ishapi 0.1.8.126 → 0.1.8.131

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a9916488f12cb2bd94d3b4c5ba8a34c9af25aed3c0b5482dc366e6ae4b03e378
-  data.tar.gz: 380cb1a747514aef32d9b0551b18080c1758cc909028ff26069885b3729a6426
+  metadata.gz: f1802659d2e8c6ce8924c5e5645314e9c235d548f967b1c98041b80c22b5daf9
+  data.tar.gz: 2fb33453eb17bae2775ea7a2b3f8988bb044d853f5df16e3ce134c77a0d1725d
 SHA512:
-  metadata.gz: '06697a5d9a73d070f5b6aea49fd0ec945fbd1e4fd68ee24cc70813f2b6b28ef6ccfbdbd143cf99c88cb372372bd5408e61cf16527070a1dd2a8b95fc9eacf60a'
-  data.tar.gz: a7aaec299de3054be78848c7efe567506f51101794550cf5d0be7c2200b92c543f19c9fd5a39a71c3cda6a49bf0f21fb1d3fd413bd35747b87557a6328ff3138
+  metadata.gz: dc18bdfec85c2e6e3847f9936999f35a47df4e6a1bf1d791d7c1bd6cd55334ca7a0a4a10d12a1a9bf001cbcd6f0107fceb0c8ccd235717f86a254afae85c370d
+  data.tar.gz: bc6daf89813d973285525d8f8664408a1f97f7b07ab136c709f560f1de6c3627926120679bee7a42180cd9ce9707a1b34b2274ca9d27a9daa8c5702f204afe24

data/app/controllers/ishapi/application_controller.rb

@@ -7,7 +7,7 @@ module Ishapi
 
     # before_action :check_profile, except: [ :test ]
     before_action :set_current_ability
-    
+
     check_authorization
     skip_before_action :verify_authenticity_token
 
@@ -26,9 +26,19 @@ module Ishapi
         "client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&" +
         "fb_exchange_token=#{accessToken}"
       j = JSON.parse response.body
+      puts! j, 'fb response'
       @long_term_token = j['access_token']
 
-      render json: { long_term_token: @long_term_token }
+      # get user email
+      @graph            = Koala::Facebook::API.new( accessToken )
+      @me               = @graph.get_object( 'me', :fields => 'email' )
+      @current_user     = User.where( :email => @me['email'] ).first
+      @profile          = @current_user.profile
+
+      # send the jwt to client
+      @jwt_token = encode(user_id: @current_user.id)
+
+      render json: { long_term_token: @long_term_token, jwt_token: @jwt_token }
     end
 
     #
@@ -75,9 +85,9 @@ module Ishapi
         # puts! result, 'googleauth result'
 
         decoded_token = JWT.decode params[:idToken], nil, false
-        
+
         @current_user = User.find_by email: decoded_token[0]['email']
-        
+
       elsif 'facebook' == provider
         # accessToken ||= params[:fb_long_access_token]
 
@@ -101,7 +111,7 @@ module Ishapi
           @current_user     = User.where( :email => @me['email'] ).first
           @current_user   ||= User.create! email: @me['email'], password: SecureRandom.urlsafe_base64
 
-          @current_profile = @current_user.profile          
+          @current_profile = @current_user.profile
           if !@current_profile
             begin
               g = Gallery.find '5e1495e2d697f768ad0779eb'
@@ -120,9 +130,15 @@ module Ishapi
 
         puts! @current_user, 'current_user'
         puts! @current_profile, 'current_profile'
-        # byebug
+
+      elsif 'jwt' == provider
+        decoded = decode(params[:jwt_token])
+        puts! decoded, 'decoded'
+        @current_user = User.find decoded[:user_id]
+
       else
         puts! 'check_multiprofile(): no access token'
+        raise "ww1 - not implemented"
       end
 
       sign_in @current_user, scope: :user
@@ -132,13 +148,16 @@ module Ishapi
     # this doesn't generate long-lived token, doesn't update user_profile
     # this is only for facebook now
     def check_profile
+      puts! params, 'params'
+
       # return check_multiprofile 'google'
-      return check_multiprofile 'facebook'
+      # return check_multiprofile 'facebook'
+      return check_multiprofile 'jwt'
 
       # puts! params, 'params'
       # puts! current_user, 'current_user'
       # puts! @current_user, '@current_user'
-      
+
       accessToken   = request.headers[:accessToken]
       accessToken ||= params[:fb_long_access_token]
       accessToken ||= params[:accessToken]
@@ -201,7 +220,7 @@ module Ishapi
       @current_order   = @current_profile.current_order
       # orders.where( :submitted_at => nil ).first || ::CoTailors::Order.new( :profile_id => @current_profile.id )
     end
-    
+
     def get_long_token accessToken
       url = "https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&" +
             "client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&fb_exchange_token=#{accessToken}"
@@ -221,5 +240,17 @@ module Ishapi
       puts a.inspect
     end
 
+    # jwt
+    def encode(payload, exp = 2.hours.from_now)
+      payload[:exp] = exp.to_i
+      JWT.encode(payload, Rails.application.secrets.secret_key_base.to_s)
+    end
+
+    # jwt
+    def decode(token)
+      decoded = JWT.decode(token, Rails.application.secrets.secret_key_base.to_s)[0]
+      HashWithIndifferentAccess.new decoded
+    end
+
   end
 end

data/app/controllers/ishapi/my/my_controller.rb

@@ -3,10 +3,19 @@ module Ishapi
   module My
     class MyController < Ishapi::ApplicationController
 
-      before_action :set_profile
+      # before_action :set_profile # this is DoS on FB - disabled
+      before_action :do_login
 
       private
 
+      def do_login
+        puts! params, 'params'
+
+        token = decode(params[:jwtToken])
+        puts! token, 'token'
+        @current_user = User.find(token["user_id"])
+      end
+
       def set_profile
         begin
           @graph   = Koala::Facebook::API.new( params[:accessToken] )

data/app/controllers/ishapi/my/videos_controller.rb

@@ -0,0 +1,16 @@
+
+module Ishapi
+  module My
+    class VideosController < Ishapi::My::MyController
+
+      def index
+        authorize! :my_index, Video
+        puts! @current_user, 'current_user'
+
+        @videos = @current_user.profile.videos.unscoped.where( is_trash: false ).limit(20)
+      end
+
+    end
+  end
+end
+

data/app/controllers/ishapi/user_profiles_controller.rb

@@ -10,6 +10,8 @@ module Ishapi
     end
 
     def my
+      puts! params, 'params 233'
+
       @profile = current_user.profile
       authorize! :show, @profile
     end

data/app/models/ishapi/ability.rb

@@ -56,7 +56,7 @@ class Ishapi::Ability
     can [ :my_index, :show ], Report do |report|
       report.is_public
     end
-    
+
     can [ :fb_sign_in, :long_term_token, :open_permission, :welcome_home ], Ishapi
 
     can [ :index, :show ], Site
@@ -66,11 +66,14 @@ class Ishapi::Ability
       tag.is_public
     end
 
+    #
+    # V
+    #
     can [ :index ], Venue
     can [ :show ], Venue do |venue|
       venue.is_public
     end
-    can [ :index ], Video
+    can [ :index, :my_index ], Video
     can [ :show ], Video do |video|
       video.is_public
     end

data/app/views/ishapi/application/_meta.jbuilder

@@ -3,15 +3,18 @@
 # ishapi / application / _meta
 #
 
+if !item.tags.blank?
+  json.partial! 'ishapi/tags/index', tags: item.tags
+end
+json.created_at  item.created_at
+json.updated_at  item.updated_at
+json.username    item.user_profile.name if item.user_profile
 if item.city
   json.city do
     json.name item.city.name
+    json.slug item.city.cityname
   end
-  json.cityname item.city.cityname
-end
-if defined?(item.tag) && !item.tag.blank?
-  json.partial! 'ishapi/tags/index', tags: [ item.tag ]
-end
-if defined?(item.tags) && !item.tags.blank?
-  json.partial! 'ishapi/tags/index', tags: item.tags
+  json.cityname    item.city.cityname 
 end
+json.subhead     item.subhead
+json.description item.descr

data/app/views/ishapi/galleries/_show.jbuilder

@@ -1,8 +1,21 @@
 #
 # ishapi / galleries / _show
 #
-
 json.id           gallery.id.to_s
+json.item_type    'gallery'
 json.name         gallery.name
 json.galleryname  gallery.galleryname
 json.description  gallery.description
+json.username     gallery.username || 'piousbox'
+json.n_photos     gallery.photos.length
+json.slug         gallery.galleryname
+json.subhead      gallery.subhead
+json.partial!    'ishapi/application/meta', :item => gallery
+if gallery.is_premium
+  json.premium_tier gallery.premium_tier
+  json.is_premium   gallery.premium_tier > 0
+  json.is_purchased current_user.profile.has_premium_purchase( gallery )
+  json.partial!    'ishapi/photos/index',     :photos => [ gallery.photos[0] ]
+else
+  json.partial!    'ishapi/photos/index',     :photos => gallery.photos
+end

data/app/views/ishapi/galleries/show.jbuilder

@@ -5,8 +5,8 @@
 this_key = [ @gallery, params.permit! ]
 json.cache! this_key do
   json.gallery do
-    json.partial! 'ishapi/galleries/show', gallery: @gallery   
-    json.partial! 'ishapi/photos/index', :photos => @gallery.photos 
+    json.partial! 'ishapi/application/meta', item: @gallery
+    json.partial! 'ishapi/galleries/show', gallery: @gallery
   end
 end
 

data/app/views/ishapi/my/videos/index.jbuilder

@@ -0,0 +1,7 @@
+
+json.videos(@videos) do |video|
+  json.name      video.name
+  json.video_url     video.video
+  json.thumb_url     video.thumb
+end
+

data/app/views/ishapi/newsitems/_index.jbuilder

@@ -19,11 +19,6 @@ json.newsitems do
       json.n_photos     item.gallery.photos.length
       json.slug         item.gallery.galleryname
       json.subhead      item.gallery.subhead
-      json.tags         [ { slug: 'adventure', name: 'Adventure' },
-                          { slug: 'bars-and-clubs', name: 'Bars & Clubs' },
-                          { slug: 'food', name: 'Food' },
-                          { slug: 'late-night', name: 'Late Night' } ]
-
       json.partial!    'ishapi/application/meta', :item => item.gallery
       if item.gallery.is_premium
         json.premium_tier item.gallery.premium_tier
@@ -49,7 +44,6 @@ json.newsitems do
       end
 
       json.partial! 'ishapi/application/meta', :item => item.report
-      json.partial! 'ishapi/tags/index', tags: item.report.tags
 
       if item.report.is_premium
         json.premium_tier item.report.premium_tier

data/app/views/ishapi/photos/_index.jbuilder

@@ -1,6 +1,7 @@
 
 #
 # ishapi / photos / _index
+# @deprecated, ishapi / galleries / _show is preferred
 #
 
 json.photos do

data/config/routes.rb

@@ -7,7 +7,7 @@ Ishapi::Engine.routes.draw do
   get 'cities',                :to => 'cities#index'
   get 'cities/view/:cityname', :to => 'cities#show'
   get 'cities/features',       :to => 'cities#features'
- 
+
   post 'co_tailors/orders',                 :to => 'orders#create'
   post 'co_tailors/order_items',            :to => 'order_items#create'
   post 'co_tailors/measurements',           :to => 'measurements#update'
@@ -16,7 +16,7 @@ Ishapi::Engine.routes.draw do
   end
 
   post 'do_purchase', to: 'gameui#do_purchase'
-  
+
   get 'events/view/:eventname',      :to => 'events#show'
 
   get  'galleries',                   :to => 'galleries#index'
@@ -35,8 +35,10 @@ Ishapi::Engine.routes.draw do
   namespace :my do
     # post 'reports', :to => 'reports#index'
     get  'reports', :to => 'reports#index'
+    get 'videos', to: 'videos#index'
+    post 'videos', to: 'videos#index'
   end
-  
+
   post 'payments', :to => 'payments#create'
 
   get 'profiles/view/:username', :to => 'user_profiles#show'
@@ -64,7 +66,7 @@ Ishapi::Engine.routes.draw do
 
   get 'venues', :to => 'venues#index'
   get 'venues/view/:venuename', :to => 'venues#show'
- 
+
   resources :videos
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ishapi
 version: !ruby/object:Gem::Version
-  version: 0.1.8.126
+  version: 0.1.8.131
 platform: ruby
 authors:
 - piousbox
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-15 00:00:00.000000000 Z
+date: 2020-07-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -207,6 +207,7 @@ files:
 - app/controllers/ishapi/measurements_controller.rb
 - app/controllers/ishapi/my/my_controller.rb
 - app/controllers/ishapi/my/reports_controller.rb
+- app/controllers/ishapi/my/videos_controller.rb
 - app/controllers/ishapi/newsitems_controller.rb
 - app/controllers/ishapi/order_items_controller.rb
 - app/controllers/ishapi/orders_controller.rb
@@ -248,6 +249,7 @@ files:
 - app/views/ishapi/maps/index.jbuilder
 - app/views/ishapi/maps/show.jbuilder
 - app/views/ishapi/measurements/_show.jbuilder
+- app/views/ishapi/my/videos/index.jbuilder
 - app/views/ishapi/newsitems/_index.jbuilder
 - app/views/ishapi/newsitems/index.jbuilder
 - app/views/ishapi/orders/_item.jbuilder