ishapi 0.1.8.130 → 0.1.8.131
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/ishapi/application_controller.rb +40 -9
- data/app/controllers/ishapi/my/my_controller.rb +10 -1
- data/app/controllers/ishapi/my/videos_controller.rb +16 -0
- data/app/controllers/ishapi/user_profiles_controller.rb +2 -0
- data/app/models/ishapi/ability.rb +5 -2
- data/app/views/ishapi/galleries/show.jbuilder +1 -3
- data/app/views/ishapi/my/videos/index.jbuilder +7 -0
- data/app/views/ishapi/photos/_index.jbuilder +1 -0
- data/config/routes.rb +6 -4
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f1802659d2e8c6ce8924c5e5645314e9c235d548f967b1c98041b80c22b5daf9
|
4
|
+
data.tar.gz: 2fb33453eb17bae2775ea7a2b3f8988bb044d853f5df16e3ce134c77a0d1725d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dc18bdfec85c2e6e3847f9936999f35a47df4e6a1bf1d791d7c1bd6cd55334ca7a0a4a10d12a1a9bf001cbcd6f0107fceb0c8ccd235717f86a254afae85c370d
|
7
|
+
data.tar.gz: bc6daf89813d973285525d8f8664408a1f97f7b07ab136c709f560f1de6c3627926120679bee7a42180cd9ce9707a1b34b2274ca9d27a9daa8c5702f204afe24
|
@@ -7,7 +7,7 @@ module Ishapi
|
|
7
7
|
|
8
8
|
# before_action :check_profile, except: [ :test ]
|
9
9
|
before_action :set_current_ability
|
10
|
-
|
10
|
+
|
11
11
|
check_authorization
|
12
12
|
skip_before_action :verify_authenticity_token
|
13
13
|
|
@@ -26,9 +26,19 @@ module Ishapi
|
|
26
26
|
"client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&" +
|
27
27
|
"fb_exchange_token=#{accessToken}"
|
28
28
|
j = JSON.parse response.body
|
29
|
+
puts! j, 'fb response'
|
29
30
|
@long_term_token = j['access_token']
|
30
31
|
|
31
|
-
|
32
|
+
# get user email
|
33
|
+
@graph = Koala::Facebook::API.new( accessToken )
|
34
|
+
@me = @graph.get_object( 'me', :fields => 'email' )
|
35
|
+
@current_user = User.where( :email => @me['email'] ).first
|
36
|
+
@profile = @current_user.profile
|
37
|
+
|
38
|
+
# send the jwt to client
|
39
|
+
@jwt_token = encode(user_id: @current_user.id)
|
40
|
+
|
41
|
+
render json: { long_term_token: @long_term_token, jwt_token: @jwt_token }
|
32
42
|
end
|
33
43
|
|
34
44
|
#
|
@@ -75,9 +85,9 @@ module Ishapi
|
|
75
85
|
# puts! result, 'googleauth result'
|
76
86
|
|
77
87
|
decoded_token = JWT.decode params[:idToken], nil, false
|
78
|
-
|
88
|
+
|
79
89
|
@current_user = User.find_by email: decoded_token[0]['email']
|
80
|
-
|
90
|
+
|
81
91
|
elsif 'facebook' == provider
|
82
92
|
# accessToken ||= params[:fb_long_access_token]
|
83
93
|
|
@@ -101,7 +111,7 @@ module Ishapi
|
|
101
111
|
@current_user = User.where( :email => @me['email'] ).first
|
102
112
|
@current_user ||= User.create! email: @me['email'], password: SecureRandom.urlsafe_base64
|
103
113
|
|
104
|
-
@current_profile = @current_user.profile
|
114
|
+
@current_profile = @current_user.profile
|
105
115
|
if !@current_profile
|
106
116
|
begin
|
107
117
|
g = Gallery.find '5e1495e2d697f768ad0779eb'
|
@@ -120,9 +130,15 @@ module Ishapi
|
|
120
130
|
|
121
131
|
puts! @current_user, 'current_user'
|
122
132
|
puts! @current_profile, 'current_profile'
|
123
|
-
|
133
|
+
|
134
|
+
elsif 'jwt' == provider
|
135
|
+
decoded = decode(params[:jwt_token])
|
136
|
+
puts! decoded, 'decoded'
|
137
|
+
@current_user = User.find decoded[:user_id]
|
138
|
+
|
124
139
|
else
|
125
140
|
puts! 'check_multiprofile(): no access token'
|
141
|
+
raise "ww1 - not implemented"
|
126
142
|
end
|
127
143
|
|
128
144
|
sign_in @current_user, scope: :user
|
@@ -132,13 +148,16 @@ module Ishapi
|
|
132
148
|
# this doesn't generate long-lived token, doesn't update user_profile
|
133
149
|
# this is only for facebook now
|
134
150
|
def check_profile
|
151
|
+
puts! params, 'params'
|
152
|
+
|
135
153
|
# return check_multiprofile 'google'
|
136
|
-
return check_multiprofile 'facebook'
|
154
|
+
# return check_multiprofile 'facebook'
|
155
|
+
return check_multiprofile 'jwt'
|
137
156
|
|
138
157
|
# puts! params, 'params'
|
139
158
|
# puts! current_user, 'current_user'
|
140
159
|
# puts! @current_user, '@current_user'
|
141
|
-
|
160
|
+
|
142
161
|
accessToken = request.headers[:accessToken]
|
143
162
|
accessToken ||= params[:fb_long_access_token]
|
144
163
|
accessToken ||= params[:accessToken]
|
@@ -201,7 +220,7 @@ module Ishapi
|
|
201
220
|
@current_order = @current_profile.current_order
|
202
221
|
# orders.where( :submitted_at => nil ).first || ::CoTailors::Order.new( :profile_id => @current_profile.id )
|
203
222
|
end
|
204
|
-
|
223
|
+
|
205
224
|
def get_long_token accessToken
|
206
225
|
url = "https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&" +
|
207
226
|
"client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&fb_exchange_token=#{accessToken}"
|
@@ -221,5 +240,17 @@ module Ishapi
|
|
221
240
|
puts a.inspect
|
222
241
|
end
|
223
242
|
|
243
|
+
# jwt
|
244
|
+
def encode(payload, exp = 2.hours.from_now)
|
245
|
+
payload[:exp] = exp.to_i
|
246
|
+
JWT.encode(payload, Rails.application.secrets.secret_key_base.to_s)
|
247
|
+
end
|
248
|
+
|
249
|
+
# jwt
|
250
|
+
def decode(token)
|
251
|
+
decoded = JWT.decode(token, Rails.application.secrets.secret_key_base.to_s)[0]
|
252
|
+
HashWithIndifferentAccess.new decoded
|
253
|
+
end
|
254
|
+
|
224
255
|
end
|
225
256
|
end
|
@@ -3,10 +3,19 @@ module Ishapi
|
|
3
3
|
module My
|
4
4
|
class MyController < Ishapi::ApplicationController
|
5
5
|
|
6
|
-
before_action :set_profile
|
6
|
+
# before_action :set_profile # this is DoS on FB - disabled
|
7
|
+
before_action :do_login
|
7
8
|
|
8
9
|
private
|
9
10
|
|
11
|
+
def do_login
|
12
|
+
puts! params, 'params'
|
13
|
+
|
14
|
+
token = decode(params[:jwtToken])
|
15
|
+
puts! token, 'token'
|
16
|
+
@current_user = User.find(token["user_id"])
|
17
|
+
end
|
18
|
+
|
10
19
|
def set_profile
|
11
20
|
begin
|
12
21
|
@graph = Koala::Facebook::API.new( params[:accessToken] )
|
@@ -0,0 +1,16 @@
|
|
1
|
+
|
2
|
+
module Ishapi
|
3
|
+
module My
|
4
|
+
class VideosController < Ishapi::My::MyController
|
5
|
+
|
6
|
+
def index
|
7
|
+
authorize! :my_index, Video
|
8
|
+
puts! @current_user, 'current_user'
|
9
|
+
|
10
|
+
@videos = @current_user.profile.videos.unscoped.where( is_trash: false ).limit(20)
|
11
|
+
end
|
12
|
+
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
@@ -56,7 +56,7 @@ class Ishapi::Ability
|
|
56
56
|
can [ :my_index, :show ], Report do |report|
|
57
57
|
report.is_public
|
58
58
|
end
|
59
|
-
|
59
|
+
|
60
60
|
can [ :fb_sign_in, :long_term_token, :open_permission, :welcome_home ], Ishapi
|
61
61
|
|
62
62
|
can [ :index, :show ], Site
|
@@ -66,11 +66,14 @@ class Ishapi::Ability
|
|
66
66
|
tag.is_public
|
67
67
|
end
|
68
68
|
|
69
|
+
#
|
70
|
+
# V
|
71
|
+
#
|
69
72
|
can [ :index ], Venue
|
70
73
|
can [ :show ], Venue do |venue|
|
71
74
|
venue.is_public
|
72
75
|
end
|
73
|
-
can [ :index ], Video
|
76
|
+
can [ :index, :my_index ], Video
|
74
77
|
can [ :show ], Video do |video|
|
75
78
|
video.is_public
|
76
79
|
end
|
@@ -5,10 +5,8 @@
|
|
5
5
|
this_key = [ @gallery, params.permit! ]
|
6
6
|
json.cache! this_key do
|
7
7
|
json.gallery do
|
8
|
-
json.partial! 'ishapi/galleries/show', gallery: @gallery
|
9
|
-
json.partial! 'ishapi/photos/index', :photos => @gallery.photos
|
10
|
-
|
11
8
|
json.partial! 'ishapi/application/meta', item: @gallery
|
9
|
+
json.partial! 'ishapi/galleries/show', gallery: @gallery
|
12
10
|
end
|
13
11
|
end
|
14
12
|
|
data/config/routes.rb
CHANGED
@@ -7,7 +7,7 @@ Ishapi::Engine.routes.draw do
|
|
7
7
|
get 'cities', :to => 'cities#index'
|
8
8
|
get 'cities/view/:cityname', :to => 'cities#show'
|
9
9
|
get 'cities/features', :to => 'cities#features'
|
10
|
-
|
10
|
+
|
11
11
|
post 'co_tailors/orders', :to => 'orders#create'
|
12
12
|
post 'co_tailors/order_items', :to => 'order_items#create'
|
13
13
|
post 'co_tailors/measurements', :to => 'measurements#update'
|
@@ -16,7 +16,7 @@ Ishapi::Engine.routes.draw do
|
|
16
16
|
end
|
17
17
|
|
18
18
|
post 'do_purchase', to: 'gameui#do_purchase'
|
19
|
-
|
19
|
+
|
20
20
|
get 'events/view/:eventname', :to => 'events#show'
|
21
21
|
|
22
22
|
get 'galleries', :to => 'galleries#index'
|
@@ -35,8 +35,10 @@ Ishapi::Engine.routes.draw do
|
|
35
35
|
namespace :my do
|
36
36
|
# post 'reports', :to => 'reports#index'
|
37
37
|
get 'reports', :to => 'reports#index'
|
38
|
+
get 'videos', to: 'videos#index'
|
39
|
+
post 'videos', to: 'videos#index'
|
38
40
|
end
|
39
|
-
|
41
|
+
|
40
42
|
post 'payments', :to => 'payments#create'
|
41
43
|
|
42
44
|
get 'profiles/view/:username', :to => 'user_profiles#show'
|
@@ -64,7 +66,7 @@ Ishapi::Engine.routes.draw do
|
|
64
66
|
|
65
67
|
get 'venues', :to => 'venues#index'
|
66
68
|
get 'venues/view/:venuename', :to => 'venues#show'
|
67
|
-
|
69
|
+
|
68
70
|
resources :videos
|
69
71
|
|
70
72
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ishapi
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.8.
|
4
|
+
version: 0.1.8.131
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- piousbox
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-04
|
11
|
+
date: 2020-07-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -207,6 +207,7 @@ files:
|
|
207
207
|
- app/controllers/ishapi/measurements_controller.rb
|
208
208
|
- app/controllers/ishapi/my/my_controller.rb
|
209
209
|
- app/controllers/ishapi/my/reports_controller.rb
|
210
|
+
- app/controllers/ishapi/my/videos_controller.rb
|
210
211
|
- app/controllers/ishapi/newsitems_controller.rb
|
211
212
|
- app/controllers/ishapi/order_items_controller.rb
|
212
213
|
- app/controllers/ishapi/orders_controller.rb
|
@@ -248,6 +249,7 @@ files:
|
|
248
249
|
- app/views/ishapi/maps/index.jbuilder
|
249
250
|
- app/views/ishapi/maps/show.jbuilder
|
250
251
|
- app/views/ishapi/measurements/_show.jbuilder
|
252
|
+
- app/views/ishapi/my/videos/index.jbuilder
|
251
253
|
- app/views/ishapi/newsitems/_index.jbuilder
|
252
254
|
- app/views/ishapi/newsitems/index.jbuilder
|
253
255
|
- app/views/ishapi/orders/_item.jbuilder
|