summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
Diffstat (limited to 'users')
-rw-r--r--users/config/initializers/add_controller_methods.rb4
-rw-r--r--users/config/initializers/error_constants.rb1
-rw-r--r--users/config/initializers/warden.rb7
-rw-r--r--users/config/locales/en.yml73
-rw-r--r--users/config/routes.rb29
-rw-r--r--users/lib/leap_web_users.rb4
-rw-r--r--users/lib/leap_web_users/engine.rb14
-rw-r--r--users/lib/tasks/leap_web_users_tasks.rake10
-rw-r--r--users/lib/warden/session_serializer.rb13
-rw-r--r--users/lib/warden/strategies/secure_remote_password.rb81
-rw-r--r--users/lib/webfinger.rb6
-rw-r--r--users/lib/webfinger/host_meta_presenter.rb30
-rw-r--r--users/lib/webfinger/user_presenter.rb35
-rwxr-xr-xusers/script/rails8
14 files changed, 0 insertions, 315 deletions
diff --git a/users/config/initializers/add_controller_methods.rb b/users/config/initializers/add_controller_methods.rb
deleted file mode 100644
index f572ecb..0000000
--- a/users/config/initializers/add_controller_methods.rb
+++ /dev/null
@@ -1,4 +0,0 @@
-ActiveSupport.on_load(:application_controller) do
- include ControllerExtension::Authentication
- include ControllerExtension::TokenAuthentication
-end
diff --git a/users/config/initializers/error_constants.rb b/users/config/initializers/error_constants.rb
deleted file mode 100644
index d4a0f52..0000000
--- a/users/config/initializers/error_constants.rb
+++ /dev/null
@@ -1 +0,0 @@
-WRONG_PASSWORD = SRP::WrongPassword
diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb
deleted file mode 100644
index 45feb6c..0000000
--- a/users/config/initializers/warden.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-Rails.configuration.middleware.use RailsWarden::Manager do |config|
- config.default_strategies :secure_remote_password
- config.failure_app = SessionsController
-end
-
-RailsWarden.unauthenticated_action = :new
-
diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml
deleted file mode 100644
index ed6653a..0000000
--- a/users/config/locales/en.yml
+++ /dev/null
@@ -1,73 +0,0 @@
-en:
- account_settings: "Account Settings"
- logout: "Logout"
- none: "None"
- signup: "Sign Up"
- signup_message: "Please create an account."
- cancel: "Cancel"
- login: "Log In"
- username: "Username"
- password: "Password"
- change_password: "Change Password"
- login_message: "Please log in with your account."
- invalid_user_pass: "Not a valid username/password combination"
- invalid_ephemeral: "Invalid random key used. This looked like an attempt to hack the site to us. If it wasn't please contact support so we can look into the issue."
- all_strategies_failed: "Could not understand your login attempt. Please first send your login and a SRP ephemeral value A and then send the client_auth in the same session (using cookies)."
- update_login_and_password: "Update Login and Password"
- destroy_my_account: "Destroy my account"
- destroy_account_info: "This will permanently destroy your account and all the data associated with it. Proceed with caution!"
- admin_destroy_account: "Destroy the account %{username}"
- account_destroyed: "The account has been destroyed successfully."
- set_email_address: "Set email address"
- forward_email: "Forward Email"
- email_aliases: "Email Aliases"
- public_key: "Public Key"
- add_email_alias: "Add Email Alias"
- user_updated_successfully: "Settings have been updated successfully."
- user_created_successfully: "Successfully created your account."
- email_alias_destroyed_successfully: "Removed email alias %{alias}."
- use_ascii_key: "OpenPGP public key. Do not change this value unless you know what you are doing."
- advanced_options: "Advanced Options"
- not_authorized: "Sorry, but you are not authorized to perform that action."
- not_authorized_login: "Please log in to perform that action."
- search: "Search"
- cookie_disabled_warning: "You have cookies disabled. You will not be able to login until you enable cookies."
- js_required_html: "We are sorry, but this doesn't work without javascript enabled. This is because the authentication system used, <a href='http://srp.stanford.edu/'>SRP</a>, requires javascript."
- enable_account: "Enable the account %{username}"
- enable_description: "This will restore the account to full functionality"
- deactivate_account: "Deactivate the account %{username}"
- deactivate_description: "This will temporarily deactivate some account functionality." #todo detail exact functionality. can receive email but not send or renew client certificate?
- payment_one_month_warning: "We hope you have been enjoying this service this past month. Please sign up to pay within the next month, by %{date_in_one_month}. Directions for payment are available at INSERT_URL"
- bye: "Goodbye!"
- bye_message: "So long and thanks for all the fish."
-
- #
- # overview
- #
- overview_welcome: "Welcome %{username}."
- overview_intro: "From this user control panel, you can:"
- overview_tickets: "Create and check support tickets."
- overview_email: "Modify email settings."
- overview_account: "Delete your account."
-
- #
- # rails
- #
- activemodel:
- models:
- user:
- one: User
- other: "%{count} Users"
- simple_form:
- labels:
- user:
- email_forward: "Email Forward"
- hints:
- user:
- email_forward: >
- Forward all email messages to this address. Messages will be encrypted before being forwarded.
- This is an option for advanced users who are familar with OpenPGP.
- placeholders:
- user:
- email_forward: "my_other_email@domain.net"
-
diff --git a/users/config/routes.rb b/users/config/routes.rb
deleted file mode 100644
index 2819fa9..0000000
--- a/users/config/routes.rb
+++ /dev/null
@@ -1,29 +0,0 @@
-Rails.application.routes.draw do
-
- namespace "api", { module: "v1",
- path: "/1/",
- defaults: {format: 'json'} } do
- resources :sessions, :only => [:new, :create, :update]
- delete "logout" => "sessions#destroy", :as => "logout"
- resources :users, :only => [:create, :update, :destroy, :index]
- resources :messages, :only => [:index, :update]
- end
-
- scope "(:locale)", :locale => MATCH_LOCALE do
- get "login" => "sessions#new", :as => "login"
- delete "logout" => "sessions#destroy", :as => "logout"
-
- get "signup" => "users#new", :as => "signup"
- resources :users, :except => [:create, :update] do
- # resource :email_settings, :only => [:edit, :update]
- # resources :email_aliases, :only => [:destroy], :id => /.*/
- post 'deactivate', on: :member
- post 'enable', on: :member
- end
- end
-
- get "/.well-known/host-meta" => 'webfinger#host_meta'
- get "/webfinger" => 'webfinger#search'
- get "/key/:login" => 'keys#show'
-
-end
diff --git a/users/lib/leap_web_users.rb b/users/lib/leap_web_users.rb
deleted file mode 100644
index e1b7b1f..0000000
--- a/users/lib/leap_web_users.rb
+++ /dev/null
@@ -1,4 +0,0 @@
-require "leap_web_users/engine"
-
-module LeapWebUsers
-end
diff --git a/users/lib/leap_web_users/engine.rb b/users/lib/leap_web_users/engine.rb
deleted file mode 100644
index a2be168..0000000
--- a/users/lib/leap_web_users/engine.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-# thou shall require all your dependencies in an engine.
-require "rails_warden"
-require "ruby-srp"
-
-require "warden/session_serializer"
-require "warden/strategies/secure_remote_password"
-
-require "webfinger"
-
-module LeapWebUsers
- class Engine < ::Rails::Engine
-
- end
-end
diff --git a/users/lib/tasks/leap_web_users_tasks.rake b/users/lib/tasks/leap_web_users_tasks.rake
deleted file mode 100644
index 62bcbe9..0000000
--- a/users/lib/tasks/leap_web_users_tasks.rake
+++ /dev/null
@@ -1,10 +0,0 @@
-# desc "Explaining what the task does"
-# task :leap_web_users do
-# # Task goes here
-# end
-
-# recommended that for our setup, we should have this triggered from a cron job in puppet rather than using whenever gem
-desc "Send one month warning messages"
-task :leap_web_users do
- User.send_one_month_warnings
-end
diff --git a/users/lib/warden/session_serializer.rb b/users/lib/warden/session_serializer.rb
deleted file mode 100644
index 81d7076..0000000
--- a/users/lib/warden/session_serializer.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-module Warden
- # Setup Session Serialization
- class SessionSerializer
- def serialize(record)
- [record.class.name, record.id]
- end
-
- def deserialize(keys)
- klass, id = keys
- klass.constantize.find(id)
- end
- end
-end
diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb
deleted file mode 100644
index 2c334c6..0000000
--- a/users/lib/warden/strategies/secure_remote_password.rb
+++ /dev/null
@@ -1,81 +0,0 @@
-module Warden
- module Strategies
- class SecureRemotePassword < Warden::Strategies::Base
-
- def valid?
- handshake? || authentication?
- end
-
- def authenticate!
- if authentication?
- validate!
- else # handshake
- initialize!
- end
- end
-
- protected
-
- def handshake?
- params['A'] && params['login']
- end
-
- def authentication?
- params['client_auth'] && session[:handshake]
- end
-
- def validate!
- if client = validate
- success!(User.find_by_login(client.username))
- else
- Rails.logger.warn "Login attempt failed."
- Rails.logger.debug debug_info
- Rails.logger.debug "Received: #{params['client_auth']}"
- session.delete(:handshake)
- fail!(:base => "invalid_user_pass")
- end
- end
-
- def validate
- session[:handshake].authenticate(params['client_auth'])
- end
-
- def initialize!
- if user = User.find_by_login(id)
- client = SRP::Client.new user.username,
- :verifier => user.verifier,
- :salt => user.salt
- session[:handshake] = SRP::Session.new(client, params['A'])
- custom! json_response(session[:handshake])
- else
- fail! :base => 'invalid_user_pass'
- end
- rescue SRP::InvalidEphemeral
- fail!(:base => "invalid_ephemeral")
- end
-
- def json_response(object)
- [ 200,
- {"Content-Type" => "application/json; charset=utf-8"},
- [object.to_json]
- ]
- end
-
- def id
- params["id"] || params["login"]
- end
-
- protected
-
- def debug_info
- JSON.pretty_generate(session[:handshake].internal_state)
- end
-
- end
- end
- Warden::Strategies.add :secure_remote_password,
- Warden::Strategies::SecureRemotePassword
-
-end
-
-
diff --git a/users/lib/webfinger.rb b/users/lib/webfinger.rb
deleted file mode 100644
index dd49b41..0000000
--- a/users/lib/webfinger.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-module Webfinger
-
- autoload :HostMetaPresenter, 'webfinger/host_meta_presenter'
- autoload :UserPresenter, 'webfinger/user_presenter'
-
-end
diff --git a/users/lib/webfinger/host_meta_presenter.rb b/users/lib/webfinger/host_meta_presenter.rb
deleted file mode 100644
index 84ab7a9..0000000
--- a/users/lib/webfinger/host_meta_presenter.rb
+++ /dev/null
@@ -1,30 +0,0 @@
-require 'uri'
-
-class Webfinger::HostMetaPresenter
- def initialize(request)
- @request = request
- end
-
- def to_json(options = {})
- {
- subject: subject,
- links: links
- }.to_json(options)
- end
-
- def subject
- url = URI.parse(@request.url)
- url.path = ''
- url.to_s
- end
-
- def links
- { lrdd: { type: 'application/xrd+xml', template: webfinger_template } }
- end
-
- protected
-
- def webfinger_template(path = 'webfinger', query_param='q')
- "#{subject}/#{path}?#{query_param}={uri}"
- end
-end
diff --git a/users/lib/webfinger/user_presenter.rb b/users/lib/webfinger/user_presenter.rb
deleted file mode 100644
index 329f477..0000000
--- a/users/lib/webfinger/user_presenter.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-class Webfinger::UserPresenter
- include Rails.application.routes.url_helpers
- attr_accessor :user
-
- def initialize(user, request)
- @user = user
- @request = request
- end
-
- def to_json(options = {})
- {
- subject: subject,
- links: links
- }.to_json(options)
- end
-
- def subject
- "acct:#{@user.email_address}"
- end
-
- def links
- links = {}
- links[:public_key] = { type: 'PGP', href: key } if key
- return links
- end
-
- protected
-
- def key
- if @user.public_key.present?
- Base64.encode64(@user.public_key.to_s)
- end
- end
-
-end
diff --git a/users/script/rails b/users/script/rails
deleted file mode 100755
index ee08520..0000000
--- a/users/script/rails
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env ruby1.8
-# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
-
-ENGINE_ROOT = File.expand_path('../..', __FILE__)
-ENGINE_PATH = File.expand_path('../../lib/leap_web_users/engine', __FILE__)
-
-require 'rails/all'
-require 'rails/engine/commands'