Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
R
rails_api_authentication
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
open-source
rails_api_authentication
Commits
c99b71f8
Commit
c99b71f8
authored
Aug 02, 2017
by
liyijie
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add oauth feature
parent
9e9658eb
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
40 additions
and
10 deletions
+40
-10
acts_as_authenticationable.rb
lib/rails_api_authentication/acts_as_authenticationable.rb
+10
-0
auth_session.rb
lib/rails_api_authentication/auth_session.rb
+7
-2
auth_token.rb
lib/rails_api_authentication/auth_token.rb
+6
-0
authable.rb
lib/rails_api_authentication/authable.rb
+17
-8
No files found.
lib/rails_api_authentication/acts_as_authenticationable.rb
View file @
c99b71f8
...
@@ -9,5 +9,15 @@ module RailsApiAuthentication
...
@@ -9,5 +9,15 @@ module RailsApiAuthentication
include
RailsApiAuthentication
::
Authable
include
RailsApiAuthentication
::
Authable
valid_for
params
valid_for
params
end
end
def
acts_as_code_authentication
params
=
{}
include
RailsApiAuthentication
::
Authable
code_for
params
end
def
acts_as_oauthable
params
include
RailsApiAuthentication
::
Authable
oauth_for
params
end
end
end
end
end
lib/rails_api_authentication/auth_session.rb
View file @
c99b71f8
...
@@ -8,7 +8,7 @@ module RailsApiAuthentication
...
@@ -8,7 +8,7 @@ module RailsApiAuthentication
def
create
def
create
auth_key
=
self
.
class
.
klass
.
auth_key
auth_key
=
self
.
class
.
klass
.
auth_key
auth_password
=
self
.
class
.
klass
.
auth_password
auth_password
=
self
.
class
.
klass
.
auth_password
@auth_token
=
self
.
class
.
klass
.
login
(
session_params
[
auth_key
],
session_params
[
auth_password
]
)
@auth_token
=
self
.
class
.
klass
.
login
(
session_params
.
delete
(
auth_key
),
session_params
.
delete
(
auth_password
),
session_params
)
render
json:
{
token:
@auth_token
.
token
},
status:
200
render
json:
{
token:
@auth_token
.
token
},
status:
200
rescue
UserError
=>
e
rescue
UserError
=>
e
render
json:
{
error:
e
.
message
},
status:
e
.
status
render
json:
{
error:
e
.
message
},
status:
e
.
status
...
@@ -19,12 +19,17 @@ module RailsApiAuthentication
...
@@ -19,12 +19,17 @@ module RailsApiAuthentication
render
json:
{
message:
"logout successful"
},
status:
200
render
json:
{
message:
"logout successful"
},
status:
200
end
end
private
private
def
session_params
def
session_params
auth_key
=
self
.
class
.
klass
.
auth_key
auth_key
=
self
.
class
.
klass
.
auth_key
auth_password
=
self
.
class
.
klass
.
auth_password
auth_password
=
self
.
class
.
klass
.
auth_password
oauth_enable
=
self
.
class
.
oauth_enable
if
oauth_enable
params
.
require
(
self
.
class
.
klass_sym
).
permit
(
auth_key
,
auth_password
,
:oauth_type
,
:oauth_id
)
else
params
.
require
(
self
.
class
.
klass_sym
).
permit
(
auth_key
,
auth_password
)
params
.
require
(
self
.
class
.
klass_sym
).
permit
(
auth_key
,
auth_password
)
end
end
end
module
ClassMethods
module
ClassMethods
attr_reader
:klass
,
:klass_sym
attr_reader
:klass
,
:klass_sym
...
...
lib/rails_api_authentication/auth_token.rb
View file @
c99b71f8
...
@@ -10,10 +10,16 @@ module RailsApiAuthentication
...
@@ -10,10 +10,16 @@ module RailsApiAuthentication
attribute
:platform
attribute
:platform
# client authentication vertion, etc: 4.1.2
# client authentication vertion, etc: 4.1.2
attribute
:version
attribute
:version
# oauth type, etc: "wechat" "facebook"
attribute
:oauth_type
# oauth id, like wechat openid
attribute
:oauth_id
index
:token
index
:token
unique
:token
unique
:token
index
:klass
index
:klass
index
:oauth_type
index
:oauth_id
def
self
.
create
(
klass
,
params
=
{})
def
self
.
create
(
klass
,
params
=
{})
params
[
:klass
]
=
klass
params
[
:klass
]
=
klass
...
...
lib/rails_api_authentication/authable.rb
View file @
c99b71f8
...
@@ -24,7 +24,7 @@ module RailsApiAuthentication
...
@@ -24,7 +24,7 @@ module RailsApiAuthentication
end
end
module
ClassMethods
module
ClassMethods
attr_reader
:auth_key
,
:auth_password
,
:valid_key
attr_reader
:auth_key
,
:auth_password
,
:valid_key
,
:oauth_enable
,
:oauth_only
def
auth_for
params
def
auth_for
params
@auth_key
=
params
[
:auth_key
]
&
.
to_sym
||
:name
@auth_key
=
params
[
:auth_key
]
&
.
to_sym
||
:name
...
@@ -43,28 +43,33 @@ module RailsApiAuthentication
...
@@ -43,28 +43,33 @@ module RailsApiAuthentication
valid_for
params
.
merge
(
{
key:
@auth_key
}
)
valid_for
params
.
merge
(
{
key:
@auth_key
}
)
end
end
def
oauth_for
@oauth_enable
=
params
[
:enable
]
||
false
@oauth_only
=
params
[
:only
]
||
false
end
def
generate_valid_code
name
def
generate_valid_code
name
code
=
(
0
..
9
).
to_a
.
sample
(
@valid_length
).
join
code
=
(
0
..
9
).
to_a
.
sample
(
@valid_length
).
join
$redis
.
setex
(
"
#{
self
}
::
#{
name
}
"
,
@valid_expire
,
code
)
$redis
.
setex
(
"
#{
self
}
::
#{
name
}
"
,
@valid_expire
,
code
)
code
code
end
end
def
code_login
name
,
code
def
code_login
name
,
code
,
params
=
{}
raise
(
UserError
.
new
(
401
,
'-1'
,
"The authorization need password"
))
if
@auth_password
.
present?
raise
(
UserError
.
new
(
401
,
'-1'
,
"The authorization need password"
))
if
@auth_password
.
present?
valid!
name
,
code
valid!
name
,
code
user
=
self
.
find_or_create_by
(
@auth_key
=>
name
)
user
=
self
.
find_or_create_by
(
@auth_key
=>
name
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
AuthToken
.
create
(
self
,
{
oid:
user
.
id
}
)
AuthToken
.
create
(
self
,
oauth_params
(
params
).
merge
({
oid:
user
.
id
})
)
rescue
ActiveRecord
::
RecordInvalid
=>
e
rescue
ActiveRecord
::
RecordInvalid
=>
e
raise
UserError
.
new
(
401
,
'-1'
,
e
.
message
)
raise
UserError
.
new
(
401
,
'-1'
,
e
.
message
)
end
end
def
login
(
name
,
password
)
def
login
(
name
,
password
,
params
=
{}
)
user
=
self
.
find_by
(
@auth_key
=>
name
)
user
=
self
.
find_by
(
@auth_key
=>
name
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
salted
=
user
.
password
.
split
(
':'
)
salted
=
user
.
password
.
split
(
':'
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
unless
salt
(
password
,
salted
[
1
])
==
salted
[
0
]
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
unless
salt
(
password
,
salted
[
1
])
==
salted
[
0
]
AuthToken
.
create
(
self
,
{
oid:
user
.
id
}
)
AuthToken
.
create
(
self
,
oauth_params
(
params
).
merge
({
oid:
user
.
id
})
)
end
end
def
auth!
(
request
)
def
auth!
(
request
)
...
@@ -73,11 +78,11 @@ module RailsApiAuthentication
...
@@ -73,11 +78,11 @@ module RailsApiAuthentication
user
.
nil?
?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
:
user
user
.
nil?
?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
:
user
end
end
def
register
(
name
,
password
,
attr
s
=
{})
def
register
(
name
,
password
,
param
s
=
{})
raise
(
UserError
.
new
(
401
,
'-1'
,
'password is blank'
))
if
password
.
blank?
raise
(
UserError
.
new
(
401
,
'-1'
,
'password is blank'
))
if
password
.
blank?
valid!
name
,
attrs
.
delete
(
@valid_key
)
valid!
name
,
attrs
.
delete
(
@valid_key
)
user
=
self
.
create!
({
@auth_key
=>
name
,
@auth_password
=>
generate_password
(
password
)}
.
merge
attrs
)
user
=
self
.
create!
({
@auth_key
=>
name
,
@auth_password
=>
generate_password
(
password
)})
user
.
token
=
AuthToken
.
create
(
self
,
{
oid:
user
.
id
}
).
token
user
.
token
=
AuthToken
.
create
(
self
,
oauth_params
(
params
).
merge
({
oid:
user
.
id
})
).
token
user
user
rescue
ActiveRecord
::
RecordInvalid
=>
e
rescue
ActiveRecord
::
RecordInvalid
=>
e
raise
UserError
.
new
(
401
,
'-1'
,
e
.
message
)
raise
UserError
.
new
(
401
,
'-1'
,
e
.
message
)
...
@@ -96,6 +101,10 @@ module RailsApiAuthentication
...
@@ -96,6 +101,10 @@ module RailsApiAuthentication
private
private
def
oauth_params
params
params
.
select
{
|
k
,
v
|
[
:oauth_type
,
:oauth_id
].
include?
k
&
.
to_sym
}
end
def
salt
(
password
,
suffix
)
def
salt
(
password
,
suffix
)
5
.
times
{
password
=
DIGEST
.
digest
(
password
+
suffix
)
}
5
.
times
{
password
=
DIGEST
.
digest
(
password
+
suffix
)
}
password
.
unpack
(
'H*'
)[
0
]
password
.
unpack
(
'H*'
)[
0
]
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment