tiny_passport 0.0.1 → 0.0.2

data/db/migrate/20131105104559_create_tiny_passport_oauth_tokens.rb

@@ -0,0 +1,27 @@
+# -*- encoding : utf-8 -*-
+class CreateTinyPassportOauthTokens < ActiveRecord::Migration
+  def change
+    create_table :tiny_passport_oauth_tokens do |t|
+      t.integer :strategy_type_value, :default => 0,  :null => false
+      t.string :strategy_id,          :default => '', :null => false
+      t.string :access_token,         :default => '', :null => false
+      t.string :access_secret,        :default => '', :null => false
+      t.datetime :expires_at
+      t.string :origin_avatar_url,    :default => '', :null => false
+      t.string :name,                 :default => '', :null => false
+      t.string :nick_name,            :default => '', :null => false
+      t.integer :avatar_id
+      t.integer :gender,              :default => 0,  :null => false  # 1: 男 2： 女
+
+      t.timestamps
+    end
+
+    add_index :tiny_passport_oauth_tokens, 
+      [:strategy_id, :strategy_type_value],
+      :name => "index_tiny_passport_oauth_tokens_on_strategy",
+      :unique => true
+
+    add_index :tiny_passport_oauth_tokens, [:name]
+    add_index :tiny_passport_oauth_tokens, [:nick_name]
+  end
+end

data/db/migrate/20131105104632_create_tiny_passport_oauth_logins.rb

@@ -0,0 +1,15 @@
+# -*- encoding : utf-8 -*-
+class CreateTinyPassportOauthLogins < ActiveRecord::Migration
+  def change
+    create_table :tiny_passport_oauth_logins do |t|
+      t.integer :oauth_token_id
+      t.integer :account_id
+      t.integer :status_value, :default => 0, :null => false
+
+      t.timestamps
+    end
+
+    add_index :tiny_passport_oauth_logins, [:oauth_token_id], :unique => true
+    add_index :tiny_passport_oauth_logins, [:account_id]
+  end
+end

data/db/migrate/20131105104702_create_tiny_passport_oauth_binds.rb

@@ -0,0 +1,16 @@
+# -*- encoding : utf-8 -*-
+class CreateTinyPassportOauthBinds < ActiveRecord::Migration
+  def change
+    create_table :tiny_passport_oauth_binds do |t|
+      t.integer :oauth_token_id
+      t.integer :account_id
+      t.integer :status_value, :default => 0, :null => false
+      t.text :config_info_yaml
+
+      t.timestamps
+    end
+
+    add_index :tiny_passport_oauth_binds, [:oauth_token_id]
+    add_index :tiny_passport_oauth_binds, [:account_id]
+  end
+end

data/db/migrate/20131105104738_create_tiny_passport_oauth_infos.rb

@@ -0,0 +1,13 @@
+# -*- encoding : utf-8 -*-
+class CreateTinyPassportOauthInfos < ActiveRecord::Migration
+  def change
+    create_table :tiny_passport_oauth_infos do |t|
+      t.integer :oauth_token_id
+      t.text :raw_info_yaml
+
+      t.timestamps
+    end
+
+    add_index :tiny_passport_oauth_infos, [:oauth_token_id], :unique => true
+  end
+end

data/db/migrate/20131105104847_create_tiny_passport_avatars.rb

@@ -0,0 +1,20 @@
+# -*- encoding : utf-8 -*-
+class CreateTinyPassportAvatars < ActiveRecord::Migration
+  def change
+    create_table :tiny_passport_avatars do |t|
+      t.string :file,              :default => '', :null => false
+      t.string :file_content_type, :default => '', :null => false
+      t.integer :file_size,        :default => 0,  :null => false
+      t.string :file_name,         :default => '', :null => false
+      t.string :origin_file_name,  :default => '', :null => false
+      t.integer :status_value,     :default => 0,  :null => false
+      t.references :owner, :polymorphic => true
+      t.integer :account_id
+
+      t.timestamps
+    end
+
+    add_index :tiny_passport_avatars, [:owner_id, :owner_type], :name => "index_tiny_passport_avatars_on_owner"
+    add_index :tiny_passport_avatars, [:file]
+  end
+end

data/db/migrate/20131107031935_create_tiny_passport_login_emails.rb

@@ -0,0 +1,25 @@
+# -*- encoding : utf-8 -*-
+class CreateTinyPassportLoginEmails < ActiveRecord::Migration
+  def change
+    create_table :tiny_passport_login_emails do |t|
+      t.string   :value,               :default => '', :null => false
+      t.string   :encrypted_confirmation_token,  :default => '', :null => false
+      t.datetime :confirmed_at
+      t.datetime :confirmation_send_at
+
+      t.string   :encrypted_reset_password_token,  :default => '', :null => false
+      t.datetime :reset_password_token_send_at
+
+      t.integer  :account_id
+      t.datetime :deleted_at
+      t.integer  :status_value,        :default => 0, :null => false
+
+      t.timestamps
+    end
+
+    add_index :tiny_passport_login_emails, [:value], :unique => true
+    add_index :tiny_passport_login_emails, [:encrypted_confirmation_token], :name => :index_tiny_passport_login_emails_confirmation_token
+    add_index :tiny_passport_login_emails, [:encrypted_reset_password_token], :name => :index_tiny_passport_login_emails_reset_password_token
+    add_index :tiny_passport_login_emails, [:account_id]
+  end
+end

data/lib/omniauth/strategies/qq_connect.rb

@@ -0,0 +1,114 @@
+# encoding: utf-8
+require 'omniauth/strategies/oauth2'
+require "tiny_passport/omniauth/strategable"
+
+module OmniAuth
+  module Strategies
+    class QQConnect < ::OmniAuth::Strategies::OAuth2
+      include ::TinyPassport::OmniAuth::Strategable
+
+      option :name, "qq_connect"
+
+      option :client_options, {
+        :site => 'https://graph.qq.com/oauth2.0/',
+        :authorize_url => '/oauth2.0/authorize',
+        :token_url => "/oauth2.0/token"
+      }
+
+      option :token_params, {
+        :state => 'foobar',
+        :parse => :query
+      }
+
+      option :authorize_options, [:scope]
+
+      uid do
+        @uid ||= begin
+                   access_token.options[:mode] = :query
+                   access_token.options[:param_name] = :access_token
+                   # Response Example: "callback( {\"client_id\":\"11111\",\"openid\":\"000000FFFF\"} );\n"
+                   response = access_token_get('/oauth2.0/me')
+                   #TODO handle error case
+                   matched = response.body.match(/"openid":"(?<openid>\w+)"/)
+                   matched[:openid]
+                 end
+      end
+
+      #  {
+      #     "provider": "qq_connect",
+      #     "uid": "51173C8FCF304708D299C1EE00A7BB6A",
+      #     "info": {
+      #       "nick_name": "Happy",
+      #       "name": "Happy",
+      #       "avatar": "http://qzapp.qlogo.cn/qzapp/100587827/51173C8FCF304708D299C1EE00A7BB6A/100",
+      #       "gender": 1
+      #     },
+      #     "credentials": {
+      #       "token": "71A81CB1FCB726C791D985C5AA117338",
+      #       "refresh_token": "A3F01B40632B2C39262FA5F02981BC0A",
+      #       "expires_at": 1396189038,
+      #       "expires": true
+      #     },
+      #     "extra": {
+      #       "raw_info": {
+      #         "ret": 0,
+      #         "msg": "",
+      #         "is_lost": 0,
+      #         "nickname": "Happy",
+      #         "gender": "男",
+      #         "figureurl": "http://qzapp.qlogo.cn/qzapp/100587827/51173C8FCF304708D299C1EE00A7BB6A/30",
+      #         "figureurl_1": "http://qzapp.qlogo.cn/qzapp/100587827/51173C8FCF304708D299C1EE00A7BB6A/50",
+      #         "figureurl_2": "http://qzapp.qlogo.cn/qzapp/100587827/51173C8FCF304708D299C1EE00A7BB6A/100",
+      #         "figureurl_qq_1": "http://q.qlogo.cn/qqapp/100587827/51173C8FCF304708D299C1EE00A7BB6A/40",
+      #         "figureurl_qq_2": "http://q.qlogo.cn/qqapp/100587827/51173C8FCF304708D299C1EE00A7BB6A/100",
+      #         "is_yellow_vip": "0",
+      #         "vip": "0",
+      #         "yellow_vip_level": "0",
+      #         "level": "0",
+      #         "is_yellow_year_vip": "0"
+      #       }
+      #     }
+      #   }
+      info do
+        {
+          :nick_name => raw_info['nickname'],
+          :name      => raw_info['nickname'],
+          :avatar    => raw_info['figureurl_2'],
+          :gender    => get_gender_value(raw_info)
+        }
+      end
+
+      def get_gender_value raw_info={}
+        case raw_info['gender']
+        when '男'
+          ::TinySupport::Const::MALE
+        when '女'
+          ::TinySupport::Const::FAMALE
+        else
+          0
+        end
+      end
+
+      extra do
+        {
+          :raw_info => raw_info
+        }
+      end
+
+      def raw_info
+        @raw_info ||= begin
+                        #TODO handle error case
+                        #TODO make info request url configurable
+                        client_request(:get, "https://graph.qq.com/user/get_user_info", :params => {
+                          :format => :json,
+                          :openid => uid,
+                          :oauth_consumer_key => options[:client_id],
+                          :access_token => access_token.token
+                        }, :parse => :json).parsed
+                      end
+      end
+    end
+  end
+end
+
+OmniAuth.config.add_camelization('qq_connect', 'QQConnect')

data/lib/tiny_passport/config.rb

@@ -0,0 +1,72 @@
+# -*- encoding : utf-8 -*-
+module TinyPassport
+  class << self
+    attr_writer :config
+
+    def config
+      @config ||= Config.new
+    end
+
+    def configure
+      yield self.config ||= Config.new
+    end
+  end
+
+  class Config
+    def omniauth_providers= providers={}
+      @omniauth_providers ||= providers
+    end
+
+    def omniauth_providers
+      @omniauth_providers ||= {}
+    end
+
+    def omniauth_providers_regexp
+      @omniauth_providers_regexp ||= ::Regexp.new(self.omniauth_providers.keys.join('|'))
+    end
+
+    def cookies_default_options= options={}
+      @cookies_default_options ||= options
+    end
+
+    def cookies_default_options
+      @cookies_default_options
+    end
+
+    def session_store_config= options={}
+      @session_store_config ||= options
+    end
+
+    def session_store_config
+      @session_store_config
+    end
+
+    def mailer_config= conf={}
+      @mailer_config ||= conf
+    end
+
+    def login_email_confirmation_token_expires_in
+      @login_email_confirmation_token_expires_in ||= 7.days
+    end
+
+    def login_email_reset_password_token_expires_in
+      @login_email_reset_password_token_expires_in ||= 7.days
+    end
+
+    def mailer_config
+      @mailer_config ||= {}
+    end
+
+    def email_regexp
+      /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/     
+    end
+
+    def host= host
+      @host ||= host
+    end
+
+    def host
+      @host
+    end
+  end
+end

data/lib/tiny_passport/engine.rb

@@ -1,5 +1,21 @@
+# -*- encoding : utf-8 -*-
+require 'tiny_cache'
+require 'tiny_util'
+require 'tiny_support'
+require 'protected_attributes'
+
 module TinyPassport
   class Engine < ::Rails::Engine
     isolate_namespace TinyPassport
+
+    initializer "tiny_passport.add_middleware" do |app|
+      app.middleware.use ::OmniAuth::Builder do
+        ::TinyPassport.config.omniauth_providers.each do |provider_name, provider_config|
+          require "omniauth/strategies/#{provider_name}"
+
+          provider provider_name, *provider_config
+        end
+      end
+    end
   end
 end

data/lib/tiny_passport/http_authable.rb

@@ -0,0 +1,50 @@
+# -*- encoding : utf-8 -*-
+module TinyPassport
+  module HttpAuthable
+    extend ::ActiveSupport::Concern
+
+    included do
+      helper_method :authcenter, :current_account
+
+      after_filter :sync_authcenter_frontend_signed_status
+    end
+
+    # 
+    # authcenter.create_session(login_record)
+    # authcenter.clear_session
+    #
+    def authcenter
+      @authcenter ||= ::TinyPassport::HttpAuthcenter.new(
+        :request  => request,
+        :response => response,
+        :cookies  => cookies,
+        :session  => session,
+        :url_authcenter => url_authcenter
+      )
+    end
+
+    def current_account
+      self.authcenter.current_account
+    end
+
+    def authcenter_account_required!
+      unless authcenter.account_signed_in?
+        raise ::TinyPassport::UnauthorizedError.new
+      end
+    end
+
+    # 用户不能登录，如果登录了，提示退出
+    def authcenter_account_no_required!
+      if authcenter.account_signed_in?
+        raise ::TinyPassport::AlertAuthorizedError.new
+      end
+    end
+
+    private
+
+    def sync_authcenter_frontend_signed_status
+      self.authcenter.sync_frontend_signed_status
+    end
+
+  end
+end

data/lib/tiny_passport/http_authcenter.rb

@@ -0,0 +1,138 @@
+# -*- encoding : utf-8 -*-
+module TinyPassport
+  class HttpAuthcenter
+    SESSION_KEY = '_account_id'.freeze
+    REMEMBER_TOKEN_KEY = '_account_remember_token'.freeze
+    FRONTEND_SIGNED_STATUS_KEY = '_account_signed_status'
+    FRONTEND_SIGNED_STATUSES = ::TinyUtil::Config.new([
+      {:key => 'signed', :value => '1', :desc => 'signed'}
+    ])
+    RETURN_TO_KEY = 'return_to'
+
+    attr_reader :request, :response, :session, :cookies, :url_authcenter
+
+
+    def initialize attrs={}
+      @request  = attrs[:request]
+      @response = attrs[:response]
+      @session  = attrs[:session]
+      @cookies  = attrs[:cookies]
+      @url_authcenter = attrs[:url_authcenter]
+    end
+
+    def domain
+      @domain ||= ::DomainName.new(request.host).domain
+    end
+
+    def return_to(url_to=nil)
+      request.params[RETURN_TO_KEY] ||
+        session.delete(RETURN_TO_KEY) ||
+        url_to ||
+        (request.url if request.get?) ||
+        url_authcenter.root_url
+    end
+
+    def create_session login_record
+      if login_record.remembered
+        cookies_default_options = ::TinyPassport.config.cookies_default_options
+
+        cookies[REMEMBER_TOKEN_KEY] = cookies_default_options.merge(
+          :value   => login_record.remember_token,
+          :expires => login_record.remember_expires_at,
+          :path    => '/',
+          :domain  => self.domain
+        )
+      end
+
+      _save_account_id login_record.account_id
+    end
+
+    def clear_oauth_session
+      session.delete "authcenter.oauth.usage"
+      session.delete "authcenter.oauth.token_id"
+    end
+
+    def clear_session
+      _remember_token = cookies.delete REMEMBER_TOKEN_KEY, :domain => self.domain
+
+      if _remember_token
+        if _login_record = ::TinyPassport::LoginRecord.authenticate_from_remember_token(_remember_token)
+          _login_record.remember_sign_out_at = Time.now
+          _login_record.save
+        end
+      end
+
+      cookies.delete FRONTEND_SIGNED_STATUS_KEY, :domain => self.domain
+      session.delete SESSION_KEY
+    end
+
+    def current_account
+      return @current_account if defined?(@current_account)
+
+      account_id = session[SESSION_KEY]
+
+      # @current_account = account_id ? TinyPassport::Account.find_by_id(account_id) : nil
+      @current_account = account_id ? TinyPassport::Account.tiny_cache_find_by(:id => account_id) : nil
+
+      unless @current_account
+        if _remember_token = cookies[REMEMBER_TOKEN_KEY]
+          _remember_token_form = ::TinyPassport::RememberTokenAuthForm.new
+
+          # 使用记住token登录
+          _remember_token_form.submit(
+            :remember_token => _remember_token,
+            :last_remembered_ip => request.remote_ip
+          )
+
+          if _remember_token_form.success?
+            _login_record = _remember_token_form.login_record
+            # 将account_id保存到session中
+            _save_account_id _login_record.account_id
+            # 设置当前account
+            @current_account = _login_record.account
+          end
+        end
+      end
+
+      unless @current_account
+        clear_session
+      end
+
+      @current_account
+    end
+
+    def current_account= account
+      @current_account = account
+    end
+
+    def account_signed_in?
+      !!(self.current_account)
+    end
+
+    def frontend_account_signed_in?
+      cookies[FRONTEND_SIGNED_STATUS_KEY] == FRONTEND_SIGNED_STATUSES.find_by_key('signed').value
+    end
+
+    # 同步前端的登录状态
+    def sync_frontend_signed_status
+      if self.account_signed_in?
+        cookies[FRONTEND_SIGNED_STATUS_KEY] = {
+          :value   => FRONTEND_SIGNED_STATUSES.find_by_key('signed').value,
+          :expires => ::Time.now + ::TinyPassport.config.session_store_config[:expire_after].to_i,
+          :path    => '/',
+          :domain  => self.domain
+        }
+
+      else
+        cookies.delete FRONTEND_SIGNED_STATUS_KEY, :domain => self.domain
+      end
+    end
+
+    private
+
+    def _save_account_id account_id
+      session[SESSION_KEY] = account_id
+    end
+
+  end
+end

data/lib/tiny_passport/mailerable.rb

@@ -0,0 +1,20 @@
+# -*- encoding : utf-8 -*-
+module TinyPassport
+  module Mailerable
+    extend ::ActiveSupport::Concern
+
+    included do
+      layout 'tiny_passport/mailer'
+
+      _mailer_config = ::TinyPassport.config.mailer_config
+
+      self.default(_mailer_config[:default]) if _mailer_config[:default]
+      self.default_options     = _mailer_config[:default_options] if _mailer_config[:default_options]
+      self.default_url_options = _mailer_config[:default_url_options] if _mailer_config[:default_url_options]
+
+      if _mailer_config[:smtp_settings].is_a?(::Hash)
+        self.smtp_settings.merge!(_mailer_config[:smtp_settings])
+      end
+    end
+  end
+end

data/lib/tiny_passport/omniauth/strategable.rb

@@ -0,0 +1,21 @@
+module TinyPassport
+  module OmniAuth
+    module Strategable
+      extend ::ActiveSupport::Concern
+
+      TIMEOUT = 10
+
+      def client_request *args
+        Timeout.timeout(TIMEOUT) do
+          client.request *args
+        end
+      end
+
+      def access_token_get *args
+        Timeout.timeout(TIMEOUT) do
+          access_token.get *args
+        end
+      end
+    end
+  end
+end

data/lib/tiny_passport/version.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 module TinyPassport
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

data/lib/tiny_passport.rb

@@ -1,4 +1,17 @@
+# -*- encoding : utf-8 -*-
+require "omniauth"
+require "tiny_passport/config"
 require "tiny_passport/engine"
+require "tiny_passport/mailerable"
+require "tiny_passport/http_authable"
+require "tiny_passport/http_authcenter"
 
 module TinyPassport
 end
+
+if defined?(ActionController::Base)
+  ActionController::Base.send :include, ::TinyPassport::HttpAuthable
+end
+
+I18n.load_path += Dir[Pathname.new(__FILE__).join('..', '..', 'config', 'locales', '**', '*.{rb,yml}').to_s]
+

data/test/dummy/app/controllers/application_controller.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.

data/test/dummy/app/helpers/application_helper.rb

@@ -1,2 +1,3 @@
+# -*- encoding : utf-8 -*-
 module ApplicationHelper
 end

data/test/dummy/config/application.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 require File.expand_path('../boot', __FILE__)
 
 require 'rails/all'

data/test/dummy/config/boot.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 # Set up gems listed in the Gemfile.
 ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
 

data/test/dummy/config/environment.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 # Load the Rails application.
 require File.expand_path('../application', __FILE__)
 

data/test/dummy/config/environments/development.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 Dummy::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 

data/test/dummy/config/environments/production.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 Dummy::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 

data/test/dummy/config/environments/test.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 Dummy::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 

data/test/dummy/config/initializers/backtrace_silencers.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 # Be sure to restart your server when you modify this file.
 
 # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.

data/test/dummy/config/initializers/filter_parameter_logging.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 # Be sure to restart your server when you modify this file.
 
 # Configure sensitive parameters which will be filtered from the log file.

data/test/dummy/config/initializers/inflections.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 # Be sure to restart your server when you modify this file.
 
 # Add new inflection rules using the following format. Inflections

data/test/dummy/config/initializers/mime_types.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 # Be sure to restart your server when you modify this file.
 
 # Add new mime types for use in respond_to blocks:

data/test/dummy/config/initializers/secret_token.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 # Be sure to restart your server when you modify this file.
 
 # Your secret key is used for verifying the integrity of signed cookies.

data/test/dummy/config/initializers/session_store.rb

@@ -1,3 +1,4 @@
+# -*- encoding : utf-8 -*-
 # Be sure to restart your server when you modify this file.
 
 Dummy::Application.config.session_store :cookie_store, key: '_dummy_session'