Module: Virtuatable::Helpers::Sessions

Included in:

Controllers::Base

Defined in:

lib/virtuatable/helpers/sessions.rb

Overview

This helper gives access to methods about user’s session on the API.

Author:

• Vincent Courtois <courtois.vincent@outlook.com>

Instance Method Summary

• #check_current_route_access(tmp_session) ⇒ Object
• #session ⇒ Arkaan::Authentication::Session

  Checks the session of the user requesting the API and returns an error if it either not exists with the given token, or the token is not given.

• #session_model ⇒ Object

Instance Method Details

#check_current_route_access(tmp_session) ⇒ Object

# File 'lib/virtuatable/helpers/sessions.rb', line 27

def check_current_route_access(tmp_session)
  tmp_session.account.groups.each do |group|
    routes_ids = group.routes.map(&:_id)
    return tmp_session if routes_ids.include?(current_route.id)
  end
  api_forbidden('session_id.forbidden')
end

#session ⇒ Arkaan::Authentication::Session

Checks the session of the user requesting the API and returns an error if it either not exists with the given token, or the token is not given.

Returns:

• (Arkaan::Authentication::Session) —

  the current session of the user.

Raises:

• (Virtuatable::API::Errors::NotFound) —

  if the session is not found or the token not given in the parameters of the request.

• (Virtuatable::API::Errors::BadRequest) —

  if the session token is not correctly given in the parameters.

# File 'lib/virtuatable/helpers/sessions.rb', line 17

def session
  return @session unless @session.nil?

  check_presence 'session_id'
  @session = session_model.find_by(session_id: params['session_id'])
  return api_not_found('session_id.unknown') if @session.nil?

  check_current_route_access @session
end

#session_model ⇒ Object

# File 'lib/virtuatable/helpers/sessions.rb', line 35

def session_model
  Arkaan::Authentication::Session
end