RubyGems - kirgudu_base - Versions diffs - 0.0.3 → 0.0.4 - Mend

kirgudu_base 0.0.3 → 0.0.4

Files changed (187) hide show

data/app/controllers/kirgudu_base/security/authentications_controller.rb ADDED Viewed

@@ -0,0 +1,452 @@
+# -*- encoding : utf-8 -*-
+module KirguduBase
+	module Security
+		class AuthenticationsController < ::KirguduBase::ApplicationController
+			before_action :redirect_if_loggedin, only: :login
+			# before_action :on_before_login, only: :login
+			# after_action :on_after_login, only: :login
+			#include ApplicationHelper
+			DEFAULT_FROM = "kirgudu.net@gmail.com"
+			def login
+				local_data = {
+					messages: [],
+					errors: []
+				}
+				params_to_local_data = [:email, :password, :token_id, :redirect_to]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				session[:redirect_to] = params[:redirect_to] if params[:redirect_to]
+				logger.info("AUTH CONTROLLER TEMPLATE: #{self.class.get_method_latest_result(:get_kb_template)}")
+				logger.info("LOGIN VIEW PATH: #{self.class.get_method_latest_result(:get_kb_template)}/authentications/login")
+				render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/login", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application"
+			end
+			def login_process
+				local_data = {
+					messages: [],
+					errors: []
+				}
+				local_data[:user] = ::KirguduBase::Security::User.where(email: params[:email]).first
+				params_to_local_data = [:email, :password, :token_id, :redirect_to]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				process_result = false
+				if local_data[:user] && local_data[:user].password == ::ChupakabraTools::Security.get_password_hash(params[:password])
+					session_expire_timeout = nil
+					# session_expire_timeout = @settings_manager.get('session_expire_timeout') if @settings_manager.get('session_expire_timeout') && params[:remember_me] == false
+					# session_expire_timeout = @settings_manager.get('session_expire_remember_timeout') if @settings_manager.get('session_expire_remember_timeout') && params[:remember_me] == true
+					session_expire_timeout = 1.hour if session_expire_timeout.nil?
+					session[:user_id] = local_data[:user].id
+					session[:user_expire] = DateTime.now + session_expire_timeout
+					session[:remember_me] = params[:remember_me] == true
+					process_result = true
+				else
+					local_data[:errors] << I18n.t("kirgudu_base.authentications.login.errors.generic_user_password")
+				end
+				unless verify_recaptcha
+					local_data[:errors] << I18n.t("kirgudu_base.authentications.login.errors.captcha_error")
+					process_result = false
+				end
+				if process_result
+					redirect_to session[:return_to] || ::KirguduBase.url_for_default_redirection_after_login || "/"
+				else
+					render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/login", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application"
+				end
+			end
+			def one_time_pass_login
+				local_data = {}
+				render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/token_login", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application"
+			end
+			def one_time_pass_login_process
+			end
+			def direct_login
+				local_data[:app_id] = params[:app_id]
+				local_data[:email] = params[:email]
+				local_data[:password] = params[:password]
+			end
+			def logout
+				security_logout(session)
+				session[:user_id] = nil
+				session[:user_expire] = 1.day.ago
+				session[:remember_me] = false
+				redirect_to url_for(controller: ::KirguduBase::Security::AuthenticationsController.to_route_path, action: 'login')
+			end
+			def create
+				omniauth = request.env["omniauth.auth"]
+				# Checking if External Authentication Services Allowed
+				external_authentication_allowed = Option.where(name: 'external_authentication_allowed').first
+				if !external_authentication_allowed.nil? && external_authentication_allowed == false
+					flash[:error] = "External Authentication Services are prohibited. Pleas Login with Your Local Account"
+					redirect_to ::KirguduBase::Security::AuthenticationsController.to_url_for(action: :login)
+					return
+				end
+				authentication = ::KirguduBase::Security::Authentication.find_by_provider_and_uid(omniauth['provider'], omniauth['uid'])
+				if authentication
+					flash[:notice] = "Signed in successfully."
+					session[:user_id] = authentication.user.id
+					session[:user_provider] = authentication.provider
+					#sign_in_and_redirect(:user, authentication.user)
+					#redirect_to home_path
+					return
+				elsif @current_website
+					authentication = @current_website.authentications.create!(
+						provider: omniauth['provider'],
+						uid: omniauth['uid']
+					)
+					session[:user_provider] = authentication.provider
+					flash[:notice] = "Authentication successful."
+					#redirect_to home_path
+					return
+				else
+					user_params = {
+						first_name: omniauth.info.first_name || "",
+						last_name: omniauth.info.last_name || "",
+						email: omniauth.info.email,
+						#phone: "",
+						password: ::ChupakabraTools::Security.generate_secret(length: 10)
+					}
+					local_data[:user] = ::KirguduBase::Security::User.new(user_params)
+					if local_data[:user].save
+						authentication = local_data[:user].authentications.create!(
+							provider: omniauth['provider'],
+							uid: omniauth['uid']
+						)
+						session[:user_provider] = authentication.provider
+						flash[:notice] = "Signed in successfully."
+						session[:user_id] = local_data[:user].id
+						#redirect_to home_path
+						return
+					else
+						#session[:omniauth] = omniauth.except('extra')
+						redirect_to url_for(controller: ::KirguduBase::Security::AuthenticationsController.to_route_path, action: :register)
+						return
+					end
+				end
+			end
+			def register
+				local_data = {
+					messages: [],
+					errors: [],
+					user: ::KirguduBase::Security::User.new
+				}
+				params_to_local_data = [:token_id, :redirect_to]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/register", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application"
+			end
+			def register_process
+				params_user = params[::KirguduBase::Security::User.for_form_params]
+				local_data = {
+					errors: [],
+					messages: [],
+					user: ::KirguduBase::Security::User.new(self.strong_params_on_create)
+				}
+				params_to_local_data = [:token_id, :redirect_to]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				local_data[:user].email = params_user[:email]
+				local_data[:user].password = params_user[:password]
+				local_data[:user].password_confirmation = params_user[:password_confirmation]
+				local_data[:user].uin ||= ::SecureRandom.uuid
+				process_result = false
+				existent_user = ::KirguduBase::Security::User.get_by_email(local_data[:user].email)
+				if existent_user
+					local_data[:user].errors[:email] << I18n.t("kirgudu_base.authentications.register.errors.user_already_exists")
+				else
+					local_data[:user].created_at = DateTime.now
+					local_data[:user].updated_at = DateTime.now
+					if local_data[:user].valid?
+						user_plain_text_password = local_data[:user].password
+						local_data[:user].password = ::ChupakabraTools::Security.get_password_hash(local_data[:user].password)
+						local_data[:user].password_confirmation = local_data[:user].password
+						ActiveRecord::Base.transaction do
+							if local_data[:user].save
+								if local_data[:user].authentications.create!(provider: "kirgudu", uid: local_data[:user].uin)
+									local_data[:messages] << I18n.t("kirgudu_base.authentications.register.messages.user_created")
+									process_result = true
+								else
+									local_data[:errors] << I18n.t("kirgudu_base.authentications.register.errors.cannot_create_authentication")
+									raise ::ActiveRecord::Rollback
+								end
+							else
+								local_data[:errors] << I18n.t("kirgudu_base.authentications.register.errors.failed_to_save_user")
+							end
+						end
+					end
+				end
+				unless verify_recaptcha
+					local_data[:errors] << I18n.t("kirgudu_base.authentications.register.errors.captcha_error")
+					process_result = false
+				end
+				if process_result
+					local_data[:user].password = user_plain_text_password
+					local_data[:user].password_confirmation = local_data[:user].password
+					render "/authentications/register_successful", locals: {data: local_data}
+				else
+					render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/register", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application"
+				end
+			end
+			def restore_password
+				local_data = {
+					errors: [],
+					messages: []
+				}
+				params_to_local_data = [:token_id, :redirect_to, :email]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application"
+			end
+			def restore_password_send
+				local_data = {
+					errors: [],
+					messages: []
+				}
+				params_to_local_data = [:token_id, :redirect_to, :email]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				process_result = false
+				if verify_recaptcha
+					if local_data[:email] && !local_data[:email].blank?
+						if local_data[:email]
+							user = ::KirguduBase::Security::User.get_by_email(local_data[:email])
+							if user
+								restore = ::KirguduBase::Security::RestorePasswordCode.where { (expire_at > Time.now) & (is_used == false) }.order(::KirguduBase::Security::RestorePasswordCode.for_sql_order_by(:created_at, :desc)).first
+								unless restore
+									restore = ::KirguduBase::Security::RestorePasswordCode.new(expire_at: 30.minute.from_now, code: 100000 + SecureRandom.random_number(899999), user_id: user.id)
+									unless restore.save
+										restore = nil
+										local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.cant_create_restore_code")
+									end
+								end
+								if restore
+									# begin
+									::KirguduBase::AuthenticationsMailer.restore_password_code(DEFAULT_FROM, user.email, user, restore).deliver!
+									process_result = true
+									restore.sent_at = Time.now
+									restore.save
+									# rescue
+									# 	local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.mail_delivery_error")
+									# end
+								end
+							else
+								local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.user_not_found")
+							end
+						else
+							local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.email_wrong_format")
+						end
+					else
+						local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.email_cannot_be_empty")
+					end
+				else
+					local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.captcha_error")
+				end
+				if process_result
+					redirect_to ::KirguduBase.authentications_controller.to_url_for(:restore_password_code, email: user.email)
+				else
+					render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application"
+				end
+			end
+			def restore_password_code
+				local_data = {
+					errors: [],
+					messages: []
+				}
+				params_to_local_data = [:token_id, :redirect_to, :email, :id, :code]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password_code", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application"
+			end
+			def restore_password_code_process
+				local_data = {
+					errors: [],
+					messages: []
+				}
+				params_to_local_data = [:token_id, :redirect_to, :email, :id, :code]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				restore_code = nil
+				restore_code = ::KirguduBase::Security::RestorePasswordCode.find(local_data[:id]) if local_data[:id]
+				process_result = false
+				if restore_code && restore_code.code == local_data[:code]
+					unless restore_code.is_used?
+						password = ::ChupakabraTools::Security.generate_secret(length: 8)
+						restore_code.user.password = ::ChupakabraTools::Security.get_password_hash(password)
+						if restore_code.user.save
+							#begin
+							::KirguduBase::AuthenticationsMailer.restore_password_success(DEFAULT_FROM, restore_code.user.email, restore_code.user, password).deliver!
+							local_data[:email] = restore_code.user.email
+							process_result = true
+							restore_code.is_used = true
+							restore_code.save
+							# rescue
+							# 	local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password_code.errors.failed_to_send_password")
+							# end
+						else
+							local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password_code.errors.failed_to_save_password")
+						end
+					else
+						local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password_code.errors.used_code")
+					end
+				else
+					local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password_code.errors.wrong_code")
+					process_result = false
+				end
+				if process_result
+					redirect_to ::KirguduBase.authentications_controller.to_url_for(:restore_password_success, email: local_data[:email])
+				else
+					render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password_code", locals: {data: local_data}
+				end
+			end
+			def restore_password_success
+				local_data = {
+					errors: [],
+					messages: []
+				}
+				params_to_local_data = [:token_id, :redirect_to, :email, :id, :code]
+				params_to_local_data.each do |param_name|
+					local_data[param_name] = params[param_name] if params[param_name]
+				end
+				render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password_success", locals: {data: local_data}
+			end
+			def confirm_email
+				local_data = {
+					errors: [],
+					messages: []
+				}
+			end
+			def confirm_email_process
+			end
+			def destroy
+			end
+			def destroy_process
+				local_data = {}
+				local_data[:user] = ::KirguduBase::Security::User.where(id: session[:user_id])
+				if local_data[:user]
+					if local_data[:user].destroy
+						flash[:notice] = "Successfully destroyed authentication."
+						redirect_to authentications_url
+					else
+						# failed to delete user
+					end
+				else
+				end
+			end
+			protected
+			def on_before_login
+			end
+			def on_after_login
+			end
+			def strong_params_on_create
+				params.require(::KirguduBase::Security::User.for_form_params).permit(:email, :first_name, :last_name, :password, :password_confirmation)
+			end
+			private
+			def redirect_if_loggedin
+				if @current_user
+					if session[:token_id]
+					else
+						redirect_to params[:return_to] || session[:return_to] || ::KirguduBase.url_for_default_redirection_after_login || "/"
+					end
+				end
+			end
+		end
+	end
+end

data/app/controllers/kirgudu_base/security/email_confirmations_controller.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module KirguduBase
+	module Security
+		class AuthenticationsController < ::KirguduBase::ApplicationController
+			def confirm
+				local_data = {
+					errors: [],
+					messages: []
+				}
+				local_data[:email] = params[:email]
+				local_data[:code] = params[:code]
+				render
+			end
+			def process
+				local_data = {
+					messages: [],
+					errors: []
+				}
+				transaction_result = true
+				if params[:email]
+					user = ::KirguduBase::Security::User.get_by_email(params[:email])
+					if user
+						confirmation = ::KirguduBase::Security::EmailConfirmation.where
+					else
+						local_data[:errors] = "User With This Email Not Found"
+						transaction_result = false
+					end
+				else
+					local_data[:errors] = "Email Not Supplied"
+					transaction_result = false
+				end
+				if transaction_result
+				else
+				end
+			end
+		end
+	end
+end

data/app/helpers/kirgudu_base/application_helper.rb CHANGED Viewed

@@ -67,6 +67,31 @@ module KirguduBase
 			params_new
 		end
+		def kb_dynamic_form_for(item, options, &proc)
+			options ||= {}
+			options[:builder] = ::KirguduBase::FormBuilder
+			html_options = options[:html] || {}
+			classes = html_options[:class]
+			# if classes
+			# 	classes += " form-horizontal row-fluid"
+			# else
+			# 	classes = "form-horizontal row-fluid"
+			# end
+			html_options.merge!(class: classes)
+			options.merge!(html: html_options)
+			form_for(item, options, &proc)
+		end
+		def kb_auth_form_for(item, options, &proc)
+			options ||= {}
+			options[:builder] = ::KirguduBase::AuthenticationFormBuilder
+			form_for(item, options, &proc)
+		end
 		def print_property item, method, options = {}

data/app/helpers/kirgudu_base/authentication_form_builder.rb ADDED Viewed

@@ -0,0 +1,76 @@
+# -*- encoding : utf-8 -*-
+module KirguduBase
+	class AuthenticationFormBuilder < ActionView::Helpers::FormBuilder
+		include ActionView::Helpers::AssetTagHelper
+		include ActionView::Helpers::TagHelper
+		#include ::KirguduBase::GuiHelper
+		def error_label(label, html_options = {})
+			html_options.merge!(generated: "true", style: "display: block")
+			html_options_add_class(html_options, "error") if @object.errors[label].present?
+			errors_in_html = []
+			@object.errors[label].each do |error_message|
+				errors_in_html << @template.content_tag("label", error_message.capitalize.html_safe, html_options)
+			end if @object.errors[label].present?
+			errors_in_html.join("").html_safe
+		end
+		def label(label, html_options = {})
+			@template.content_tag("label", html_options) do
+				@object.class.human_attribute_name(label)
+			end
+		end
+		def text_field(label, value, html_options = {})
+			html_options ||= {}
+			html_options.merge!(
+				{
+					id: "#{@object.class.for_form_params}_#{label}",
+					name: "#{@object.class.for_form_params}[#{label}]",
+					type: "text",
+					value: value || @object[label]
+				}
+			)
+			html_options_add_class(html_options, "error") if @object.errors[label].present?
+			@template.content_tag("input", "", html_options)
+		end
+		def password_field(label, value, html_options = {})
+			html_options ||= {}
+			html_options.merge!(
+				{
+					id: "#{@object.class.for_form_params}_#{label}",
+					name: "#{@object.class.for_form_params}[#{label}]",
+					type: "password",
+					value: value || @object[label]
+				}
+			)
+			html_options_add_class(html_options, "error") if @object.errors[label].present?
+			@template.content_tag("input", "", html_options)
+		end
+		private
+		def html_options_add_class(html_options, classes_to_add)
+			classes = html_options[:class] ? html_options[:class].split(' ') : []
+			if classes_to_add.is_a?(Array)
+				classes_to_add.each do |item|
+					classes << item.to_s unless classes.include?(item.to_s)
+				end
+			else
+				classes << classes_to_add.to_s unless classes.include?(classes_to_add.to_s)
+			end
+			html_options[:class] = classes.join(" ") if classes.length > 0
+		end
+	end
+end