From 0f36c7931fe04bb3d6a3fd70a25fe1090f48e774 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Sat, 8 Dec 2012 16:05:40 +0100
Subject: serve api version 1 in /1/

Just a very simple start for now.

Do we want to use the api for the secure remote password auth from js?
---
 users/app/controllers/v1/sessions_controller.rb    | 28 ++++++++++++++++++++++
 users/app/controllers/v1/users_controller.rb       | 13 ++++++++++
 users/config/routes.rb                             |  5 ++++
 users/test/integration/api/account_flow_test.rb    |  6 ++---
 users/test/integration/api/python/flow_with_srp.py |  2 +-
 5 files changed, 50 insertions(+), 4 deletions(-)
 create mode 100644 users/app/controllers/v1/sessions_controller.rb
 create mode 100644 users/app/controllers/v1/users_controller.rb

(limited to 'users')

diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
new file mode 100644
index 0000000..5b4a13b
--- /dev/null
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -0,0 +1,28 @@
+module V1
+  class SessionsController < ApplicationController
+
+    skip_before_filter :verify_authenticity_token
+
+    def new
+      @session = Session.new
+      if authentication_errors
+        @errors = authentication_errors
+        render :status => 422
+      end
+    end
+
+    def create
+      authenticate!
+    end
+
+    def update
+      authenticate!
+      render :json => session.delete(:handshake)
+    end
+
+    def destroy
+      logout
+      redirect_to root_path
+    end
+  end
+end
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
new file mode 100644
index 0000000..eda2fad
--- /dev/null
+++ b/users/app/controllers/v1/users_controller.rb
@@ -0,0 +1,13 @@
+module V1
+  class UsersController < ApplicationController
+
+    skip_before_filter :verify_authenticity_token, :only => [:create]
+
+    respond_to :json
+
+    def create
+      @user = User.create(params[:user])
+      respond_with @user
+    end
+  end
+end
diff --git a/users/config/routes.rb b/users/config/routes.rb
index 1d144b4..6de216f 100644
--- a/users/config/routes.rb
+++ b/users/config/routes.rb
@@ -1,5 +1,10 @@
 Rails.application.routes.draw do
 
+  scope "/1", :module => "V1", defaults: {format: 'json'} do
+    resources :sessions, :only => [:new, :create, :update, :destroy]
+    resources :users, :only => [:create]
+  end
+
   get "login" => "sessions#new", :as => "login"
   get "logout" => "sessions#destroy", :as => "logout"
   resources :sessions, :only => [:new, :create, :update, :destroy]
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index add12fe..e425c35 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -26,7 +26,7 @@ class AccountFlowTest < ActiveSupport::TestCase
       :password_verifier => @srp.verifier.to_s(16),
       :password_salt => @srp.salt.to_s(16)
     }
-    post '/users.json', :user => @user_params
+    post '/1/users.json', :user => @user_params
     @user = User.find_by_param(@login)
   end
 
@@ -36,7 +36,7 @@ class AccountFlowTest < ActiveSupport::TestCase
 
   # this test wraps the api and implements the interface the ruby-srp client.
   def handshake(login, aa)
-    post "/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json
+    post "/1/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json
     response = JSON.parse(last_response.body)
     if response['errors']
       raise RECORD_NOT_FOUND.new(response['errors'])
@@ -46,7 +46,7 @@ class AccountFlowTest < ActiveSupport::TestCase
   end
 
   def validate(m)
-    put "/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json
+    put "/1/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json
     return JSON.parse(last_response.body)
   end
 
diff --git a/users/test/integration/api/python/flow_with_srp.py b/users/test/integration/api/python/flow_with_srp.py
index b599252..f28aeda 100755
--- a/users/test/integration/api/python/flow_with_srp.py
+++ b/users/test/integration/api/python/flow_with_srp.py
@@ -16,7 +16,7 @@ def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
   return ''.join(random.choice(chars) for x in range(size))
 
 # using globals for a start
-server = 'http://springbok.leap.se/1/'
+server = 'http://localhost:3000/1'
 login = id_generator()
 password = id_generator() + id_generator()
 
-- 
cgit v1.2.3


From 1a26988cb7ff30061473f4a781166b184b3037ce Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 10 Dec 2012 15:39:02 +0100
Subject: use consistent naming scheme across CA, webapp and couchDB install

---
 users/app/models/user.rb | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'users')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index ae271ce..340ad9c 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -1,5 +1,7 @@
 class User < CouchRest::Model::Base
 
+  use_database :users
+
   property :login, String, :accessible => true
   property :email, String, :accessible => true
   property :email_forward, String, :accessible => true
-- 
cgit v1.2.3