8 files changed, 91 insertions, 46 deletions
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..3ea47bb
--- /dev/null
+++ b/README.md
@@ -0,0 +1,65 @@
+LEAP Web
+---------------------
+
+"LEAP Web" is the web-based component of the LEAP Platform, providing the following services:
+
+* REST API for user registration.
+* Admin interface to manage users.
+* Client certificate distribution and renewal.
+* User support help tickets.
+
+This web application is written in Ruby on Rails 3, using CouchDB as the backend data store.
+
+Original code specific to this web application is licensed under the GNU Affero General Public License (version 3.0 or higher). See http://www.gnu.org/licenses/agpl-3.0.html for more information.
+
+Documentation
+---------------------------
+
+For more information, see these files in the ``doc`` directory:
+
+* DEPLOY -- for notes on deployment.
+* DEVELOP -- for developer notes.
+* CUSTOM -- how to customize.
+
+Installation
+---------------------------
+
+Typically, this application is installed automatically as part of the LEAP Platform. To install it manually for testing or development, follow these instructions:
+
+### Install system requirements
+
+    sudo apt-get install git ruby1.8 rubygems1.8 couchdb
+    sudo gem bundler
+
+On Debian Wheezy or later, there is a Debian package for bundler, so you can alternately run ``sudo apt-get install bundler``.
+
+### Download source
+
+    git clone git://leap.se/leap_web
+    cd leap_web
+    git submodule update --init
+
+### Install required ruby libraries
+
+    cd leap_web
+    bundle
+
+Typically, you run ``bundle`` as a normal user and it will ask you for a sudo password when it is time to install the required gems. If you don't have sudo, run ``bundle`` as root.
+
+Configuration
+----------------------------
+
+The webapp can hand out certs for the EIP client. These certs are either picked from a pool in CouchDB or from a file. For now you can either run [Leap CA](http://github.com/leapcode/leap_ca) to fill the pool or you can put your certs file in config/cert.
+
+We also ship provider information through the webapp. For now please add your eip-service.json to the public/config directory.
+
+Running
+-----------------------------
+
+    cd leap_web
+    rails server
+
+Then open http://localhost:3000 in your web browser.
+
+To peruse the database, visit http://localhost:5984/_utils/
+
diff --git a/Readme.md b/Readme.md
deleted file mode 100644
index 8b51b4d..0000000
--- a/Readme.md
+++ /dev/null
@@ -1,24 +0,0 @@
-# Leap Web #
-
-Web application for LEAP. Currently Leap Web allows Leap providers to manage users, hand out certs for the EIP.
-
-## Functions ##
-
-### Supported ###
-
-* *User Management* - User Registration and Authentication
-* *Cert Distribution* - Certs for the Encrypted Internet Proxy
-
-### Under Development ###
-
-* *Help Desk* - Managing Help Requests
-
-
-## Documentation ##
-
-* [INSTALL](https://github.com/leapcode/leap_web/blob/master/INSTALL.md) for installation instructions
-* [DEPLOY](https://github.com/leapcode/leap_web/blob/master/DEPLOY.md) for deployment
-* [DEVELOP](https://github.com/leapcode/leap_web/blob/master/DEVELOP.md) for developer notes.
-* [CUSTOM](https://github.com/leapcode/leap_web/blob/master/CUSTOM.md) to customize.
-
-
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 693bd86..be7aa1f 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,10 +1,5 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
 
-  helper_method :current_user
-
-  private
-  def current_user
-    @current_user ||= User.find(session[:user_id]) if session[:user_id]
-  end
+  ActiveSupport.run_load_hooks(:application_controller, self)
 end
diff --git a/app/views/home/index.html.haml b/app/views/home/index.html.haml
index 34fb201..9e68674 100644
--- a/app/views/home/index.html.haml
+++ b/app/views/home/index.html.haml
@@ -8,4 +8,4 @@ Try to create a
 
 %p
 See all 
-= link_to "tickets", tickets_path
-\ No newline at end of file
+= link_to "tickets", tickets_path
diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb
deleted file mode 100644
index 64e1a55..0000000
--- a/users/app/controllers/application_controller.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-class ApplicationController < ActionController::Base
-  protect_from_forgery
-
-  private
-
-  def current_user
-    @current_user ||= User.find(session[:user_id]) if session[:user_id]
-  end
-  helper_method :current_user
-
-  def authorize
-    redirect_to login_url, alert: "Not authorized" if current_user.nil?
-  end
-end
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
new file mode 100644
index 0000000..507b62f
--- /dev/null
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -0,0 +1,17 @@
+module ControllerExtension::Authentication
+  extend ActiveSupport::Concern
+
+  private
+
+  included do
+    helper_method :current_user
+  end
+
+  def current_user
+    @current_user ||= User.find(session[:user_id]) if session[:user_id]
+  end
+
+  def authorize
+    redirect_to login_url, :alert => "Not authorized" if current_user.nil?
+  end
+end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 29c0b38..a06893f 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -44,7 +44,10 @@ class User < CouchRest::Model::Base
   end
 
   def to_json(options={})
-    super(options.merge(:only => ['login', 'password_salt']))
+    {
+      :login => login,
+      :ok => valid?
+    }.to_json(options)
   end
 
   def initialize_auth(aa)
diff --git a/users/config/initializers/add_controller_methods.rb b/users/config/initializers/add_controller_methods.rb
new file mode 100644
index 0000000..2579176
--- /dev/null
+++ b/users/config/initializers/add_controller_methods.rb
@@ -0,0 +1,3 @@
+ActiveSupport.on_load(:application_controller) do
+  include ControllerExtension::Authentication
+end