j1_template_mde 2018.4.31 → 2018.4.32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (130) hide show
  1. checksums.yaml +4 -4
  2. data/_includes/themes/j1/layouts/layout_metadata_generator.html +5 -6
  3. data/_includes/themes/j1/layouts/layout_shim_generator.html +20 -2
  4. data/_includes/themes/j1/layouts/layout_theme_generator.html +2 -2
  5. data/_includes/themes/j1/modules/connectors/{analytic/google → ad/custom-provider.html} +7 -16
  6. data/_includes/themes/j1/modules/connectors/ad/google-adsense.html +6 -6
  7. data/_includes/themes/j1/modules/connectors/ads +23 -8
  8. data/_includes/themes/j1/modules/connectors/analytic/custom-provider.html +32 -0
  9. data/_includes/themes/j1/modules/connectors/analytic/google-analytics.html +38 -0
  10. data/_includes/themes/j1/modules/connectors/analytics +16 -17
  11. data/_includes/themes/j1/modules/connectors/comment/custom-provider.html +31 -0
  12. data/_includes/themes/j1/modules/connectors/comment/disqus.html +3 -3
  13. data/_includes/themes/j1/modules/connectors/comment/facebook.html +31 -0
  14. data/_includes/themes/j1/modules/connectors/comments +14 -12
  15. data/_includes/themes/j1/modules/connectors/sharing +3 -10
  16. data/_includes/themes/j1/modules/navigator/generator.html +17 -12
  17. data/_includes/themes/j1/modules/navigator/procedures/quicklinks.proc +37 -27
  18. data/_includes/themes/j1/modules/navigator/procedures/sidebar.proc +3 -3
  19. data/_includes/themes/j1/procedures/layouts/module_writer.proc +4 -4
  20. data/_includes/themes/j1/procedures/layouts/resource_writer.proc +6 -6
  21. data/lib/j1/version.rb +1 -1
  22. data/lib/j1_app/j1_auth_manager/_unused/auth_manager.before_merge_added.rb +1267 -0
  23. data/lib/j1_app/j1_auth_manager/_unused/auth_manager.update.web_cookie.rb +1333 -0
  24. data/lib/j1_app/j1_auth_manager/_unused/auth_manager_ui.2.erb +198 -0
  25. data/lib/j1_app/j1_auth_manager/_unused/auth_manager_ui.additional_inits.erb +254 -0
  26. data/lib/j1_app/j1_auth_manager/auth_manager.rb +361 -275
  27. data/lib/j1_app/j1_auth_manager/config.rb +9 -9
  28. data/lib/j1_app/j1_auth_manager/helpers.rb +60 -2
  29. data/lib/j1_app/j1_auth_manager/views/auth_manager_ui.erb +123 -37
  30. data/lib/starter_web/Gemfile +1 -1
  31. data/lib/starter_web/_config.yml +42 -32
  32. data/lib/starter_web/_data/j1_config.yml +46 -56
  33. data/lib/starter_web/_data/j1_resources.yml +25 -5
  34. data/lib/starter_web/_data/layouts/default.yml +10 -0
  35. data/lib/starter_web/_data/modules/j1_cookie_consent.yml +120 -0
  36. data/lib/starter_web/_data/modules/j1_log4javascript.yml +24 -22
  37. data/lib/starter_web/_data/modules/j1_navigator.yml +61 -50
  38. data/lib/starter_web/_data/modules/j1_navigator_menu.yml +32 -11
  39. data/lib/starter_web/_data/tables/country.asciidoc +252 -0
  40. data/lib/starter_web/assets/data/_authclient.html +365 -0
  41. data/lib/starter_web/assets/data/authclient.html +213 -222
  42. data/lib/starter_web/assets/data/cookie_consent.html +261 -0
  43. data/lib/starter_web/assets/data/countries.json +974 -0
  44. data/lib/starter_web/assets/data/footer.html +17 -26
  45. data/lib/starter_web/assets/data/menu.html +20 -21
  46. data/lib/starter_web/assets/images/icons/j1/scalable/j1v2.svg +1 -1
  47. data/lib/starter_web/assets/images/master_header/admin-bootstrap.jpg +0 -0
  48. data/lib/starter_web/assets/images/pages/roundtrip/package.json +16 -16
  49. data/lib/starter_web/assets/themes/j1/core/css/theme_extensions.css +1313 -1219
  50. data/lib/starter_web/assets/themes/j1/core/css/theme_extensions.min.css +1 -1
  51. data/lib/starter_web/assets/themes/j1/core/css/uno.css +1251 -1219
  52. data/lib/starter_web/assets/themes/j1/core/css/uno.min.css +1 -1
  53. data/lib/starter_web/assets/themes/j1/core/css/vendor.css +72 -72
  54. data/lib/starter_web/assets/themes/j1/core/css/vendor.min.css +2 -2
  55. data/lib/starter_web/assets/themes/j1/core/js/adapter/algolia.js +1 -1
  56. data/lib/starter_web/assets/themes/j1/core/js/adapter/back2top.js +1 -1
  57. data/lib/starter_web/assets/themes/j1/core/js/adapter/bs_gallery.js +1 -1
  58. data/lib/starter_web/assets/themes/j1/core/js/adapter/cookie_consent.js +345 -0
  59. data/lib/starter_web/assets/themes/j1/core/js/adapter/custom.js +1 -1
  60. data/lib/starter_web/assets/themes/j1/core/js/adapter/lightbox.js +1 -1
  61. data/lib/starter_web/assets/themes/j1/core/js/adapter/logger.js +1 -1
  62. data/lib/starter_web/assets/themes/j1/core/js/adapter/master_header.js +1 -1
  63. data/lib/starter_web/assets/themes/j1/core/js/adapter/navigator.js +254 -190
  64. data/lib/starter_web/assets/themes/j1/core/js/adapter/scroller.js +1 -1
  65. data/lib/starter_web/assets/themes/j1/core/js/adapter/searcher.js +1 -1
  66. data/lib/starter_web/assets/themes/j1/core/js/adapter/stickybits.js +1 -1
  67. data/lib/starter_web/assets/themes/j1/core/js/adapter/switcher.js +1 -1
  68. data/lib/starter_web/assets/themes/j1/core/js/adapter/template.js +432 -97
  69. data/lib/starter_web/assets/themes/j1/core/js/adapter/toccer.js +1 -1
  70. data/lib/starter_web/assets/themes/j1/core/js/template.js +15 -15
  71. data/lib/starter_web/assets/themes/j1/core/js/template.js.map +1 -1
  72. data/lib/starter_web/assets/themes/j1/core/js/template.min.js +1 -1
  73. data/lib/starter_web/assets/themes/j1/extensions/cookiebar/js/cookiebar.js +277 -0
  74. data/lib/starter_web/assets/themes/j1/{core/js/adapter/cookiebar.js → extensions/cookiebar/js/j1cookiebar.js} +1 -1
  75. data/lib/starter_web/collections/_biography/becoming.adoc +1 -1
  76. data/lib/starter_web/collections/_biography/born-to-run.adoc +1 -1
  77. data/lib/starter_web/collections/posts/{premium → private}/series/_posts/000_includes/attributes.asciidoc +0 -0
  78. data/lib/starter_web/collections/posts/{premium → private}/series/_posts/000_includes/documents/100-docker-using-shared-folders.asciidoc +0 -0
  79. data/lib/starter_web/collections/posts/{premium → private}/series/_posts/000_includes/documents/loop.sh +0 -0
  80. data/lib/starter_web/collections/posts/{premium → private}/series/_posts/000_includes/tables/debug_variables.asciidoc +0 -0
  81. data/lib/starter_web/collections/posts/{premium → private}/series/_posts/2018-11-01-docker-using-shared-folders.adoc +0 -0
  82. data/lib/starter_web/collections/posts/{private → protected}/wikipedia/_posts/000_includes/attributes.asciidoc +0 -0
  83. data/lib/starter_web/collections/posts/{private → protected}/wikipedia/_posts/000_includes/tables/debug_variables.asciidoc +0 -0
  84. data/lib/starter_web/collections/posts/{private → protected}/wikipedia/_posts/2016-11-20-minneapolis.adoc +0 -0
  85. data/lib/starter_web/collections/posts/{private → protected}/wikipedia/_posts/2016-11-24-narcisse-snake-dens.adoc +0 -0
  86. data/lib/starter_web/collections/posts/{private → protected}/wikipedia/_posts/2016-11-26-columbia-river.adoc +1 -1
  87. data/lib/starter_web/collections/posts/public/featured/_posts/2019-04-12-about-cookies.adoc +175 -0
  88. data/lib/starter_web/collections/posts/public/{featured → jekyll}/_posts/2018-05-01-confusion-about-base-url.adoc +0 -0
  89. data/lib/starter_web/index.html +4 -1
  90. data/lib/starter_web/package.json +1 -1
  91. data/lib/starter_web/pages/{premium → private}/bookshelf/100_about_jekyll_collections.adoc +1 -1
  92. data/lib/starter_web/pages/{premium → private}/bookshelf/200_book_shelf_biography.adoc +1 -1
  93. data/lib/starter_web/pages/{premium → private}/bookshelf/300_book_shelf_fantasy.adoc +1 -1
  94. data/lib/starter_web/pages/{premium → private}/bookshelf/400_book_shelf_romance.adoc +1 -1
  95. data/lib/starter_web/pages/{private → protected}/TeamUp/000_includes/attributes.asciidoc +0 -0
  96. data/lib/starter_web/pages/{private → protected}/TeamUp/index.adoc +3 -3
  97. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/attributes.asciidoc +0 -0
  98. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/100_absolute_sizes.asciidoc +0 -0
  99. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/110_bs_grid_sizes.asciidoc +0 -0
  100. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/120_relative_sizes.asciidoc +0 -0
  101. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/200_rotate.asciidoc +0 -0
  102. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/300_flip.asciidoc +0 -0
  103. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/400_spin_pulsed.asciidoc +0 -0
  104. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/500_bw_color_palette.asciidoc +0 -0
  105. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/510_bs_color_palette.asciidoc +0 -0
  106. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/600_md_color_palette.asciidoc +0 -0
  107. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/601_md_color_palette_indigo.asciidoc +0 -0
  108. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/mdi_icons/602_md_color_palette_pink.asciidoc +0 -0
  109. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/twitter_emoji/100_bs_sizes.asciidoc +0 -0
  110. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/twitter_emoji/100_relative_sizes.asciidoc +0 -0
  111. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/twitter_emoji/200_rotate.asciidoc +0 -0
  112. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/twitter_emoji/300_flip.asciidoc +0 -0
  113. data/lib/starter_web/pages/{private → protected}/previewer/000_includes/tables/twitter_emoji/400_spin_pulsed.asciidoc +0 -0
  114. data/lib/starter_web/pages/{private → protected}/previewer/justified_gallery.html +1 -1
  115. data/lib/starter_web/pages/{private → protected}/previewer/mdi_icons_preview.adoc +1 -1
  116. data/lib/starter_web/pages/{private → protected}/previewer/twitter_emoji_preview.adoc +1 -1
  117. data/lib/starter_web/pages/public/about/about_you.adoc +139 -0
  118. data/lib/starter_web/pages/public/legal/de/100_impress.adoc +26 -15
  119. data/lib/starter_web/pages/public/legal/de/200_terms_of_use.adoc +2 -2
  120. data/lib/starter_web/pages/public/legal/en/100_impress.adoc +65 -53
  121. data/lib/starter_web/pages/public/legal/en/200_terms_of_use.adoc +11 -8
  122. data/lib/starter_web/pages/public/legal/en/300_privacy.adoc +46 -68
  123. data/lib/starter_web/pages/public/legal/en/400_license_agreement.adoc +72 -74
  124. data/lib/starter_web/pages/public/legal/en/eu/cookie.policy.asciidoc +55 -0
  125. data/lib/starter_web/pages/public/previewer/bootstrap_theme.adoc +1 -1
  126. data/lib/starter_web/pages/public/start/roundtrip/700_extended_modals.adoc +71 -53
  127. metadata +60 -44
  128. data/_includes/themes/j1/modules/connectors/analytic/googleUA +0 -44
  129. data/lib/starter_web/_data/modules/j1_cookiebar.yml +0 -65
  130. data/lib/starter_web/_unused/package.json.new +0 -125
@@ -68,17 +68,34 @@ module J1App
68
68
  # Base App and Warden Framework settings
69
69
  # ==========================================================================
70
70
 
71
- j1_web_session = {
72
- :authenticated => 'false',
73
- :requested_page => '/',
74
- :user_name => 'unknown',
75
- :users_allowed => 'unknown',
76
- :user_id => 'unknown',
77
- :provider => 'unknown',
78
- :provider_url => '/',
79
- :payment_info => 'unknown',
80
- :permissions => 'unknown',
81
- :writer => 'middleware'
71
+ session_data = {}
72
+
73
+ # web_session_data = {
74
+ # :authenticated => 'false',
75
+ # :requested_page => '/',
76
+ # :user_name => 'unknown',
77
+ # :users_allowed => 'unknown',
78
+ # :user_id => 'unknown',
79
+ # :provider => 'unknown',
80
+ # :provider_url => '/',
81
+ # :payment_info => 'unknown',
82
+ # :permissions => 'unknown',
83
+ # :writer => 'middleware'
84
+ # }
85
+
86
+ web_session_data = {
87
+ :authenticated => 'false',
88
+ :requested_page => '/',
89
+ :user_name => 'visitor',
90
+ :users_allowed => 'all',
91
+ :user_id => 'unknown',
92
+ :provider => 'j1',
93
+ :provider_membership => 'guest',
94
+ :provider_url => 'https://jekyll.one',
95
+ :payment_info => 'unknown',
96
+ :provider_permissions => 'public',
97
+ :creator => 'middleware',
98
+ :writer => 'middleware'
82
99
  }
83
100
 
84
101
  # Enable SSL for the rack session if configured
@@ -90,10 +107,15 @@ module J1App
90
107
  # for the authentication service
91
108
  # --------------------------------------------------------------------------
92
109
  use Rack::Session::Cookie,
93
- http_only: true,
110
+ http_only: true, # if set to 'true', make session cookie visible to the browser (document) for HTTP
94
111
  key: 'j1.app.session',
95
112
  secret: ENV['J1_SESSION_SECRET'] || SecureRandom.hex
96
113
 
114
+ # use Rack::Cache do |config|
115
+ # #
116
+ # # ------------------------------------------------------------------------
117
+ # config.middleware.delete(Rack::Cache)
118
+ # end
97
119
 
98
120
  # ==========================================================================
99
121
  # Warden Framework initialisation
@@ -110,7 +132,6 @@ module J1App
110
132
  user
111
133
  end
112
134
 
113
-
114
135
  # ==========================================================================
115
136
  # OmniAuth|Warden Framework initialisation
116
137
  # ==========================================================================
@@ -225,17 +246,23 @@ module J1App
225
246
  log_info! "ROOT", "Prepare", 'Web Session'
226
247
 
227
248
  # read existing/current cookie 'j1.web.session' to update all data
228
- # of j1_web_session (hash) otherwise set initial data
249
+ # of web_session_data (hash) otherwise set initial data
229
250
  # ------------------------------------------------------------------------
230
251
  unless env['HTTP_COOKIE'] == nil
231
- if env['HTTP_COOKIE'].include? 'j1.web.session'
232
- session_encoded = request.cookies['j1.web.session']
233
- session_decoded = Base64.decode64(session_encoded)
234
- j1_web_session = JSON.parse(session_decoded)
235
- end
252
+ log_info! "ROOT", 'Cookie', 'Read current web session data'
253
+ web_session_data = readCookie('j1.web.session')
254
+ data_json = web_session_data.to_json
255
+ log_info! "ROOT", 'Cookie', 'Current web session data', "#{data_json}"
256
+
257
+ # if env['HTTP_COOKIE'].include? 'j1.web.session'
258
+ # session_encoded = request.cookies['j1.web.session']
259
+ # session_decoded = Base64.decode64(session_encoded)
260
+ # web_session_data = JSON.parse(session_decoded)
261
+ # end
262
+
236
263
  else
237
264
  requested_page = env['REQUEST_URI']
238
- j1_web_session['requested_page'] = "#{env['REQUEST_URI']}"
265
+ session_data['requested_page'] = "#{env['REQUEST_URI']}"
239
266
  end
240
267
 
241
268
  # Create|Initialize the J1 web session cookie
@@ -245,39 +272,40 @@ module J1App
245
272
 
246
273
  user = warden.user
247
274
  log_info! "ROOT", 'AuthCheck', 'User detected as signed in', "#{user[:provider]}"
248
- j1_web_session['authenticated'] = 'true'
249
- j1_web_session['requested_page'] = '/'
250
- j1_web_session['users_allowed'] = providers["#{user[:provider]}"]['users']
251
- j1_web_session['user_name'] = user[:info]['nickname']
252
- j1_web_session['user_id'] = user[:uid]
253
- j1_web_session['provider'] = user[:provider]
254
- j1_web_session['provider_url'] = providers["#{user[:provider]}"]['home_url']
255
- j1_web_session['permissions'] = providers["#{user[:provider]}"]['permissions']
256
- j1_web_session['payment_status'] = user[:info][:payment_status]
275
+ session_data['authenticated'] = 'true'
276
+ session_data['requested_page'] = '/'
277
+ session_data['user_name'] = user[:info]['nickname']
278
+ session_data['users_allowed'] = providers["#{user[:provider]}"]['users']
279
+ session_data['user_id'] = user[:uid]
280
+ session_data['provider'] = user[:provider]
281
+ session_data['provider_membership'] = 'member'
282
+ session_data['provider_url'] = providers["#{user[:provider]}"]['provider_url']
283
+ session_data['provider_permissions'] = providers["#{user[:provider]}"]['permissions']
284
+ session_data['payment_status'] = user[:info][:payment_status]
257
285
  else
258
286
  log_info! "ROOT", 'AuthCheck', 'User detected', 'signed out'
259
- j1_web_session['authenticated'] = 'false'
260
- j1_web_session['requested_page'] = '/'
261
- j1_web_session['users_allowed'] = 'all'
262
- j1_web_session['user_name'] = 'unknown'
263
- j1_web_session['user_id'] = 'unknown'
264
- j1_web_session['payment_status'] = 'unknown'
265
- j1_web_session['provider'] = 'unknown'
266
- j1_web_session['provider_url'] = 'unknown'
267
- j1_web_session['permissions'] = 'unknown'
287
+ session_data['authenticated'] = 'false'
288
+ # session_data['requested_page'] = '/'
289
+ session_data['users_allowed'] = 'all'
290
+ session_data['user_name'] = 'visitor'
291
+ session_data['user_id'] = 'unknown'
292
+ session_data['payment_status'] = 'unknown'
293
+ session_data['provider'] = 'j1'
294
+ session_data['provider_membership'] = 'guest'
295
+ session_data['provider_url'] = 'https://jekyll.one'
296
+ session_data['provider_permissions'] = 'public'
268
297
  end
269
- j1_web_session['writer'] = 'middleware'
298
+ session_data['writer'] = 'middleware'
299
+ session_data['creator'] = 'middleware'
270
300
 
271
- session_json = j1_web_session.to_json
272
- log_info! "ROOT", 'Cookie', 'Update web session data' # "#{session_json}"
301
+ web_session_data = merge( web_session_data, session_data )
302
+
303
+ data_json = session_data.to_json
304
+ log_info! "ROOT", 'Cookie', 'Merge current user data', "#{data_json}"
273
305
 
274
- session_encoded = Base64.encode64(session_json)
275
- response.set_cookie(
276
- 'j1.web.session',
277
- domain: false,
278
- value: session_encoded.to_s,
279
- path: '/'
280
- )
306
+ data_json = web_session_data.to_json
307
+ log_info! "ROOT", 'Cookie', 'Update web session data', "#{data_json}"
308
+ writeCookie('j1.web.session', data_json)
281
309
  end
282
310
 
283
311
  # General page detection (page auth pre-flight)
@@ -287,64 +315,79 @@ module J1App
287
315
  log_info! 'AuthManager', 'PreFlight', 'Initial checks initiated'
288
316
 
289
317
  # read existing/current cookie 'j1.web.session'
290
- # to update all data of j1_web_session (hash)
318
+ # to update all data of web_session_data (hash)
291
319
  # if request.warden.user.respond_to?(:info)
292
320
  # ------------------------------------------------------------------------
321
+
322
+ #web_session_data = readCookie('j1.web.session')
323
+
293
324
  if env['HTTP_COOKIE'].include? 'j1.web.session'
294
325
  session_encoded = request.cookies['j1.web.session']
295
326
  session_decoded = Base64.decode64(session_encoded)
296
- j1_web_session = JSON.parse(session_decoded)
327
+ # See: https://stackoverflow.com/questions/86653/how-can-i-pretty-format-my-json-output-in-ruby-on-rails
328
+ session_pretty = JSON.pretty_generate(session_decoded)
329
+ web_session_data = JSON.parse(session_decoded)
297
330
 
298
- log_info! 'PreFlight', 'Cookie', 'Read web session data' # "#{session_decoded}"
331
+ log_info! 'PreFlight', 'Cookie', 'Read web session data', "#{session_decoded}" # ,"#{session_pretty}"
299
332
  else
300
333
  requested_page = env['REQUEST_URI']
301
- j1_web_session['requested_page'] = "#{env['REQUEST_URI']}"
334
+ session_data['requested_page'] = "#{env['REQUEST_URI']}"
302
335
  end
303
336
 
304
337
  # Create|Initialize the J1 web session cookie
305
338
  # ------------------------------------------------------------------------
306
- log_info! 'PreFlight', 'AuthCheck', 'Check authentication status'
339
+ log_info! 'PreFlight', 'AuthCheck', 'Check authentication state'
307
340
  if warden.authenticated?
308
341
  user = warden.user
309
- j1_web_session['authenticated'] = 'true'
310
- j1_web_session['user_name'] = user[:info]['nickname']
311
- j1_web_session['user_id'] = user[:uid]
312
- j1_web_session['provider'] = user[:provider]
313
- j1_web_session['provider_url'] = providers["#{user[:provider]}"]['home_url']
314
- j1_web_session['users_allowed'] = providers["#{user[:provider]}"]['users']#
315
- j1_web_session['permissions'] = providers["#{user[:provider]}"]['permissions']
316
- j1_web_session['payment_status'] = user[:info][:payment_status]
317
- j1_web_session['writer'] = 'middleware'
318
-
342
+ session_data['authenticated'] = 'true'
343
+ session_data['user_name'] = user[:info]['nickname']
344
+ session_data['user_id'] = user[:uid]
345
+ session_data['provider'] = user[:provider]
346
+ session_data['provider_url'] = providers["#{user[:provider]}"]['provider_url']
347
+ session_data['users_allowed'] = providers["#{user[:provider]}"]['users']#
348
+ session_data['provider_permissions'] = providers["#{user[:provider]}"]['permissions']
349
+ session_data['provider_membership'] = 'member'
350
+ session_data['payment_status'] = user[:info][:payment_status]
351
+ session_data['writer'] = 'middleware'
352
+
353
+ web_session_data = merge( web_session_data, session_data )
319
354
  log_info! 'PreFlight', 'AuthCheck', 'User authenticated', "#{user[:info]['nickname']}"
320
355
 
321
- session_json = j1_web_session.to_json
322
- log_info! 'PreFlight', 'Cookie', 'Write web session data' # "#{session_json}"
356
+ session_json = web_session_data.to_json
357
+ log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
358
+ writeCookie('j1.web.session', session_json)
323
359
 
324
- session_encoded = Base64.encode64(session_json)
325
- response.set_cookie(
326
- 'j1.web.session',
327
- domain: false,
328
- value: session_encoded.to_s,
329
- path: '/'
330
- )
331
360
  end
332
361
 
333
362
  # User state|content detection for implicit authentication
334
363
  # ------------------------------------------------------------------------
335
364
  log_info! 'PreFlight', 'CheckConfig', 'Authentication check', 'disabled' if authentication_enabled? == false
336
- log_info! 'PreFlight', 'AuthCheck', 'Pass for all pages' if authentication_enabled? == false
365
+ log_info! 'PreFlight', 'AuthCheck', 'Pass for all pages' if authentication_enabled? == false
337
366
  pass if authentication_enabled? == false
338
367
 
339
368
  log_info! 'PreFlight', 'CheckConfig', 'Authentication check', 'enabled'
340
- log_info! 'PreFlight', 'DetectContent', 'Public content', 'YES' if public_content?
369
+ log_info! 'PreFlight', 'DetectContent', 'Public content detected' if public_content?
341
370
  log_info! 'PreFlight', 'DetectContent', 'Pass all public content' if public_content?
342
371
  pass if public_content?
343
372
 
373
+ log_info! 'PreFlight', 'DetectCookieConsent', 'Cookie Consent', "#{web_session_data['cookies_accepted']}"
374
+
375
+ # if web_session_data['cookies_accepted'] === 'declined'
376
+ # requested_page = env['REQUEST_URI']
377
+ # requested_page.scan(/(protected|private)/) do |match|
378
+ # category = match[0]
379
+ # log_info! 'PreFlight', 'DetectContent', 'Content detected as', "#{category}"
380
+ # log_info! 'PreFlight', 'Redirect', 'Pass to dialog page (Cookie Consent)'
381
+ # description_title = "Cookie consent declined"
382
+ # redirect "/cookie_consent?provider=#{web_session_data['provider']}&user=#{web_session_data['user_name']}&category=#{category}&requested_page=#{requested_page}&title=#{description_title}"
383
+ # #redirect requested_page
384
+ # end
385
+ # end
386
+
344
387
  log_info! 'PreFlight', 'DetectContent', 'Check content type'
345
388
 
346
389
  requested_page = env['REQUEST_URI']
347
- requested_page.scan(/(private|premium)/) do |match|
390
+ requested_page.scan(/(protected|private)/) do |match|
348
391
 
349
392
  category = match[0]
350
393
  log_info! 'PreFlight', 'DetectContent', 'Content type detected', "#{category}"
@@ -360,11 +403,11 @@ module J1App
360
403
  strategy = providers["#{current_provider}"]['strategy']
361
404
  provider_strategy = :"#{strategy}"
362
405
 
363
- j1_web_session['user_name'] = user_name
364
- j1_web_session['provider_url'] = providers["#{current_provider}"]['home_url']
365
- j1_web_session['users_allowed'] = providers["#{current_provider}"]['users']
366
- j1_web_session['permissions'] = providers["#{user[:provider]}"]['permissions']
367
- j1_web_session['requested_page'] = requested_page
406
+ web_session_data['user_name'] = user_name
407
+ web_session_data['provider_url'] = providers["#{current_provider}"]['provider_url']
408
+ web_session_data['users_allowed'] = providers["#{current_provider}"]['users']
409
+ web_session_data['provider_permissions'] = providers["#{user[:provider]}"]['permissions']
410
+ web_session_data['requested_page'] = requested_page
368
411
 
369
412
  log_info! 'PreFlight', 'ContentCheck', 'Check permissions'
370
413
  if permissions[:"#{category}"].include? current_provider
@@ -413,8 +456,8 @@ module J1App
413
456
  warden.logout
414
457
  session.clear
415
458
 
416
- session_json = j1_web_session.to_json
417
- log_info! 'PreFlight', 'Cookie', 'Write web session data' # "#{session_json}"
459
+ session_json = web_session_data.to_json
460
+ log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
418
461
 
419
462
  session_encoded = Base64.encode64(session_json)
420
463
  response.set_cookie(
@@ -428,7 +471,16 @@ module J1App
428
471
  allowed_users = providers["#{provider}"]['users'].join(',')
429
472
  redirect "/page_validation?provider=#{provider}&category=#{category}&page=#{requested_page}&allowed_users=#{allowed_users}"
430
473
  end
474
+
475
+ time = Time.now.ctime.to_s
431
476
  log_info! 'PreFlight', 'AuthCheck', 'Pass to requested page', "#{requested_page}"
477
+ log_info! 'PreFlight', 'AuthCheck', 'Set X-Response-Headers'
478
+
479
+ # See: https://stackoverflow.com/questions/10438276/how-to-disable-static-file-caching-in-rails-3-thin-on-windows
480
+ # response.headers["Cache-Control"] = 'no-cache, no-store, max-age=0, must-revalidate'
481
+ # response.headers["Pragma"] = 'no-cache'
482
+ # response.headers["Expires"] = 'Fri, 01 Jan 1990 00:00:00 GMT'
483
+ response.headers['X-J1-AuthManager'] = "page-validated;category=#{category};called=" + time
432
484
  pass
433
485
  else
434
486
  log_info! 'PreFlight', 'AuthCheck', 'User detected', 'signed out'
@@ -446,17 +498,17 @@ module J1App
446
498
  when :org
447
499
  warden.authenticate!
448
500
  github_organization_authenticate! ENV['GITHUB_ORG_NAME']
449
- logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} organization"
501
+ logger.info "Hi There, #{web_session_data[:user_name]}! You have access to the #{params['id']} organization"
450
502
 
451
503
  when :team
452
504
  warden.authenticate!
453
505
  github_team_authenticate! ENV['GITHUB_TEAM_ID']
454
- logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} team"
506
+ logger.info "Hi There, #{web_session_data[:user_name]}! You have access to the #{params['id']} team"
455
507
 
456
508
  when :teams
457
509
  warden.authenticate!
458
510
  github_teams_authenticate! ENV['GITHUB_TEAM_IDS'].split(',')
459
- logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} team"
511
+ logger.info "Hi There, #{web_session_data[:user_name]}! You have access to the #{params['id']} team"
460
512
 
461
513
  when :member
462
514
  log_info! 'PreFlight', 'AuthCheck', 'Process authentication strategy'
@@ -465,34 +517,27 @@ module J1App
465
517
  session_encoded = request.cookies['j1.web.session']
466
518
  session_decoded = Base64.decode64(session_encoded)
467
519
  log_info! 'PreFlight', 'Cookie', 'Read web session data' # "#{session_decoded}"
468
- j1_web_session = JSON.parse(session_decoded)
520
+ web_session_data = JSON.parse(session_decoded)
469
521
  end
470
522
 
471
523
  # Update cookie data
472
524
  # ----------------------------------------------------------------------
473
- j1_web_session['provider_url'] = providers["#{default_provider}"]['home_url']
474
- j1_web_session['users_allowed'] = providers["#{default_provider}"]['users']
475
- j1_web_session['permissions'] = providers["#{default_provider}"]['permissions']
476
- j1_web_session['requested_page'] = env['REQUEST_URI']
477
- j1_web_session['writer'] = 'middleware'
525
+ web_session_data['provider_url'] = providers["#{default_provider}"]['provider_url']
526
+ web_session_data['users_allowed'] = providers["#{default_provider}"]['users']
527
+ web_session_data['provider_permissions'] = providers["#{default_provider}"]['permissions']
528
+ web_session_data['requested_page'] = env['REQUEST_URI']
529
+ web_session_data['writer'] = 'middleware'
478
530
 
479
531
  # write updated J1 session cookie
480
532
  #
481
- session_json = j1_web_session.to_json
482
- session_encoded = Base64.encode64(session_json)
483
- log_info! 'PreFlight', 'Cookie', 'Write web session data' # "#{session_json}"
533
+ session_json = web_session_data.to_json
534
+ log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
535
+ writeCookie('j1.web.session', session_json)
484
536
 
485
- response.set_cookie(
486
- 'j1.web.session',
487
- domain: false,
488
- value: session_encoded.to_s,
489
- path: '/'
490
- )
537
+ log_info! 'PreFlight', 'Redirect', 'Call API request', 'PageValidate'
491
538
 
492
539
  allowed_users = providers["#{default_provider}"]['users'].join(',')
493
540
  requested_page = env['REQUEST_URI']
494
-
495
- log_info! 'PreFlight', 'Redirect', 'Call API request', 'PageValidate'
496
541
  redirect "/page_validation?provider=#{default_provider}&category=#{category}&page=#{requested_page}&allowed_users=#{allowed_users}"
497
542
  else
498
543
  raise J1App::ConfigError
@@ -527,13 +572,13 @@ module J1App
527
572
  # ----------------------------------------------------------------------
528
573
  allowed_users = params.fetch('allowed_users')
529
574
 
530
- j1_web_session['users_allowed'] = allowed_users
531
- j1_web_session['writer'] = 'middleware'
575
+ web_session_data['users_allowed'] = allowed_users
576
+ web_session_data['writer'] = 'middleware'
532
577
 
533
578
  # Write updated J1 session data to cookie
534
579
  # --------------------------------------------------------------------
535
- session_json = j1_web_session.to_json
536
- log_info! 'Authentication', 'Cookie', 'Write web session data' # #{session_json}"
580
+ session_json = web_session_data.to_json
581
+ log_info! 'Authentication', 'Cookie', 'Write web session data', "#{session_json}"
537
582
 
538
583
  session_encoded = Base64.encode64(session_json)
539
584
  response.set_cookie(
@@ -561,117 +606,106 @@ module J1App
561
606
  provider_signout = params.fetch('provider_signout')
562
607
  log_info! 'Authentication', 'SignOut', 'Called for provider', #{provider}"
563
608
 
564
- if warden.authenticated?
565
- user = warden.user[:info]['nickname']
566
- provider = warden.user[:provider]
567
- provider_url = j1_web_session['provider_url']
568
- log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
569
- warden.logout
570
- session.clear
571
-
572
- # Read current J1 web session cookie
573
- # --------------------------------------------------------------------
574
- if env['HTTP_COOKIE'].include? 'j1.web.session'
575
- session_encoded = env['rack.request.cookie_hash']['j1.web.session']
576
- session_decoded = Base64.decode64(session_encoded)
577
- log_info! 'Authentication', 'Cookie', 'Read web session data' # #{session_decoded}"
578
- j1_web_session = JSON.parse(session_decoded)
579
- else
580
- j1_web_session['requested_page'] = env['REQUEST_URI']
581
- end
582
-
583
- # Update J1 web session data
584
- # --------------------------------------------------------------------
585
- j1_web_session['user_name'] = 'unknown'
586
- j1_web_session['user_id'] = 'unknown'
587
- j1_web_session['users_allowed'] = 'unknown'
588
- j1_web_session['payment_status'] = 'unknown'
589
- j1_web_session['provider'] = 'unknown'
590
- j1_web_session['provider_url'] = 'unknown'
591
- j1_web_session['permissions'] = 'unknown'
592
- j1_web_session['authenticated'] = 'false'
593
- j1_web_session['writer'] = 'middleware'
594
-
595
- # Write updated J1 session data to cookie
596
- # --------------------------------------------------------------------
597
- session_json = j1_web_session.to_json
598
- log_info! 'Authentication', 'Cookie', 'Write web session data' # #{session_json}"
599
-
600
- session_encoded = Base64.encode64(session_json)
601
- response.set_cookie(
602
- 'j1.web.session',
603
- domain: false,
604
- value: session_encoded.to_s,
605
- path: '/'
606
- )
607
-
608
- if provider_signout === 'true'
609
- log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
610
- log_info! 'Authentication', 'SignOut', 'Sign out from', "#{provider}"
611
- log_info! 'Authentication', 'Redirect', 'Pass to provider', "#{provider_url}"
612
- redirect "#{provider_url}"
613
- else
614
- log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
615
- log_info! 'Authentication', 'SignOut', 'Sign out from', "session"
616
-
617
- # If signed out, redirect ONLY for PUBLIC pages
618
- # ------------------------------------------------------------------
619
- if redirect_whitelisted?j1_web_session['requested_page']
620
- log_info! 'Authentication', 'Redirect', 'Pass to page', "#{j1_web_session['requested_page']}"
621
- redirect j1_web_session['requested_page']
622
- else
623
- log_info! 'Authentication', 'Redirect', 'Redirect NOT whitelisted'
624
- log_info! 'Authentication', 'Redirect', 'Pass to page', "/"
625
- redirect '/'
626
- end
627
- end
628
- else
629
- # THIS condition should NEVER REACHED because NO logout dialog
630
- # (modal) is provided by the auth client if a user isn't signed in.
631
- # Kept this alternative for cases something went wrong.
632
- # --------------------------------------------------------------------
633
- log_info! 'Authentication', 'API', 'DEAD PATH: Called for sign out', 'NOT signed in'
634
-
635
- # Read current J1 session cookie
636
- # --------------------------------------------------------------------
637
- if env['HTTP_COOKIE'].include? 'j1.web.session'
638
- session_encoded = env['rack.request.cookie_hash']['j1.web.session']
639
- session_decoded = Base64.decode64(session_encoded)
640
- j1_web_session = JSON.parse(session_decoded)
641
-
642
- log_info! 'Authentication', 'Cookie', 'DEAD PATH. Read web session data' # #{session_decoded}"
643
- else
644
- j1_web_session['requested_page'] = env['REQUEST_URI']
645
- end
646
-
647
- # Update J1 web session data
648
- # --------------------------------------------------------------------
649
- j1_web_session['user_name'] = 'unknown'
650
- j1_web_session['user_id'] = 'unknown'
651
- j1_web_session['users_allowed'] = 'unknown'
652
- j1_web_session['payment_status'] = 'unknown'
653
- j1_web_session['provider'] = 'unknown'
654
- j1_web_session['provider_url'] = 'unknown'
655
- j1_web_session['permissions'] = 'unknown'
656
- j1_web_session['authenticated'] = 'false'
657
- j1_web_session['writer'] = 'middleware'
658
-
659
- # Write updated J1 session data to cookie
660
- # --------------------------------------------------------------------
661
- session_json = j1_web_session.to_json
662
- log_info! 'Authentication', 'Cookie', 'DEAD PATH. Write web session data' # #{session_json}"
663
-
664
- session_encoded = Base64.encode64(session_json)
665
- response.set_cookie(
666
- 'j1.web.session',
667
- domain: false,
668
- value: session_encoded.to_s,
669
- path: '/'
670
- )
671
-
672
- log_info! 'Post Authentication', 'Redirect', 'DEAD PATH: Pass to requested page', "#{j1_web_session['requested_page']}"
673
- redirect j1_web_session['requested_page']
674
- end
609
+ if warden.authenticated?
610
+ user = warden.user[:info]['nickname']
611
+ provider = warden.user[:provider]
612
+ provider_url = web_session_data['provider_url']
613
+ log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
614
+ warden.logout
615
+ session.clear
616
+
617
+ # Read current J1 web session cookie
618
+ # --------------------------------------------------------------------
619
+ if env['HTTP_COOKIE'].include? 'j1.web.session'
620
+ session_encoded = env['rack.request.cookie_hash']['j1.web.session']
621
+ session_decoded = Base64.decode64(session_encoded)
622
+ log_info! 'Authentication', 'Cookie', 'Read web session data' # #{session_decoded}"
623
+ web_session_data = JSON.parse(session_decoded)
624
+ else
625
+ web_session_data['requested_page'] = env['REQUEST_URI']
626
+ end
627
+
628
+ # Update J1 web session data
629
+ # --------------------------------------------------------------------
630
+ web_session_data['user_name'] = 'visitor'
631
+ web_session_data['user_id'] = 'unknown'
632
+ web_session_data['users_allowed'] = 'all'
633
+ web_session_data['payment_status'] = 'unknown'
634
+ web_session_data['provider'] = 'j1'
635
+ web_session_data['provider_url'] = 'https://jekyll.one'
636
+ web_session_data['provider_membership'] = 'guest'
637
+ web_session_data['provider_permissions'] = 'public'
638
+ web_session_data['authenticated'] = 'false'
639
+ web_session_data['writer'] = 'middleware'
640
+
641
+ # Write updated J1 session data to cookie
642
+ # --------------------------------------------------------------------
643
+ session_json = web_session_data.to_json
644
+ log_info! 'Authentication', 'SignOut', 'Write web session data', "#{session_json}"
645
+ writeCookie('j1.web.session', session_json)
646
+
647
+ if provider_signout === 'true'
648
+ log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
649
+ log_info! 'Authentication', 'SignOut', 'Sign out from', "#{provider}"
650
+ log_info! 'Authentication', 'Redirect', 'Pass to provider', "#{provider_url}"
651
+ redirect "#{provider_url}"
652
+ else
653
+ log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
654
+ log_info! 'Authentication', 'SignOut', 'Sign out from', "session"
655
+
656
+ # If signed out, redirect ONLY for PUBLIC pages
657
+ # ------------------------------------------------------------------
658
+ if redirect_whitelisted?web_session_data['requested_page']
659
+ log_info! 'Authentication', 'Redirect', 'Pass to page', "#{web_session_data['requested_page']}"
660
+ redirect web_session_data['requested_page']
661
+ else
662
+ log_info! 'Authentication', 'Redirect', 'Redirect NOT whitelisted'
663
+ log_info! 'Authentication', 'Redirect', 'Pass to page', "/"
664
+ redirect '/'
665
+ end
666
+ end
667
+ else
668
+ # THIS condition should NEVER REACHED because NO logout dialog
669
+ # (modal) is provided by the auth client if a user isn't signed in.
670
+ # Kept this alternative for cases something went wrong.
671
+ # --------------------------------------------------------------------
672
+ log_info! 'Authentication', 'API', 'DEAD PATH: Called for sign out', 'NOT signed in'
673
+
674
+ # Read current J1 session cookie
675
+ # --------------------------------------------------------------------
676
+ if env['HTTP_COOKIE'].include? 'j1.web.session'
677
+ session_encoded = env['rack.request.cookie_hash']['j1.web.session']
678
+ session_decoded = Base64.decode64(session_encoded)
679
+ web_session_data = JSON.parse(session_decoded)
680
+
681
+ log_info! 'Authentication', 'Cookie', 'DEAD PATH. Read web session data' # #{session_decoded}"
682
+ else
683
+ web_session_data['requested_page'] = env['REQUEST_URI']
684
+ end
685
+
686
+ # Update J1 web session data
687
+ # --------------------------------------------------------------------
688
+ web_session_data['user_name'] = 'visitor'
689
+ web_session_data['user_id'] = 'unknown'
690
+ web_session_data['users_allowed'] = 'all'
691
+ web_session_data['payment_status'] = 'unknown'
692
+ web_session_data['provider'] = 'j1'
693
+ web_session_data['provider_url'] = 'https://jekyll.one'
694
+ web_session_data['provider_membership'] = 'guest'
695
+ web_session_data['provider_permissions'] = 'public'
696
+ web_session_data['provider_membership'] = 'member'
697
+ web_session_data['authenticated'] = 'false'
698
+ web_session_data['writer'] = 'middleware'
699
+
700
+ # Write updated J1 session data to cookie
701
+ # --------------------------------------------------------------------
702
+ session_json = web_session_data.to_json
703
+ log_info! 'Authentication', 'Cookie', 'DEAD PATH. Write web session data', "#{session_json}"
704
+ writeCookie('j1.web.session', session_json)
705
+
706
+ log_info! 'Post Authentication', 'Redirect', 'DEAD PATH: Pass to requested page', "#{web_session_data['requested_page']}"
707
+ redirect web_session_data['requested_page']
708
+ end
675
709
  else
676
710
  raise J1App::ConfigError
677
711
  end
@@ -697,7 +731,7 @@ module J1App
697
731
  log_info! 'Post Authentication', 'Cookie', 'Read web session data'
698
732
  session_encoded = request.cookies['j1.web.session']
699
733
  session_decoded = Base64.decode64(session_encoded)
700
- j1_web_session = JSON.parse(session_decoded)
734
+ web_session_data = JSON.parse(session_decoded)
701
735
 
702
736
  user = warden.user
703
737
  user_json = user.to_json
@@ -764,19 +798,20 @@ module J1App
764
798
  redirect "/access_denied?provider=unknown&user=unknown&category=unknown&title=#{description_title}"
765
799
  else
766
800
  log_info! 'Post Authentication', 'Identification', 'User identified successfully'
767
- log_info! 'Post Authentication', 'Cookie', 'Update web session data' # "#{j1_web_session}"
768
- j1_web_session['user_name'] = user[:info]['nickname']
769
- j1_web_session['user_id'] = user[:uid]
770
- j1_web_session['provider'] = user[:provider]
771
- j1_web_session['permissions'] = providers["#{user[:provider]}"]['permissions']
772
- j1_web_session['authenticated'] = 'true'
773
- j1_web_session['payment_status'] = user[:info][:payment_status]
774
- j1_web_session['writer'] = 'middleware'
801
+ log_info! 'Post Authentication', 'Cookie', 'Update web session data' # "#{web_session_data}"
802
+ web_session_data['user_name'] = user[:info]['nickname']
803
+ web_session_data['user_id'] = user[:uid]
804
+ web_session_data['provider'] = user[:provider]
805
+ web_session_data['provider_membership'] = 'member'
806
+ web_session_data['provider_permissions'] = providers["#{user[:provider]}"]['permissions']
807
+ web_session_data['authenticated'] = 'true'
808
+ web_session_data['payment_status'] = user[:info][:payment_status]
809
+ web_session_data['writer'] = 'middleware'
775
810
 
776
- current_user = user[:info]['nickname'] = user[:info]['nickname']
777
- current_provider = user[:provider]
811
+ current_user = user[:info]['nickname'] = user[:info]['nickname']
812
+ current_provider = user[:provider]
778
813
 
779
- j1_web_session['requested_page'].scan(/(private|premium)/) do |match|
814
+ web_session_data['requested_page'].scan(/(protected|private)/) do |match|
780
815
 
781
816
  # Set category from requested page
782
817
  #
@@ -786,10 +821,10 @@ module J1App
786
821
  # Check if user is allowed to access protected content in GENERAL
787
822
  #
788
823
  log_info! 'Post Authentication', 'Identification', 'Check for allowed users'
789
- unless j1_web_session['users_allowed'].include? 'all'
790
- unless j1_web_session['users_allowed'].include? "#{current_user}"
824
+ unless web_session_data['users_allowed'].include? 'all'
825
+ unless web_session_data['users_allowed'].include? "#{current_user}"
791
826
  log_info! 'Post Authentication', 'Identification', 'User not allowed', "#{current_user}"
792
- log_info! 'Post Authentication', 'Identification', 'Allowed users', "#{j1_web_session['users_allowed']}"
827
+ log_info! 'Post Authentication', 'Identification', 'Allowed users', "#{web_session_data['users_allowed']}"
793
828
  log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
794
829
  warden.logout
795
830
  session.clear
@@ -798,7 +833,7 @@ module J1App
798
833
  redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
799
834
  end
800
835
  end
801
- log_info! 'Post Authentication', 'Identification', 'Allowed users', "#{j1_web_session['users_allowed']}"
836
+ log_info! 'Post Authentication', 'Identification', 'Allowed users', "#{web_session_data['users_allowed']}"
802
837
 
803
838
  # Check conditions to access protected content (if any)
804
839
  #
@@ -818,7 +853,7 @@ module J1App
818
853
  if blacklist.include? "#{current_user}"
819
854
  log_info! 'Post Authentication', 'Identification', 'Check blacklisting'
820
855
  log_info! 'Post Authentication', 'Identification', 'User blacklisted', "#{current_user}"
821
- user[:info][:blacklisted] = 'true'
856
+ user[:info][:blacklisted] = 'true'
822
857
  log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
823
858
  warden.logout
824
859
  session.clear
@@ -876,6 +911,16 @@ module J1App
876
911
 
877
912
  end
878
913
  # end category_whitelisted
914
+ else
915
+ category_condition_state = providers["#{user[:provider]}"]['conditions'][category]['enabled']
916
+ log_info! 'Post Authentication', 'Identification', 'Category check failed for', "#{current_provider}"
917
+ log_info! 'Post Authentication', 'Identification', "Category checked", "#{category}"
918
+ log_info! 'Post Authentication', 'Identification', "Category support", "#{category_condition_state}"
919
+ warden.logout
920
+ session.clear
921
+ log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
922
+ description_title = "Access Denied"
923
+ redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
879
924
  end
880
925
  # end check conditions
881
926
 
@@ -886,15 +931,15 @@ module J1App
886
931
 
887
932
  # redirect authenticated|validated user to requested page
888
933
  #
889
- j1_web_session['provider'] = current_provider
890
- j1_web_session['users_allowed'] = providers["#{current_provider}"]['users']
934
+ web_session_data['provider'] = current_provider
935
+ web_session_data['users_allowed'] = providers["#{current_provider}"]['users']
891
936
 
892
937
  # TODO: Add membership|product specific data for the SideBar
893
938
 
894
939
  # write updated J1 session data to cookie
895
940
  #
896
- session_json = j1_web_session.to_json
897
- log_info! 'Post Authentication', 'Cookie', 'Write web session data' # "#{session_json}"
941
+ session_json = web_session_data.to_json
942
+ log_info! 'Post Authentication', 'Cookie', 'Write web session data', "#{session_json}"
898
943
 
899
944
  session_encoded = Base64.encode64(session_json)
900
945
  response.set_cookie(
@@ -904,10 +949,17 @@ module J1App
904
949
  path: '/'
905
950
  )
906
951
 
952
+ time = Time.now.ctime.to_s
953
+
907
954
  log_info! 'Post Authentication', 'Identification', 'Provider', "#{user[:provider]}"
908
955
  log_info! 'Post Authentication', 'Identification', 'User', "#{user[:info]['nickname']}"
909
- log_info! 'Post Authentication', 'Redirect', 'Pass to requested page', "#{j1_web_session['requested_page']}"
910
- redirect j1_web_session['requested_page']
956
+ log_info! 'Post Authentication', 'Redirect', 'Set Last-Modified', "#{time}"
957
+ log_info! 'Post Authentication', 'Redirect', 'Pass to requested page', "#{web_session_data['requested_page']}"
958
+
959
+
960
+ response.headers['Last-Modified'] = time
961
+ response.headers['Cache-Control'] = 'private,max-age=0,must-revalidate,no-store'
962
+ redirect web_session_data['requested_page']
911
963
 
912
964
  end
913
965
  # END: get /post_authentication
@@ -919,7 +971,7 @@ module J1App
919
971
  get '/status' do
920
972
  session_encoded = request.cookies['j1.web.session']
921
973
  session_decoded = Base64.decode64(session_encoded)
922
- j1_web_session = JSON.parse(session_decoded)
974
+ web_session_data = JSON.parse(session_decoded)
923
975
 
924
976
  log_info! 'API', 'Status Request', 'Info request received'
925
977
 
@@ -929,7 +981,7 @@ module J1App
929
981
  user_name = warden.user[:info]['nickname']
930
982
  user_id = warden.user[:uid]
931
983
  provider = warden.user[:provider]
932
- provider_permissions = j1_web_session['permissions']
984
+ provider_permissions = web_session_data['provider_permissions']
933
985
  provider_site_url = warden.user[:info][:urls][:site]
934
986
  provider_home_url = warden.user[:info][:urls][:home]
935
987
  provider_blog_url = warden.user[:info][:urls][:blog]
@@ -939,7 +991,7 @@ module J1App
939
991
  provider_membership = warden.user[:extra][:reward][:name]
940
992
  provider_member_url = warden.user[:extra][:reward][:link]
941
993
  else
942
- provider_membership = 'unknown'
994
+ provider_membership = 'member'
943
995
  provider_member_url = '#'
944
996
  end
945
997
 
@@ -970,11 +1022,11 @@ module J1App
970
1022
  log_info! 'API', 'Status Request', 'Send data', 'SIGNED_OUT'
971
1023
  content_type 'application/json'
972
1024
  {
973
- user_name: 'unknown',
1025
+ user_name: 'visitor',
974
1026
  user_id: 'unknown',
975
- provider: 'unknown',
976
- provider_membership: 'unknown',
977
- provider_permissions: 'unknown',
1027
+ provider: 'j1',
1028
+ provider_membership: 'guest',
1029
+ provider_permissions: 'public',
978
1030
  provider_site_url: '#',
979
1031
  provider_home_url: '#',
980
1032
  provider_blog_url: '#',
@@ -986,6 +1038,40 @@ module J1App
986
1038
  # END: get /status
987
1039
  # --------------------------------------------------------------------------
988
1040
 
1041
+ # ENDPOINT cookie_consent (exception, called from the app|auth manager)
1042
+ # --------------------------------------------------------------------------
1043
+ get '/cookie_consent' do
1044
+ provider = params.fetch('provider')
1045
+ category = params.fetch('category')
1046
+ user = params.fetch('user')
1047
+ requested_page = params.fetch('requested_page')
1048
+ description_title = params.fetch('title')
1049
+
1050
+ log_info! 'API', 'ExceptionHandler', 'Request received'
1051
+ log_info! 'ExceptionHandler', 'ERROR', 'Cookies declined'
1052
+ log_info! 'ExceptionHandler', 'Redirect', 'Pass to dialog page', 'Cookie Consent'
1053
+
1054
+ # Capitalize first char
1055
+ provider = provider.sub(/^./, &:upcase)
1056
+ route = requested_page
1057
+
1058
+ @route = route
1059
+ @provider = provider
1060
+ @modal = "centralCookieConsent"
1061
+ @info_type = "danger"
1062
+ @modal_icon = "cookie"
1063
+ @modal_agreed_text = "Yes, please"
1064
+ @modal_disagreed_text = "No, thanks"
1065
+ @modal_title = "Authentication Manager"
1066
+ # @modal_description = "<h4>#{description_title}</h4><br /><br />User <b>#{user}</b> from provider <b>#{provider}</b> requested access on <b>#{category}</b> pages.<br /> In order to continue, you need to accept on <b>Cookies</b>."
1067
+ @modal_description = "<h4>#{description_title}</h4><br /><br /> In order to continue, you need to accept on <b>Cookies</b>."
1068
+
1069
+ erb :auth_manager_ui
1070
+ end
1071
+ # END: get /cookies_rejected
1072
+ # --------------------------------------------------------------------------
1073
+
1074
+
989
1075
  # ENDPOINT access_denied (exception, called from the app|auth manager)
990
1076
  # --------------------------------------------------------------------------
991
1077
  get '/access_denied' do
@@ -999,25 +1085,25 @@ module J1App
999
1085
 
1000
1086
  session_encoded = request.cookies['j1.web.session']
1001
1087
  session_decoded = Base64.decode64(session_encoded)
1002
- j1_web_session = JSON.parse(session_decoded)
1088
+ web_session_data = JSON.parse(session_decoded)
1003
1089
 
1004
1090
  # Update J1 web session data
1005
1091
  # --------------------------------------------------------------------
1006
- j1_web_session['user_name'] = 'unknown'
1007
- j1_web_session['user_id'] = 'unknown'
1008
- j1_web_session['users_allowed'] = 'unknown'
1009
- j1_web_session['payment_status'] = 'unknown'
1010
- j1_web_session['provider'] = 'unknown'
1011
- j1_web_session['provider_url'] = 'unknown'
1012
- j1_web_session['permissions'] = 'unknown'
1013
- j1_web_session['authenticated'] = 'false'
1014
- j1_web_session['writer'] = 'middleware'
1015
-
1016
- log_info! 'ExceptionHandler', 'Cookie', 'Write web session data' # "#{session_json}"
1092
+ web_session_data['user_name'] = user
1093
+ # web_session_data['user_id'] = 'unknown'
1094
+ # web_session_data['users_allowed'] = 'unknown'
1095
+ # web_session_data['payment_status'] = 'unknown'
1096
+ web_session_data['provider'] = provider
1097
+ # web_session_data['provider_url'] = 'unknown'
1098
+ # web_session_data['provider_permissions'] = 'unknown'
1099
+ # web_session_data['authenticated'] = 'false'
1100
+ web_session_data['writer'] = 'middleware'
1101
+
1102
+ log_info! 'ExceptionHandler', 'Cookie', 'Write web session data', "#{session_json}"
1017
1103
 
1018
1104
  # write updated J1 session data to cookie
1019
1105
  #
1020
- session_json = j1_web_session.to_json
1106
+ session_json = web_session_data.to_json
1021
1107
  session_encoded = Base64.encode64(session_json)
1022
1108
  response.set_cookie(
1023
1109
  'j1.web.session',
@@ -1060,26 +1146,26 @@ module J1App
1060
1146
 
1061
1147
  session_encoded = request.cookies['j1.web.session']
1062
1148
  session_decoded = Base64.decode64(session_encoded)
1063
- j1_web_session = JSON.parse(session_decoded)
1149
+ web_session_data = JSON.parse(session_decoded)
1064
1150
 
1065
1151
  # Update J1 web session data
1066
1152
  # --------------------------------------------------------------------
1067
- j1_web_session['user_name'] = 'unknown'
1068
- j1_web_session['user_id'] = 'unknown'
1069
- j1_web_session['users_allowed'] = 'unknown'
1070
- j1_web_session['payment_status'] = 'unknown'
1071
- j1_web_session['provider'] = 'unknown'
1072
- j1_web_session['provider_url'] = 'unknown'
1073
- j1_web_session['permissions'] = 'unknown'
1074
- j1_web_session['authenticated'] = 'false'
1075
- j1_web_session['writer'] = 'middleware'
1076
-
1077
- log_info! 'ExceptionHandler', 'Cookie', 'Write web session data' # "#{session_json}"
1153
+ web_session_data['user_name'] = user
1154
+ # web_session_data['user_id'] = 'unknown'
1155
+ # web_session_data['users_allowed'] = 'unknown'
1156
+ # web_session_data['payment_status'] = 'unknown'
1157
+ web_session_data['provider'] = provider
1158
+ # web_session_data['provider_url'] = 'unknown'
1159
+ # web_session_data['provider_permissions'] = 'unknown'
1160
+ # web_session_data['authenticated'] = 'false'
1161
+ web_session_data['writer'] = 'middleware'
1162
+
1163
+ log_info! 'ExceptionHandler', 'Cookie', 'Write web session data', "#{session_json}"
1078
1164
 
1079
1165
  # write updated J1 session data to cookie
1080
1166
  #
1081
1167
  log_info! 'API', 'Exception Handler', 'ERROR', 'Invalid Funds'
1082
- session_json = j1_web_session.to_json
1168
+ session_json = web_session_data.to_json
1083
1169
  session_encoded = Base64.encode64(session_json)
1084
1170
  response.set_cookie(
1085
1171
  'j1.web.session',
@@ -1164,8 +1250,8 @@ module J1App
1164
1250
  # for chromium based browsers (e.g. google-chrome)
1165
1251
  # ------------------------------------------------------------------------
1166
1252
  get '/redirect_requested_page' do
1167
- log_info! 'Fallback', 'Redirect', 'Pass to requested page', "#{j1_web_session['requested_page']}"
1168
- redirect j1_web_session['requested_page']
1253
+ log_info! 'Fallback', 'Redirect', 'Pass to requested page', "#{web_session_data['requested_page']}"
1254
+ redirect web_session_data['requested_page']
1169
1255
  end
1170
1256
  # END: get /iframe
1171
1257
  # --------------------------------------------------------------------------