lam_auth 0.1.0

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in lam_auth.gemspec
+gemspec

data/README.rdoc

@@ -0,0 +1,42 @@
+Аутентификация для спецпроектов Lookatme
+
+== Установка
+
+  gem install lam_auth
+
+После установки/добавления в Gemfile:
+
+  rails generate lam_auth User
+
+после этого нужно добавить настройки приложения для соответствующих environment в config/lam_auth.yml.
+
+== Обработчик LoginRequiredException
+
+Для actions, где требуется залогиненный пользователь:
+
+  before_filter :login_required
+
+можно сделать обработчик для LoginRequiredException:
+
+  rescue_from LamAuth::LoginRequiredException, :with => :render_login_required
+
+  private
+
+  def render_login_required
+    render :file => 'shared/login_required', :layout => 'application', :status => 401
+  end
+  
+== Подключение панели
+
+Подключить js-код в head:
+  
+  <%= lam_auth_include_tag %>
+  
+Затем:
+
+  <div id="lam-root"></div>
+  <%= lam_auth_init_tag %>
+
+== Подробно о механизме аутентификации
+
+http://mindscan.msk.ru/downloads/lam_auth.pdf

data/Rakefile

@@ -0,0 +1,2 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks

data/lam_auth.gemspec

@@ -0,0 +1,19 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "lam_auth/version"
+
+Gem::Specification.new do |s|
+  s.name        = "lam_auth"
+  s.version     = LamAuth::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Max Macovsky", "Anton Platonov"]
+  s.email       = ["robotector@gmail.com", "platosha@lookatme.ru"]
+  s.homepage    = "http://github.com/macovsky/lam_auth"
+  s.summary     = %q{Аутентификация для спецпроектов Lookatme}
+  s.description = %q{}
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

data/lib/generators/active_record/lam_auth_generator.rb

@@ -0,0 +1,23 @@
+require 'rails/generators/active_record'
+require 'generators/lam_auth/helpers'
+
+module ActiveRecord
+  module Generators
+    class LamAuthGenerator < ActiveRecord::Generators::Base
+      include LamAuth::Generators::Helpers
+      source_root File.expand_path("../templates", __FILE__)
+
+      def generate_model
+        invoke "active_record:model", [name], :migration => false unless model_exists? && behavior == :invoke
+      end
+
+      def copy_lam_auth_migration
+        migration_template "migration.rb", "db/migrate/create_#{table_name}"
+      end
+
+      def inject_lam_auth_content
+        inject_into_class(model_path, class_name, model_contents) if model_exists?
+      end
+    end
+  end
+end

data/lib/generators/active_record/templates/migration.rb

@@ -0,0 +1,20 @@
+class Create<%= table_name.camelize %> < ActiveRecord::Migration
+  def self.up
+    create_table(:<%= table_name %>) do |t|
+      t.string :login, :null => false
+      t.string :email, :null => false
+      t.string :first_name
+      t.string :last_name
+      t.string :userpic
+      t.text :profile
+      t.timestamps
+    end
+    
+    add_index :<%= table_name %>, :login
+    add_index :<%= table_name %>, :email
+  end
+
+  def self.down
+    drop_table :<%= table_name %>
+  end
+end

data/lib/generators/lam_auth/helpers.rb

@@ -0,0 +1,19 @@
+module LamAuth
+  module Generators
+    module Helpers
+      def model_exists?
+        File.exists?(File.join(destination_root, model_path))
+      end
+
+      def model_path
+        @model_path ||= File.join("app", "models", "#{file_path}.rb")
+      end
+      
+      def model_contents
+<<-CONTENT
+  include LamAuth::Model
+CONTENT
+      end
+    end
+  end
+end

data/lib/generators/lam_auth/lam_auth_generator.rb

@@ -0,0 +1,28 @@
+module LamAuth
+  module Generators
+    class LamAuthGenerator < Rails::Generators::NamedBase
+      namespace "lam_auth"
+      source_root File.expand_path("../../templates", __FILE__)
+
+      desc "Installs lam_auth: generates a model plus includes required extensions."
+      
+      hook_for :orm
+      
+      def inject_controller_content
+        inject_into_class(File.join("app", "controllers", "application_controller.rb"), 'ApplicationController', "  lam_auth_for :#{file_path}\n")
+      end
+      
+      def copy_xd_receiver
+        copy_file 'xd_receiver.html', 'public/xd_receiver.html'
+      end
+      
+      def copy_yml
+        copy_file 'lam_auth.yml', 'config/lam_auth.yml'
+      end
+      
+      def show_readme
+        readme "README" if behavior == :invoke
+      end
+    end
+  end
+end

data/lib/generators/templates/README

@@ -0,0 +1,9 @@
+
+888                                                   888    888      
+888        http://github.com/macovsky/lam_auth        888    888      
+888                                                   888    888      
+888  8888b.  88888b.d88b.            8888b.  888  888 888888 88888b.  
+888     "88b 888 "888 "88b              "88b 888  888 888    888 "88b 
+888 .d888888 888  888  888          .d888888 888  888 888    888  888 
+888 888  888 888  888  888          888  888 Y88b 888 Y88b.  888  888 
+888 "Y888888 888  888  888 88888888 "Y888888  "Y88888  "Y888 888  888

data/lib/generators/templates/lam_auth.yml

@@ -0,0 +1,13 @@
+# return_url можно не указывать, если это дефолтный http://:app-domain/xd_receiver.html
+
+development: &dev
+  app_id: 
+  secret: 
+
+test:
+  <<: *dev
+
+production:
+  app_id:
+  secret:
+  return_url:

data/lib/generators/templates/xd_receiver.html

@@ -0,0 +1,15 @@
+<!DOCTYPE HTML>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <title></title>
+  <script type="text/javascript">
+    window.opener.LAM.successLogin(window.location.hash.substring(1));
+  </script>
+</head>
+<body><p>Loading...</p>
+</body>
+</html>
+
+
+

data/lib/lam_auth/controller_extensions.rb

@@ -0,0 +1,45 @@
+module LamAuth
+  module ControllerExtensions
+    def lam_auth_for(klass)
+      class_inheritable_accessor :model_class
+      self.model_class = klass.to_s.classify.constantize
+      helper_method(:current_user, :logged_in?)
+      before_filter :login_from_cookie
+      
+      include InstanceMethods
+      protected :logged_in?, :current_user, :current_user=, :auth_token, :login_from_cookie, :login_required
+    end
+    
+    module InstanceMethods
+      def logged_in?
+        !!current_user
+      end
+  
+      def current_user
+        @current_user ||= session[:user] && model_class.find_by_id(session[:user])
+      end
+  
+      def current_user=(new_user)
+        session[:user] = new_user && new_user.id
+        @current_user = new_user
+      end
+  
+      def auth_token
+        cookie = cookies[LamAuth.cookie_id]
+        @auth_token ||= LamAuth.valid_cookie?(cookie) && LamAuth.parse_cookie_to_hash(cookie)['access_token']
+      end
+  
+      def login_from_cookie
+        if logged_in?
+          !auth_token && self.current_user = nil
+        else
+          auth_token && self.current_user = model_class.find_by_auth_token(auth_token)
+        end
+      end
+  
+      def login_required
+        logged_in? || raise(LoginRequiredException)
+      end
+    end
+  end
+end

data/lib/lam_auth/helpers.rb

@@ -0,0 +1,18 @@
+module LamAuth
+  module Helpers
+    def lam_auth_include_tag
+      javascript_include_tag(LamAuth.url + "/api/js/LAM.Login.js")
+    end
+  
+    def lam_auth_init_tag(options = {})
+      options.reverse_merge!(
+        :app_id          => LamAuth.config['app_id'],
+        :panel_node_id   => 'lam-root', 
+        :fixed           => false
+      )      
+      options.reverse_merge!(:xd_receiver_url => LamAuth.config['return_url']) if LamAuth.config['return_url']
+      
+      javascript_tag("LAM.init({#{options.map{|k, v| "#{k.to_s.camelize(:lower)}: #{v.inspect}"}.join(",\n")}});")
+    end
+  end
+end

data/lib/lam_auth/model.rb

@@ -0,0 +1,51 @@
+require 'net/http'
+require 'net/https'
+module LamAuth
+  module Model
+    def self.included(base)
+      base.validates_presence_of :login, :email
+      base.validates_uniqueness_of :login, :email
+      base.serialize :profile
+      base.send(:extend, ClassMethods)
+    end
+    
+    module ClassMethods
+      def find_by_auth_token(auth_token)
+        Rails.logger.info("Trying to authorize a token #{auth_token.inspect} ")
+
+        lam_uri = LamAuth.uri
+        http = Net::HTTP.new(lam_uri.host, lam_uri.port)
+        response, body = http.get("#{lam_uri.path}/users/me", {'Authorization' => "Token token=\"#{auth_token}\""})
+        if response.code == "200"
+          data = ActiveSupport::JSON.decode(body)
+          Rails.logger.info("...success: #{data.inspect}")
+          create_or_update_by_auth_data(data)
+        end
+      rescue Net::ProtoRetriableError => detail
+        Rails.logger.info("...failed!")
+        Rails.logger.info(detail)
+        nil
+      end
+
+      def create_or_update_by_auth_data(data)
+        user = find_or_initialize_by_login(data['login'])
+        user.update_attributes data.slice(*%w{email first_name last_name}).merge(
+          'userpic' => data['userpic']['icon'], 
+          'profile' => data.except(*%w{login email first_name last_name userpic})
+        )
+        user
+      end
+    end
+    
+    def name
+      [first_name, last_name].select(&:present?).join(" ")
+    end
+    
+    def userpic(version = :icon)
+      pic = read_attribute(:userpic)
+      return nil if pic.blank?
+      pic.sub(/user-userpic-\w+/, "user-userpic-#{version}")
+    end  
+    
+  end
+end

data/lib/lam_auth/version.rb

@@ -0,0 +1,3 @@
+module LamAuth
+  VERSION = "0.1.0"
+end

data/lib/lam_auth.rb

@@ -0,0 +1,48 @@
+require 'rack/utils'
+require 'digest/md5'
+
+require 'lam_auth/controller_extensions'
+require 'lam_auth/helpers'
+require 'lam_auth/model'
+ActionController::Base.extend(LamAuth::ControllerExtensions)
+ActionController::Base.helper(LamAuth::Helpers)
+
+module LamAuth
+  class LoginRequiredException < Exception
+  end
+  
+  class << self
+    def config
+      @config ||= YAML.load_file(Rails.root.join("config/lam_auth.yml"))[Rails.env]
+    end
+    
+    def url
+      "http://www.lookatme.ru"
+    end
+    
+    def signup_url
+      "#{url}/signup"
+    end
+    
+    def uri
+      URI.parse(url)
+    end
+    
+    def cookie_id
+      "lam_#{config['app_id']}"
+    end
+    
+    def valid_cookie?(data)
+      valid_hash?(parse_cookie_to_hash(data))
+    end
+    
+    def parse_cookie_to_hash(data)
+      Rack::Utils.parse_query(Rack::Utils.unescape(data.to_s.gsub('"', '')))
+    end
+    
+    def valid_hash?(hash)
+      Digest::MD5.hexdigest(hash.except('sig').sort.map{|v| v.join('=')}.join + LamAuth.config['secret']) == hash['sig']
+    end
+  end
+end
+

metadata

@@ -0,0 +1,89 @@
+--- !ruby/object:Gem::Specification 
+name: lam_auth
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: 
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- Max Macovsky
+- Anton Platonov
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-04-13 00:00:00 +04:00
+default_executable: 
+dependencies: []
+
+description: ""
+email: 
+- robotector@gmail.com
+- platosha@lookatme.ru
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- README.rdoc
+- Rakefile
+- lam_auth.gemspec
+- lib/generators/active_record/lam_auth_generator.rb
+- lib/generators/active_record/templates/migration.rb
+- lib/generators/lam_auth/helpers.rb
+- lib/generators/lam_auth/lam_auth_generator.rb
+- lib/generators/templates/README
+- lib/generators/templates/lam_auth.yml
+- lib/generators/templates/xd_receiver.html
+- lib/lam_auth.rb
+- lib/lam_auth/controller_extensions.rb
+- lib/lam_auth/helpers.rb
+- lib/lam_auth/model.rb
+- lib/lam_auth/version.rb
+has_rdoc: true
+homepage: http://github.com/macovsky/lam_auth
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: !binary |
+  0JDRg9GC0LXQvdGC0LjRhNC40LrQsNGG0LjRjyDQtNC70Y8g0YHQv9C10YbQ
+  v9GA0L7QtdC60YLQvtCyIExvb2thdG1l
+
+test_files: []
+