ae_users_legacy 0.6.3
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +20 -0
- data/README +47 -0
- data/Rakefile +49 -0
- data/VERSION +1 -0
- data/ae_users_legacy.gemspec +126 -0
- data/app/controllers/account_controller.rb +167 -0
- data/app/controllers/auth_controller.rb +202 -0
- data/app/controllers/permission_controller.rb +172 -0
- data/app/helpers/account_helper.rb +2 -0
- data/app/helpers/auth_helper.rb +5 -0
- data/app/helpers/permission_helper.rb +2 -0
- data/app/models/account.rb +50 -0
- data/app/models/auth_notifier.rb +34 -0
- data/app/models/auth_ticket.rb +39 -0
- data/app/models/email_address.rb +17 -0
- data/app/models/login.rb +23 -0
- data/app/models/open_id_identity.rb +5 -0
- data/app/models/permission.rb +57 -0
- data/app/models/person.rb +156 -0
- data/app/models/role.rb +7 -0
- data/app/views/account/_personal_info.rhtml +35 -0
- data/app/views/account/_procon_profile.rhtml +3 -0
- data/app/views/account/_signup_form.html.erb +39 -0
- data/app/views/account/activate.rhtml +6 -0
- data/app/views/account/activation_error.rhtml +11 -0
- data/app/views/account/change_password.rhtml +3 -0
- data/app/views/account/edit_profile.rhtml +117 -0
- data/app/views/account/signup.rhtml +9 -0
- data/app/views/account/signup_noactivation.rhtml +7 -0
- data/app/views/account/signup_success.rhtml +8 -0
- data/app/views/auth/_auth_form.rhtml +54 -0
- data/app/views/auth/_forgot_form.html.erb +12 -0
- data/app/views/auth/_mini_auth_form.rhtml +17 -0
- data/app/views/auth/_openid_auth_form.html.erb +14 -0
- data/app/views/auth/_other_login_options.html.erb +24 -0
- data/app/views/auth/auth_form.js.erb +62 -0
- data/app/views/auth/forgot.rhtml +3 -0
- data/app/views/auth/forgot_form.rhtml +6 -0
- data/app/views/auth/index.css.erb +23 -0
- data/app/views/auth/login.rhtml +6 -0
- data/app/views/auth/needs_activation.rhtml +6 -0
- data/app/views/auth/needs_person.html.erb +32 -0
- data/app/views/auth/needs_profile.rhtml +14 -0
- data/app/views/auth/openid_login.html.erb +6 -0
- data/app/views/auth/resend_activation.rhtml +3 -0
- data/app/views/auth_notifier/account_activation.rhtml +13 -0
- data/app/views/auth_notifier/generated_password.rhtml +10 -0
- data/app/views/permission/_add_grantee.rhtml +47 -0
- data/app/views/permission/_role_member.rhtml +8 -0
- data/app/views/permission/_show.rhtml +81 -0
- data/app/views/permission/_userpicker.rhtml +0 -0
- data/app/views/permission/add_role_member.rhtml +3 -0
- data/app/views/permission/admin.rhtml +45 -0
- data/app/views/permission/edit.rhtml +9 -0
- data/app/views/permission/edit_role.rhtml +63 -0
- data/app/views/permission/grant.rhtml +10 -0
- data/db/migrate/002_create_accounts.rb +17 -0
- data/db/migrate/003_create_email_addresses.rb +17 -0
- data/db/migrate/004_create_people.rb +24 -0
- data/db/migrate/013_simplify_signup.rb +15 -0
- data/db/migrate/014_create_permissions.rb +16 -0
- data/db/migrate/015_create_roles.rb +18 -0
- data/db/migrate/016_refactor_people.rb +36 -0
- data/db/migrate/017_people_permissions.rb +9 -0
- data/generators/ae_users/USAGE +14 -0
- data/generators/ae_users/ae_users_generator.rb +12 -0
- data/generators/ae_users/templates/add.png +0 -0
- data/generators/ae_users/templates/admin.png +0 -0
- data/generators/ae_users/templates/group.png +0 -0
- data/generators/ae_users/templates/logout.png +0 -0
- data/generators/ae_users/templates/migration.rb +25 -0
- data/generators/ae_users/templates/openid.gif +0 -0
- data/generators/ae_users/templates/remove.png +0 -0
- data/generators/ae_users/templates/user.png +0 -0
- data/init.rb +1 -0
- data/install.rb +1 -0
- data/lib/ae_users.rb +687 -0
- data/rails/init.rb +17 -0
- data/tasks/ae_users_tasks.rake +4 -0
- data/test/ae_users_test.rb +8 -0
- data/uninstall.rb +1 -0
- metadata +177 -0
data/LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2009 Nat Budin
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README
ADDED
@@ -0,0 +1,47 @@
|
|
1
|
+
AeUsers
|
2
|
+
=======
|
3
|
+
|
4
|
+
This is the authentication system used in Alleged Entertainment Rails
|
5
|
+
applications such as Journey and ProCon. For more information, go to
|
6
|
+
www.aegames.org.
|
7
|
+
|
8
|
+
|
9
|
+
Migrating from AeUsers 0.1
|
10
|
+
==========================
|
11
|
+
|
12
|
+
To migrate from AeUsers 0.1, run the following SQL commands in your ae_users
|
13
|
+
database:
|
14
|
+
|
15
|
+
alter table email_addresses add column person_id int;
|
16
|
+
update email_addresses, accounts, people set email_addresses.person_id=people.id
|
17
|
+
where email_addresses.account_id = accounts.id
|
18
|
+
and people.account_id = accounts.id;
|
19
|
+
alter table email_addresses drop column account_id;
|
20
|
+
|
21
|
+
alter table accounts add column person_id int;
|
22
|
+
update accounts, people set accounts.person_id=people.id
|
23
|
+
where accounts.id = people.account_id;
|
24
|
+
alter table people drop column account_id;
|
25
|
+
|
26
|
+
create table open_id_identities (id int not null auto_increment primary key,
|
27
|
+
person_id int, identity_url varchar(4000));
|
28
|
+
|
29
|
+
You'll also want to run this command in each of your application databases:
|
30
|
+
|
31
|
+
create table auth_tickets (id int not null auto_increment primary key,
|
32
|
+
secret varchar(40) unique, person_id int, created_at datetime,
|
33
|
+
updated_at datetime, expires_at datetime);
|
34
|
+
|
35
|
+
And if you want to enable permission caching (experimental, but can dramatically
|
36
|
+
increase performance in some cases), run these commands in each of your
|
37
|
+
application databases for which you want to enable it:
|
38
|
+
|
39
|
+
create table permission_caches (id int not null auto_increment primary key,
|
40
|
+
person_id int, permissioned_id int, permissioned_type varchar(255),
|
41
|
+
permission_name varchar(255), result tinyint(1));
|
42
|
+
create index index_permission_caches_on_person_id on permission_caches
|
43
|
+
(person_id);
|
44
|
+
create index index_permission_caches_on_permissioned on permission_caches
|
45
|
+
(permissioned_id, permissioned_type);
|
46
|
+
create index index_permission_caches_on_permission_name on permission_caches
|
47
|
+
(permission_name);
|
data/Rakefile
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'rake'
|
3
|
+
|
4
|
+
begin
|
5
|
+
require 'jeweler'
|
6
|
+
Jeweler::Tasks.new do |gem|
|
7
|
+
gem.name = "ae_users_legacy"
|
8
|
+
gem.summary = %Q{Legacy authentication/authorization framework}
|
9
|
+
gem.description = %Q{Don't use this gem. Use something written in the last couple years instead.}
|
10
|
+
gem.email = "natbudin@gmail.com"
|
11
|
+
gem.homepage = "http://github.com/nbudin/ae_users"
|
12
|
+
gem.authors = ["Nat Budin"]
|
13
|
+
gem.add_development_dependency "thoughtbot-shoulda", ">= 0"
|
14
|
+
gem.add_dependency "ruby-openid", ">= 2.0.4"
|
15
|
+
end
|
16
|
+
Jeweler::GemcutterTasks.new
|
17
|
+
rescue LoadError
|
18
|
+
puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
|
19
|
+
end
|
20
|
+
|
21
|
+
require 'rake/testtask'
|
22
|
+
Rake::TestTask.new(:test) do |test|
|
23
|
+
test.libs << 'lib' << 'test'
|
24
|
+
test.pattern = 'test/**/test_*.rb'
|
25
|
+
test.verbose = true
|
26
|
+
end
|
27
|
+
|
28
|
+
begin
|
29
|
+
require 'rcov/rcovtask'
|
30
|
+
Rcov::RcovTask.new do |test|
|
31
|
+
test.libs << 'test'
|
32
|
+
test.pattern = 'test/**/test_*.rb'
|
33
|
+
test.verbose = true
|
34
|
+
end
|
35
|
+
rescue LoadError
|
36
|
+
task :rcov do
|
37
|
+
abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
require 'rake/rdoctask'
|
42
|
+
desc 'Generate documentation for the ae_users plugin.'
|
43
|
+
Rake::RDocTask.new(:rdoc) do |rdoc|
|
44
|
+
rdoc.rdoc_dir = 'rdoc'
|
45
|
+
rdoc.title = 'AeUsers'
|
46
|
+
rdoc.options << '--line-numbers' << '--inline-source'
|
47
|
+
rdoc.rdoc_files.include('README')
|
48
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
49
|
+
end
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
0.6.3
|
@@ -0,0 +1,126 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
4
|
+
# -*- encoding: utf-8 -*-
|
5
|
+
|
6
|
+
Gem::Specification.new do |s|
|
7
|
+
s.name = %q{ae_users_legacy}
|
8
|
+
s.version = "0.6.3"
|
9
|
+
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
+
s.authors = ["Nat Budin"]
|
12
|
+
s.date = %q{2011-01-13}
|
13
|
+
s.description = %q{Don't use this gem. Use something written in the last couple years instead.}
|
14
|
+
s.email = %q{natbudin@gmail.com}
|
15
|
+
s.extra_rdoc_files = [
|
16
|
+
"LICENSE",
|
17
|
+
"README"
|
18
|
+
]
|
19
|
+
s.files = [
|
20
|
+
"LICENSE",
|
21
|
+
"README",
|
22
|
+
"Rakefile",
|
23
|
+
"VERSION",
|
24
|
+
"ae_users_legacy.gemspec",
|
25
|
+
"app/controllers/account_controller.rb",
|
26
|
+
"app/controllers/auth_controller.rb",
|
27
|
+
"app/controllers/permission_controller.rb",
|
28
|
+
"app/helpers/account_helper.rb",
|
29
|
+
"app/helpers/auth_helper.rb",
|
30
|
+
"app/helpers/permission_helper.rb",
|
31
|
+
"app/models/account.rb",
|
32
|
+
"app/models/auth_notifier.rb",
|
33
|
+
"app/models/auth_ticket.rb",
|
34
|
+
"app/models/email_address.rb",
|
35
|
+
"app/models/login.rb",
|
36
|
+
"app/models/open_id_identity.rb",
|
37
|
+
"app/models/permission.rb",
|
38
|
+
"app/models/person.rb",
|
39
|
+
"app/models/role.rb",
|
40
|
+
"app/views/account/_personal_info.rhtml",
|
41
|
+
"app/views/account/_procon_profile.rhtml",
|
42
|
+
"app/views/account/_signup_form.html.erb",
|
43
|
+
"app/views/account/activate.rhtml",
|
44
|
+
"app/views/account/activation_error.rhtml",
|
45
|
+
"app/views/account/change_password.rhtml",
|
46
|
+
"app/views/account/edit_profile.rhtml",
|
47
|
+
"app/views/account/signup.rhtml",
|
48
|
+
"app/views/account/signup_noactivation.rhtml",
|
49
|
+
"app/views/account/signup_success.rhtml",
|
50
|
+
"app/views/auth/_auth_form.rhtml",
|
51
|
+
"app/views/auth/_forgot_form.html.erb",
|
52
|
+
"app/views/auth/_mini_auth_form.rhtml",
|
53
|
+
"app/views/auth/_openid_auth_form.html.erb",
|
54
|
+
"app/views/auth/_other_login_options.html.erb",
|
55
|
+
"app/views/auth/auth_form.js.erb",
|
56
|
+
"app/views/auth/forgot.rhtml",
|
57
|
+
"app/views/auth/forgot_form.rhtml",
|
58
|
+
"app/views/auth/index.css.erb",
|
59
|
+
"app/views/auth/login.rhtml",
|
60
|
+
"app/views/auth/needs_activation.rhtml",
|
61
|
+
"app/views/auth/needs_person.html.erb",
|
62
|
+
"app/views/auth/needs_profile.rhtml",
|
63
|
+
"app/views/auth/openid_login.html.erb",
|
64
|
+
"app/views/auth/resend_activation.rhtml",
|
65
|
+
"app/views/auth_notifier/account_activation.rhtml",
|
66
|
+
"app/views/auth_notifier/generated_password.rhtml",
|
67
|
+
"app/views/permission/_add_grantee.rhtml",
|
68
|
+
"app/views/permission/_role_member.rhtml",
|
69
|
+
"app/views/permission/_show.rhtml",
|
70
|
+
"app/views/permission/_userpicker.rhtml",
|
71
|
+
"app/views/permission/add_role_member.rhtml",
|
72
|
+
"app/views/permission/admin.rhtml",
|
73
|
+
"app/views/permission/edit.rhtml",
|
74
|
+
"app/views/permission/edit_role.rhtml",
|
75
|
+
"app/views/permission/grant.rhtml",
|
76
|
+
"db/migrate/002_create_accounts.rb",
|
77
|
+
"db/migrate/003_create_email_addresses.rb",
|
78
|
+
"db/migrate/004_create_people.rb",
|
79
|
+
"db/migrate/013_simplify_signup.rb",
|
80
|
+
"db/migrate/014_create_permissions.rb",
|
81
|
+
"db/migrate/015_create_roles.rb",
|
82
|
+
"db/migrate/016_refactor_people.rb",
|
83
|
+
"db/migrate/017_people_permissions.rb",
|
84
|
+
"generators/ae_users/USAGE",
|
85
|
+
"generators/ae_users/ae_users_generator.rb",
|
86
|
+
"generators/ae_users/templates/add.png",
|
87
|
+
"generators/ae_users/templates/admin.png",
|
88
|
+
"generators/ae_users/templates/group.png",
|
89
|
+
"generators/ae_users/templates/logout.png",
|
90
|
+
"generators/ae_users/templates/migration.rb",
|
91
|
+
"generators/ae_users/templates/openid.gif",
|
92
|
+
"generators/ae_users/templates/remove.png",
|
93
|
+
"generators/ae_users/templates/user.png",
|
94
|
+
"init.rb",
|
95
|
+
"install.rb",
|
96
|
+
"lib/ae_users.rb",
|
97
|
+
"rails/init.rb",
|
98
|
+
"tasks/ae_users_tasks.rake",
|
99
|
+
"test/ae_users_test.rb",
|
100
|
+
"uninstall.rb"
|
101
|
+
]
|
102
|
+
s.homepage = %q{http://github.com/nbudin/ae_users}
|
103
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
104
|
+
s.require_paths = ["lib"]
|
105
|
+
s.rubygems_version = %q{1.4.2}
|
106
|
+
s.summary = %q{Legacy authentication/authorization framework}
|
107
|
+
s.test_files = [
|
108
|
+
"test/ae_users_test.rb"
|
109
|
+
]
|
110
|
+
|
111
|
+
if s.respond_to? :specification_version then
|
112
|
+
s.specification_version = 3
|
113
|
+
|
114
|
+
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
115
|
+
s.add_development_dependency(%q<thoughtbot-shoulda>, [">= 0"])
|
116
|
+
s.add_runtime_dependency(%q<ruby-openid>, [">= 2.0.4"])
|
117
|
+
else
|
118
|
+
s.add_dependency(%q<thoughtbot-shoulda>, [">= 0"])
|
119
|
+
s.add_dependency(%q<ruby-openid>, [">= 2.0.4"])
|
120
|
+
end
|
121
|
+
else
|
122
|
+
s.add_dependency(%q<thoughtbot-shoulda>, [">= 0"])
|
123
|
+
s.add_dependency(%q<ruby-openid>, [">= 2.0.4"])
|
124
|
+
end
|
125
|
+
end
|
126
|
+
|
@@ -0,0 +1,167 @@
|
|
1
|
+
class AccountController < ApplicationController
|
2
|
+
unloadable
|
3
|
+
require_login :only => [:edit_profile, :edit_email_addresses, :change_password, :add_openid, :delete_openid]
|
4
|
+
before_filter :check_signup_allowed, :only => [:signup, :signup_success]
|
5
|
+
|
6
|
+
filter_parameter_logging :password
|
7
|
+
|
8
|
+
def activate
|
9
|
+
if logged_in?
|
10
|
+
redirect_to "/"
|
11
|
+
return
|
12
|
+
end
|
13
|
+
|
14
|
+
@account = Account.find params[:account]
|
15
|
+
|
16
|
+
if not @account.nil? and @account.activation_key == params[:activation_key]
|
17
|
+
@account.active = true
|
18
|
+
@account.activation_key = nil
|
19
|
+
@account.save
|
20
|
+
else
|
21
|
+
redirect_to :action => :activation_error
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def edit_profile
|
26
|
+
@person = logged_in_person
|
27
|
+
if not AeUsers.profile_class.nil?
|
28
|
+
@app_profile = AeUsers.profile_class.find_by_person_id(@person.id)
|
29
|
+
end
|
30
|
+
|
31
|
+
if request.post?
|
32
|
+
@person.update_attributes params[:person]
|
33
|
+
if @app_profile
|
34
|
+
@app_profile.update_attributes params[:app_profile]
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
def edit_email_addresses
|
40
|
+
errs = []
|
41
|
+
|
42
|
+
if params[:new_address] and params[:new_address].length > 0
|
43
|
+
existing_ea = EmailAddress.find_by_address params[:new_address]
|
44
|
+
if existing_ea
|
45
|
+
errs.push "A different person is already associated with the email address you tried to add."
|
46
|
+
else
|
47
|
+
newea = EmailAddress.create :person => logged_in_person, :address => params[:new_address]
|
48
|
+
if params[:primary] == 'new'
|
49
|
+
newea.primary = true
|
50
|
+
newea.save
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
if params[:primary] and params[:primary] != 'new'
|
56
|
+
id = params[:primary].to_i
|
57
|
+
if id != 0
|
58
|
+
addr = EmailAddress.find id
|
59
|
+
if addr.person != logged_in_person
|
60
|
+
errs.push "The email address you've selected as primary belongs to a different person."
|
61
|
+
else
|
62
|
+
addr.primary = true
|
63
|
+
addr.save
|
64
|
+
end
|
65
|
+
else
|
66
|
+
errs.push "The email address you've selected as primary doesn't exist."
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
if params[:delete]
|
71
|
+
params[:delete].each do |id|
|
72
|
+
addr = EmailAddress.find id
|
73
|
+
if addr.person != logged_in_person
|
74
|
+
errs.push "The email address you've selected to delete belongs to a different person."
|
75
|
+
elsif addr.primary
|
76
|
+
errs.push "You can't delete your primary email address. Try making a different email address your primary address first."
|
77
|
+
else
|
78
|
+
addr.destroy
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
if errs.length > 0
|
84
|
+
flash[:error_messages] = errs
|
85
|
+
end
|
86
|
+
|
87
|
+
redirect_to :action => :edit_profile
|
88
|
+
end
|
89
|
+
|
90
|
+
def change_password
|
91
|
+
password = params[:password]
|
92
|
+
if password[:password1].nil? or password[:password2].nil?
|
93
|
+
redirect_to :action => :edit_profile
|
94
|
+
elsif password[:password1] != password[:password2]
|
95
|
+
flash[:error_messages] = ["The passwords you entered don't match. Please try again."]
|
96
|
+
redirect_to :action => :edit_profile
|
97
|
+
else
|
98
|
+
acct = logged_in_person.account
|
99
|
+
acct.password = password[:password1]
|
100
|
+
acct.save
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
def activation_error
|
105
|
+
end
|
106
|
+
|
107
|
+
def signup_success
|
108
|
+
end
|
109
|
+
|
110
|
+
def add_openid
|
111
|
+
if using_open_id?
|
112
|
+
authenticate_with_open_id(params[:openid_url]) do |result, identity_url|
|
113
|
+
if result.successful?
|
114
|
+
id = OpenIdIdentity.find_by_identity_url(identity_url)
|
115
|
+
if id.nil?
|
116
|
+
id = OpenIdIdentity.new :person => logged_in_person, :identity_url => identity_url
|
117
|
+
else
|
118
|
+
if id.person.nil?
|
119
|
+
id.person = logged_in_person
|
120
|
+
elsif id.person != logged_in_person
|
121
|
+
flash[:error_messages] = ["That OpenID belongs to a different person (#{id.person.name})."]
|
122
|
+
return
|
123
|
+
end
|
124
|
+
end
|
125
|
+
if not id.save
|
126
|
+
flash[:error_messages] = id.errors.collect { |e| e[0].humanize + " " + e[1] }
|
127
|
+
end
|
128
|
+
else
|
129
|
+
flash[:error_messages] = [result.message]
|
130
|
+
end
|
131
|
+
redirect_to :action => 'edit_profile'
|
132
|
+
end
|
133
|
+
else
|
134
|
+
flash[:error_messages] = ["Please enter an OpenID url."]
|
135
|
+
end
|
136
|
+
end
|
137
|
+
|
138
|
+
def delete_openid
|
139
|
+
id = OpenIdIdentity.find(params[:id])
|
140
|
+
if id.person == logged_in_person
|
141
|
+
if logged_in_person.account or logged_in_person.open_id_identities.length > 1
|
142
|
+
id.destroy
|
143
|
+
else
|
144
|
+
flash[:error_messages] = ["Deleting that OpenID would leave you no way of logging in!"]
|
145
|
+
end
|
146
|
+
else
|
147
|
+
flash[:error_messages] = ["That OpenID does not belong to you!"]
|
148
|
+
end
|
149
|
+
redirect_to :action => 'edit_profile'
|
150
|
+
end
|
151
|
+
|
152
|
+
def signup
|
153
|
+
ret = create_account_and_person()
|
154
|
+
if ret == :success
|
155
|
+
redirect_to :action => 'signup_success'
|
156
|
+
elsif ret == :no_activation
|
157
|
+
redirect_to :action => :signup_noactivation
|
158
|
+
end
|
159
|
+
end
|
160
|
+
|
161
|
+
private
|
162
|
+
def check_signup_allowed
|
163
|
+
if not AeUsers.signup_allowed?
|
164
|
+
access_denied "Account signup is not allowed on this site."
|
165
|
+
end
|
166
|
+
end
|
167
|
+
end
|
@@ -0,0 +1,202 @@
|
|
1
|
+
class AuthController < ApplicationController
|
2
|
+
unloadable
|
3
|
+
filter_parameter_logging :password
|
4
|
+
before_filter :construct_login, :only => [:login, :openid_login, :forgot_form]
|
5
|
+
|
6
|
+
def index
|
7
|
+
respond_to do |format|
|
8
|
+
format.css { render :layout => false }
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
def openid_login
|
13
|
+
params[:openid_url] ||= cookies['openid_url']
|
14
|
+
if using_open_id?
|
15
|
+
if attempt_open_id_login(@login.return_to)
|
16
|
+
successful_login_redirect
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def login
|
22
|
+
if request.post?
|
23
|
+
unless @login.password or @login.have_password
|
24
|
+
redirect_to :controller => "account", :action => "signup", :email => @login.email
|
25
|
+
end
|
26
|
+
end
|
27
|
+
if request.post? and not logged_in?
|
28
|
+
if attempt_login(@login)
|
29
|
+
successful_login_redirect
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def needs_person
|
35
|
+
@open_id_identity = OpenIdIdentity.find_or_create_by_identity_url(session[:identity_url])
|
36
|
+
@person = Person.new
|
37
|
+
if not AeUsers.profile_class.nil?
|
38
|
+
@app_profile = AeUsers.profile_class.send(:new, :person => @person)
|
39
|
+
end
|
40
|
+
|
41
|
+
if params[:registration]
|
42
|
+
person_map = HashWithIndifferentAccess.new(Person.sreg_map)
|
43
|
+
profile_map = if AeUsers.profile_class and AeUsers.profile_class.respond_to?("sreg_map")
|
44
|
+
HashWithIndifferentAccess.new(AeUsers.profile_class.sreg_map)
|
45
|
+
else
|
46
|
+
nil
|
47
|
+
end
|
48
|
+
|
49
|
+
params[:registration].each_pair do |key, value|
|
50
|
+
if key == 'email'
|
51
|
+
params[:email] = value
|
52
|
+
elsif person_map.has_key?(key.to_s)
|
53
|
+
mapper = person_map[key]
|
54
|
+
attrs = mapper.call(value)
|
55
|
+
@person.attributes = attrs
|
56
|
+
elsif (profile_map and profile_map.has_key?(key))
|
57
|
+
mapper = profile_map[key]
|
58
|
+
@app_profile.attributes = mapper.call(value)
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
if params[:person]
|
63
|
+
@person.attributes = params[:person]
|
64
|
+
end
|
65
|
+
if params[:app_profile] and @app_profile
|
66
|
+
@app_profile.attributes = params[:app_profile]
|
67
|
+
end
|
68
|
+
|
69
|
+
if request.post?
|
70
|
+
error_messages = []
|
71
|
+
error_fields = []
|
72
|
+
|
73
|
+
["firstname", "lastname", "gender"].each do |field|
|
74
|
+
if not @person.send(field)
|
75
|
+
error_fields.push field
|
76
|
+
error_messages.push "You must enter a value for #{field}."
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
if not params[:email]
|
81
|
+
error_fields.push("email")
|
82
|
+
error_messages.push "You must enter a value for email."
|
83
|
+
end
|
84
|
+
|
85
|
+
if error_messages.length > 0
|
86
|
+
flash[:error_fields] = error_fields
|
87
|
+
flash[:error_messages] = error_messages
|
88
|
+
else
|
89
|
+
@person.save
|
90
|
+
@person.primary_email_address = params[:email]
|
91
|
+
@open_id_identity.person = @person
|
92
|
+
@open_id_identity.save
|
93
|
+
if @app_profile
|
94
|
+
@app_profile.save
|
95
|
+
end
|
96
|
+
|
97
|
+
session[:person] = @person
|
98
|
+
redirect_to session[:return_to]
|
99
|
+
end
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
def auth_form
|
104
|
+
respond_to do |format|
|
105
|
+
format.js { render :layout => false }
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
def needs_profile
|
110
|
+
@person = Person.find session[:provisional_person]
|
111
|
+
if @person.nil?
|
112
|
+
flash[:error_messages] = ["Couldn't find a person record with that ID.
|
113
|
+
Something may have gone wrong internally. Please try again, and if the problem persists, please contact
|
114
|
+
the site administrator."]
|
115
|
+
redirect_to :back
|
116
|
+
end
|
117
|
+
|
118
|
+
if not AeUsers.signup_allowed?
|
119
|
+
flash[:error_messages] = ['Your account is not valid for this site.']
|
120
|
+
redirect_to url_for("/")
|
121
|
+
else
|
122
|
+
if not AeUsers.profile_class.nil?
|
123
|
+
@app_profile = AeUsers.profile_class.send(:new, :person_id => session[:provisional_person])
|
124
|
+
@app_profile.attributes = params[:app_profile]
|
125
|
+
|
126
|
+
if request.post?
|
127
|
+
@app_profile.save
|
128
|
+
session[:person] = @person
|
129
|
+
redirect_to params[:return_to]
|
130
|
+
end
|
131
|
+
end
|
132
|
+
end
|
133
|
+
end
|
134
|
+
|
135
|
+
def forgot
|
136
|
+
ActionMailer::Base.default_url_options[:host] = request.host
|
137
|
+
|
138
|
+
@account = Account.find_by_email_address(params[:email])
|
139
|
+
if not @account.nil?
|
140
|
+
@account.generate_password
|
141
|
+
else
|
142
|
+
flash[:error_messages] = ["There's no account matching that email address. Please try again, or sign up for an account."]
|
143
|
+
redirect_to :action => :forgot_form
|
144
|
+
end
|
145
|
+
end
|
146
|
+
|
147
|
+
def resend_validation
|
148
|
+
ActionMailer::Base.default_url_options[:host] = request.host
|
149
|
+
|
150
|
+
@email_address = Account.find params[:email]
|
151
|
+
if not @email_address.nil?
|
152
|
+
@email_address.generate_validation
|
153
|
+
else
|
154
|
+
flash[:error_messages] = ["Email address #{params[:email]} not found!"]
|
155
|
+
redirect_to url_for("/")
|
156
|
+
end
|
157
|
+
end
|
158
|
+
|
159
|
+
def logout
|
160
|
+
reset_session
|
161
|
+
redirect_to :back
|
162
|
+
end
|
163
|
+
|
164
|
+
private
|
165
|
+
|
166
|
+
def construct_login
|
167
|
+
@login = Login.new(params[:login])
|
168
|
+
@login.email ||= cookies['email']
|
169
|
+
if @login.return_to.nil? or @login.return_to == ""
|
170
|
+
if params[:return_to]
|
171
|
+
@login.return_to = params[:return_to]
|
172
|
+
else
|
173
|
+
@login.return_to = request.env["HTTP_REFERER"]
|
174
|
+
end
|
175
|
+
end
|
176
|
+
|
177
|
+
# prevent infinite redirect loops
|
178
|
+
begin
|
179
|
+
if URI(@login.return_to).path == URI(request.url).path
|
180
|
+
@login.return_to = url_for("/")
|
181
|
+
end
|
182
|
+
rescue
|
183
|
+
end
|
184
|
+
|
185
|
+
# if they're already logged in, don't let them view this page
|
186
|
+
if logged_in?
|
187
|
+
successful_login_redirect
|
188
|
+
end
|
189
|
+
end
|
190
|
+
|
191
|
+
def successful_login_redirect
|
192
|
+
if @login.return_to
|
193
|
+
redirect_to @login.return_to
|
194
|
+
elsif session[:return_to]
|
195
|
+
rt = session[:return_to]
|
196
|
+
session[:return_to] = nil
|
197
|
+
redirect_to rt
|
198
|
+
else
|
199
|
+
redirect_to url_for('/')
|
200
|
+
end
|
201
|
+
end
|
202
|
+
end
|