Commit c99b71f8 by liyijie

Add oauth feature

parent 9e9658eb
...@@ -9,5 +9,15 @@ module RailsApiAuthentication ...@@ -9,5 +9,15 @@ module RailsApiAuthentication
include RailsApiAuthentication::Authable include RailsApiAuthentication::Authable
valid_for params valid_for params
end end
def acts_as_code_authentication params={}
include RailsApiAuthentication::Authable
code_for params
end
def acts_as_oauthable params
include RailsApiAuthentication::Authable
oauth_for params
end
end end
end end
...@@ -8,7 +8,7 @@ module RailsApiAuthentication ...@@ -8,7 +8,7 @@ module RailsApiAuthentication
def create def create
auth_key = self.class.klass.auth_key auth_key = self.class.klass.auth_key
auth_password = self.class.klass.auth_password auth_password = self.class.klass.auth_password
@auth_token = self.class.klass.login(session_params[auth_key], session_params[auth_password]) @auth_token = self.class.klass.login(session_params.delete(auth_key), session_params.delete(auth_password), session_params)
render json: { token: @auth_token.token }, status: 200 render json: { token: @auth_token.token }, status: 200
rescue UserError => e rescue UserError => e
render json: { error: e.message }, status: e.status render json: { error: e.message }, status: e.status
...@@ -19,12 +19,17 @@ module RailsApiAuthentication ...@@ -19,12 +19,17 @@ module RailsApiAuthentication
render json: { message: "logout successful" }, status: 200 render json: { message: "logout successful" }, status: 200
end end
private private 
def session_params def session_params
auth_key = self.class.klass.auth_key auth_key = self.class.klass.auth_key
auth_password = self.class.klass.auth_password auth_password = self.class.klass.auth_password
oauth_enable = self.class.oauth_enable
if oauth_enable
params.require(self.class.klass_sym).permit(auth_key, auth_password, :oauth_type, :oauth_id)
else
params.require(self.class.klass_sym).permit(auth_key, auth_password) params.require(self.class.klass_sym).permit(auth_key, auth_password)
end end
end
module ClassMethods module ClassMethods
attr_reader :klass, :klass_sym attr_reader :klass, :klass_sym
......
...@@ -10,10 +10,16 @@ module RailsApiAuthentication ...@@ -10,10 +10,16 @@ module RailsApiAuthentication
attribute :platform attribute :platform
# client authentication vertion, etc: 4.1.2 # client authentication vertion, etc: 4.1.2
attribute :version attribute :version
# oauth type, etc: "wechat" "facebook"
attribute :oauth_type
# oauth id, like wechat openid
attribute :oauth_id
index :token index :token
unique :token unique :token
index :klass index :klass
index :oauth_type
index :oauth_id
def self.create(klass, params = {}) def self.create(klass, params = {})
params[:klass] = klass params[:klass] = klass
......
...@@ -24,7 +24,7 @@ module RailsApiAuthentication ...@@ -24,7 +24,7 @@ module RailsApiAuthentication
end end
module ClassMethods module ClassMethods
attr_reader :auth_key, :auth_password, :valid_key attr_reader :auth_key, :auth_password, :valid_key, :oauth_enable, :oauth_only
def auth_for params def auth_for params
@auth_key = params[:auth_key]&.to_sym || :name @auth_key = params[:auth_key]&.to_sym || :name
...@@ -43,28 +43,33 @@ module RailsApiAuthentication ...@@ -43,28 +43,33 @@ module RailsApiAuthentication
valid_for params.merge( { key: @auth_key} ) valid_for params.merge( { key: @auth_key} )
end end
def oauth_for
@oauth_enable = params[:enable] || false
@oauth_only = params[:only] || false
end
def generate_valid_code name def generate_valid_code name
code = (0..9).to_a.sample(@valid_length).join code = (0..9).to_a.sample(@valid_length).join
$redis.setex("#{self}::#{name}", @valid_expire, code) $redis.setex("#{self}::#{name}", @valid_expire, code)
code code
end end
def code_login name, code def code_login name, code, params={}
raise(UserError.new(401, '-1', "The authorization need password")) if @auth_password.present? raise(UserError.new(401, '-1', "The authorization need password")) if @auth_password.present?
valid! name, code valid! name, code
user = self.find_or_create_by(@auth_key => name) user = self.find_or_create_by(@auth_key => name)
raise(UserError.new(401, '-1', 'Unauthorized')) if user.nil? raise(UserError.new(401, '-1', 'Unauthorized')) if user.nil?
AuthToken.create(self, { oid: user.id }) AuthToken.create(self, oauth_params(params).merge({ oid: user.id }) )
rescue ActiveRecord::RecordInvalid => e rescue ActiveRecord::RecordInvalid => e
raise UserError.new(401, '-1', e.message) raise UserError.new(401, '-1', e.message)
end end
def login(name, password) def login(name, password, params={})
user = self.find_by(@auth_key => name) user = self.find_by(@auth_key => name)
raise(UserError.new(401, '-1', 'Unauthorized')) if user.nil? raise(UserError.new(401, '-1', 'Unauthorized')) if user.nil?
salted = user.password.split(':') salted = user.password.split(':')
raise(UserError.new(401, '-1', 'Unauthorized')) unless salt(password, salted[1]) == salted[0] raise(UserError.new(401, '-1', 'Unauthorized')) unless salt(password, salted[1]) == salted[0]
AuthToken.create(self, { oid: user.id }) AuthToken.create(self, oauth_params(params).merge({ oid: user.id }) )
end end
def auth!(request) def auth!(request)
...@@ -73,11 +78,11 @@ module RailsApiAuthentication ...@@ -73,11 +78,11 @@ module RailsApiAuthentication
user.nil? ? raise(UserError.new(401, '-1', 'Unauthorized')) : user user.nil? ? raise(UserError.new(401, '-1', 'Unauthorized')) : user
end end
def register(name, password, attrs={}) def register(name, password, params={})
raise(UserError.new(401, '-1', 'password is blank')) if password.blank? raise(UserError.new(401, '-1', 'password is blank')) if password.blank?
valid! name, attrs.delete(@valid_key) valid! name, attrs.delete(@valid_key)
user = self.create!({@auth_key => name, @auth_password => generate_password(password)}.merge attrs) user = self.create!({@auth_key => name, @auth_password => generate_password(password)})
user.token = AuthToken.create(self, { oid: user.id }).token user.token = AuthToken.create(self, oauth_params(params).merge({ oid: user.id }) ).token
user user
rescue ActiveRecord::RecordInvalid => e rescue ActiveRecord::RecordInvalid => e
raise UserError.new(401, '-1', e.message) raise UserError.new(401, '-1', e.message)
...@@ -96,6 +101,10 @@ module RailsApiAuthentication ...@@ -96,6 +101,10 @@ module RailsApiAuthentication
private private
def oauth_params params
params.select { |k, v| [:oauth_type, :oauth_id].include? k&.to_sym }
end
def salt(password, suffix) def salt(password, suffix)
5.times { password = DIGEST.digest(password + suffix) } 5.times { password = DIGEST.digest(password + suffix) }
password.unpack('H*')[0] password.unpack('H*')[0]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment