From 0f36c7931fe04bb3d6a3fd70a25fe1090f48e774 Mon Sep 17 00:00:00 2001 From: Azul Date: Sat, 8 Dec 2012 16:05:40 +0100 Subject: serve api version 1 in /1/ Just a very simple start for now. Do we want to use the api for the secure remote password auth from js? --- users/app/controllers/v1/sessions_controller.rb | 28 ++++++++++++++++++++++ users/app/controllers/v1/users_controller.rb | 13 ++++++++++ users/config/routes.rb | 5 ++++ users/test/integration/api/account_flow_test.rb | 6 ++--- users/test/integration/api/python/flow_with_srp.py | 2 +- 5 files changed, 50 insertions(+), 4 deletions(-) create mode 100644 users/app/controllers/v1/sessions_controller.rb create mode 100644 users/app/controllers/v1/users_controller.rb diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb new file mode 100644 index 0000000..5b4a13b --- /dev/null +++ b/users/app/controllers/v1/sessions_controller.rb @@ -0,0 +1,28 @@ +module V1 + class SessionsController < ApplicationController + + skip_before_filter :verify_authenticity_token + + def new + @session = Session.new + if authentication_errors + @errors = authentication_errors + render :status => 422 + end + end + + def create + authenticate! + end + + def update + authenticate! + render :json => session.delete(:handshake) + end + + def destroy + logout + redirect_to root_path + end + end +end diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb new file mode 100644 index 0000000..eda2fad --- /dev/null +++ b/users/app/controllers/v1/users_controller.rb @@ -0,0 +1,13 @@ +module V1 + class UsersController < ApplicationController + + skip_before_filter :verify_authenticity_token, :only => [:create] + + respond_to :json + + def create + @user = User.create(params[:user]) + respond_with @user + end + end +end diff --git a/users/config/routes.rb b/users/config/routes.rb index 1d144b4..6de216f 100644 --- a/users/config/routes.rb +++ b/users/config/routes.rb @@ -1,5 +1,10 @@ Rails.application.routes.draw do + scope "/1", :module => "V1", defaults: {format: 'json'} do + resources :sessions, :only => [:new, :create, :update, :destroy] + resources :users, :only => [:create] + end + get "login" => "sessions#new", :as => "login" get "logout" => "sessions#destroy", :as => "logout" resources :sessions, :only => [:new, :create, :update, :destroy] diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index add12fe..e425c35 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -26,7 +26,7 @@ class AccountFlowTest < ActiveSupport::TestCase :password_verifier => @srp.verifier.to_s(16), :password_salt => @srp.salt.to_s(16) } - post '/users.json', :user => @user_params + post '/1/users.json', :user => @user_params @user = User.find_by_param(@login) end @@ -36,7 +36,7 @@ class AccountFlowTest < ActiveSupport::TestCase # this test wraps the api and implements the interface the ruby-srp client. def handshake(login, aa) - post "/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json + post "/1/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json response = JSON.parse(last_response.body) if response['errors'] raise RECORD_NOT_FOUND.new(response['errors']) @@ -46,7 +46,7 @@ class AccountFlowTest < ActiveSupport::TestCase end def validate(m) - put "/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json + put "/1/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json return JSON.parse(last_response.body) end diff --git a/users/test/integration/api/python/flow_with_srp.py b/users/test/integration/api/python/flow_with_srp.py index b599252..f28aeda 100755 --- a/users/test/integration/api/python/flow_with_srp.py +++ b/users/test/integration/api/python/flow_with_srp.py @@ -16,7 +16,7 @@ def id_generator(size=6, chars=string.ascii_uppercase + string.digits): return ''.join(random.choice(chars) for x in range(size)) # using globals for a start -server = 'http://springbok.leap.se/1/' +server = 'http://localhost:3000/1' login = id_generator() password = id_generator() + id_generator() -- cgit v1.2.3 From 5cfabde4f04d9212af5efee805479bd1be3c5cf1 Mon Sep 17 00:00:00 2001 From: Azul Date: Sat, 8 Dec 2012 16:42:19 +0100 Subject: moved cert into the api path --- certs/config/routes.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/certs/config/routes.rb b/certs/config/routes.rb index 7f1f31d..cb97757 100644 --- a/certs/config/routes.rb +++ b/certs/config/routes.rb @@ -1,3 +1,5 @@ Rails.application.routes.draw do - resource :cert, :only => [:show] + scope '/1' do + resource :cert, :only => [:show] + end end -- cgit v1.2.3 From 1a26988cb7ff30061473f4a781166b184b3037ce Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 10 Dec 2012 15:39:02 +0100 Subject: use consistent naming scheme across CA, webapp and couchDB install --- certs/app/models/cert.rb | 2 +- config/couchdb.yml | 9 +++++++++ users/app/models/user.rb | 2 ++ 3 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 config/couchdb.yml diff --git a/certs/app/models/cert.rb b/certs/app/models/cert.rb index 40efde9..9a6c98d 100644 --- a/certs/app/models/cert.rb +++ b/certs/app/models/cert.rb @@ -1,6 +1,6 @@ class Cert < CouchRest::Model::Base - use_database 'certs' + use_database 'client_certificates' timestamps! diff --git a/config/couchdb.yml b/config/couchdb.yml new file mode 100644 index 0000000..636f2f2 --- /dev/null +++ b/config/couchdb.yml @@ -0,0 +1,9 @@ +development: + prefix: "" + +production: + prefix: "" + +test: + prefix: "" + suffix: test diff --git a/users/app/models/user.rb b/users/app/models/user.rb index ae271ce..340ad9c 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -1,5 +1,7 @@ class User < CouchRest::Model::Base + use_database :users + property :login, String, :accessible => true property :email, String, :accessible => true property :email_forward, String, :accessible => true -- cgit v1.2.3