diff options
Diffstat (limited to 'users/app')
-rw-r--r-- | users/app/assets/images/leap_web_users/.gitkeep | 0 | ||||
-rw-r--r-- | users/app/assets/javascripts/leap_web_users/.gitkeep | 0 | ||||
m--------- | users/app/assets/javascripts/srp | 0 | ||||
-rw-r--r-- | users/app/assets/stylesheets/leap_web_users/.gitkeep | 0 | ||||
-rw-r--r-- | users/app/controllers/.gitkeep | 0 | ||||
-rw-r--r-- | users/app/controllers/sessions_controller.rb | 30 | ||||
-rw-r--r-- | users/app/controllers/users_controller.rb | 18 | ||||
-rw-r--r-- | users/app/helpers/.gitkeep | 0 | ||||
-rw-r--r-- | users/app/helpers/sessions_helper.rb | 2 | ||||
-rw-r--r-- | users/app/helpers/users_helper.rb | 2 | ||||
-rw-r--r-- | users/app/mailers/.gitkeep | 0 | ||||
-rw-r--r-- | users/app/models/.gitkeep | 0 | ||||
-rw-r--r-- | users/app/models/unauthenticated_user.rb | 4 | ||||
-rw-r--r-- | users/app/models/user.rb | 49 | ||||
-rw-r--r-- | users/app/views/.gitkeep | 0 | ||||
-rw-r--r-- | users/app/views/sessions/new.html.haml | 7 | ||||
-rw-r--r-- | users/app/views/users/new.html.haml | 10 |
17 files changed, 122 insertions, 0 deletions
diff --git a/users/app/assets/images/leap_web_users/.gitkeep b/users/app/assets/images/leap_web_users/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/app/assets/images/leap_web_users/.gitkeep diff --git a/users/app/assets/javascripts/leap_web_users/.gitkeep b/users/app/assets/javascripts/leap_web_users/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/app/assets/javascripts/leap_web_users/.gitkeep diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp new file mode 160000 +Subproject d6a78049f3356d9d645143362eca74434410bf6 diff --git a/users/app/assets/stylesheets/leap_web_users/.gitkeep b/users/app/assets/stylesheets/leap_web_users/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/app/assets/stylesheets/leap_web_users/.gitkeep diff --git a/users/app/controllers/.gitkeep b/users/app/controllers/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/app/controllers/.gitkeep diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb new file mode 100644 index 0000000..e68d798 --- /dev/null +++ b/users/app/controllers/sessions_controller.rb @@ -0,0 +1,30 @@ +class SessionsController < ApplicationController + + skip_before_filter :verify_authenticity_token + + def new + end + + def create + @user = User.find_by_param(params[:login]) + session[:handshake] = @user.initialize_auth(params['A'].hex) + render :json => { :B => session[:handshake].bb.to_s(16) } + rescue RECORD_NOT_FOUND + render :json => {:errors => {:login => ["unknown user"]}} + end + + def update + @user = User.find_by_param(params[:id]) + @server_auth = @user.authenticate!(params[:client_auth].hex, session.delete(:handshake)) + session[:user_id] = @user.id + render :json => {:M2 => @server_auth} + rescue WRONG_PASSWORD + session[:handshake] = nil + render :json => {:errors => {"password" => ["wrong password"]}} + end + + def destroy + session[:user_id] = nil + redirect_to root_path + end +end diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb new file mode 100644 index 0000000..82d2eac --- /dev/null +++ b/users/app/controllers/users_controller.rb @@ -0,0 +1,18 @@ +class UsersController < ApplicationController + + skip_before_filter :verify_authenticity_token + + respond_to :json, :html + + def new + @user = User.new + end + + def create + @user = User.create!(params[:user]) + respond_with(@user, :location => root_url, :notice => "Signed up!") + rescue VALIDATION_FAILED => e + @user = e.document + respond_with(@user, :location => new_user_path) + end +end diff --git a/users/app/helpers/.gitkeep b/users/app/helpers/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/app/helpers/.gitkeep diff --git a/users/app/helpers/sessions_helper.rb b/users/app/helpers/sessions_helper.rb new file mode 100644 index 0000000..309f8b2 --- /dev/null +++ b/users/app/helpers/sessions_helper.rb @@ -0,0 +1,2 @@ +module SessionsHelper +end diff --git a/users/app/helpers/users_helper.rb b/users/app/helpers/users_helper.rb new file mode 100644 index 0000000..2310a24 --- /dev/null +++ b/users/app/helpers/users_helper.rb @@ -0,0 +1,2 @@ +module UsersHelper +end diff --git a/users/app/mailers/.gitkeep b/users/app/mailers/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/app/mailers/.gitkeep diff --git a/users/app/models/.gitkeep b/users/app/models/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/app/models/.gitkeep diff --git a/users/app/models/unauthenticated_user.rb b/users/app/models/unauthenticated_user.rb new file mode 100644 index 0000000..99a6874 --- /dev/null +++ b/users/app/models/unauthenticated_user.rb @@ -0,0 +1,4 @@ +# The nil object for the user class +class UnauthenticatedUser < Object + +end diff --git a/users/app/models/user.rb b/users/app/models/user.rb new file mode 100644 index 0000000..fa64f42 --- /dev/null +++ b/users/app/models/user.rb @@ -0,0 +1,49 @@ +class User < CouchRest::Model::Base + + include SRP::Authentication + + property :login, String, :accessible => true + property :email, String, :accessible => true + property :password_verifier, String, :accessible => true + property :password_salt, String, :accessible => true + + validates :login, :password_salt, :password_verifier, :presence => true + validates :login, :uniqueness => true + + timestamps! + + design do + view :by_login + end + + class << self + def find_by_param(login) + return find_by_login(login) || raise(RECORD_NOT_FOUND) + end + + # valid set of attributes for testing + def valid_attributes_hash + { :login => "me", + :password_verifier => "1234", + :password_salt => "4321" } + end + + end + + def to_param + self.login + end + + def to_json(options={}) + super(options.merge(:only => ['login', 'password_salt'])) + end + + def salt + password_salt.hex + end + + def verifier + password_verifier.hex + end + +end diff --git a/users/app/views/.gitkeep b/users/app/views/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/app/views/.gitkeep diff --git a/users/app/views/sessions/new.html.haml b/users/app/views/sessions/new.html.haml new file mode 100644 index 0000000..39ee7bf --- /dev/null +++ b/users/app/views/sessions/new.html.haml @@ -0,0 +1,7 @@ +%h2=t :login += simple_form_for :session, :url => sessions_path, :html => { :id => :new_session } do |f| + %legend=t :login_message + = f.input :login, :input_html => { :id => :srp_username } + = f.input :password, :required => true, :input_html => { :id => :srp_password } + = f.button :submit, :value => t(:login), :class => 'btn-primary' + = link_to t(:cancel), root_url, :class => :btn diff --git a/users/app/views/users/new.html.haml b/users/app/views/users/new.html.haml new file mode 100644 index 0000000..f6ece3a --- /dev/null +++ b/users/app/views/users/new.html.haml @@ -0,0 +1,10 @@ +%h2=t :signup += simple_form_for @user do |f| + %legend=t :signup_message + = f.input :login, :input_html => { :id => :srp_username } + = f.input :password, :required => true, :input_html => { :id => :srp_password } + = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation } + = f.input :password_verifier, :as => :hidden, :input_html => { :id => :srp_password_verifier } + = f.input :password_salt, :as => :hidden, :input_html => { :id => :srp_salt } + = f.button :submit, :value => t(:signup), :class => 'btn-primary' + = link_to t(:cancel), root_url, :class => :btn |