class ApplicationController < ActionController::Base
protect_from_forgery
+ protect_from_forgery with: :null_session, if: Proc.new {|c| c.request.format == 'application/json'}
layout :devise_layout
before_action :bf
+ before_action :authenticate_user_from_token!, if: -> {params[:email].present? or request.headers[:email]}
def devise_layout
if devise_controller?
@operators = Operator.new [user, author, artist, admin, demand_user]
end
+ def authenticate_user_from_token!
+ user = User.find_by(email: (params[:email] or request.headers[:email]))
+ if Devise.secure_compare(user.try(:authentication_token), (params[:token] or request.headers[:token]))
+ sign_in user, store: false
+ self.bf
+ end
+ end
+
def authenticate_reader
authenticate_user! unless @operators.reader?
end
res = {
:page_status => {
:type => :default, :total => @finder.total_count, :total_page => @finder.total_pages,
- :page => @finder.page, :page_size => @finder.limit_value,
+ :page => @finder.current_page, :page_size => @finder.limit_value,
:item_name => @my_action.return_item_name
},
# rails3.2 has problem