pwpush 0.1.0

data/app/assets/stylesheets/global.css.scss

@@ -0,0 +1,52 @@
+
+@import url("https://fonts.googleapis.com/css?family=Crete+Round:400,400italic");
+
+body {
+  margin: 0em 0em 3em 0em;
+  text-align: center;
+  background: #000000 image-url('outlets.png') repeat;
+  font-family: 'Crete Round', serif;
+  color: #ddd;
+}
+
+a:link, a:visited, a:active {
+  color: yellow;
+  text-decoration: none;
+}
+
+a:hover {
+  color: #00CC00;
+  text-decoration: none;
+}
+
+div.content {
+  margin-top: 50px;
+}
+
+.auth_providers_area {
+  width: 600px;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.auth_provider img {
+  display: block;
+}
+
+.auth_provider {
+  display: inline-block;
+  text-decoration: none;
+  margin-right: 20px;
+  text-align: center;
+  margin-bottom: 10px;
+}
+
+.footer {
+  font-size: 80%;
+}
+
+.about_content {
+  text-align: left;
+  width: 800px;
+  margin: 50px auto 50px auto;
+}

data/app/assets/stylesheets/passwords.css.scss

@@ -0,0 +1,114 @@
+// Place all the styles related to the passwords controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/
+
+input.password {
+  border: 1px solid #bbb;
+  width: 500px;
+  height: 25px;
+  text-align: center;
+  color: #808080;
+  font-size: 1.5em;
+}
+
+input.slider {
+  width: 400px;
+}
+
+p.slider_box, span#daysrange, span#viewsrange { vertical-align: top; }
+p.slider_box { margin: .5em; }
+span#daysrange, span#viewsrange { display: inline-block; width: 80px; text-align: left; }
+
+div.title {
+  margin: 3em;
+}
+
+span.title {
+  font-size: 4em;
+  color: yellow;
+}
+span.tagline {
+  font-size: 1.5em;
+}
+
+p.payload { margin: 1em; }
+
+p.notes { margin-top: 50px; font-size: .9em; }
+span.note, span.tip { font-size: .9em; }
+span.note { color: #808080; }
+span.tip { font-style: italic; }
+p.notes a:link, p.notes a:visited, p.notes a:hover, p.notes a:active { font-size: .9em; }
+
+p.url { vertical-align: top; margin: 0;}
+
+p.url input {
+  border: 1px solid #808080;
+  text-align: center;
+  width: 400px;
+  font-size: .8em;
+}
+
+p.url span.clippy {}
+
+/* This is a decent font to display passwords as L, l, 0, o, i, I are fairly distinguishable */
+@import url(https://fonts.googleapis.com/css?family=PT+Mono);
+
+div.payload {
+  font-family: 'PT Mono', sans-serif;
+  font-size: 4em;
+  line-height: 4em;
+  border-top: 3px solid #eee;
+  border-bottom: 3px solid #eee;
+  background: #000;
+  opacity: 0.5;
+  -khtml-opacity: 0.5;
+  -moz-opacity: 0.5;
+  filter: alpha(opacity = 50);
+}
+
+.cookie-save { font-size: .9em; }
+
+.share_note {
+  padding: 1em;
+  border: 2px solid yellow;
+  width: 600px;
+  margin-left: auto;
+  margin-right: auto;
+  margin-top: 0;
+  background: #000;
+  filter: alpha(opacity = 90);
+  -khtml-opacity: 0.90;
+  -moz-opacity: 0.90;
+  opacity: 0.9;
+  color: #fff;
+}
+
+#clippy { display: inline-block; }
+
+#clippy span{ display: none; }
+
+#clippy:hover span{
+    display: block;
+    position:absolute;
+    top: 5em; 
+    color: #fff;
+    text-align: center;
+    padding: 1px;
+    font-size: .8em;
+    background: #808080;
+    border: 1px solid yellow;
+    z-index: 1;
+    filter: alpha(opacity = 90);
+    -khtml-opacity: 0.90;
+    -moz-opacity: 0.90;
+    opacity: 0.90;
+}
+
+div.footer_note {
+  clear: both;
+  color: #bebebe;
+  margin-top: 100px;
+  text-align: center;
+  font-size: .85em;
+}
+

data/app/assets/stylesheets/users.css.scss

@@ -0,0 +1,11 @@
+
+.sign_up {
+  width: 400px;
+  margin-left: auto;
+  margin-right: auto;
+  text-align: left;
+}
+
+.full_row {
+  text-align: center;
+}

data/app/controllers/api_controller.rb

@@ -0,0 +1,30 @@
+class ApiController < ApplicationController
+  def create
+    # Required Parameters
+    #   api_key=string
+    #   password=string
+
+    # Optional 1 time parameters
+    #   expire_days=number
+    #   expire_views=number
+    
+    unless params.has_key?(:api_key)
+      respond_to do |format|
+          format.text { render :text => "Please provide your API key available at https://pwpush.com/api" }
+      end
+      return
+    end
+    
+    
+  end
+
+  def generate
+  end
+
+  def list
+  end
+
+  def config
+  end
+
+end

data/app/controllers/application_controller.rb

@@ -0,0 +1,23 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+  
+  def not_found
+    raise ActionController::RoutingError.new('Not Found')
+  end
+  
+  # unless Rails.application.config.consider_all_requests_local
+    rescue_from Exception, with: lambda { |exception| render_error 500, exception }
+    rescue_from ActionController::RoutingError, ActionController::UnknownController, 
+          ::AbstractController::ActionNotFound, ActiveRecord::RecordNotFound, 
+          with: lambda { |exception| render_error 404, exception }
+  # end
+
+  private
+  def render_error(status, exception)
+    respond_to do |format|
+      format.html { render template: "errors/error_#{status}", layout: 'layouts/application', status: status }
+      format.all  { render nothing: true, status: status }
+    end
+  end
+  
+end

data/app/controllers/errors_controller.rb

@@ -0,0 +1,7 @@
+class ErrorsController < ApplicationController
+  def error_404
+  end
+
+  def error_500
+  end
+end

data/app/controllers/passwords_controller.rb

@@ -0,0 +1,153 @@
+class PasswordsController < ApplicationController
+  # GET /passwords/1
+  # GET /passwords/1.json
+  def show
+    if params.has_key?(:id)
+      @password = Password.find_by_url_token!(params[:id])
+
+      # If this is the first view, update record.  Otherwise, record
+      # a view.
+      @first_view = @password.first_view
+
+      if @first_view
+        @password.update_attribute(:first_view, false)
+      else
+        @password.views = View.where(:password_id => @password.id, :successful => true)
+      end
+    else
+      redirect_to :root
+      return
+    end
+
+    # This password may have expired since the last view.  Validate the password
+    # expiration before doing anything.
+    @password.validate!
+
+    unless @password.expired
+      # Decrypt the passwords
+      @key = EzCrypto::Key.with_password CRYPT_KEY, CRYPT_SALT
+      @payload = @key.decrypt64(@password.payload)
+    end
+
+    log_view(@password) unless @first_view
+
+    expires_now()
+
+    respond_to do |format|
+      format.html # show.html.erb
+      format.json { render :json => @password }
+    end
+  end
+
+  # GET /passwords/new
+  # GET /passwords/new.json
+  def new
+    @password = Password.new
+
+    expires_in 3.hours, :public => true, 'max-stale' => 0
+
+    respond_to do |format|
+      format.html # new.html.erb
+      format.json { render :json => @password }
+    end
+  end
+
+  # POST /passwords
+  # POST /passwords.json
+  def create
+    if params[:password][:payload].blank? or params[:password][:payload] == PAYLOAD_INITIAL_TEXT
+      redirect_to '/'
+      return
+    end
+
+    if params[:password][:payload].length > 250
+      redirect_to '/', :error => "That password is too long."
+      return
+    end
+
+    @password = Password.new()
+
+    @password.expire_after_days = params[:password][:expire_after_days]
+    @password.expire_after_views = params[:password][:expire_after_views]
+
+    if DELETABLE_BY_VIEWER_PASSWORDS && params[:password].key?(:deletable_by_viewer)
+      @password.deletable_by_viewer = true
+    else
+      @password.deletable_by_viewer = false
+    end
+
+    @password.url_token = rand(36**16).to_s(36)
+    @password.user_id = current_user.id if current_user
+
+    # The first view on new passwords are free since we redirect
+    # the passwd creator to the password itself (and don't burn up
+    # a view).
+    @password.first_view = true
+
+    # Encrypt the passwords
+    @key = EzCrypto::Key.with_password CRYPT_KEY, CRYPT_SALT
+    @password.payload = @key.encrypt64(params[:password][:payload])
+
+    @password.validate!
+
+    respond_to do |format|
+      if @password.save
+        format.html { redirect_to @password, :notice => "The password has been pushed." }
+        format.json { render :json => @password, :status => :created }
+      else
+        format.html { render :action => "new" }
+        format.json { render :json => @password.errors, :status => :unprocessable_entity }
+      end
+    end
+  end
+
+  def destroy
+    if params.has_key?(:id)
+      @password = Password.find_by_url_token!(params[:id])
+    end
+
+    # Redirect to root if we couldn't find password or
+    # the found password wasn't market as deletable
+    unless @password || @password.deletable_by_viewer
+      redirect_to :root
+      return
+    end
+
+    @password.expired = true
+    @password.payload = nil
+    @password.deleted = true
+
+    respond_to do |format|
+      if @password.save
+        format.html { redirect_to @password, :notice => "The password has been deleted." }
+        format.json { render :json => @password, :status => :destroyed }
+      else
+        format.html { render :action => "new" }
+        format.json { render :json => @password.errors, :status => :unprocessable_entity }
+      end
+    end
+  end
+
+  private
+
+  ##
+  # log_view
+  #
+  # Record that a view is being made for a password
+  #
+  def log_view(password)
+    view = View.new
+    view.password_id = password.id
+    view.ip          = request.env["HTTP_X_FORWARDED_FOR"].nil? ? request.env["REMOTE_ADDR"] : request.env["HTTP_X_FORWARDED_FOR"]
+
+    # Limit retrieved values to 256 characters
+    view.user_agent  = request.env["HTTP_USER_AGENT"].to_s[0,255]
+    view.referrer    = request.env["HTTP_REFERER"].to_s[0,255]
+
+    view.successful  = password.expired ? false : true
+    view.save
+
+    password.views << view
+    password
+  end
+end

data/app/controllers/users/omniauth_callbacks_controller.rb

@@ -0,0 +1,71 @@
+class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  def google
+    @user = User.find_for_open_id(request.env["omniauth.auth"], current_user)
+
+    if @user.persisted?
+      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Google"
+      sign_in_and_redirect @user, :event => :authentication
+    else
+      session["devise.google_data"] = request.env["omniauth.auth"]
+      redirect_to new_user_registration_url
+    end
+  end
+  def yahoo
+    @user = User.find_for_open_id(request.env["omniauth.auth"], current_user)
+
+    if @user.persisted?
+      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Yahoo"
+      sign_in_and_redirect @user, :event => :authentication
+    else
+      session["devise.yahoo_data"] = request.env["omniauth.auth"]
+      redirect_to new_user_registration_url
+    end
+  end
+  def twitter
+    @user = User.find_for_open_id(request.env["omniauth.auth"], current_user)
+
+    if @user.persisted?
+      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Twitter"
+      sign_in_and_redirect @user, :event => :authentication
+    else
+      session["devise.twitter_data"] = request.env["omniauth.auth"]
+      redirect_to new_user_registration_url
+    end
+  end
+  
+  def create
+     unless params.has_key?(:confirm)
+       omniauth = request.env["omniauth.auth"]
+       authentication = Authentication.find_by_provider_and_uid(omniauth['provider'], omniauth['uid'])
+       if authentication
+         flash[:success] = "Welcome back!"
+         sign_in_and_redirect(:user, authentication.user)
+         return
+
+       elsif user_signed_in?
+         current_user.authentications.create!(:provider => omniauth['provider'], :uid => omniauth['uid'])
+         flash[:success] = "Successfully linked account.  You can now use this account to log into Gameface."
+         redirect_to authentications_url and return
+
+       else
+         session[:omniauth] = omniauth.except('extra')
+         redirect_to auth_confirm_path and return
+       end
+     else
+       omniauth = session[:omniauth]
+       user = User.new
+       user.apply_omniauth(omniauth)
+       if params.has_key?(:email)
+         user.email = params[:email]
+       end
+       if user.save
+         flash[:success] = "Welcome to Gameface!  We're excited to have you!"
+         sign_in_and_redirect(:user, user) and return
+       else
+         session[:omniauth] = omniauth.except('extra')
+         raise "failed to save user record"
+         redirect_to auth_finalize_path and return
+       end
+     end
+   end
+end