From 28b51dc38ad71b8a7468aa91d8ce8d3059d9bb69 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 11 Oct 2012 17:41:00 +0200 Subject: current_user and authenticate methods --- users/config/routes.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'users/config') diff --git a/users/config/routes.rb b/users/config/routes.rb index cfc0407..522c40c 100644 --- a/users/config/routes.rb +++ b/users/config/routes.rb @@ -1,10 +1,10 @@ Rails.application.routes.draw do - get "log_in" => "sessions#new", :as => "log_in" - get "log_out" => "sessions#destroy", :as => "log_out" + get "login" => "sessions#new", :as => "login" + get "logout" => "sessions#destroy", :as => "logout" resources :sessions, :only => [:new, :create, :update, :destroy] - get "sign_up" => "users#new", :as => "sign_up" + get "signup" => "users#new", :as => "signup" resources :users, :only => [:new, :create] end -- cgit v1.2.3 From dc0584f7d993ef7c75fbdd9d341ebb3337f3448d Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 17 Oct 2012 15:19:09 +0200 Subject: UI tweaks including newer version of bootstrap --- users/config/locales/en.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 users/config/locales/en.yml (limited to 'users/config') diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml new file mode 100644 index 0000000..172b85f --- /dev/null +++ b/users/config/locales/en.yml @@ -0,0 +1,6 @@ +en: + signup: "Sign up" + signup_message: "Please create an account." + cancel: "Cancel" + login: "Login" + login_message: "Please login with your account." -- cgit v1.2.3 From 194e924cb7c36eafa01b68c74774505e170e47ac Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 30 Oct 2012 12:32:10 +0100 Subject: adding in warden with a basic strategy currently failing because we are not setting the content-type header. --- users/config/initializers/warden.rb | 52 +++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 users/config/initializers/warden.rb (limited to 'users/config') diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb new file mode 100644 index 0000000..bb7dc13 --- /dev/null +++ b/users/config/initializers/warden.rb @@ -0,0 +1,52 @@ +Rails.configuration.middleware.use Warden::Manager do |manager| + manager.default_strategies :secure_remote_password + manager.failure_app = SessionsController +end + +# Setup Session Serialization +class Warden::SessionSerializer + def serialize(record) + [record.class.name, record.id] + end + + def deserialize(keys) + klass, id = keys + klass.find(id) + end +end + +Warden::Strategies.add(:secure_remote_password) do + + def valid? + id && ( params['A'] || params['client_auth'] ) + end + + def authenticate! + if params['client_auth'] && session[:handshake] + validate! + else + initialize! + end + end + + protected + + def validate! + srp_session = session.delete(:handshake) + user = srp_session.authenticate(params['client_auth'].hex) + user.nil? ? fail!("Could not log in") : success!(u) + end + + def initialize! + user = User.find_by_param(id) + session[:handshake] = user.initialize_auth(params['A'].hex) + custom! [200, {}, [session[:handshake].to_json]] + rescue RECORD_NOT_FOUND + fail! "User not found" + end + + def id + params["id"] || params["login"] + end +end + -- cgit v1.2.3 From bcc0f11caeef1b09712b9b62e1607237885d1af5 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 30 Oct 2012 14:42:04 +0100 Subject: using rails_warden bit of refactoring without rails_warden the failure app action was not getting set properly. --- users/config/initializers/warden.rb | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) (limited to 'users/config') diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb index bb7dc13..98dd99c 100644 --- a/users/config/initializers/warden.rb +++ b/users/config/initializers/warden.rb @@ -1,6 +1,8 @@ -Rails.configuration.middleware.use Warden::Manager do |manager| - manager.default_strategies :secure_remote_password - manager.failure_app = SessionsController +Rails.configuration.middleware.use RailsWarden::Manager do |config| + config.default_strategies :secure_remote_password + config.failure_app = SessionsController + config.default_scope = :user + config.scope_defaults :user, :action => :new end # Setup Session Serialization @@ -18,31 +20,46 @@ end Warden::Strategies.add(:secure_remote_password) do def valid? - id && ( params['A'] || params['client_auth'] ) + handshake? || authentication? end def authenticate! - if params['client_auth'] && session[:handshake] + if authentication? validate! - else + else # handshake initialize! end end protected + def handshake? + params['A'] && params['login'] + end + + def authentication? + params['client_auth'] && session[:handshake] + end + def validate! srp_session = session.delete(:handshake) user = srp_session.authenticate(params['client_auth'].hex) - user.nil? ? fail!("Could not log in") : success!(u) + user.nil? ? fail!("Could not log in") : success!(user) end def initialize! user = User.find_by_param(id) session[:handshake] = user.initialize_auth(params['A'].hex) - custom! [200, {}, [session[:handshake].to_json]] + custom! json_response(session[:handshake]) rescue RECORD_NOT_FOUND - fail! "User not found" + fail! "User not found!" + end + + def json_response(object) + [ 200, + {"Content-Type" => "application/json; charset=utf-8"}, + [object.to_json] + ] end def id -- cgit v1.2.3 From f2825d10e6447ea766fee085841e2b92b0477976 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 30 Oct 2012 15:36:16 +0100 Subject: sending proper error messages from warden. still need to translate these --- users/config/initializers/warden.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'users/config') diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb index 98dd99c..82753ec 100644 --- a/users/config/initializers/warden.rb +++ b/users/config/initializers/warden.rb @@ -1,10 +1,10 @@ Rails.configuration.middleware.use RailsWarden::Manager do |config| config.default_strategies :secure_remote_password config.failure_app = SessionsController - config.default_scope = :user - config.scope_defaults :user, :action => :new end +RailsWarden.unauthenticated_action = :new + # Setup Session Serialization class Warden::SessionSerializer def serialize(record) @@ -44,7 +44,7 @@ Warden::Strategies.add(:secure_remote_password) do def validate! srp_session = session.delete(:handshake) user = srp_session.authenticate(params['client_auth'].hex) - user.nil? ? fail!("Could not log in") : success!(user) + user ? success!(user) : fail!(:password => "Could not log in") end def initialize! @@ -52,7 +52,7 @@ Warden::Strategies.add(:secure_remote_password) do session[:handshake] = user.initialize_auth(params['A'].hex) custom! json_response(session[:handshake]) rescue RECORD_NOT_FOUND - fail! "User not found!" + fail! :login => "User not found!" end def json_response(object) -- cgit v1.2.3 From 4b7333eec8eaf0c01227ade9d77a21f7a879ff0b Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 31 Oct 2012 17:39:06 +0100 Subject: using controller extensions for application controller by hand --- users/config/initializers/add_controller_methods.rb | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 users/config/initializers/add_controller_methods.rb (limited to 'users/config') diff --git a/users/config/initializers/add_controller_methods.rb b/users/config/initializers/add_controller_methods.rb new file mode 100644 index 0000000..2579176 --- /dev/null +++ b/users/config/initializers/add_controller_methods.rb @@ -0,0 +1,3 @@ +ActiveSupport.on_load(:application_controller) do + include ControllerExtension::Authentication +end -- cgit v1.2.3 From 63c5b2cafdefbd9b13297faa57ee2f18a5c07bf5 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 9 Nov 2012 16:05:22 +0100 Subject: got integration test and login flow to work --- users/config/initializers/warden.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'users/config') diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb index 82753ec..11b950f 100644 --- a/users/config/initializers/warden.rb +++ b/users/config/initializers/warden.rb @@ -13,7 +13,7 @@ class Warden::SessionSerializer def deserialize(keys) klass, id = keys - klass.find(id) + klass.constantize.find(id) end end @@ -42,8 +42,7 @@ Warden::Strategies.add(:secure_remote_password) do end def validate! - srp_session = session.delete(:handshake) - user = srp_session.authenticate(params['client_auth'].hex) + user = session[:handshake].authenticate(params['client_auth'].hex) user ? success!(user) : fail!(:password => "Could not log in") end -- cgit v1.2.3 From 5b300b554682c232c0955bdb0dd3d8263dde901e Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 9 Nov 2012 16:45:54 +0100 Subject: seperated the warden classes from the initializer also commented the sessions controller test a bit and fixed it --- users/config/initializers/warden.rb | 61 ------------------------------------- 1 file changed, 61 deletions(-) (limited to 'users/config') diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb index 11b950f..45feb6c 100644 --- a/users/config/initializers/warden.rb +++ b/users/config/initializers/warden.rb @@ -5,64 +5,3 @@ end RailsWarden.unauthenticated_action = :new -# Setup Session Serialization -class Warden::SessionSerializer - def serialize(record) - [record.class.name, record.id] - end - - def deserialize(keys) - klass, id = keys - klass.constantize.find(id) - end -end - -Warden::Strategies.add(:secure_remote_password) do - - def valid? - handshake? || authentication? - end - - def authenticate! - if authentication? - validate! - else # handshake - initialize! - end - end - - protected - - def handshake? - params['A'] && params['login'] - end - - def authentication? - params['client_auth'] && session[:handshake] - end - - def validate! - user = session[:handshake].authenticate(params['client_auth'].hex) - user ? success!(user) : fail!(:password => "Could not log in") - end - - def initialize! - user = User.find_by_param(id) - session[:handshake] = user.initialize_auth(params['A'].hex) - custom! json_response(session[:handshake]) - rescue RECORD_NOT_FOUND - fail! :login => "User not found!" - end - - def json_response(object) - [ 200, - {"Content-Type" => "application/json; charset=utf-8"}, - [object.to_json] - ] - end - - def id - params["id"] || params["login"] - end -end - -- cgit v1.2.3 From 6d5f8d0f993093b51d1f11bb528c535dcf88a969 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 13:05:32 +0100 Subject: beautify login workflow * translating error messages * not caching login and password in js anymore * catching non responses --- users/config/locales/en.yml | 2 ++ 1 file changed, 2 insertions(+) (limited to 'users/config') diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml index 172b85f..be3f28e 100644 --- a/users/config/locales/en.yml +++ b/users/config/locales/en.yml @@ -4,3 +4,5 @@ en: cancel: "Cancel" login: "Login" login_message: "Please login with your account." + wrong_password: "wrong password" + user_not_found: "could not be found" -- cgit v1.2.3 From 33c124aa67788d5c64906f7b3e21ad383577b2a8 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 17:31:18 +0100 Subject: basic user edit form and actions --- users/config/routes.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'users/config') diff --git a/users/config/routes.rb b/users/config/routes.rb index 522c40c..1d144b4 100644 --- a/users/config/routes.rb +++ b/users/config/routes.rb @@ -5,6 +5,6 @@ Rails.application.routes.draw do resources :sessions, :only => [:new, :create, :update, :destroy] get "signup" => "users#new", :as => "signup" - resources :users, :only => [:new, :create] + resources :users end -- cgit v1.2.3 From bf74255d1530fe5852dc6e6c27ef975ce9aa8d3c Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Nov 2012 14:32:50 +0100 Subject: added admin menu and user index action --- users/config/locales/en.yml | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'users/config') diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml index be3f28e..1260494 100644 --- a/users/config/locales/en.yml +++ b/users/config/locales/en.yml @@ -6,3 +6,9 @@ en: login_message: "Please login with your account." wrong_password: "wrong password" user_not_found: "could not be found" + + activemodel: + models: + user: + one: User + other: "%{count} Users" -- cgit v1.2.3