Add oauth feature

c99b71f8 · liyijie · 9e9658eb · c99b71f8 · c99b71f8 · c99b71f8
Commit c99b71f8 authored Aug 02, 2017 by liyijie
4 changed files
--- a/lib/rails_api_authentication/acts_as_authenticationable.rb
+++ b/lib/rails_api_authentication/acts_as_authenticationable.rb
@@ -9,5 +9,15 @@ module RailsApiAuthentication
      include RailsApiAuthentication::Authable
      valid_for params
    end
+
+    def acts_as_code_authentication params={}
+      include RailsApiAuthentication::Authable
+      code_for params
+    end
+
+    def acts_as_oauthable params
+      include RailsApiAuthentication::Authable
+      oauth_for params
+    end
  end
 end
--- a/lib/rails_api_authentication/auth_session.rb
+++ b/lib/rails_api_authentication/auth_session.rb
@@ -8,7 +8,7 @@ module RailsApiAuthentication
    def create
      auth_key = self.class.klass.auth_key
      auth_password = self.class.klass.auth_password
-      @auth_token = self.class.klass.login(session_params[auth_key], session_params[auth_password])
+      @auth_token = self.class.klass.login(session_params.delete(auth_key), session_params.delete(auth_password), session_params)
      render json: { token: @auth_token.token }, status: 200
    rescue UserError => e
      render json: { error: e.message }, status: e.status
@@ -19,11 +19,16 @@ module RailsApiAuthentication
      render json: { message: "logout successful" }, status: 200
    end

-    private
+    private 
      def session_params
        auth_key = self.class.klass.auth_key
        auth_password = self.class.klass.auth_password
-        params.require(self.class.klass_sym).permit(auth_key, auth_password)
+        oauth_enable = self.class.oauth_enable
+        if oauth_enable
+          params.require(self.class.klass_sym).permit(auth_key, auth_password, :oauth_type, :oauth_id)
+        else
+          params.require(self.class.klass_sym).permit(auth_key, auth_password)
+        end
      end

    module ClassMethods

--- a/lib/rails_api_authentication/auth_token.rb
+++ b/lib/rails_api_authentication/auth_token.rb
@@ -10,10 +10,16 @@ module RailsApiAuthentication
    attribute :platform
    # client authentication vertion, etc: 4.1.2
    attribute :version
+    # oauth type, etc: "wechat" "facebook"
+    attribute :oauth_type
+    # oauth id, like wechat openid
+    attribute :oauth_id

    index :token
    unique :token
    index :klass
+    index :oauth_type
+    index :oauth_id

    def self.create(klass, params = {})
      params[:klass] = klass

--- a/lib/rails_api_authentication/authable.rb
+++ b/lib/rails_api_authentication/authable.rb
@@ -24,7 +24,7 @@ module RailsApiAuthentication
    end

    module ClassMethods
-      attr_reader :auth_key, :auth_password, :valid_key
+      attr_reader :auth_key, :auth_password, :valid_key, :oauth_enable, :oauth_only

      def auth_for params
        @auth_key = params[:auth_key]&.to_sym || :name
@@ -43,28 +43,33 @@ module RailsApiAuthentication
        valid_for params.merge( { key: @auth_key} )
      end

+      def oauth_for
+        @oauth_enable = params[:enable] || false
+        @oauth_only = params[:only] || false
+      end
+
      def generate_valid_code name
        code = (0..9).to_a.sample(@valid_length).join
        $redis.setex("#{self}::#{name}", @valid_expire, code)
        code
      end

-      def code_login name, code
+      def code_login name, code, params={}
        raise(UserError.new(401, '-1', "The authorization need password")) if @auth_password.present?
        valid! name, code
        user = self.find_or_create_by(@auth_key => name)
        raise(UserError.new(401, '-1', 'Unauthorized')) if user.nil?
-        AuthToken.create(self, { oid: user.id })
+        AuthToken.create(self, oauth_params(params).merge({ oid: user.id }) )
      rescue ActiveRecord::RecordInvalid => e
        raise UserError.new(401, '-1', e.message)
      end

-      def login(name, password)
+      def login(name, password, params={})
        user = self.find_by(@auth_key => name)
        raise(UserError.new(401, '-1', 'Unauthorized')) if user.nil?
        salted = user.password.split(':')
        raise(UserError.new(401, '-1', 'Unauthorized')) unless salt(password, salted[1]) == salted[0]
-        AuthToken.create(self, { oid: user.id })
+        AuthToken.create(self, oauth_params(params).merge({ oid: user.id }) )
      end

      def auth!(request)
@@ -73,11 +78,11 @@ module RailsApiAuthentication
        user.nil? ? raise(UserError.new(401, '-1', 'Unauthorized')) : user
      end

-      def register(name, password, attrs={})
+      def register(name, password, params={})
        raise(UserError.new(401, '-1', 'password is blank')) if password.blank?
        valid! name, attrs.delete(@valid_key)
-        user = self.create!({@auth_key => name, @auth_password => generate_password(password)}.merge attrs)
-        user.token = AuthToken.create(self, { oid: user.id }).token
+        user = self.create!({@auth_key => name, @auth_password => generate_password(password)})
+        user.token = AuthToken.create(self, oauth_params(params).merge({ oid: user.id }) ).token
        user
      rescue ActiveRecord::RecordInvalid => e
        raise UserError.new(401, '-1', e.message)
@@ -96,6 +101,10 @@ module RailsApiAuthentication

      private

+      def oauth_params params
+        params.select { |k, v| [:oauth_type, :oauth_id].include? k&.to_sym  }
+      end
+
      def salt(password, suffix)
        5.times { password = DIGEST.digest(password + suffix) }
        password.unpack('H*')[0]