summaryrefslogtreecommitdiff
path: root/app/controllers/v1
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/v1')
-rw-r--r--app/controllers/v1/certs_controller.rb50
-rw-r--r--app/controllers/v1/messages_controller.rb25
-rw-r--r--app/controllers/v1/sessions_controller.rb45
-rw-r--r--app/controllers/v1/users_controller.rb32
4 files changed, 152 insertions, 0 deletions
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
new file mode 100644
index 0000000..64cfa7f
--- /dev/null
+++ b/app/controllers/v1/certs_controller.rb
@@ -0,0 +1,50 @@
+class V1::CertsController < ApplicationController
+
+ before_filter :require_login, :unless => :anonymous_certs_allowed?
+
+ # GET /cert
+ def show
+ @cert = ClientCertificate.new(:prefix => certificate_prefix)
+ render text: @cert.to_s, content_type: 'text/plain'
+ end
+
+ protected
+
+ def anonymous_certs_allowed?
+ APP_CONFIG[:allow_anonymous_certs]
+ end
+ #
+ # this is some temporary logic until we store the service level in the user db.
+ #
+ # better logic might look like this:
+ #
+ # if logged_in?
+ # service_level = user.service_level
+ # elsif allow_anonymous?
+ # service_level = service_levels[:anonymous]
+ # else
+ # service_level = nil
+ # end
+ #
+ # if service_level.bandwidth == 'limited' && allow_limited?
+ # prefix = limited
+ # elsif allow_unlimited?
+ # prefix = unlimited
+ # else
+ # prefix = nil
+ # end
+ #
+ def certificate_prefix
+ if logged_in?
+ if APP_CONFIG[:allow_unlimited_certs]
+ APP_CONFIG[:unlimited_cert_prefix]
+ elsif APP_CONFIG[:allow_limited_certs]
+ APP_CONFIG[:limited_cert_prefix]
+ end
+ elsif !APP_CONFIG[:allow_limited_certs]
+ APP_CONFIG[:unlimited_cert_prefix]
+ else
+ APP_CONFIG[:limited_cert_prefix]
+ end
+ end
+end
diff --git a/app/controllers/v1/messages_controller.rb b/app/controllers/v1/messages_controller.rb
new file mode 100644
index 0000000..f71d0f1
--- /dev/null
+++ b/app/controllers/v1/messages_controller.rb
@@ -0,0 +1,25 @@
+module V1
+ class MessagesController < ApplicationController
+
+ skip_before_filter :verify_authenticity_token
+ before_filter :require_token
+
+ respond_to :json
+
+ def index
+ render json: (current_user ? current_user.messages : [] )
+ end
+
+ def update
+ message = Message.find(params[:id])
+ if (message and current_user)
+ message.mark_as_read_by(current_user)
+ message.save
+ render json: true
+ else
+ render json: false
+ end
+ end
+
+ end
+end
diff --git a/app/controllers/v1/sessions_controller.rb b/app/controllers/v1/sessions_controller.rb
new file mode 100644
index 0000000..eae3a1e
--- /dev/null
+++ b/app/controllers/v1/sessions_controller.rb
@@ -0,0 +1,45 @@
+module V1
+ class SessionsController < ApplicationController
+
+ skip_before_filter :verify_authenticity_token
+ before_filter :require_token, only: :destroy
+
+ def new
+ @session = Session.new
+ if authentication_errors
+ @errors = authentication_errors
+ render :status => 422
+ end
+ end
+
+ def create
+ logout if logged_in?
+ if params['A']
+ authenticate!
+ else
+ @user = User.find_by_login(params['login'])
+ render :json => {salt: @user.salt}
+ end
+ end
+
+ def update
+ authenticate!
+ @token = Token.create(:user_id => current_user.id)
+ session[:token] = @token.id
+ render :json => login_response
+ end
+
+ def destroy
+ logout
+ head :no_content
+ end
+
+ protected
+
+ def login_response
+ handshake = session.delete(:handshake) || {}
+ handshake.to_hash.merge(:id => current_user.id, :token => @token.id)
+ end
+
+ end
+end
diff --git a/app/controllers/v1/users_controller.rb b/app/controllers/v1/users_controller.rb
new file mode 100644
index 0000000..8897d01
--- /dev/null
+++ b/app/controllers/v1/users_controller.rb
@@ -0,0 +1,32 @@
+module V1
+ class UsersController < UsersBaseController
+
+ skip_before_filter :verify_authenticity_token
+ before_filter :fetch_user, :only => [:update]
+ before_filter :require_admin, :only => [:index]
+ before_filter :require_token, :only => [:update]
+
+ respond_to :json
+
+ # used for autocomplete for admins in the web ui
+ def index
+ if params[:query]
+ @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ)
+ respond_with @users.map(&:login).sort
+ else
+ render :json => {'error' => 'query required', 'status' => :unprocessable_entity}
+ end
+ end
+
+ def create
+ @user = Account.create(params[:user])
+ respond_with @user # return ID instead?
+ end
+
+ def update
+ @user.account.update params[:user]
+ respond_with @user
+ end
+
+ end
+end