Commit 2b22187

mo <mo.khan@gmail.com>
2017-12-24 23:33:35
require authentication to visit dashboard.
main
1 parent 0a3c624
Changed files (4)
app
controllers
application_controller.rb
metadata_controller.rb
registrations_controller.rb
sessions_controller.rb
app/controllers/application_controller.rb
@@ -1,6 +1,7 @@
 class ApplicationController < ActionController::Base
   include SamlRespondable
   protect_from_forgery with: :exception
+  before_action :authenticate!
 
   def render_error(status, model: nil)
     @model = model
@@ -18,4 +19,10 @@ class ApplicationController < ActionController::Base
   def current_user?
     current_user.present?
   end
+
+  private
+
+  def authenticate!
+    redirect_to new_session_path unless current_user?
+  end
 end
app/controllers/metadata_controller.rb
@@ -1,5 +1,6 @@
 class MetadataController < ApplicationController
   force_ssl if: :ssl_configured?
+  skip_before_action :authenticate!
 
   def show
     render xml: to_xml, content_type: "application/samlmetadata+xml"
app/controllers/registrations_controller.rb
@@ -1,4 +1,6 @@
 class RegistrationsController < ApplicationController
+  skip_before_action :authenticate!
+
   def new
     @user = User.new
   end
app/controllers/sessions_controller.rb
@@ -1,5 +1,6 @@
 class SessionsController < ApplicationController
   skip_before_action :verify_authenticity_token, only: [:new, :destroy]
+  skip_before_action :authenticate!, only: [:new, :create, :destroy]
 
   def new
     binding = binding_for(request.post? ? :http_post : :http_redirect, new_session_url)