stocktwits 1.0.0

data/app/models/stocktwits/plain_user.rb

@@ -0,0 +1,53 @@
+require 'net/http'
+
+module Stocktwits
+  module PlainUser
+    def self.included(base)
+      base.class_eval do
+
+      end
+
+      base.extend Stocktwits::PlainUser::ClassMethods
+    end
+
+    module ClassMethods
+      def verify_credentials(login, password)
+      
+        response =  Stocktwits.net.start { |http|
+                  request = Net::HTTP::Get.new(Stocktwits.base_url + "/users/show/#{login}.json")
+                  http.request(request)
+                }
+
+        if response.code == '200'
+          JSON.parse(response.body)
+        else
+          false
+        end
+      end
+
+      def authenticate(login, password = nil)
+        if stocktwits_hash = verify_credentials(login, password)
+          user = identify_or_create_from_stocktwits_hash_and_password(stocktwits_hash, password)
+          user
+        else
+          nil
+        end
+      end
+      
+      def identify_or_create_from_stocktwits_hash_and_password(stocktwits_hash, password)
+        if user = User.find_by_stocktwits_id(stocktwits_hash['id'].to_s)
+          user.login = stocktwits_hash['login']
+          user.assign_stocktwits_attributes(stocktwits_hash)
+          user.save
+          user
+        else
+          user = User.new_from_stocktwits_hash(stocktwits_hash)
+          user.save
+          user
+        end
+      end
+      
+    end
+  end
+end
+

data/app/views/sessions/_login.html.erb

@@ -0,0 +1,18 @@
+<% form_tag session_path, :id => 'login_form' do %>
+  <div class='field'>
+    <label for='login'>Stocktwits Username:</label>
+    <%= text_field_tag 'login', nil, :class => 'text_field' %><br/>
+		<em>On "plain" strategy, you need only the login</em> 
+  </div>
+  <div class='field'>
+    <label for='password'>Password:</label>
+    <%= password_field_tag 'password', nil, :class => 'password_field' %>
+  </div>
+  <!--<div class='checkbox-field'>
+<%= check_box_tag 'remember_me' %> <label for='remember_me'>Keep Me Logged In</label>
+</div>-->
+  <div class='field submit'>
+    <%= submit_tag 'Log In', :class => 'submit' %>
+  </div>
+<% end %>
+

data/app/views/sessions/new.html.erb

@@ -0,0 +1,5 @@
+<h1>Log In Via StockTwits</h1>
+
+<p>This application utilizes your Stocktwits username and password for authentication; you do not have to create a separate account here. To log in, just enter your Stocktwits credentials in the form below.</p>
+
+<%= render :partial => 'login_form' %>

data/config/routes.rb

@@ -0,0 +1,6 @@
+ActionController::Routing::Routes.draw do |map|
+  map.login '/login', :controller => 'sessions', :action => 'new'
+  map.logout '/logout', :controller => 'sessions', :action => 'destroy'
+  map.resource :session
+  map.oauth_callback '/oauth_callback', :controller => 'sessions', :action => 'oauth_callback'
+end

data/generators/stocktwits/USAGE

@@ -0,0 +1,12 @@
+Stocktwits Generator
+=====================
+
+The Stocktwits generator allows you to generate the components necessary to implement Twitter as a Single Sign-On provider for your site.
+
+To run it, you simply need to call it:
+
+script/generate stocktwits
+
+This will generate the migration necessary for the users table as well as generate a User model that extends the appropriate Stocktwits model template and a config/stocktwits.yml that allows you to set your OAuth consumer key and secret (if required). 
+
+By default, Stocktwits uses Plain as its authentication strategy. If you wish to use HTTP Basic you can pass in the --basic option or OAuth if you pass the -O or --oauth option.

data/generators/stocktwits/stocktwits_generator.rb

@@ -0,0 +1,42 @@
+class StocktwitsGenerator < Rails::Generator::Base
+  default_options :oauth => false, :basic => false, :plain => true
+
+  def manifest
+    record do |m|
+      m.class_collisions 'User'
+
+      m.migration_template 'migration.rb', 'db/migrate', :migration_file_name => 'stocktwits_migration'
+      m.template 'user.rb', File.join('app','models','user.rb')
+      m.template 'stocktwits.yml', File.join('config','stocktwits.yml')
+    end
+  end
+
+  protected
+
+  def banner
+    "Usage: #{$0} stocktwits"
+  end
+
+  def add_options!(opt)
+    opt.separator ''
+    opt.separator 'Options:'
+    
+    opt.on('-O', '--oauth', 'Use the OAuth authentication strategy to connect to Stocktwits. (default)') { |v| 
+      options[:oauth] = v
+      options[:basic] = !v
+      options[:plain] = !v
+    }
+
+    opt.on('-B', '--basic', 'Use the HTTP Basic authentication strategy to connect to Stocktwits.') { |v| 
+      options[:basic] = v
+      options[:oauth] = !v
+      options[:plain] = !v
+    }
+    
+    opt.on('-P', '--plain', 'Use a plain HTTP request strategy with no auth to connect to Stocktwits.') { |v| 
+      options[:plain] = v
+      options[:basic] = !v
+      options[:oauth] = !v
+    }
+  end
+end

data/generators/stocktwits/templates/migration.rb

@@ -0,0 +1,20 @@
+class StocktwitsMigration < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.string :stocktwits_id
+      t.string :login
+      # t.string :access_token - uncomment if you change your are planning to use the "oauth" strategy
+      # t.string :access_secret - uncomment if you change your are planning to use the "oauth" strategy
+
+      # t.binary :crypted_password - uncomment if you change your are planning to use the "basic" strategy
+      # t.string :salt - uncomment if you change your are planning to use the "basic" strategy
+
+
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/generators/stocktwits/templates/stocktwits.yml

@@ -0,0 +1,66 @@
+# OAuth example
+# ------------
+# development:
+#   strategy: oauth
+#   oauth_consumer_key: devkey
+#   oauth_consumer_secret: devsecret
+#   base_url: "http://api.stocktwits.com"
+#   authorize_path: "/oauth/authenticate"
+#   api_timeout: 10
+#   remember_for: 14 # days
+#   oauth_callback: "http://localhost:3000/oauth_callback"
+# test:
+#   strategy: oauth
+#   oauth_consumer_key: testkey
+#   oauth_consumer_secret: testsecret
+#   base_url: "http://api.stocktwits.com"
+#   authorize_path: "/oauth/authenticate"
+#   api_timeout: 10
+#   remember_for: 14 # days
+#   oauth_callback: "http://localhost:3000/oauth_callback"
+# production:
+#   strategy: oauth
+#   oauth_consumer_key: prodkey
+#   oauth_consumer_secret: prodsecret 
+#   authorize_path: "/oauth/authenticate"
+#   base_url: "http://api.stocktwits.com"
+#   api_timeout: 10
+#   remember_for: 14 # days
+
+# Basic Example
+# -------------
+# development:
+#   strategy: basic
+#   api_timeout: 10
+#   base_url: "http://api.stocktwits.com"
+#   # randomly generated key for encrypting Stocktwits passwords
+#   encryption_key: "<%= key = ActiveSupport::SecureRandom.hex(12) %>"
+#   remember_for: 14 # days
+# test:
+#   strategy: basic
+#   api_timeout: 10
+#   base_url: "http://api.stocktwits.com"
+#   encryption_key: "<%= key %>"
+#   remember_for: 14 # days
+# production:
+#   strategy: basic
+#   api_timeout: 10
+#   encryption_key: "<%= key %>"
+#   remember_for: 14 # days
+
+# Plain Example
+# -------------
+# development:
+#   strategy: plain
+#   api_timeout: 10
+#   base_url: "http://api.stocktwits.com"
+#   remember_for: 14 # days
+# test:
+#   strategy: basic
+#   api_timeout: 10
+#   base_url: "http://api.stocktwits.com"
+#   remember_for: 14 # days
+# production:
+#   strategy: basic
+#   api_timeout: 10
+#   remember_for: 14 # days

data/generators/stocktwits/templates/user.rb

@@ -0,0 +1,5 @@
+class User < Stocktwits::GenericUser
+  # Extend and define your user model as you see fit.
+  # All of the authentication logic is handled by the 
+  # parent Stocktwits::GenericUser class.
+end

data/lib/stocktwits.rb

@@ -0,0 +1,103 @@
+module Stocktwits
+  class Error < StandardError; end
+  
+  def self.config(environment=Rails.env)
+    @config ||= {}
+    @config[environment] ||= YAML.load(File.open(Rails.root.to_s + '/config/stocktwits.yml').read)[environment]
+  end
+
+  def self.base_url
+    config['base_url'] || 'https://api.stocktwits.com'    
+  end
+  
+  def self.path_prefix
+    URI.parse(base_url).path
+  end
+
+  def self.api_timeout
+    config['api_timeout'] || 10
+  end
+  
+  def self.encryption_key
+    if strategy != :plain
+      raise Stocktwits::Cryptify::Error, 'You must specify an encryption_key in config/stocktwits.yml' if config['encryption_key'].blank?
+    end
+    config['encryption_key'] 
+  end
+  
+  def self.oauth_callback?
+    config.key?('oauth_callback')
+  end
+  
+  def self.oauth_callback
+    config['oauth_callback']
+  end
+
+  def self.remember_for
+    (config['remember_for'] || 14).to_i
+  end
+  
+  def self.strategy
+    strat = config['strategy']
+    raise ArgumentError, 'Invalid StockTwits Strategy: Valid strategies are oauth and basic.' unless %w(oauth basic plain).include?(strat)
+    strat.to_sym
+  rescue Errno::ENOENT
+    :basic
+  end
+  
+  def self.oauth?
+    strategy == :oauth
+  end
+  
+  def self.basic?
+    strategy == :basic
+  end
+  
+  def self.plain?
+    strategy == :plain
+  end
+  
+  def self.consumer
+    options = {:site => Stocktwits.base_url}
+    [ :authorize_path, 
+      :request_token_path,
+      :access_token_path,
+      :scheme,
+      :signature_method ].each do |oauth_option|
+      options[oauth_option] = Stocktwits.config[oauth_option.to_s] if Stocktwits.config[oauth_option.to_s]
+    end
+
+    OAuth::Consumer.new(
+      config['oauth_consumer_key'],          
+      config['oauth_consumer_secret'],
+      options 
+    )
+  end
+  
+  def self.net
+    uri = URI.parse(Stocktwits.base_url)
+    net = Net::HTTP.new(uri.host, uri.port)
+    net.use_ssl = uri.scheme == 'https'
+    net.read_timeout = Stocktwits.api_timeout
+    net
+  end
+
+  def self.authorize_path
+    config['authorize_path'] || '/oauth/authorize'
+  end
+end
+
+require 'stocktwits/controller_extensions'
+require 'stocktwits/cryptify'
+require 'stocktwits/dispatcher/shared'
+require 'stocktwits/dispatcher/oauth'
+require 'stocktwits/dispatcher/basic'
+require 'stocktwits/dispatcher/plain'
+
+
+module Stocktwits
+  module Dispatcher
+    class Error < StandardError; end
+    class Unauthorized < Error; end
+  end
+end

data/lib/stocktwits/controller_extensions.rb

@@ -0,0 +1,72 @@
+module Stocktwits
+  # These methods borrow HEAVILY from Rick Olsen's
+  # Restful Authentication. All cleverness props
+  # go to him, not me.
+  module ControllerExtensions
+    def self.included(base)
+      base.send :helper_method, :current_user, :logged_in?, :authorized?
+    end
+
+    protected
+
+    def authentication_failed(message, destination='/')
+      flash[:error] = message
+      redirect_to destination
+    end
+
+    def authentication_succeeded(message = 'You have logged in successfully.', destination = '/')
+      flash[:notice] = message
+      redirect_back_or_default destination
+    end
+
+    def current_user
+      @current_user ||= 
+        if session[:user_id]
+          User.find_by_id(session[:user_id])
+        elsif cookies[:remember_token]
+          User.from_remember_token(cookies[:remember_token])
+        else
+          false
+        end
+    end
+
+    def current_user=(new_user)
+      session[:user_id] = new_user.id
+      @current_user = new_user
+    end
+
+    def authorized?
+      !!current_user
+    end
+
+    def login_required
+      authorized? || access_denied 
+    end
+
+    def access_denied
+      store_location
+      redirect_to login_path
+    end
+
+    def store_location
+      session[:return_to] = request.request_uri
+    end
+
+    def redirect_back_or_default(default)
+      redirect_to(session[:return_to] || default)
+      session[:return_to] = nil
+    end
+
+    def logged_in?
+      !!current_user
+    end
+
+    def logout_keeping_session!
+      session[:user_id] = nil
+      @current_user = nil
+      cookies.delete(:remember_token)
+    end
+  end
+end
+
+ActionController::Base.send(:include, Stocktwits::ControllerExtensions)

data/lib/stocktwits/cryptify.rb

@@ -0,0 +1,30 @@
+module Stocktwits
+  module Cryptify
+    class Error < StandardError; end
+    
+    def self.encrypt(data)
+      salt = generate_salt
+      {:encrypted_data => EzCrypto::Key.encrypt_with_password(Stocktwits.encryption_key, salt, data), :salt => salt}
+    end
+ 
+    def self.decrypt(encrypted_data_or_hash, salt=nil)
+      case encrypted_data_or_hash
+      when String
+        encrypted_data = encrypted_data_or_hash
+        raise ArgumentError, 'Must provide a salt to decrypt.' unless salt
+      when Hash
+        encrypted_data = encrypted_data_or_hash[:encrypted_data]
+        salt = encrypted_data_or_hash[:salt]
+      else
+        raise ArgumentError, 'Must provide either an encrypted hash result or encrypted string and salt.'
+      end
+
+      EzCrypto::Key.decrypt_with_password(Stocktwits.encryption_key, salt, encrypted_data)
+    end
+  
+    def self.generate_salt
+      ActiveSupport::SecureRandom.hex(4)
+    end
+  end
+end
+