summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/initializers/add_controller_methods.rb4
-rw-r--r--config/initializers/error_constants.rb3
-rw-r--r--config/initializers/warden.rb10
-rw-r--r--config/initializers/webfinger.rb1
-rw-r--r--config/locales/users.en.yml73
-rw-r--r--config/routes.rb27
6 files changed, 118 insertions, 0 deletions
diff --git a/config/initializers/add_controller_methods.rb b/config/initializers/add_controller_methods.rb
new file mode 100644
index 0000000..f572ecb
--- /dev/null
+++ b/config/initializers/add_controller_methods.rb
@@ -0,0 +1,4 @@
+ActiveSupport.on_load(:application_controller) do
+ include ControllerExtension::Authentication
+ include ControllerExtension::TokenAuthentication
+end
diff --git a/config/initializers/error_constants.rb b/config/initializers/error_constants.rb
new file mode 100644
index 0000000..fdd3624
--- /dev/null
+++ b/config/initializers/error_constants.rb
@@ -0,0 +1,3 @@
+require 'ruby-srp'
+
+WRONG_PASSWORD = SRP::WrongPassword
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb
new file mode 100644
index 0000000..22892b3
--- /dev/null
+++ b/config/initializers/warden.rb
@@ -0,0 +1,10 @@
+require "warden/session_serializer"
+require "warden/strategies/secure_remote_password"
+
+Rails.configuration.middleware.use RailsWarden::Manager do |config|
+ config.default_strategies :secure_remote_password
+ config.failure_app = SessionsController
+end
+
+RailsWarden.unauthenticated_action = :new
+
diff --git a/config/initializers/webfinger.rb b/config/initializers/webfinger.rb
new file mode 100644
index 0000000..197062c
--- /dev/null
+++ b/config/initializers/webfinger.rb
@@ -0,0 +1 @@
+require 'webfinger'
diff --git a/config/locales/users.en.yml b/config/locales/users.en.yml
new file mode 100644
index 0000000..ed6653a
--- /dev/null
+++ b/config/locales/users.en.yml
@@ -0,0 +1,73 @@
+en:
+ account_settings: "Account Settings"
+ logout: "Logout"
+ none: "None"
+ signup: "Sign Up"
+ signup_message: "Please create an account."
+ cancel: "Cancel"
+ login: "Log In"
+ username: "Username"
+ password: "Password"
+ change_password: "Change Password"
+ login_message: "Please log in with your account."
+ invalid_user_pass: "Not a valid username/password combination"
+ invalid_ephemeral: "Invalid random key used. This looked like an attempt to hack the site to us. If it wasn't please contact support so we can look into the issue."
+ all_strategies_failed: "Could not understand your login attempt. Please first send your login and a SRP ephemeral value A and then send the client_auth in the same session (using cookies)."
+ update_login_and_password: "Update Login and Password"
+ destroy_my_account: "Destroy my account"
+ destroy_account_info: "This will permanently destroy your account and all the data associated with it. Proceed with caution!"
+ admin_destroy_account: "Destroy the account %{username}"
+ account_destroyed: "The account has been destroyed successfully."
+ set_email_address: "Set email address"
+ forward_email: "Forward Email"
+ email_aliases: "Email Aliases"
+ public_key: "Public Key"
+ add_email_alias: "Add Email Alias"
+ user_updated_successfully: "Settings have been updated successfully."
+ user_created_successfully: "Successfully created your account."
+ email_alias_destroyed_successfully: "Removed email alias %{alias}."
+ use_ascii_key: "OpenPGP public key. Do not change this value unless you know what you are doing."
+ advanced_options: "Advanced Options"
+ not_authorized: "Sorry, but you are not authorized to perform that action."
+ not_authorized_login: "Please log in to perform that action."
+ search: "Search"
+ cookie_disabled_warning: "You have cookies disabled. You will not be able to login until you enable cookies."
+ js_required_html: "We are sorry, but this doesn't work without javascript enabled. This is because the authentication system used, <a href='http://srp.stanford.edu/'>SRP</a>, requires javascript."
+ enable_account: "Enable the account %{username}"
+ enable_description: "This will restore the account to full functionality"
+ deactivate_account: "Deactivate the account %{username}"
+ deactivate_description: "This will temporarily deactivate some account functionality." #todo detail exact functionality. can receive email but not send or renew client certificate?
+ payment_one_month_warning: "We hope you have been enjoying this service this past month. Please sign up to pay within the next month, by %{date_in_one_month}. Directions for payment are available at INSERT_URL"
+ bye: "Goodbye!"
+ bye_message: "So long and thanks for all the fish."
+
+ #
+ # overview
+ #
+ overview_welcome: "Welcome %{username}."
+ overview_intro: "From this user control panel, you can:"
+ overview_tickets: "Create and check support tickets."
+ overview_email: "Modify email settings."
+ overview_account: "Delete your account."
+
+ #
+ # rails
+ #
+ activemodel:
+ models:
+ user:
+ one: User
+ other: "%{count} Users"
+ simple_form:
+ labels:
+ user:
+ email_forward: "Email Forward"
+ hints:
+ user:
+ email_forward: >
+ Forward all email messages to this address. Messages will be encrypted before being forwarded.
+ This is an option for advanced users who are familar with OpenPGP.
+ placeholders:
+ user:
+ email_forward: "my_other_email@domain.net"
+
diff --git a/config/routes.rb b/config/routes.rb
index f8bb8fb..05eca9b 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -16,4 +16,31 @@ LeapWeb::Application.routes.draw do
end
get '/provider.json' => 'static_config#provider'
+
+ namespace "api", { module: "v1",
+ path: "/1/",
+ defaults: {format: 'json'} } do
+ resources :sessions, :only => [:new, :create, :update]
+ delete "logout" => "sessions#destroy", :as => "logout"
+ resources :users, :only => [:create, :update, :destroy, :index]
+ resources :messages, :only => [:index, :update]
+ end
+
+ scope "(:locale)", :locale => MATCH_LOCALE do
+ get "login" => "sessions#new", :as => "login"
+ delete "logout" => "sessions#destroy", :as => "logout"
+
+ get "signup" => "users#new", :as => "signup"
+ resources :users, :except => [:create, :update] do
+ # resource :email_settings, :only => [:edit, :update]
+ # resources :email_aliases, :only => [:destroy], :id => /.*/
+ post 'deactivate', on: :member
+ post 'enable', on: :member
+ end
+ end
+
+ get "/.well-known/host-meta" => 'webfinger#host_meta'
+ get "/webfinger" => 'webfinger#search'
+ get "/key/:login" => 'keys#show'
+
end