ishapi 0.1.8.181 → 0.1.8.182

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7ef65cf53c1c9ed63d5118cba183a30c1958a00c5a7e45d23fc15e32605782f4
-  data.tar.gz: 3be58b188615387a0ed57107bb1ba3378327838bb4ec48f012ead15ca0cc8dab
+  metadata.gz: d463a329bf3e455dd44020f402062b623d7dbf9a832d30e84c73792d2afee35d
+  data.tar.gz: 6090044a2ebccee0ae47e4e908a652998163385e18cbfd26451e8ec0f0aa0889
 SHA512:
-  metadata.gz: 292432e6e0f2d4410b0440d849a7cea5409bc52cc8cb03e2f30befdb80de9296a8b560e70ae22368aa55c50a8e3007d42698920d607fd88e451977e98a41b26a
-  data.tar.gz: 015ca8524e54cee60bae0bfac3afe86c092856cd3028091963a2b4e3eab9ddb6e128025512762f35419aaed2e47ce2fdbf059c9c0e597e1278610492fcce3bb7
+  metadata.gz: 6e0fe6f94cb204b9464d7c48d19a243cd13329ee7c4c076d0deae8db0622d3f7d86d1be643c0cec5d710da3fa4015843a583c246e1c1a8f61149b758f5e1ce55
+  data.tar.gz: d70c30f52193fc1db730dae238217c1b651db64b17aea8257968f1ece64e3534f8710528b6c0940db7ee044c0a053bc29c491ed6ee7410a4c13fa61e8ae81af0

data/app/controllers/ishapi/application_controller.rb

@@ -32,6 +32,24 @@ class Ishapi::ApplicationController < ActionController::Base
     }
   end
 
+  ## @TODO: implement completely! _vp_ 2022-08-24
+  def vote
+    votee = params[:votee_class_name].constantize.find(params[:votee_id])
+    out = votee.vote(voter_id: params[:voter_id], value: params[:value].to_sym)
+
+    if out
+      render json: {
+        status: 'ok',
+      }
+    else
+      render json: {
+        status: 'not_ok',
+        message: votee.errors.full_messages.join(', '),
+      }
+    end
+
+  end
+
   private
 
   ## This returns an empty user if not logged in!

data/app/controllers/ishapi/galleries_controller.rb

@@ -24,7 +24,7 @@ module Ishapi
       @gallery = ::Gallery.unscoped.find_by :slug => params[:slug]
       authorize! :show, @gallery
       if @gallery.premium?
-        if current_user&.profile&.has_premium_purchase( @gallery )
+        if @current_user&.profile&.has_premium_purchase( @gallery )
           render 'show_premium_unlocked'
         else
           render 'show_premium_locked'

data/app/controllers/ishapi/maps_controller.rb

@@ -5,13 +5,14 @@ class Ishapi::MapsController < Ishapi::ApplicationController
   before_action :check_profile, only: [ :show ]
 
   def show
-    @location = ::Gameui::Map.find_by slug: params[:slug]
+    @location   = ::Gameui::Map.where( slug: params[:slug] ).first
+    @location ||= ::Gameui::Map.find params[:slug]
     @map = @location.map || @location
 
     authorize! :show, @map
     @newsitems = @location.newsitems
 
-    @markers = @map.markers.permitted_to(current_user.profile)
+    @markers = @map.markers.permitted_to(@current_user.profile)
 
     @tags = @map.tags
 

data/app/controllers/ishapi/users/registrations_controller.rb

@@ -0,0 +1,37 @@
+
+class Ishapi::Users::RegistrationsController < Devise::RegistrationsController
+  skip_before_action :verify_authenticity_token
+
+  def create
+    build_resource(sign_up_params)
+    resource.save
+    resource.profile = Ish::UserProfile.create({ user: resource, email: resource.email })
+    yield resource if block_given?
+    if resource.persisted?
+      render json: {
+        status: :ok,
+        message: "You have successfully registered! Please verify your email by clicking on a link we just sent you, before logging in.",
+      }, status: 200
+
+      # if resource.active_for_authentication?
+      #   set_flash_message! :notice, :signed_up
+      #   sign_up(resource_name, resource)
+      #   respond_with resource, location: after_sign_up_path_for(resource)
+      # else
+      #   set_flash_message! :notice, :"signed_up_but_#{resource.inactive_message}"
+      #   expire_data_after_sign_in!
+      #   respond_with resource, location: after_inactive_sign_up_path_for(resource)
+      # end
+    else
+      render json: {
+        status: :not_ok,
+        message: "Cannot register: #{resource.errors.full_messages.join(', ')}",
+      }, status: 400
+
+      # clean_up_passwords resource
+      # set_minimum_password_length
+      # respond_with resource
+    end
+  end
+
+end

data/app/controllers/ishapi/users/sessions_controller.rb

@@ -0,0 +1,35 @@
+
+class Ishapi::Users::SessionsController < Devise::SessionsController
+  skip_before_action :verify_authenticity_token
+
+  def create
+    self.resource = warden.authenticate!(auth_options)
+    set_flash_message!(:notice, :signed_in)
+    sign_in(resource_name, resource)
+    yield resource if block_given?
+    # respond_with resource, location: after_sign_in_path_for(resource)
+
+    ## Send the jwt to client
+    @jwt_token = encode(user_id: @current_user.id.to_s)
+    @profile = @current_user.profile
+    render 'ishapi/users/login', format: :json, layout: false
+  end
+
+  private
+
+  ## copy-pasted from application_controller
+  ## jwt
+  def decode(token)
+    decoded = JWT.decode(token, Rails.application.secrets.secret_key_base.to_s)[0]
+    HashWithIndifferentAccess.new decoded
+  end
+
+  ## copy-pasted from application_controller
+  ## jwt
+  def encode(payload, exp = 48.hours.from_now) # @TODO: definitely change, right now I expire once in 2 days.
+    payload[:exp] = exp.to_i
+    JWT.encode(payload, Rails.application.secrets.secret_key_base.to_s)
+  end
+
+
+end

data/app/controllers/ishapi/users_controller.rb

@@ -1,14 +1,15 @@
-require_dependency "ishapi/application_controller"
+# require_dependency "ishapi/application_controller"
 
 module Ishapi
-  class UsersController < ApplicationController
+  class UsersController < Ishapi::ApplicationController
 
     skip_authorization_check only: %i| create fb_sign_in login |
 
+
     before_action :check_profile_hard, only: %i| account |
 
     def account
-      @profile = current_user&.profile
+      @profile = @current_user&.profile
       authorize! :show, @profile
       render 'ishapi/users/account'
     rescue CanCan::AccessDenied
@@ -18,16 +19,19 @@ module Ishapi
     end
 
     def create
-      @profile = Profile.new( email: params[:email] )
-      @user = User.new( email: params[:email], password: params[:password], profile: @profile )
+      authorize! :open_permission, Ishapi
+      new_user_params = params[:user].permit!
+
+      @profile = Profile.new( email: new_user_params[:email] )
+      @user = User.new( email: new_user_params[:email], password: new_user_params[:password], profile: @profile )
 
       if @profile.save && @user.save
         @jwt_token = encode(user_id: @user.id.to_s)
         render 'login'
       else
         render json: {
-          messages: [],
-        }, status: 401
+          messages: @user.errors.messages.merge( @profile.errors.messages ),
+        }, status: 400
       end
     end
 
@@ -37,21 +41,5 @@ module Ishapi
       render :action => 'show'
     end
 
-    def login
-      @current_user = User.where( email: params[:email] ).first
-
-      if !@current_user
-        render json: { status: :not_ok }, status: 401
-        return
-      end
-      if @current_user.valid_password?(params[:password])
-        # from: application_controller#long_term_token
-
-        # send the jwt to client
-        @jwt_token = encode(user_id: @current_user.id.to_s)
-        @profile = @current_user.profile
-      end
-    end
-
   end
 end

data/app/mailers/ishapi/application_mailer.rb

@@ -1,6 +1,6 @@
-module Ishapi
-  class ApplicationMailer < ActionMailer::Base
-    default from: 'from@example.com'
-    layout 'mailer'
-  end
+
+class Ishapi::ApplicationMailer < ActionMailer::Base
+  default from: '314658@gmail.com'
+  layout 'mailer'
 end
+

data/app/mailers/ishapi/confirmations_mailer.rb

@@ -0,0 +1,14 @@
+
+class Ishapi::ConfirmationsMailer < Devise::Mailer
+  # default from: '314658@gmail.com'
+  helper :application # gives access to all helpers defined within `application_helper`.
+  include Devise::Controllers::UrlHelpers # Optional. eg. `confirmation_url`
+
+  default template_path: 'ishapi/mailer' # to make sure that your mailer uses the devise views
+
+  def confirmation_instructions(record, token, opts={})
+    # headers["Custom-header"] = "Bar"
+    super
+  end
+
+end

data/app/views/ishapi/mailer/confirmation_instructions.html.erb

@@ -0,0 +1,6 @@
+
+<p>Welcome <%= @email %>!</p>
+
+<p>You can confirm your account email through the link below:</p>
+
+<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>

data/app/views/ishapi/mailer/email_changed.html.erb

@@ -0,0 +1,7 @@
+<p>Hello <%= @email %>!</p>
+
+<% if @resource.try(:unconfirmed_email?) %>
+  <p>We're contacting you to notify you that your email is being changed to <%= @resource.unconfirmed_email %>.</p>
+<% else %>
+  <p>We're contacting you to notify you that your email has been changed to <%= @resource.email %>.</p>
+<% end %>

data/app/views/ishapi/mailer/password_change.html.erb

@@ -0,0 +1,3 @@
+<p>Hello <%= @resource.email %>!</p>
+
+<p>We're contacting you to notify you that your password has been changed.</p>

data/app/views/ishapi/mailer/reset_password_instructions.html.erb

@@ -0,0 +1,8 @@
+<p>Hello <%= @resource.email %>!</p>
+
+<p>Someone has requested a link to change your password. You can do this through the link below.</p>
+
+<p><%= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token) %></p>
+
+<p>If you didn't request this, please ignore this email.</p>
+<p>Your password won't change until you access the link above and create a new one.</p>

data/app/views/ishapi/mailer/unlock_instructions.html.erb

@@ -0,0 +1,7 @@
+<p>Hello <%= @resource.email %>!</p>
+
+<p>Your account has been locked due to an excessive number of unsuccessful sign in attempts.</p>
+
+<p>Click the link below to unlock your account:</p>
+
+<p><%= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token) %></p>

data/app/views/ishapi/newsitems/_index.jbuilder

@@ -12,6 +12,12 @@ json.newsitems do
 
     json.description item.description
 
+    json.votes_score item.votes_score
+    if @current_user&.profile
+      json.current_user_vote_value item.vote_value(@current_user.profile.id)
+    end
+
+
     if item.gallery
       json.id           item.gallery_id.to_s
       json.item_type    item.gallery.class.name
@@ -62,9 +68,9 @@ json.newsitems do
 
     if item.video
       json.id item.video_id.to_s
-      # @TODO: why this relation is so weird here?!
+      ## @TODO: why is this relation here? It's non-performant.
       video = Video.unscoped.find( item.video_id )
-      json.item_type video.class.name
+      json.item_type "Video"
       json.partial! 'ishapi/videos/show', :video => video
     end
 

data/app/views/ishapi/users/login.jbuilder

@@ -2,4 +2,4 @@
 json.email     @profile.email
 json.n_unlocks @profile.n_unlocks
 json.jwt_token @jwt_token
-json.partial!  'account'
+json.partial!  'ishapi/users/account'

data/config/routes.rb

@@ -1,4 +1,6 @@
+
 Ishapi::Engine.routes.draw do
+
   root :to => 'application#home'
   post 'home', :to => 'application#home'
 
@@ -65,8 +67,12 @@ Ishapi::Engine.routes.draw do
   post  'users/profile/update',  to: 'user_profiles#update'
   get   'users/profile',         to: 'users#show' # @TODO: only for testing! accessToken must be hidden
   match 'users/long_term_token', to: 'application#long_term_token', via: [ :get, :post ]
-  post  'users/login',           to: 'users#login'
-  post  'users',                 to: 'users#create'
+  devise_scope :user do
+    post 'users/register', to: 'users/registrations#create'
+    post 'users/login', to: 'users/sessions#create'
+  end
+
+  post 'v1/vote/:votee_class_name/:votee_id/:voter_id/:value', to: 'application#vote'
 
   get 'venues', :to => 'venues#index'
   get 'venues/view/:venuename', :to => 'venues#show'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ishapi
 version: !ruby/object:Gem::Version
-  version: 0.1.8.181
+  version: 0.1.8.182
 platform: ruby
 authors:
 - piousbox
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-14 00:00:00.000000000 Z
+date: 2022-09-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -234,6 +234,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: " Description of Ishapi."
 email:
 - piousbox@gmail.com
@@ -273,12 +287,15 @@ files:
 - app/controllers/ishapi/stock_watches_controller.rb
 - app/controllers/ishapi/tags_controller.rb
 - app/controllers/ishapi/user_profiles_controller.rb
+- app/controllers/ishapi/users/registrations_controller.rb
+- app/controllers/ishapi/users/sessions_controller.rb
 - app/controllers/ishapi/users_controller.rb
 - app/controllers/ishapi/venues_controller.rb
 - app/controllers/ishapi/videos_controller.rb
 - app/helpers/ishapi/application_helper.rb
 - app/jobs/ishapi/application_job.rb
 - app/mailers/ishapi/application_mailer.rb
+- app/mailers/ishapi/confirmations_mailer.rb
 - app/models/ishapi/ability.rb
 - app/views/ishapi/addresses/_show.jbuilder
 - app/views/ishapi/application/_meta.jbuilder
@@ -300,6 +317,11 @@ files:
 - app/views/ishapi/galleries/show.jbuilder
 - app/views/ishapi/galleries/show_premium_locked.jbuilder
 - app/views/ishapi/galleries/show_premium_unlocked.jbuilder
+- app/views/ishapi/mailer/confirmation_instructions.html.erb
+- app/views/ishapi/mailer/email_changed.html.erb
+- app/views/ishapi/mailer/password_change.html.erb
+- app/views/ishapi/mailer/reset_password_instructions.html.erb
+- app/views/ishapi/mailer/unlock_instructions.html.erb
 - app/views/ishapi/maps/_show.jbuilder
 - app/views/ishapi/maps/index.jbuilder
 - app/views/ishapi/maps/show.jbuilder