X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/d2877982a261bc621b57031ad78f4ed10230be3c..93dab8a1272f8c807da841c0a55b37f74b65b8c3:/app/controllers/application.rb

diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index 6cd6dac06..0c8b4f17a 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -2,31 +2,41 @@
 # Likewise, all the methods added will be available for all controllers.
 class ApplicationController < ActionController::Base
 
+  def authorize_web
+    @user = User.find_by_token(session[:token])
+  end
 
-
-  # HTTP AUTH stuff for the API
-  
   def authorize(realm='Web Password', errormessage="Could't authenticate you") 
     username, passwd = get_auth_data 
     # check if authorized 
     # try to get user 
-    if user = User.authenticate(username, passwd) 
+    if @user = User.authenticate(username, passwd) 
       # user exists and password is correct ... horray! 
-      if user.methods.include? 'lastlogin' 
+      if @user.methods.include? 'lastlogin' 
         # note last login 
         @session['lastlogin'] = user.lastlogin 
-        user.last.login = Time.now 
-        user.save() 
-        @session["User.id"] = user.id 
+        @user.last.login = Time.now 
+        @user.save() 
+        @session["User.id"] = @user.id 
       end             
     else 
       # the user does not exist or the password was wrong 
       @response.headers["Status"] = "Unauthorized" 
       @response.headers["WWW-Authenticate"] = "Basic realm=\"#{realm}\"" 
-      render_text(errormessage, 401)       
+      render_text(errormessage, 401)
     end 
   end 
 
+  def get_xml_doc
+    doc = XML::Document.new
+    doc.encoding = 'UTF-8' 
+    root = XML::Node.new 'osm'
+    root['version'] = API_VERSION
+    root['generator'] = 'OpenStreetMap server'
+    doc.root = root
+    return doc
+  end
+
   private 
   def get_auth_data 
     user, pass = '', ''