mirror of
https://github.com/discourse/discourse.git
synced 2024-12-15 16:53:53 +08:00
30990006a9
This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging
50 lines
1.0 KiB
Ruby
50 lines
1.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module CurrentUser
|
|
|
|
def self.has_auth_cookie?(env)
|
|
Discourse.current_user_provider.new(env).has_auth_cookie?
|
|
end
|
|
|
|
def self.lookup_from_env(env)
|
|
Discourse.current_user_provider.new(env).current_user
|
|
end
|
|
|
|
# can be used to pretend current user does no exist, for CSRF attacks
|
|
def clear_current_user
|
|
@current_user_provider = Discourse.current_user_provider.new({})
|
|
end
|
|
|
|
def log_on_user(user, opts = {})
|
|
current_user_provider.log_on_user(user, session, cookies, opts)
|
|
user.logged_in
|
|
end
|
|
|
|
def log_off_user
|
|
current_user_provider.log_off_user(session, cookies)
|
|
end
|
|
|
|
def is_api?
|
|
current_user_provider.is_api?
|
|
end
|
|
|
|
def is_user_api?
|
|
current_user_provider.is_user_api?
|
|
end
|
|
|
|
def current_user
|
|
current_user_provider.current_user
|
|
end
|
|
|
|
def refresh_session(user)
|
|
current_user_provider.refresh_session(user, session, cookies)
|
|
end
|
|
|
|
private
|
|
|
|
def current_user_provider
|
|
@current_user_provider ||= Discourse.current_user_provider.new(request.env)
|
|
end
|
|
|
|
end
|