ishapi 0.1.8.142 → 0.1.8.146

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 22b9f244f6e4a3c79fda643d0eca55e244a03ad5762412d2cb52f6175ee2ce97
-  data.tar.gz: b6bd24cdaad0054db3ad571623964a87517784933e0e01f7c67fe745fea5c93b
+  metadata.gz: 7daed337d478761f910b4330f860a5c730a858dc50cf75272ef05ff6609459ef
+  data.tar.gz: 63ca6a01982f267a5cc411b32a0a949abb3d97ff5a2cdd43454b2a301607d8cd
 SHA512:
-  metadata.gz: 582ad0e2dd8f1f809a87ee5716b1770d05a00198d3d93a1b203151dca8cdf0c7844c18a499486686d6f95a84dd78c920263c07b6c73f4eff8ead2b6372cb412f
-  data.tar.gz: 01c8f26d18422745fdae325588c46d92828d65f86a677fece418ec2e98e9f6ba1fb9a694fb23d140ee270f1ca8a42d179b9667cc362e504be8aef43eefc9b28a
+  metadata.gz: 23e0af13c63e3ad5f24621cfd93f680f946bdebadc10d8bc2e5ed41a962c2c901237d839ae3f27a19ca01ede1e5cd73fe84649962247168db1127768c52dfb40
+  data.tar.gz: 1a0d67e6ff177b1d474538e4fb9a2770fb3f14872355a9ddba3b1cadeb69feaa644d3e3aa78b2d7e6fce1685e26bee74f9e6fd3f5c0551b576cdf9c71d2141b5

data/app/controllers/ishapi/application_controller.rb

@@ -1,16 +1,7 @@
 module Ishapi
   class ApplicationController < ActionController::Base
-    after_action :append_long_term_token, except: [ :long_term_token, :test ]
-
-    protect_from_forgery :prepend => true, :with => :exception
-    layout :false
-
-    check_authorization except: [ :long_term_token ]
-    skip_before_action :verify_authenticity_token
-
-    def test
-    end
 
+    ## POST /api/users/long_term_token , a FB login flow
     def long_term_token
       accessToken   = request.headers[:accessToken]
       accessToken ||= params[:accessToken]
@@ -37,213 +28,19 @@ module Ishapi
       }
     end
 
-    def home
-      authorize! :welcome_home, Ishapi
-      render :json => { :status => :ok, :message => 'Ishapi::ApiController.home',
-                        :n_reports => Report.count, :n_cities => City.count }
-    end
-
-    #
-    # private
-    #
     private
 
-    def append_long_term_token
-      if @long_term_token
-        response.body = JSON.parse(response.body).merge({ long_term_token: @long_term_token }).to_json
-      end
-    end
-
-    ## Hard check by default; craps out if accessToken is missing
-    def check_long_term_token soft=false
-      accessToken   = request.headers[:accessToken]
-      accessToken ||= params[:accessToken]
-      if accessToken
-        @graph            = Koala::Facebook::API.new( accessToken )
-        @me               = @graph.get_object( 'me', :fields => 'email' )
-        @current_user     = User.where( :email => @me['email'] ).first
-        @profile          = @current_user.profile
-        raise '98& - no profile' unless @profile
-      else
-        if soft
-          return
-        else
-          raise 'no access token'
-        end
-      end
-    end
-
-    ## Does not crap out if accessToken is missing
-    def soft_check_long_term_token
-      check_long_term_token soft=true
-    end
-
-    def check_multiprofile provider = 'google'
-      if 'google' == provider
-        # client_secrets = ::Google::APIClient::ClientSecrets.load
-        # accessToken = params[:accessToken]
-        # authorization = ::Google::Auth.get_application_default
-        # result = authorization.apply({ accessToken: params[:accessToken] })
-        # puts! result, 'googleauth result'
-
-        decoded_token = JWT.decode params[:idToken], nil, false
-
-        @current_user = User.find_by email: decoded_token[0]['email']
-
-      elsif 'facebook' == provider
-        # accessToken ||= params[:fb_long_access_token]
-
-        accessToken   = request.headers[:accessToken]
-        accessToken ||= params[:accessToken]
-        if accessToken
-
-          #
-          # long-term token
-          #
-          params['domain'] = 'tgm.piousbox.com'
-          response = HTTParty.get "https://graph.facebook.com/v5.0/oauth/access_token?grant_type=fb_exchange_token&" +
-            "client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&" +
-            "fb_exchange_token=#{accessToken}"
-          j = JSON.parse response.body
-          @long_term_token = j['access_token']
-
-
-          @graph            = Koala::Facebook::API.new( accessToken )
-          @me               = @graph.get_object( 'me', :fields => 'email' )
-          @current_user     = User.where( :email => @me['email'] ).first
-          @current_user   ||= User.create! email: @me['email'], password: SecureRandom.urlsafe_base64
-
-          @current_profile = @current_user.profile
-          if !@current_profile
-            begin
-              g = Gallery.find '5e1495e2d697f768ad0779eb'
-            rescue Mongoid::Errors::DocumentNotFound => e
-              g = Gallery.create id: '5e1495e2d697f768ad0779eb'
-            end
-            @current_profile = IshModels::UserProfile.create user: @current_user, name: @me['email'], email: @me['email']
-            test_newsitem = Newsitem.new gallery_id: '5e1495e2d697f768ad0779eb'
-            @current_profile.newsitems << test_newsitem
-            @current_profile.save
-          end
-          @current_profile.update fb_long_access_token: @long_term_token
-        else
-          @current_user     = current_user  if Rails.env.test?
-        end
-
-      elsif 'jwt' == provider
+    def check_profile
+      begin
         decoded = decode(params[:jwt_token])
         @current_user = User.find decoded['user_id']
-      else
-        raise "ww1 - not implemented"
-      end
-
-      # @TODO: refactor [ref-5]
-      sign_in @current_user, scope: :user
-      current_ability
-    end
-
-
-
-    # same as check_profile but doesn't error out when jwt_token is missing or expired
-    def check_profile_optionally
-      if !params[:jwt_token]
-        @current_user = User.new profile: Profile.new
-      else
-        begin
-          check_profile
-        rescue JWT::ExpiredSignature
-          Rails.logger.info("JWT::ExpiredSignature")
-          @current_user = User.new profile: Profile.new
-        end
+      rescue JWT::ExpiredSignature, JWT::DecodeError => e
+        puts! e, 'ee1'
+        flash[:notice] = 'You arent logged in, or you have been logged out.'
+        # @current_user = User.new
       end
     end
 
-    # this doesn't generate long-lived token, doesn't update user_profile
-    def check_profile
-      # return check_multiprofile 'google'
-      # return check_multiprofile 'facebook'
-      return check_multiprofile 'jwt'
-
-      accessToken   = request.headers[:accessToken]
-      accessToken ||= params[:fb_long_access_token]
-      accessToken ||= params[:accessToken]
-      if accessToken
-        @graph            = Koala::Facebook::API.new( accessToken )
-        @me               = @graph.get_object( 'me', :fields => 'email' )
-        @current_user     = User.find_by :email => @me['email']
-      else
-        @current_user     = current_user  if Rails.env.test?
-      end
-      @current_profile  = @current_user.profile
-      @current_order    = @current_profile.current_order
-      # orders.where( :submitted_at => nil ).first || ::CoTailors::Order.create( :profile_id => @current_profile.id )
-
-      ## for sedux
-      sign_in( @current_user )
-    end
-
-    def set_profile
-      accessToken   = request.headers[:accessToken]
-      accessToken ||= params[:fb_long_access_token]
-      accessToken ||= params[:accessToken]
-
-      # params[:domain] ||= '_default'
-
-      if accessToken
-        begin
-          @graph            = Koala::Facebook::API.new( accessToken )
-          @me               = @graph.get_object( 'me', :fields => 'email' )
-          @current_user     = User.find_or_create_by :email => @me['email']
-          @oauth            = Koala::Facebook::OAuth.new( FB[params['domain']][:app], FB[params['domain']][:secret] )
-          get_token         = get_long_token( accessToken )
-          @long_lived_token = get_token['access_token']
-
-          begin
-            @current_profile = IshModels::UserProfile.find_by :email => @me['email']
-            @current_profile.update_attributes({ :fb_access_token      => @long_lived_token,
-                                         :fb_long_access_token => @long_lived_token,
-                                         :fb_expires_in        => get_token['expires_in']
-                                       })
-          rescue Mongoid::Errors::DocumentNotFound
-            @current_profile = IshModels::UserProfile.create :user => @current_user, :email => @me['email'],
-                                                             :fb_access_token       => @long_lived_token,
-                                                             :fb_long_access_token  => @long_lived_token,
-                                                             :fb_expires_in         => get_token['expires_in'],
-                                                             :fb_id                 => params[:id],
-                                                             :name                  => params[:name],
-                                                             :signed_request        => params[:signedRequest]
-          end
-          @current_user.reload
-        rescue Koala::Facebook::AuthenticationError => e
-          render :json => { :status => :not_ok, :errors => "Probably expired token: #{accessToken}" }
-          return
-        end
-      else
-        @current_user = current_user if Rails.env.test?
-      end
-      @current_profile = @current_user.profile
-      @current_order   = @current_profile.current_order
-      # orders.where( :submitted_at => nil ).first || ::CoTailors::Order.new( :profile_id => @current_profile.id )
-    end
-
-    def get_long_token accessToken
-      url = "https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&" +
-            "client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&fb_exchange_token=#{accessToken}"
-      result = HTTParty.get url
-      token  = JSON.parse result.body
-      return token # ['access_token']
-    end
-
-    def current_ability
-      @current_user ||= User.new({ profile: ::IshModels::UserProfile.new })
-      @current_ability ||= Ishapi::Ability.new( @current_user )
-    end
-
-    def puts! a, b=''
-      puts "+++ +++ #{b}"
-      puts a.inspect
-    end
-
     # jwt
     def check_jwt
       begin
@@ -254,20 +51,23 @@ module Ishapi
       rescue JWT::DecodeError
         Rails.logger.info("JWT::DecodeError")
       end
-      @current_user ||= User.new
       current_ability
     end
 
+    # jwt
+    def decode(token)
+      decoded = JWT.decode(token, Rails.application.secrets.secret_key_base.to_s)[0]
+      HashWithIndifferentAccess.new decoded
+    end
+
     # jwt
     def encode(payload, exp = 2.hours.from_now)
       payload[:exp] = exp.to_i
       JWT.encode(payload, Rails.application.secrets.secret_key_base.to_s)
     end
 
-    # jwt
-    def decode(token)
-      decoded = JWT.decode(token, Rails.application.secrets.secret_key_base.to_s)[0]
-      HashWithIndifferentAccess.new decoded
+    def current_ability
+      @current_ability ||= Ishapi::Ability.new( current_user )
     end
 
   end

data/app/controllers/ishapi/application_controller.rb-trash

@@ -0,0 +1,275 @@
+module Ishapi
+  class ApplicationController < ActionController::Base
+    after_action :append_long_term_token, except: [ :long_term_token, :test ]
+
+    protect_from_forgery :prepend => true, :with => :exception
+    layout :false
+
+    check_authorization except: [ :long_term_token ]
+    skip_before_action :verify_authenticity_token
+
+    def test
+    end
+
+    def long_term_token
+      accessToken   = request.headers[:accessToken]
+      accessToken ||= params[:accessToken]
+
+      params['domain'] = 'tgm.piousbox.com'
+
+      response = ::HTTParty.get "https://graph.facebook.com/v5.0/oauth/access_token?grant_type=fb_exchange_token&" +
+        "client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&" +
+        "fb_exchange_token=#{accessToken}"
+      j = JSON.parse response.body
+      @long_term_token  = j['access_token']
+      @graph            = Koala::Facebook::API.new( accessToken )
+      @me               = @graph.get_object( 'me', :fields => 'email' )
+      @current_user     = User.where( :email => @me['email'] ).first
+
+      # send the jwt to client
+      @jwt_token = encode(user_id: @current_user.id.to_s)
+
+      render json: {
+        email: @current_user.email,
+        jwt_token: @jwt_token,
+        long_term_token: @long_term_token,
+        n_unlocks: @current_user.profile.n_unlocks,
+      }
+    end
+
+    def home
+      authorize! :welcome_home, Ishapi
+      render :json => { :status => :ok, :message => 'Ishapi::ApiController.home',
+                        :n_reports => Report.count, :n_cities => City.count }
+    end
+
+    #
+    # private
+    #
+    private
+
+    def append_long_term_token
+      if @long_term_token
+        response.body = JSON.parse(response.body).merge({ long_term_token: @long_term_token }).to_json
+      end
+    end
+
+    ## Hard check by default; craps out if accessToken is missing
+    def check_long_term_token soft=false
+      accessToken   = request.headers[:accessToken]
+      accessToken ||= params[:accessToken]
+      if accessToken
+        @graph            = Koala::Facebook::API.new( accessToken )
+        @me               = @graph.get_object( 'me', :fields => 'email' )
+        @current_user     = User.where( :email => @me['email'] ).first
+        @profile          = @current_user.profile
+        raise '98& - no profile' unless @profile
+      else
+        if soft
+          return
+        else
+          raise 'no access token'
+        end
+      end
+    end
+
+    ## Does not crap out if accessToken is missing
+    def soft_check_long_term_token
+      check_long_term_token soft=true
+    end
+
+    def check_multiprofile provider = 'google'
+      if 'google' == provider
+        # client_secrets = ::Google::APIClient::ClientSecrets.load
+        # accessToken = params[:accessToken]
+        # authorization = ::Google::Auth.get_application_default
+        # result = authorization.apply({ accessToken: params[:accessToken] })
+        # puts! result, 'googleauth result'
+
+        decoded_token = JWT.decode params[:idToken], nil, false
+
+        @current_user = User.find_by email: decoded_token[0]['email']
+
+      elsif 'facebook' == provider
+        # accessToken ||= params[:fb_long_access_token]
+
+        accessToken   = request.headers[:accessToken]
+        accessToken ||= params[:accessToken]
+        if accessToken
+
+          #
+          # long-term token
+          #
+          params['domain'] = 'tgm.piousbox.com'
+          response = HTTParty.get "https://graph.facebook.com/v5.0/oauth/access_token?grant_type=fb_exchange_token&" +
+            "client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&" +
+            "fb_exchange_token=#{accessToken}"
+          j = JSON.parse response.body
+          @long_term_token = j['access_token']
+
+
+          @graph            = Koala::Facebook::API.new( accessToken )
+          @me               = @graph.get_object( 'me', :fields => 'email' )
+          @current_user     = User.where( :email => @me['email'] ).first
+          @current_user   ||= User.create! email: @me['email'], password: SecureRandom.urlsafe_base64
+
+          @current_profile = @current_user.profile
+          if !@current_profile
+            begin
+              g = Gallery.find '5e1495e2d697f768ad0779eb'
+            rescue Mongoid::Errors::DocumentNotFound => e
+              g = Gallery.create id: '5e1495e2d697f768ad0779eb'
+            end
+            @current_profile = IshModels::UserProfile.create user: @current_user, name: @me['email'], email: @me['email']
+            test_newsitem = Newsitem.new gallery_id: '5e1495e2d697f768ad0779eb'
+            @current_profile.newsitems << test_newsitem
+            @current_profile.save
+          end
+          @current_profile.update fb_long_access_token: @long_term_token
+        else
+          @current_user     = current_user  if Rails.env.test?
+        end
+
+      elsif 'jwt' == provider
+        decoded = decode(params[:jwt_token])
+        @current_user = User.find decoded['user_id']
+        puts! @current_user, '@current_user from decoded'
+      else
+        raise "ww1 - not implemented"
+      end
+
+      sign_in @current_user, scope: :user
+      puts! current_user, 'did I sign in?'
+      current_ability
+    end
+
+
+
+    # same as check_profile but doesn't error out when jwt_token is missing or expired
+    def check_profile_optionally
+      if !params[:jwt_token]
+        # @current_user = User.new profile: Profile.new
+      else
+        begin
+          check_profile
+        rescue JWT::ExpiredSignature
+          Rails.logger.info("JWT::ExpiredSignature")
+          # @current_user = User.new profile: Profile.new
+        end
+      end
+    end
+
+    # this doesn't generate long-lived token, doesn't update user_profile
+    def check_profile
+      # return check_multiprofile 'google'
+      # return check_multiprofile 'facebook'
+      return check_multiprofile 'jwt'
+
+      accessToken   = request.headers[:accessToken]
+      accessToken ||= params[:fb_long_access_token]
+      accessToken ||= params[:accessToken]
+      if accessToken
+        @graph            = Koala::Facebook::API.new( accessToken )
+        @me               = @graph.get_object( 'me', :fields => 'email' )
+        @current_user     = User.find_by :email => @me['email']
+      else
+        @current_user     = current_user  if Rails.env.test?
+      end
+      @current_profile  = @current_user.profile
+      @current_order    = @current_profile.current_order
+      # orders.where( :submitted_at => nil ).first || ::CoTailors::Order.create( :profile_id => @current_profile.id )
+
+      ## for sedux
+      sign_in( @current_user )
+    end
+
+    def set_profile
+      accessToken   = request.headers[:accessToken]
+      accessToken ||= params[:fb_long_access_token]
+      accessToken ||= params[:accessToken]
+
+      # params[:domain] ||= '_default'
+
+      if accessToken
+        begin
+          @graph            = Koala::Facebook::API.new( accessToken )
+          @me               = @graph.get_object( 'me', :fields => 'email' )
+          @current_user     = User.find_or_create_by :email => @me['email']
+          @oauth            = Koala::Facebook::OAuth.new( FB[params['domain']][:app], FB[params['domain']][:secret] )
+          get_token         = get_long_token( accessToken )
+          @long_lived_token = get_token['access_token']
+
+          begin
+            @current_profile = IshModels::UserProfile.find_by :email => @me['email']
+            @current_profile.update_attributes({ :fb_access_token      => @long_lived_token,
+                                         :fb_long_access_token => @long_lived_token,
+                                         :fb_expires_in        => get_token['expires_in']
+                                       })
+          rescue Mongoid::Errors::DocumentNotFound
+            @current_profile = IshModels::UserProfile.create :user => @current_user, :email => @me['email'],
+                                                             :fb_access_token       => @long_lived_token,
+                                                             :fb_long_access_token  => @long_lived_token,
+                                                             :fb_expires_in         => get_token['expires_in'],
+                                                             :fb_id                 => params[:id],
+                                                             :name                  => params[:name],
+                                                             :signed_request        => params[:signedRequest]
+          end
+          @current_user.reload
+        rescue Koala::Facebook::AuthenticationError => e
+          render :json => { :status => :not_ok, :errors => "Probably expired token: #{accessToken}" }
+          return
+        end
+      else
+        @current_user = current_user if Rails.env.test?
+      end
+      @current_profile = @current_user.profile
+      @current_order   = @current_profile.current_order
+      # orders.where( :submitted_at => nil ).first || ::CoTailors::Order.new( :profile_id => @current_profile.id )
+    end
+
+    def get_long_token accessToken
+      url = "https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&" +
+            "client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&fb_exchange_token=#{accessToken}"
+      result = HTTParty.get url
+      token  = JSON.parse result.body
+      return token # ['access_token']
+    end
+
+    def current_ability
+      # @current_user ||= User.new({ profile: ::IshModels::UserProfile.new })
+      @current_ability ||= Ishapi::Ability.new( current_user )
+    end
+
+    def puts! a, b=''
+      puts "+++ +++ #{b}"
+      puts a.inspect
+    end
+
+    # jwt
+    def check_jwt
+      begin
+        decoded = decode(params[:jwt_token])
+        @current_user = User.find decoded['user_id']
+      rescue JWT::ExpiredSignature
+        Rails.logger.info("JWT::ExpiredSignature")
+      rescue JWT::DecodeError
+        Rails.logger.info("JWT::DecodeError")
+      end
+      # @current_user ||= User.new
+      current_ability
+    end
+
+    # jwt
+    def encode(payload, exp = 2.hours.from_now)
+      payload[:exp] = exp.to_i
+      JWT.encode(payload, Rails.application.secrets.secret_key_base.to_s)
+    end
+
+    # jwt
+    def decode(token)
+      decoded = JWT.decode(token, Rails.application.secrets.secret_key_base.to_s)[0]
+      HashWithIndifferentAccess.new decoded
+    end
+
+  end
+end

data/app/controllers/ishapi/maps_controller.rb

@@ -2,8 +2,8 @@ require_dependency "ishapi/application_controller"
 module Ishapi
   class MapsController < ApplicationController
 
-    before_action :soft_check_long_term_token, only: [ :show ]
-    
+    before_action :check_profile, only: [ :show ]
+
     def index
       authorize! :index, ::Gameui::Map
       @maps = ::Gameui::Map.all
@@ -12,6 +12,7 @@ module Ishapi
     def show
       @map = ::Gameui::Map.find_by slug: params[:slug]
       @markers = @map.markers.where( is_active: true )
+      @newsitems = @map.newsitems
 
       case @map.ordering_type
       when ::Gameui::Map::ORDERING_TYPE_ALPHABETIC

data/app/controllers/ishapi/my/my_controller.rb

@@ -8,8 +8,12 @@ module Ishapi
       before_action :check_profile
 
       def account
-        @profile = current_user.profile
+        @profile = current_user&.profile
         authorize! :show, @profile
+      rescue CanCan::AccessDenied
+        render json: {
+          status: :not_ok,
+        }, status: 401
       end
 
       private

data/app/controllers/ishapi/payments_controller.rb

@@ -96,6 +96,8 @@ module Ishapi
       authorize! :unlock, ::Ish::Payment
       item = Object::const_get(params['kind']).find params['id']
 
+      puts! params, 'unlocking...'
+
       existing = Purchase.where( user_profile: @current_user.profile, item: item ).first
       if existing
         render status: 200, json: { status: :ok, message: 'already purchased' }

data/app/controllers/ishapi/sites_controller.rb

@@ -3,7 +3,7 @@ require_dependency "ishapi/application_controller"
 module Ishapi
   class SitesController < ApplicationController
 
-    before_action :check_profile_optionally, only: %i| show |
+    before_action :check_profile, only: %i| show |
 
     def index
       authorize! :index, ::Site
@@ -32,16 +32,24 @@ module Ishapi
         else
           render :json => { :status => :unauthorized}, :status => :unauthorized
           render :status => :unauthorized
+          return
         end
       end
 
-      @galleries    = @site.galleries.limit( 10 )
-      @newsitems    = @site.newsitems.limit( @site.newsitems_per_page )
-      @reports      = @site.reports.limit( 10 )
+      @galleries    = @site.galleries.limit( 10 ) # @TODO: paginate
+      @newsitems    = @site.newsitems.limit( @site.newsitems_per_page ) # @TODO: paginate
+      @reports      = @site.reports.limit( 10 ) # @TODO: paginate
       @langs        = ::Site.where( :domain => domain ).map( &:lang )
       @feature_tags = @site.tags.where( :is_feature => true )
-
     end
 
+    private
+
+    # # jwt
+    # def decode(token)
+    #   decoded = JWT.decode(token, Rails.application.secrets.secret_key_base.to_s)[0]
+    #   HashWithIndifferentAccess.new decoded
+    # end
+
   end
 end

data/app/controllers/ishapi/users_controller.rb

@@ -4,6 +4,8 @@ module Ishapi
   class UsersController < ApplicationController
     before_action :set_profile, :only => [ :fb_sign_in, :show ]
 
+    skip_authorization_check only: %i| login |
+
     def fb_sign_in
       authorize! :fb_sign_in, Ishapi
       # render :json => { :status => :ok }
@@ -14,5 +16,25 @@ module Ishapi
       authorize! :fb_sign_in, Ishapi
     end
 
+    def login
+      @current_user = User.where( email: params[:email] ).first
+      if !@current_user
+        render json: { status: :not_ok }, status: 401
+        return
+      end
+      if @current_user.valid_password?(params[:password])
+        # from: application_controller#long_term_token
+
+        # send the jwt to client
+        @jwt_token = encode(user_id: @current_user.id.to_s)
+        render json: {
+          email: @current_user.email,
+          jwt_token: @jwt_token,
+          long_term_token: @long_term_token,
+          n_unlocks: @current_user.profile.n_unlocks,
+        }
+      end
+    end
+
   end
 end

data/app/views/ishapi/maps/show.jbuilder

@@ -14,6 +14,14 @@ json.cache! this_key do
     json.img_path    @map.img_path
     json.updated_at  @map.updated_at
 
+    json.breadcrumbs do
+      json.array! @map.breadcrumbs do |b|
+        json.name b[:name]
+        json.slug b[:slug]
+        json.link b[:link]
+      end
+    end
+
     json.markers do
       json.array! @markers do |marker|
         json.name marker.name

data/app/views/ishapi/sites/show.jbuilder

@@ -13,6 +13,8 @@ json.cache! key do
   json.subhead     @site.subhead
   json.description @site.description
 
+  json.email @current_user.email
+
   json.is_ads_enabled         @site.is_ads_enabled
   json.play_videos_in_preview @site.play_videos_in_preview
   json.newsitems_per_page     @site.newsitems_per_page

data/config/routes.rb

@@ -27,7 +27,8 @@ Ishapi::Engine.routes.draw do
   get 'maps', to: 'maps#index'
   get 'maps/view/:slug', to: 'maps#show'
   get 'markers/view/:slug', to: 'maps#show_marker'
-  get "/my/account", to: "my/my#account"
+  get  "/my/account", to: "my/my#account"
+  post "/my/account", to: "my/my#account"
   namespace :my do
     get 'galleries', to: 'galleries#index'
     get 'newsitems', to: 'newsitems#index'
@@ -65,6 +66,7 @@ Ishapi::Engine.routes.draw do
   post  'users/profile/update', :to => 'users#update'
   get   'users/profile',        :to => 'users#show' # @TODO: only for testing! accessToken must be hidden
   match 'users/long_term_token', to: 'application#long_term_token', via: [ :get, :post ]
+  post  'users/login', to: 'users#login'
 
   get 'venues', :to => 'venues#index'
   get 'venues/view/:venuename', :to => 'venues#show'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ishapi
 version: !ruby/object:Gem::Version
-  version: 0.1.8.142
+  version: 0.1.8.146
 platform: ruby
 authors:
 - piousbox
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-31 00:00:00.000000000 Z
+date: 2021-09-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -196,6 +196,7 @@ files:
 - app/assets/stylesheets/scaffold.css
 - app/controllers/ishapi/addresses_controller.rb
 - app/controllers/ishapi/application_controller.rb
+- app/controllers/ishapi/application_controller.rb-trash
 - app/controllers/ishapi/articles_controller.rb
 - app/controllers/ishapi/cities_controller.rb
 - app/controllers/ishapi/events_controller.rb