diff --git a/app/controllers/concerns/authentication.rb b/app/controllers/concerns/authentication.rb index 58d101bc2..219ae1360 100644 --- a/app/controllers/concerns/authentication.rb +++ b/app/controllers/concerns/authentication.rb @@ -32,7 +32,7 @@ module Authentication private def authenticated? - Current.session.present? + Current.identity.present? end def require_account @@ -42,11 +42,11 @@ module Authentication end def require_authentication - resume_session || request_authentication + resume_session || authenticate_by_bearer_token || request_authentication end def resume_session - if session = find_session_by_cookie || find_session_by_bearer_token + if session = find_session_by_cookie set_current_session session end end @@ -55,9 +55,11 @@ module Authentication Session.find_signed(cookies.signed[:session_token]) end - def find_session_by_bearer_token + def authenticate_by_bearer_token if request_authorized_by_bearer_token? - Identity::AccessToken.find_by(token: authorization_bearer_token)&.session + if access_token = Identity::AccessToken.find_by(token: authorization_bearer_token) + Current.identity = access_token.identity + end end end diff --git a/app/models/current.rb b/app/models/current.rb index 47f2b6c21..34c79d7d9 100644 --- a/app/models/current.rb +++ b/app/models/current.rb @@ -1,5 +1,5 @@ class Current < ActiveSupport::CurrentAttributes - attribute :session, :user, :account + attribute :session, :user, :identity, :account attribute :http_method, :request_id, :user_agent, :ip_address, :referrer delegate :identity, to: :session, allow_nil: true @@ -8,6 +8,14 @@ class Current < ActiveSupport::CurrentAttributes super(value) if value.present? && account.present? + self.identity = session.identity + end + end + + def identity=(identity) + super(identity) + + if identity.present? self.user = identity.users.find_by(account: account) end end