From ebbfe3d77efddbe8f97fa82c171632ac4cfcf6da Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 27 Sep 2012 22:39:08 +0200
Subject: added in leap web users - one repo to rule them all

---
 users/app/assets/images/leap_web_users/.gitkeep    |  0
 .../app/assets/javascripts/leap_web_users/.gitkeep |  0
 users/app/assets/javascripts/srp                   |  1 +
 .../app/assets/stylesheets/leap_web_users/.gitkeep |  0
 users/app/controllers/.gitkeep                     |  0
 users/app/controllers/sessions_controller.rb       | 30 +++++++++++++
 users/app/controllers/users_controller.rb          | 18 ++++++++
 users/app/helpers/.gitkeep                         |  0
 users/app/helpers/sessions_helper.rb               |  2 +
 users/app/helpers/users_helper.rb                  |  2 +
 users/app/mailers/.gitkeep                         |  0
 users/app/models/.gitkeep                          |  0
 users/app/models/unauthenticated_user.rb           |  4 ++
 users/app/models/user.rb                           | 49 ++++++++++++++++++++++
 users/app/views/.gitkeep                           |  0
 users/app/views/sessions/new.html.haml             |  7 ++++
 users/app/views/users/new.html.haml                | 10 +++++
 17 files changed, 123 insertions(+)
 create mode 100644 users/app/assets/images/leap_web_users/.gitkeep
 create mode 100644 users/app/assets/javascripts/leap_web_users/.gitkeep
 create mode 160000 users/app/assets/javascripts/srp
 create mode 100644 users/app/assets/stylesheets/leap_web_users/.gitkeep
 create mode 100644 users/app/controllers/.gitkeep
 create mode 100644 users/app/controllers/sessions_controller.rb
 create mode 100644 users/app/controllers/users_controller.rb
 create mode 100644 users/app/helpers/.gitkeep
 create mode 100644 users/app/helpers/sessions_helper.rb
 create mode 100644 users/app/helpers/users_helper.rb
 create mode 100644 users/app/mailers/.gitkeep
 create mode 100644 users/app/models/.gitkeep
 create mode 100644 users/app/models/unauthenticated_user.rb
 create mode 100644 users/app/models/user.rb
 create mode 100644 users/app/views/.gitkeep
 create mode 100644 users/app/views/sessions/new.html.haml
 create mode 100644 users/app/views/users/new.html.haml

(limited to 'users/app')

diff --git a/users/app/assets/images/leap_web_users/.gitkeep b/users/app/assets/images/leap_web_users/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/users/app/assets/javascripts/leap_web_users/.gitkeep b/users/app/assets/javascripts/leap_web_users/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp
new file mode 160000
index 0000000..d6a7804
--- /dev/null
+++ b/users/app/assets/javascripts/srp
@@ -0,0 +1 @@
+Subproject commit d6a78049f3356d9d645143362eca74434410bf62
diff --git a/users/app/assets/stylesheets/leap_web_users/.gitkeep b/users/app/assets/stylesheets/leap_web_users/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/users/app/controllers/.gitkeep b/users/app/controllers/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
new file mode 100644
index 0000000..e68d798
--- /dev/null
+++ b/users/app/controllers/sessions_controller.rb
@@ -0,0 +1,30 @@
+class SessionsController < ApplicationController
+
+  skip_before_filter :verify_authenticity_token
+
+  def new
+  end
+
+  def create
+    @user = User.find_by_param(params[:login])
+    session[:handshake] = @user.initialize_auth(params['A'].hex)
+    render :json => { :B => session[:handshake].bb.to_s(16) }
+  rescue RECORD_NOT_FOUND
+    render :json => {:errors => {:login => ["unknown user"]}}
+  end
+
+  def update
+    @user = User.find_by_param(params[:id])
+    @server_auth = @user.authenticate!(params[:client_auth].hex, session.delete(:handshake))
+    session[:user_id] = @user.id
+    render :json => {:M2 => @server_auth}
+  rescue WRONG_PASSWORD
+    session[:handshake] = nil
+    render :json => {:errors => {"password" => ["wrong password"]}}
+  end
+
+  def destroy
+    session[:user_id] = nil
+    redirect_to root_path
+  end
+end
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
new file mode 100644
index 0000000..82d2eac
--- /dev/null
+++ b/users/app/controllers/users_controller.rb
@@ -0,0 +1,18 @@
+class UsersController < ApplicationController
+
+  skip_before_filter :verify_authenticity_token
+
+  respond_to :json, :html
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.create!(params[:user])
+    respond_with(@user, :location => root_url, :notice => "Signed up!")
+  rescue VALIDATION_FAILED => e
+    @user = e.document
+    respond_with(@user, :location => new_user_path)
+  end
+end
diff --git a/users/app/helpers/.gitkeep b/users/app/helpers/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/users/app/helpers/sessions_helper.rb b/users/app/helpers/sessions_helper.rb
new file mode 100644
index 0000000..309f8b2
--- /dev/null
+++ b/users/app/helpers/sessions_helper.rb
@@ -0,0 +1,2 @@
+module SessionsHelper
+end
diff --git a/users/app/helpers/users_helper.rb b/users/app/helpers/users_helper.rb
new file mode 100644
index 0000000..2310a24
--- /dev/null
+++ b/users/app/helpers/users_helper.rb
@@ -0,0 +1,2 @@
+module UsersHelper
+end
diff --git a/users/app/mailers/.gitkeep b/users/app/mailers/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/users/app/models/.gitkeep b/users/app/models/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/users/app/models/unauthenticated_user.rb b/users/app/models/unauthenticated_user.rb
new file mode 100644
index 0000000..99a6874
--- /dev/null
+++ b/users/app/models/unauthenticated_user.rb
@@ -0,0 +1,4 @@
+# The nil object for the user class
+class UnauthenticatedUser < Object
+
+end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
new file mode 100644
index 0000000..fa64f42
--- /dev/null
+++ b/users/app/models/user.rb
@@ -0,0 +1,49 @@
+class User < CouchRest::Model::Base
+
+  include SRP::Authentication
+
+  property :login, String, :accessible => true
+  property :email, String, :accessible => true
+  property :password_verifier, String, :accessible => true
+  property :password_salt, String, :accessible => true
+
+  validates :login, :password_salt, :password_verifier, :presence => true
+  validates :login, :uniqueness => true
+
+  timestamps!
+
+  design do
+    view :by_login
+  end
+
+  class << self
+    def find_by_param(login)
+      return find_by_login(login) || raise(RECORD_NOT_FOUND)
+    end
+
+    # valid set of attributes for testing
+    def valid_attributes_hash
+      { :login => "me",
+        :password_verifier => "1234",
+        :password_salt => "4321" }
+    end
+
+  end
+
+  def to_param
+    self.login
+  end
+
+  def to_json(options={})
+    super(options.merge(:only => ['login', 'password_salt']))
+  end
+
+  def salt
+    password_salt.hex
+  end
+
+  def verifier
+    password_verifier.hex
+  end
+
+end
diff --git a/users/app/views/.gitkeep b/users/app/views/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/users/app/views/sessions/new.html.haml b/users/app/views/sessions/new.html.haml
new file mode 100644
index 0000000..39ee7bf
--- /dev/null
+++ b/users/app/views/sessions/new.html.haml
@@ -0,0 +1,7 @@
+%h2=t :login
+= simple_form_for :session, :url => sessions_path, :html => { :id => :new_session } do |f|
+  %legend=t :login_message
+  = f.input :login, :input_html => { :id => :srp_username }
+  = f.input :password, :required => true, :input_html => { :id => :srp_password }
+  = f.button :submit, :value => t(:login), :class => 'btn-primary' 
+  = link_to t(:cancel), root_url, :class => :btn
diff --git a/users/app/views/users/new.html.haml b/users/app/views/users/new.html.haml
new file mode 100644
index 0000000..f6ece3a
--- /dev/null
+++ b/users/app/views/users/new.html.haml
@@ -0,0 +1,10 @@
+%h2=t :signup
+= simple_form_for @user do |f|
+  %legend=t :signup_message
+  = f.input :login, :input_html => { :id => :srp_username }
+  = f.input :password, :required => true, :input_html => { :id => :srp_password }
+  = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation }
+  = f.input :password_verifier, :as => :hidden, :input_html => { :id => :srp_password_verifier }
+  = f.input :password_salt, :as => :hidden, :input_html => { :id => :srp_salt }
+  = f.button :submit, :value => t(:signup), :class => 'btn-primary' 
+  = link_to t(:cancel), root_url, :class => :btn
-- 
cgit v1.2.3