q_auth_ruby_client 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 54889974ab4b1501ecec98963f77fa44e6524ce3
+  data.tar.gz: 545ebc4561cf6ddac0cecc9d1859fe97fb6173bd
+SHA512:
+  metadata.gz: e527814f327a25804bfe059d7ba8cf30114f7541f5c8c9909aa32889f8ac7b5af96d766b0e294ab6f18d321829c60b3a0ab581705d794b7da2ce41269d919b91
+  data.tar.gz: 3244975e235415c363656c4939f9cac311da91760985842190508aa21ba28df2401ca5d6312701116849797b85cafea295f9355a78ce3dace693582e18fbbb82

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2015 YOURNAME
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,3 @@
+= QAuthRubyClient
+
+This project rocks and uses MIT-LICENSE.

data/Rakefile

@@ -0,0 +1,34 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'QAuthRubyClient'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/app/assets/javascripts/q_auth_ruby_client/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/app/assets/stylesheets/q_auth_ruby_client/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/app/controllers/q_auth_ruby_client/application_controller.rb

@@ -0,0 +1,4 @@
+module QAuthRubyClient
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/controllers/q_auth_ruby_client/sessions_controller.rb

@@ -0,0 +1,50 @@
+class QAuthRubyClient::SessionsController < ApplicationController
+
+  before_filter :require_user, :only => :sign_out
+  before_filter :set_navs
+
+  def sign_in
+    if current_user
+      if current_user.token_expired?
+        update_user_profile_data_and_auth_token
+        return
+      else
+        redirect_to redirect_url_after_sign_in
+        return
+      end
+    else
+      update_user_profile_data_and_auth_token
+      return
+    end
+  end
+
+  def create_session
+    response = QAuthRubyClient::User.create_session(params[:auth_token])
+    if response.is_a?(QAuthRubyClient::User)
+      @current_user = response
+      session[:id] = @current_user.q_auth_uid unless session[:id]
+      set_notification_messages(I18n.t("authentication.logged_in_successfully_heading"), I18n.t("authentication.logged_in_successfully_message"), :success)
+      redirect_to default_redirect_url_after_sign_in
+    else
+      raise response["errors"]["name"]
+    end
+  end
+
+  def sign_out
+
+    store_flash_message("You have successfully signed out", :notice)
+
+    # Reseting the auth token for user when he logs out.
+    # @current_user.update_attribute :auth_token, SecureRandom.hex
+
+    session.delete(:id)
+
+    redirect_to default_redirect_url_after_sign_out
+  end
+
+  private
+
+  def set_navs
+    set_nav("Login")
+  end
+end

data/app/helpers/q_auth_ruby_client/api_helper.rb

@@ -0,0 +1,95 @@
+module QAuthRubyClient
+  module ApiHelper
+    include ActionController::HttpAuthentication::Token::ControllerMethods
+
+    def current_user
+      # Return if @current_user is already initialized else check if the user exists with the auth token present in request header
+      @current_user ||= authenticate_with_http_token { |token, options| QAuthRubyClient::User.find_by(auth_token: token)}
+    end
+
+    def require_auth_token
+      current_user
+      unless @current_user
+        proc_code = Proc.new do
+          set_notification_messages(I18n.t("response.error"), I18n.t("response.authentication_error"), :error)
+          raise AuthenticationError
+        end
+        render_json_response(proc_code)
+        return
+      end
+    end
+
+    def require_super_admin_auth_token
+      current_user
+      unless @current_user && @current_user.is_super_admin?
+        proc_code = Proc.new do
+          set_notification_messages(I18n.t("response.error"), I18n.t("response.authentication_error"), :error)
+          raise AuthenticationError
+        end
+        render_json_response(proc_code)
+        return
+      end
+    end
+
+    def require_admin_auth_token
+      current_user
+      unless @current_user && @current_user.is_admin?
+        proc_code = Proc.new do
+          set_notification_messages(I18n.t("response.error"), I18n.t("response.authentication_error"), :error)
+          raise AuthenticationError
+        end
+        render_json_response(proc_code)
+        return
+      end
+    end
+
+    def embed_stack_in_json_response?
+      ["true", "t", "1", "yes"].include?(params[:debug].to_s.downcase.strip) # || Rails.env == "development"
+    end
+
+    ## This method will accept a proc, execute it and render the json
+    def render_json_response(proc_code)
+
+      begin
+        proc_code.call
+        @status ||= 200
+        @success = @success == false ? (false) : (true)
+
+      rescue ValidationError, InvalidLoginError, FailedToCreateError, FailedToUpdateError, FailedToDeleteError, AuthenticationError => e
+        @status = 200
+        @success = false
+
+        @data = {
+                  errors: {
+                    name:  e.message,
+                    description: I18n.translate("response.#{e.message.underscore}")
+                  }
+                }
+        @data[:errors][:details] = @errors unless @errors.blank?
+        @data[:errors][:stack] = e.backtrace if embed_stack_in_json_response?
+
+      rescue Exception => e
+
+        @data = {
+                  errors: {
+                    name:  e.message,
+                    description: I18n.translate("response.#{e.message.underscore}"),
+                    details: @errors
+                  }
+                }
+        @data[:errors][:stack] = e.backtrace if embed_stack_in_json_response?
+
+      end
+
+      response_hash = {success: @success}
+      response_hash[:alert] = @alert unless @alert.blank?
+      response_hash[:total_data] = @total_data unless @total_data.blank?
+      response_hash[:per_page] = @per_page unless @per_page.blank?
+      response_hash[:current_page] = @current_page unless @current_page.blank?
+      response_hash[:data] = @data unless @data.blank?
+
+      render status: @status, json: response_hash
+      return
+    end
+  end
+end

data/app/helpers/q_auth_ruby_client/application_helper.rb

@@ -0,0 +1,4 @@
+module QAuthRubyClient
+  module ApplicationHelper
+  end
+end

data/app/helpers/q_auth_ruby_client/sessions_helper.rb

@@ -0,0 +1,80 @@
+module QAuthRubyClient
+  module SessionsHelper
+
+    # Returns the default URL to which the system should redirect the user after successful authentication
+    def default_redirect_url_after_sign_in
+      QAuthRubyClient.configuration.default_redirect_url_after_sign_in
+    end
+
+    # Returns the default URL to which the system should redirect after the user successfully logout
+    def default_redirect_url_after_sign_out
+      QAuthRubyClient.configuration.default_redirect_url_after_sign_out
+    end
+
+    def redirect_url_after_sign_in
+      params[:redirect_back_url] || default_redirect_url_after_sign_in
+    end
+
+    def redirect_to_sign_in_page
+      respond_to do |format|
+        format.html {
+          redirect_to q_auth_ruby_client.sign_in_path
+        }
+        format.json { render json: {heading: @heading, alert: @alert} }
+        format.js { render(:partial => 'sessions/redirect.js.erb', :handlers => [:erb], :formats => [:js]) }
+      end
+    end
+
+    def update_user_profile_data_and_auth_token
+      # Store the user object and Redirect to the Q-Auth sign in page with required params
+      params_hsh = {client_app: QAuthRubyClient.configuration.q_app_name, redirect_back_url: create_session_url}
+      url = add_query_params(QAuthRubyClient.configuration.q_auth_url, params_hsh)
+      redirect_to url
+    end
+
+    # This method is widely used to create the @current_user object from the session
+    # This method will return @current_user if it already exists which will save queries when called multiple times
+    def current_user
+      session[:qarc] = "true"
+      return @current_user if @current_user
+      # Check if the user exists with the auth token present in session
+      @current_user = QAuthRubyClient::User.where("q_auth_uid = ?", session[:id]).first
+    end
+
+    # This method is usually used as a before filter to secure some of the actions which requires the user to be signed in.
+    def require_user
+      current_user
+      if @current_user
+        if @current_user.token_expired?
+          @current_user = nil
+          session.delete(:id)
+          set_notification_messages(I18n.t("authentication.session_expired_heading"), I18n.t("authentication.session_expired_message"), :error)
+          redirect_to_sign_in_page
+          return
+        end
+      else
+        set_notification_messages(I18n.t("authentication.permission_denied_heading"), I18n.t("authentication.permission_denied_message"), :error)
+        redirect_to_sign_in_page
+        return
+      end
+    end
+
+    # This method is usually used as a before filter from admin controllers to ensure that the logged in user is an admin
+    def require_admin
+      unless @current_user.is_admin?
+        set_notification_messages(I18n.t("authentication.permission_denied_heading"), I18n.t("authentication.permission_denied_message"), :error)
+        redirect_to_sign_in_page
+        return
+      end
+    end
+
+    # This method is usually used as a before filter from admin controllers to ensure that the logged in user is a super admin
+    def require_super_admin
+      unless @current_user.is_super_admin?
+        set_notification_messages(I18n.t("authentication.permission_denied_heading"), I18n.t("authentication.permission_denied_message"), :error)
+        redirect_to_sign_in_page
+      end
+    end
+
+  end
+end

data/app/models/q_auth_ruby_client/user.rb

@@ -0,0 +1,144 @@
+class QAuthRubyClient::User < ActiveRecord::Base
+
+  require 'typhoeus'
+
+  self.table_name = 'users'
+
+  def self.fetch_all_users(auth_token)
+    qauth_url = QAuthRubyClient.configuration.q_auth_url + "/api/v1/members"
+    request = Typhoeus::Request.new(
+      qauth_url,
+      method: :get,
+      headers: {"Authorization" => "Token token=#{auth_token}"},
+      verbose: false
+    )
+    response = JSON.parse(request.run.body)
+
+    if response["success"]
+      response['data'].each do |data|
+        user = find_in_cache(data)
+        user.update_cache(data)
+      end
+    else
+      raise
+    end
+  end
+
+  def self.find_in_cache(data)
+    # Checking if we already have this user(s) in our database
+    users = QAuthRubyClient::User.where("auth_token = ? or username = ? or email = ? or q_auth_uid = ?", data['auth_token'], data['username'], data['email'], data['id']).all
+
+    # Get the first user
+    user = users.first
+
+    if user
+      # Corner Case : If there are (by chance) multiple rows, we need to remove them.
+      users.delete(user)
+      users.destroy_all if users.count > 0
+      return user
+    else
+      # Create a new user
+      QAuthRubyClient::User.new(auth_token: data['auth_token'], username: data['username'], email: data['email'], q_auth_uid: data['id'])
+    end
+  end
+
+  def update_cache(data)
+    self.name = data["name"]
+    self.biography = data["biography"]
+    self.phone = data["phone"]
+    self.skype = data["skype"]
+    self.linkedin = data["linkedin"]
+    self.city = data["city"]
+    self.state = data["state"]
+    self.country = data["country"]
+
+    self.token_created_at = data["token_created_at"] || Time.now - 1.day
+    self.user_type = data["user_type"]
+
+    self.thumb_url = data.try(:[],"profile_image").try(:[],"thumb")
+    self.medium_url = data.try(:[],"profile_image").try(:[],"medium")
+    self.large_url = data.try(:[],"profile_image").try(:[],"large")
+    self.original_url = data.try(:[],"profile_image").try(:[],"original")
+
+    self.designation = data.try(:[],"designation").try(:[],"title")
+    self.department = data.try(:[],"department").try(:[],"name")
+
+    self.save if self.valid?
+  end
+
+  def self.create_session(auth_token)
+    qauth_url = QAuthRubyClient.configuration.q_auth_url + "/api/v1/my_profile"
+    request = Typhoeus::Request.new(
+      qauth_url,
+      method: :get,
+      headers: {"Authorization" => "Token token=#{auth_token}"},
+      verbose: false
+    )
+    response = JSON.parse(request.run.body)
+
+    if response["success"]
+      user = find_in_cache(response['data'])
+      user.update_cache(response['data'])
+      return user
+    else
+      return response
+    end
+  end
+
+  def token_expired?
+    return self.token_created_at.nil? || (Time.now > self.token_created_at + QAuthRubyClient.configuration.session_time_out)
+  end
+
+  # * Return address which includes city, state & country
+  # == Examples
+  #   >>> user.display_address
+  #   => "Mysore, Karnataka, India"
+  def display_address
+    address_list = []
+    address_list << city unless city.blank?
+    address_list << state unless state.blank?
+    address_list << country unless country.blank?
+    address_list.join(", ")
+  end
+
+  # * Return true if the user is either a Q-Auth Super Admin or Q-Auth Admin
+  # == Examples
+  #   >>> user.is_admin?
+  #   => true
+  def is_admin?
+    user_type == 'admin' || user_type == 'super_admin'
+  end
+
+  # * Return true if the user is either a Q-Auth Admin
+  # == Examples
+  #   >>> user.is_super_admin?
+  #   => true
+  def is_super_admin?
+    user_type == 'super_admin'
+  end
+
+  # * Return true if the user is not activated, else false.
+  # * inactive status will be there only for users who are not activated by user
+  # == Examples
+  #   >>> user.inactive?
+  #   => true
+  def inactive?
+    (status == "inactive")
+  end
+
+  # * Return true if the user is activated, else false.
+  # == Examples
+  #   >>> user.active?
+  #   => true
+  def active?
+    (status == "active")
+  end
+
+  # * Return true if the user is suspended, else false.
+  # == Examples
+  #   >>> user.suspended?
+  #   => true
+  def suspended?
+    (status == "suspended")
+  end
+end