remotty-rails 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0775052ff14b274bde5cb2946958851c7679d547
+  data.tar.gz: 9e29cbf6c8d47dfa73ae6717b985715a790ab400
+SHA512:
+  metadata.gz: daba021256deb24ad4492d4f12c9ff94b96d616c989cf8076227c50e432aa990b73a12a49adc04a8619bcd28e98bc13f16bd7923b78138e84b252e8999f48b30
+  data.tar.gz: 0a3b34fef53c7a60239b97f0cc47175d371c3092fca263d88cf7a3041832297b9a8f12160a6580b2b44b73861f82310877f79ccf1ca4089a26c44f084e683ca7

data/.gitignore

@@ -0,0 +1,24 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log
+
+.idea

data/Gemfile

@@ -0,0 +1,18 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in remotty-rails.gemspec
+gemspec
+
+gem 'rack-cors', :require => 'rack/cors'
+gem 'active_model_serializers'
+
+# Authentication
+gem 'devise'
+gem 'omniauth-facebook'
+gem 'omniauth-twitter'
+
+# File upload
+gem 'paperclip'
+gem 'open_uri_redirections'
+gem 'rmagick', require: false
+gem 'fog'

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Chungsub Kim
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,234 @@
+# remotty-rails
+
+AngularJS + Rails API를 사용할 때 기본적인 셋팅을 도와주어 빠른 초기 셋팅을 가능하게 합니다.
+
+## Description
+
+### 적용사항
+
+* header의 token을 이용한 인증처리
+  * auth_token model 추가
+* facebook/twitter oauth login
+  * oauth_authentication model 추가
+* join
+  * email
+  * oauth (facebook/twitter)
+  * email이 없는 경우도 처리
+* custom devise controller
+  * full customizing
+  * json response
+  * sessions controller
+  * registrations controller
+  * confirmations controller
+  * passwords controller
+  * omniauth_callbacks controller
+* user model
+  * use avatar for profile image
+* use paperclip for attachment
+* use serializer for json response
+* CORS
+* no cookie/no session
+
+### Token Based Header Authenticable
+
+header에 email과 token을 전달하여 인증을 처리함
+
+* X-Auth-Email : e-mail
+* X-Auth-Token : auth token
+* X-Auth-Device : source (web(default)/ios/android/...)
+* X-Auth-Device-Info : source info (ip(default)/...)
+
+### JSON format
+
+* disable root globally
+* failure default syntax
+
+```json
+{
+  "error":{
+    "code":"ERROR_CODE",
+    "message":"error message"
+  }
+}
+```
+
+### Controller Helper
+
+* render_error helper
+
+```ruby
+def render_error(code = 'ERROR', message = '', status = 400)
+  render json: {
+    error: {
+      code: code,
+      message: message
+    }
+  }, :status => status
+end
+```
+
+
+## Library
+
+remotty-rails에서 사용중인 라이브러리 입니다.
+
+* `rails-api`
+  * Rails for API only application (https://github.com/rails-api/rails-api)
+* `active_model_serializers`
+  * JSON serialization of objects (https://github.com/rails-api/active_model_serializers)
+* `paperclip`+`rmagick`+`fog`+`httparty`
+  * Easy file attachment management (https://github.com/thoughtbot/paperclip)
+* `devise`
+  * Flexible authentication solution (https://github.com/plataformatec/devise)
+
+
+## Installation
+
+* Create Rails API Project
+
+```sh
+$ gem install rails -v 4.0.5 --no-ri --no-rdoc
+$ rails-api new {{project}} --skip-test-unit --skip-sprockets
+```
+
+* Add this line to your application's Gemfile:
+
+```ruby
+gem 'remotty-rails'
+gem 'devise'
+gem 'omniauth-facebook'
+gem 'omniauth-twitter'
+gem 'paperclip'
+```
+
+* And then execute:
+
+```sh
+$ bundle
+```
+
+* install devise
+
+```sh
+$ rails generate devise:install
+$ rails generate devise User
+```
+
+* install remotty-rails
+
+`initializers/devise.rb`에서 `config.secret_key` 주석 지우고 작업
+
+```
+$ rails generate remotty:rails:install
+$ rake db:migrate
+```
+
+* `config/routes.rb` update
+
+`devise_for :users`를 지우고 추가함
+
+```ruby
+devise_for :users,
+           :path => 'api/v1/session',
+             :path_names => {
+               sign_in: 'login',
+               sign_out: 'logout'
+             },
+             :controllers => { sessions:           'remotty/users/sessions',
+                               registrations:      'remotty/users/registrations',
+                               confirmations:      'remotty/users/confirmations',
+                               passwords:          'remotty/users/passwords',
+                               omniauth_callbacks: 'remotty/users/omniauth_callbacks'}
+```
+
+## Recommend Setting
+
+### 유용한 Gemfile
+
+`Gemfile` update
+
+```ruby
+group :development do
+  gem 'thin'
+  gem 'annotate'
+  gem 'better_errors'
+  gem 'binding_of_caller'
+  gem 'letter_opener'
+end
+```
+
+### sendmail test
+
+`development.rb` update
+`letter_opener`는 gem 추가해야함 `gem 'letter_opener'`
+
+```ruby
+config.action_mailer.default_url_options = { host: 'localhost:9000' }
+config.action_mailer.delivery_method = :letter_opener
+```
+
+### custom mail view
+
+
+`views/devise/mailer/confirmation_instructions.html.erb` create
+`views/devise/mailer/reset_password_instructions.html.erb` create
+
+
+### token 유효기간 변경
+
+`initializers/devise.rb` update
+
+```ruby
+config.remember_for = 2.weeks
+```
+
+### omniauth setting
+
+`devise.rb` update
+
+```ruby
+config.omniauth :facebook,
+                Settings.omniauth.facebook.app_id,
+                Settings.omniauth.facebook.app_secret,
+                {
+                  scope: 'email',
+                  image_size: 'large',
+                  provider_ignores_state: true
+                }
+config.omniauth :twitter,  
+                Settings.omniauth.twitter.consumer_key,
+                Settings.omniauth.twitter.consumer_secret, {
+                :image_size => 'original',
+                :authorize_params => {
+                  :force_login => true
+                },
+                :setup => lambda do |env|
+                  req = Rack::Request.new(env)
+                  req.session.options[:cookie_only] = true
+                  req.session.options[:defer] = false
+                end
+```
+
+### devise parameter sanitizer  
+
+user model에 column 추가시 `application_controller.rb` 파일에 추가함
+
+```ruby
+class ApplicationController < ActionController::API
+
+  protected
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name, :email, :password, :current_password, :avatar) }
+    devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :avatar, :password, :password_confirmation, :current_password) }
+  end
+end
+```
+
+## Contributing
+
+1. Fork it ( https://github.com/remotty/remotty-rails/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/app/controllers/remotty/base_application_controller.rb

@@ -0,0 +1,36 @@
+module Remotty::BaseApplicationController
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :authenticate_user!
+    before_action :configure_permitted_parameters, if: :devise_controller?
+
+    # To resolve the following error: ActionController::UnknownFormat
+    include ActionController::StrongParameters
+
+    # To resolve the following error: undefined method `respond_to'
+    # http://railscasts.com/episodes/348-the-rails-api-gem?language=ko&view=asciicast
+    include ActionController::MimeResponds
+
+    # To resolve the following error: undefined method `default_render'
+    # https://github.com/rails-api/rails-api/issues/93
+    include ActionController::ImplicitRender
+  end
+
+  protected
+
+  def render_error(code = 'ERROR', message = '', status = 400)
+    render json: {
+      error: {
+        code: code,
+        message: message
+      }
+    }, :status => status
+  end
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name, :email, :password, :current_password, :avatar) }
+    devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :avatar, :password, :password_confirmation, :current_password) }
+  end
+
+end

data/app/controllers/remotty/users/base_controller.rb

@@ -0,0 +1,16 @@
+# base user controller
+#
+module Remotty::Users::BaseController
+  extend ActiveSupport::Concern
+
+  protected
+
+  # auth_source 정보 추출 (앱 확장성 고려)
+  def auth_source
+    {
+      source: request.headers['X-Auth-Device'] || 'web',
+      info: request.headers['X-Auth-Device-Info'] || request.remote_ip
+    }
+  end
+
+end

data/app/controllers/remotty/users/confirmations_controller.rb

@@ -0,0 +1,25 @@
+class Remotty::Users::ConfirmationsController < Devise::ConfirmationsController
+  include Remotty::Users::BaseController
+
+  # POST /resource/confirmation
+  # 토큰을 이용해 이메일 인증 확인
+  # 이미 사용한 토큰이거나 잘못된 경우는 에러 반환
+  #
+  # ==== return
+  # * +success+ - no_content
+  # * +failure+ - unauthorized with error message
+  #
+  def show
+    self.resource = resource_class.confirm_by_token(params[:confirmation_token])
+    yield resource if block_given?
+
+    if resource.errors.empty?
+      render nothing: true, status: :no_content
+    else
+      render_error 'UNAUTHORIZED',
+                   resource.errors.full_messages.first,
+                   :unauthorized
+    end
+  end
+
+end

data/app/controllers/remotty/users/omniauth_callbacks_controller.rb

@@ -0,0 +1,102 @@
+class Remotty::Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  include Remotty::Users::BaseController
+  include ActionController::Flash
+
+  # omniauth callback 처리
+  # 정보에 따라 유저를 만들던가 연결하던가 추가 정보를 입력받도록 에러를 리턴함
+  #
+  def all
+    # omniauth에서 생성한 session 제거
+    session.options[:skip] = true
+    response.headers['Set-Cookie'] = 'rack.session=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT'
+
+    auth = request.env['omniauth.auth']
+    user = from_omniauth(auth)
+    @ret = {}
+
+    if user && user.persisted?
+      sign_in(:user, user, store: false)
+      token = user.generate_auth_token!(auth_source)
+      @ret = user.with_token(token)
+    elsif user && user.errors.size > 0
+      @ret = {
+        error: {
+          code: 'OAUTH_LOGIN_ERROR_EMAIL_INVALID',
+          message: user.errors.full_messages.first,
+          data: {
+            oauth: {
+              credentials: auth[:credentials],
+              provider: auth[:provider],
+              uid: auth[:uid],
+              info: {
+                name: auth[:info][:name],
+                image: auth[:info][:image]
+              }
+            }
+          }
+        }
+      }
+    else
+      @ret = {
+        error: {
+          code: 'OAUTH_LOGIN_ERROR',
+          message: 'require provider & uid!!'
+        }
+      }
+      @ret[:error][:data] = user if user
+    end
+
+    render :inline => "<script>window.opener.oauthCallback(#{@ret.to_json}); window.close();</script>"
+  end
+
+  def failure
+    @ret = {
+      error: {
+        code: OmniAuth::Utils.camelize(failed_strategy.name),
+        message: failure_message
+      }
+    }
+
+    render :inline => "<script>window.opener.oauthCallback(#{@ret.to_json}); window.close();</script>"
+  end
+
+  alias_method :facebook, :all
+  alias_method :twitter, :all
+
+  private
+
+  # omniauth callback 분석
+  def from_omniauth(auth)
+    if auth[:provider] && auth[:uid] # 인증정보가 있으면..
+      oauth = OauthAuthentication.find_by_provider_and_uid(auth[:provider], auth[:uid])
+      if oauth # 이미 가입되어 있다면 oauth 정보를 갱신함
+        oauth.update_with_credential(auth[:credentials])
+        oauth.save
+
+        return oauth.user
+      else # 가입 정보가 없음!
+        if auth[:info][:email].present? # 이메일이 있으면 가입 또는 연동
+          user = User.find_or_create_by(email: auth[:info][:email]) do |u|
+            u.name = auth[:info][:name] || auth[:info][:email]
+            u.password = Devise.friendly_token[0,20]
+            u.skip_confirmation!
+            u.save
+          end
+          user.confirm! # 인증 대기 중이면 바로 인증시켜버림
+
+          # oauth 정보 생성
+          user.add_oauth_info(auth)
+
+          return user
+        else # 이메일이 없으면 추가정보를 입력받도록 함
+          user = User.new
+          user.errors.add(:email, "email required")
+
+          return user
+        end
+      end
+    end
+
+    nil
+  end
+end