Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
R
rails_api_authentication
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
open-source
rails_api_authentication
Commits
e453079c
Commit
e453079c
authored
Jul 26, 2017
by
liyijie
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'liyijie/valid' into 'master'
Add valid to authable See merge request
!2
parents
b63b8f89
3d8622e8
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
100 additions
and
3 deletions
+100
-3
rails_api_authentication.rb
lib/rails_api_authentication.rb
+1
-0
acts_as_authentication_handler.rb
...ails_api_authentication/acts_as_authentication_handler.rb
+9
-0
acts_as_authenticationable.rb
lib/rails_api_authentication/acts_as_authenticationable.rb
+5
-0
auth_password.rb
lib/rails_api_authentication/auth_password.rb
+52
-0
authable.rb
lib/rails_api_authentication/authable.rb
+33
-3
No files found.
lib/rails_api_authentication.rb
View file @
e453079c
...
@@ -2,6 +2,7 @@ require "rails_api_authentication/version"
...
@@ -2,6 +2,7 @@ require "rails_api_authentication/version"
require
"rails_api_authentication/configuration"
require
"rails_api_authentication/configuration"
require
"rails_api_authentication/auth_action"
require
"rails_api_authentication/auth_action"
require
"rails_api_authentication/auth_session"
require
"rails_api_authentication/auth_session"
require
"rails_api_authentication/auth_password"
require
"rails_api_authentication/auth_token"
require
"rails_api_authentication/auth_token"
require
"rails_api_authentication/authable"
require
"rails_api_authentication/authable"
require
"rails_api_authentication/acts_as_authenticationable"
require
"rails_api_authentication/acts_as_authenticationable"
...
...
lib/rails_api_authentication/acts_as_authentication_handler.rb
View file @
e453079c
...
@@ -6,8 +6,17 @@ module RailsApiAuthentication
...
@@ -6,8 +6,17 @@ module RailsApiAuthentication
end
end
def
acts_as_auth_session
(
klass_sym
)
def
acts_as_auth_session
(
klass_sym
)
include
RailsApiAuthentication
::
AuthAction
include
RailsApiAuthentication
::
AuthSession
include
RailsApiAuthentication
::
AuthSession
auth_action
klass_sym
,
only:
[
:destroy
]
auth_session
klass_sym
auth_session
klass_sym
end
end
def
acts_as_auth_password
(
klass_sym
)
include
RailsApiAuthentication
::
AuthAction
include
RailsApiAuthentication
::
AuthPassword
auth_action
klass_sym
,
only:
[
:update
]
auth_password
klass_sym
end
end
end
end
end
lib/rails_api_authentication/acts_as_authenticationable.rb
View file @
e453079c
...
@@ -4,5 +4,10 @@ module RailsApiAuthentication
...
@@ -4,5 +4,10 @@ module RailsApiAuthentication
include
RailsApiAuthentication
::
Authable
include
RailsApiAuthentication
::
Authable
auth_for
params
auth_for
params
end
end
def
acts_as_validable
(
params
=
{})
include
RailsApiAuthentication
::
Authable
valid_for
params
end
end
end
end
end
lib/rails_api_authentication/auth_password.rb
0 → 100644
View file @
e453079c
module
RailsApiAuthentication
module
AuthPassword
extend
ActiveSupport
::
Concern
included
do
end
# Reset password with token
def
create
auth_key
=
self
.
class
.
klass
.
auth_key
auth_password
=
self
.
class
.
klass
.
auth_password
valid_key
=
self
.
class
.
klass
.
valid_key
current_authable
=
self
.
class
.
klass
.
send
(
:find_by!
,
auth_key
=>
reset_password_params
[
auth_key
])
current_authable
.
reset_password
(
reset_password_params
[
auth_password
],
reset_password_params
[
valid_key
])
render
json:
{
meesage:
"reset password successful"
},
status:
200
rescue
UserError
=>
e
render
json:
{
error:
e
.
message
},
status:
e
.
status
end
# Update password when the auth is pass
def
update
auth_password
=
self
.
class
.
klass
.
auth_password
self
.
send
(
"current_
#{
self
.
class
.
klass_sym
}
"
)
&
.
update_password
(
password_params
[
auth_password
])
render
json:
{
meesage:
"update password successful"
},
status:
200
rescue
UserError
=>
e
render
json:
{
error:
e
.
message
},
status:
e
.
status
end
private
def
password_params
auth_password
=
self
.
class
.
klass
.
auth_password
params
.
require
(
self
.
class
.
klass_sym
).
permit
(
auth_password
)
end
def
reset_password_params
auth_key
=
self
.
class
.
klass
.
auth_key
auth_password
=
self
.
class
.
klass
.
auth_password
valid_key
=
self
.
class
.
klass
.
valid_key
params
.
require
(
self
.
class
.
klass_sym
).
permit
(
auth_key
,
auth_password
,
valid_key
)
end
module
ClassMethods
attr_reader
:klass
,
:klass_sym
def
auth_password
klass_sym
@klass
=
klass_sym
.
to_s
.
camelize
.
constantize
@klass_sym
=
klass_sym
end
end
end
end
lib/rails_api_authentication/authable.rb
View file @
e453079c
...
@@ -4,23 +4,45 @@ module RailsApiAuthentication
...
@@ -4,23 +4,45 @@ module RailsApiAuthentication
DIGEST
=
Digest
::
SHA2
.
new
DIGEST
=
Digest
::
SHA2
.
new
included
do
included
do
attr_accessor
:token
attr_accessor
:token
def
logout
def
logout
AuthToken
.
find
(
token:
token
)
&
.
first
&
.
delete
if
token
.
present?
AuthToken
.
find
(
token:
token
)
&
.
first
&
.
delete
if
token
.
present?
end
end
def
update_password
password
raise
(
UserError
.
new
(
401
,
'-1'
,
'password is blank'
))
if
password
.
blank?
auth_password
=
self
.
class
.
auth_password
self
.
update
(
auth_password
=>
self
.
class
.
send
(
:generate_password
,
password
))
end
def
reset_password
password
,
valid_code
auth_key
=
self
.
class
.
auth_key
update_password
(
password
)
if
self
.
class
.
valid!
(
self
.
send
(
auth_key
),
valid_code
)
end
end
end
module
ClassMethods
module
ClassMethods
attr_reader
:auth_key
,
:auth_password
attr_reader
:auth_key
,
:auth_password
,
:valid_key
def
auth_for
params
def
auth_for
params
@auth_key
=
params
[
:auth_key
]
&
.
to_sym
||
:name
@auth_key
=
params
[
:auth_key
]
&
.
to_sym
||
:name
@auth_password
=
params
[
:auth_password
]
&
.
to_sym
||
:password
@auth_password
=
params
[
:auth_password
]
&
.
to_sym
||
:password
end
end
def
valid_for
params
@valid_key
=
params
[
:key
]
&
.
to_sym
||
:valid_code
@valid_expire
=
params
[
:expire
]
&
.
to_sym
||
600
@valid_length
=
params
[
:length
]
&
.
to_sym
||
4
end
def
generate_valid_code
name
code
=
(
0
..
9
).
to_a
.
sample
(
@valid_length
).
join
$redis
.
setex
(
"
#{
self
}
::
#{
name
}
"
,
@valid_expire
,
code
)
code
end
def
login
(
name
,
password
)
def
login
(
name
,
password
)
user
=
self
.
find_by
(
@auth_key
=>
name
)
user
=
self
.
find_by
(
@auth_key
=>
name
)
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
if
user
.
nil?
...
@@ -29,7 +51,6 @@ module RailsApiAuthentication
...
@@ -29,7 +51,6 @@ module RailsApiAuthentication
AuthToken
.
create
(
self
,
{
oid:
user
.
id
})
AuthToken
.
create
(
self
,
{
oid:
user
.
id
})
end
end
def
auth!
(
request
)
def
auth!
(
request
)
user
=
auth
(
request
)
user
=
auth
(
request
)
user
.
nil?
?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
:
user
user
.
nil?
?
raise
(
UserError
.
new
(
401
,
'-1'
,
'Unauthorized'
))
:
user
...
@@ -37,6 +58,7 @@ module RailsApiAuthentication
...
@@ -37,6 +58,7 @@ module RailsApiAuthentication
def
register
(
name
,
password
,
attrs
=
{})
def
register
(
name
,
password
,
attrs
=
{})
raise
(
UserError
.
new
(
401
,
'-1'
,
'password is blank'
))
if
password
.
blank?
raise
(
UserError
.
new
(
401
,
'-1'
,
'password is blank'
))
if
password
.
blank?
valid!
name
,
attrs
.
delete
(
@valid_key
)
self
.
create!
({
@auth_key
=>
name
,
@auth_password
=>
generate_password
(
password
)}.
merge
attrs
)
self
.
create!
({
@auth_key
=>
name
,
@auth_password
=>
generate_password
(
password
)}.
merge
attrs
)
rescue
ActiveRecord
::
RecordInvalid
=>
e
rescue
ActiveRecord
::
RecordInvalid
=>
e
raise
UserError
.
new
(
401
,
'-1'
,
e
.
message
)
raise
UserError
.
new
(
401
,
'-1'
,
e
.
message
)
...
@@ -49,6 +71,10 @@ module RailsApiAuthentication
...
@@ -49,6 +71,10 @@ module RailsApiAuthentication
register
(
name
,
password
,
attrs
)
register
(
name
,
password
,
attrs
)
end
end
def
valid!
name
,
valid_code
raise
(
UserError
.
new
(
401
,
'-1'
,
'valid token is not correct'
))
unless
valid?
(
name
,
valid_code
)
end
private
private
def
salt
(
password
,
suffix
)
def
salt
(
password
,
suffix
)
...
@@ -61,6 +87,10 @@ module RailsApiAuthentication
...
@@ -61,6 +87,10 @@ module RailsApiAuthentication
"
#{
salt
(
password
,
suffix
)
}
:
#{
suffix
}
"
"
#{
salt
(
password
,
suffix
)
}
:
#{
suffix
}
"
end
end
def
valid?
name
,
valid_code
@valid_key
.
blank?
||
(
valid_code
.
present?
&&
valid_code
==
$redis
.
get
(
"
#{
self
}
::
#{
name
}
"
))
end
def
auth
(
request
)
def
auth
(
request
)
token
=
request
.
env
[
"HTTP_
#{
self
.
to_s
.
upcase
}
_TOKEN"
]
||
request
.
env
[
"
#{
self
.
to_s
.
upcase
}
_TOKEN"
]
token
=
request
.
env
[
"HTTP_
#{
self
.
to_s
.
upcase
}
_TOKEN"
]
||
request
.
env
[
"
#{
self
.
to_s
.
upcase
}
_TOKEN"
]
auth
=
AuthToken
.
find
(
token:
token
)
&
.
first
auth
=
AuthToken
.
find
(
token:
token
)
&
.
first
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment