + else + # HTTP Basic, either username/password or API key/random + authenticate_with_http_basic do |username, password| + user = User.try_to_login(username, password) || User.find_by_api_key(username) + end + end + end + if user.nil? + # Last chance using request params + user = User.try_to_login(params[:username], params[:password]) + end + user + end + # Returns the API key present in the request def api_key_from_request if params[:key].present?