Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
R
rails_api_authentication
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
open-source
rails_api_authentication
Commits
692eab74
Commit
692eab74
authored
Jul 25, 2017
by
liyijie
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add valid to authable
parent
b63b8f89
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
86 additions
and
4 deletions
+86
-4
acts_as_authentication_handler.rb
...ails_api_authentication/acts_as_authentication_handler.rb
+5
-0
acts_as_authenticationable.rb
lib/rails_api_authentication/acts_as_authenticationable.rb
+5
-0
auth_password.rb
lib/rails_api_authentication/auth_password.rb
+49
-0
authable.rb
lib/rails_api_authentication/authable.rb
+27
-4
No files found.
lib/rails_api_authentication/acts_as_authentication_handler.rb
View file @
692eab74
...
...
@@ -9,5 +9,10 @@ module RailsApiAuthentication
include
RailsApiAuthentication
::
AuthSession
auth_session
klass_sym
end
def
acts_as_auth_password
(
klass_sym
)
include
RailsApiAuthentication
::
AuthPassword
auth_password
klass_sym
end
end
end
lib/rails_api_authentication/acts_as_authenticationable.rb
View file @
692eab74
...
...
@@ -4,5 +4,10 @@ module RailsApiAuthentication
include
RailsApiAuthentication
::
Authable
auth_for
params
end
def
acts_as_validable
(
params
=
{})
include
RailsApiAuthentication
::
Authable
valid_for
params
end
end
end
lib/rails_api_authentication/auth_password.rb
0 → 100644
View file @
692eab74
module
RailsApiAuthentication
module
AuthPassword
extend
ActiveSupport
::
Concern
included
do
end
# Reset password with token
def
create
auth_password
=
self
.
class
.
klass
.
auth_password
valid_key
=
self
.
class
.
klass
.
valid_key
self
.
send
(
"current_
#{
self
.
class
.
klass_sym
}
"
)
&
.
reset_password
(
reset_password_params
[
auth_password
],
reset_password_params
[
valid_key
])
render
json:
{
meesage:
"reset password successful"
},
status:
200
rescue
UserError
=>
e
render
json:
{
error:
e
.
message
},
status:
e
.
status
end
# Update password when the auth is pass
def
update
auth_password
=
self
.
class
.
klass
.
auth_password
self
.
send
(
"current_
#{
self
.
class
.
klass_sym
}
"
)
&
.
update_password
(
password_params
[
auth_password
])
render
json:
{
meesage:
"update password successful"
},
status:
200
rescue
UserError
=>
e
render
json:
{
error:
e
.
message
},
status:
e
.
status
end
private
def
password_params
auth_password
=
self
.
class
.
klass
.
auth_password
params
.
require
(
self
.
class
.
klass_sym
).
permit
(
auth_password
)
end
def
reset_password_params
auth_password
=
self
.
class
.
klass
.
auth_password
valid_key
=
self
.
class
.
klass
.
valid_key
params
.
require
(
self
.
class
.
klass_sym
).
permit
(
auth_password
,
valid_key
)
end
module
ClassMethods
attr_reader
:klass
,
:klass_sym
def
auth_password
klass_sym
@klass
=
klass_sym
.
to_s
.
camelize
.
constantize
@klass_sym
=
klass_sym
end
end
end
end
lib/rails_api_authentication/authable.rb
View file @
692eab74
...
...
@@ -4,23 +4,42 @@ module RailsApiAuthentication
DIGEST
=
Digest
::
SHA2
.
new
included
do
attr_accessor
:token
def
logout
AuthToken
.
find
(
token:
token
)
&
.
first
&
.
delete
if
token
.
present?
end
def
update_password
password
raise
(
UserError
.
new
(
401
,
'-1'
,
'password is blank'
))
if
password
.
blank?
self
.
update
(
@auth_password
=>
generate_password
(
password
))
end
def
reset_password
password
,
valid_code
update_password
(
password
)
if
self
.
class
.
valid?
(
self
.
send
(
@auth_key
),
valid_code
)
end
end
module
ClassMethods
attr_reader
:auth_key
,
:auth_password
attr_reader
:auth_key
,
:auth_password
,
:valid_key
def
auth_for
params
@auth_key
=
params
[
:auth_key
]
&
.
to_sym
||
:name
@auth_password
=
params
[
:auth_password
]
&
.
to_sym
||
:password
end
def
valid_for
params
@valid_key
=
params
[
:key
]
&
.
to_sym
||
:valid_code
@valid_expire
=
params
[
:expire
]
&
.
to_sym
||
60
@valid_length
=
params
[
:length
]
&
.
to_sym
||
4
end
def
generate_valid_code
name
code
=
(
0
..
9
).
to_a
.
sample
(
@valid_length
).
join
$redis
.
setex
(
name
,
@valid_expire
,
code
)
end
def
login
(
name
,
password
)
user
=
self
.
find_by
(
@auth_key
=>
name
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
...
...
@@ -29,7 +48,6 @@ module RailsApiAuthentication
AuthToken
.
create
(
self
,
{
oid:
user
.
id
})
end
def
auth!
(
request
)
user
=
auth
(
request
)
user
.
nil?
?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
:
user
...
...
@@ -37,7 +55,8 @@ module RailsApiAuthentication
def
register
(
name
,
password
,
attrs
=
{})
raise
(
UserError
.
new
(
401
,
'-1'
,
'password is blank'
))
if
password
.
blank?
self
.
create!
({
@auth_key
=>
name
,
@auth_password
=>
generate_password
(
password
)}.
merge
attrs
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'valid token is not correct'
))
if
@valid_key
.
present?
&&
!
valid?
(
name
,
attrs
[
@valid_key
])
self
.
create!
({
@auth_key
=>
name
,
@auth_password
=>
generate_password
(
password
)}.
merge
attrs
)
rescue
ActiveRecord
::
RecordInvalid
=>
e
raise
UserError
.
new
(
401
,
'-1'
,
e
.
message
)
end
...
...
@@ -61,6 +80,10 @@ module RailsApiAuthentication
"
#{
salt
(
password
,
suffix
)
}
:
#{
suffix
}
"
end
def
valid?
name
,
valid_code
valid_code
==
$redis
.
get
(
name
)
end
def
auth
(
request
)
token
=
request
.
env
[
"HTTP_
#{
self
.
to_s
.
upcase
}
_TOKEN"
]
||
request
.
env
[
"
#{
self
.
to_s
.
upcase
}
_TOKEN"
]
auth
=
AuthToken
.
find
(
token:
token
)
&
.
first
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment