Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
R
rails_api_authentication
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
open-source
rails_api_authentication
Commits
1255ae0c
Commit
1255ae0c
authored
May 03, 2018
by
ivan Lan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix auth about dup token
parent
689d4b47
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
15 additions
and
10 deletions
+15
-10
authable.rb
lib/rails_api_authentication/authable.rb
+15
-10
No files found.
lib/rails_api_authentication/authable.rb
View file @
1255ae0c
...
@@ -24,13 +24,21 @@ module RailsApiAuthentication
...
@@ -24,13 +24,21 @@ module RailsApiAuthentication
end
end
module
ClassMethods
module
ClassMethods
attr_reader
:
auth_key
,
:auth_password
,
:
valid_key
,
:oauth_enable
,
:oauth_only
attr_reader
:valid_key
,
:oauth_enable
,
:oauth_only
def
auth_for
params
def
auth_for
params
@auth_key
=
params
[
:auth_key
]
&
.
to_sym
||
:name
@auth_key
=
params
[
:auth_key
]
&
.
to_sym
||
:name
@auth_password
=
params
[
:auth_password
]
&
.
to_sym
||
:password
@auth_password
=
params
[
:auth_password
]
&
.
to_sym
||
:password
end
end
def
auth_key
@auth_key
||
superclass
.
auth_key
end
def
auth_password
@auth_password
||
superclass
.
auth_password
end
def
valid_for
params
def
valid_for
params
@valid_key
=
params
[
:key
]
&
.
to_sym
||
:valid_code
@valid_key
=
params
[
:key
]
&
.
to_sym
||
:valid_code
@valid_expire
=
params
[
:expire
]
&
.
to_sym
||
600
@valid_expire
=
params
[
:expire
]
&
.
to_sym
||
600
...
@@ -57,7 +65,7 @@ module RailsApiAuthentication
...
@@ -57,7 +65,7 @@ module RailsApiAuthentication
def
code_login
name
,
code
,
params
=
{}
def
code_login
name
,
code
,
params
=
{}
raise
(
UserError
.
new
(
401
,
'-1'
,
"The authorization need password"
))
if
@auth_password
.
present?
raise
(
UserError
.
new
(
401
,
'-1'
,
"The authorization need password"
))
if
@auth_password
.
present?
valid!
name
,
code
valid!
name
,
code
user
=
self
.
find_or_create_by
(
@
auth_key
=>
name
)
user
=
self
.
find_or_create_by
(
auth_key
=>
name
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
AuthToken
.
create
(
self
,
oauth_params
(
params
).
merge
({
oid:
user
.
id
})
)
AuthToken
.
create
(
self
,
oauth_params
(
params
).
merge
({
oid:
user
.
id
})
)
rescue
ActiveRecord
::
RecordInvalid
=>
e
rescue
ActiveRecord
::
RecordInvalid
=>
e
...
@@ -65,7 +73,7 @@ module RailsApiAuthentication
...
@@ -65,7 +73,7 @@ module RailsApiAuthentication
end
end
def
login
(
name
,
password
,
params
=
{})
def
login
(
name
,
password
,
params
=
{})
user
=
self
.
find_by
(
@
auth_key
=>
name
)
user
=
self
.
find_by
(
auth_key
=>
name
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
salted
=
user
.
password
.
split
(
':'
)
salted
=
user
.
password
.
split
(
':'
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
unless
salted
[
1
].
present?
&&
salt
(
password
,
salted
[
1
])
==
salted
[
0
]
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
unless
salted
[
1
].
present?
&&
salt
(
password
,
salted
[
1
])
==
salted
[
0
]
...
@@ -98,7 +106,7 @@ module RailsApiAuthentication
...
@@ -98,7 +106,7 @@ module RailsApiAuthentication
def
auth!
(
request
)
def
auth!
(
request
)
token
=
request
.
env
[
"HTTP_
#{
token_key
}
_TOKEN"
]
||
request
.
env
[
"
#{
token_key
}
_TOKEN"
]
token
=
request
.
env
[
"HTTP_
#{
token_key
}
_TOKEN"
]
||
request
.
env
[
"
#{
token_key
}
_TOKEN"
]
user
=
auth
(
token
)
user
=
auth
(
token
)
user
.
nil?
?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
:
user
user
||
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
end
end
attr_writer
:token_key
attr_writer
:token_key
...
@@ -110,7 +118,7 @@ module RailsApiAuthentication
...
@@ -110,7 +118,7 @@ module RailsApiAuthentication
def
register
(
name
,
password
,
attrs
=
{})
def
register
(
name
,
password
,
attrs
=
{})
raise
(
UserError
.
new
(
400
,
'-1'
,
'password is blank'
))
if
password
.
blank?
raise
(
UserError
.
new
(
400
,
'-1'
,
'password is blank'
))
if
password
.
blank?
valid!
name
,
attrs
.
delete
(
@valid_key
)
valid!
name
,
attrs
.
delete
(
@valid_key
)
user
=
self
.
create!
({
@
auth_key
=>
name
,
@auth_password
=>
generate_password
(
password
)})
user
=
self
.
create!
({
auth_key
=>
name
,
@auth_password
=>
generate_password
(
password
)})
user
.
token
=
AuthToken
.
create
(
self
,
oauth_params
(
attrs
).
merge
({
oid:
user
.
id
})
).
token
user
.
token
=
AuthToken
.
create
(
self
,
oauth_params
(
attrs
).
merge
({
oid:
user
.
id
})
).
token
user
user
rescue
ActiveRecord
::
RecordInvalid
=>
e
rescue
ActiveRecord
::
RecordInvalid
=>
e
...
@@ -119,7 +127,7 @@ module RailsApiAuthentication
...
@@ -119,7 +127,7 @@ module RailsApiAuthentication
def
register_with
(
attrs
=
{})
def
register_with
(
attrs
=
{})
attrs
=
attrs
.
clone
attrs
=
attrs
.
clone
name
=
attrs
.
delete
@
auth_key
name
=
attrs
.
delete
auth_key
password
=
attrs
.
delete
@auth_password
password
=
attrs
.
delete
@auth_password
register
(
name
,
password
,
attrs
)
register
(
name
,
password
,
attrs
)
end
end
...
@@ -153,10 +161,7 @@ module RailsApiAuthentication
...
@@ -153,10 +161,7 @@ module RailsApiAuthentication
def
auth
(
token
)
def
auth
(
token
)
auth
=
AuthToken
.
find
(
token:
token
)
&
.
first
auth
=
AuthToken
.
find
(
token:
token
)
&
.
first
if
auth
.
nil?
if
auth
&&
(
user
=
find_by
(
id:
auth
.
oid
))
nil
else
user
=
self
.
find_by
(
id:
auth
.
oid
)
user
.
token
=
auth
.
token
user
.
token
=
auth
.
token
user
.
auth
=
auth
user
.
auth
=
auth
user
user
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment