village_auth 1.0.0

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in lam_auth.gemspec
+gemspec

data/README.rdoc

@@ -0,0 +1,38 @@
+Аутентификация для спецпроектов The Village
+
+== Установка
+
+  gem install village_auth
+
+После установки/добавления в Gemfile:
+
+  rails generate village_auth User
+
+после этого нужно добавить настройки приложения в config/village_auth.yml.
+
+== Обработчик LoginRequiredException
+
+Для actions, где требуется залогиненный пользователь:
+
+  before_filter :login_required
+
+можно сделать обработчик для LoginRequiredException:
+
+  rescue_from VillageAuth::LoginRequiredException, :with => :render_login_required
+
+  private
+
+  def render_login_required
+    render :file => 'shared/login_required', :layout => 'application', :status => 401
+  end
+  
+== Подключение панели
+
+Подключить js-код в head:
+  
+  <%= village_auth_include_tag %>
+  
+Затем:
+
+  <div id="village-root"></div>
+  <%= village_auth_init_tag %>

data/Rakefile

@@ -0,0 +1,2 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks

data/lib/generators/active_record/templates/migration.rb

@@ -0,0 +1,20 @@
+class Create<%= table_name.camelize %> < ActiveRecord::Migration
+  def self.up
+    create_table(:<%= table_name %>) do |t|
+      t.string :login, :null => false
+      t.string :email, :null => false
+      t.string :first_name
+      t.string :last_name
+      t.string :userpic
+      t.text :profile
+      t.timestamps
+    end
+    
+    add_index :<%= table_name %>, :login
+    add_index :<%= table_name %>, :email
+  end
+
+  def self.down
+    drop_table :<%= table_name %>
+  end
+end

data/lib/generators/active_record/village_auth_generator.rb

@@ -0,0 +1,23 @@
+require 'rails/generators/active_record'
+require 'generators/village_auth/helpers'
+
+module ActiveRecord
+  module Generators
+    class VillageAuthGenerator < ActiveRecord::Generators::Base
+      include VillageAuth::Generators::Helpers
+      source_root File.expand_path("../templates", __FILE__)
+
+      def generate_model
+        invoke "active_record:model", [name], :migration => false unless model_exists? && behavior == :invoke
+      end
+
+      def copy_village_auth_migration
+        migration_template "migration.rb", "db/migrate/create_#{table_name}"
+      end
+
+      def inject_village_auth_content
+        inject_into_class(model_path, class_name, model_contents) if model_exists?
+      end
+    end
+  end
+end

data/lib/generators/templates/village_auth.yml

@@ -0,0 +1,3 @@
+# return_url можно не указывать, если это дефолтный http://:app-domain/xd_receiver.html
+app_id: app_id
+secret: secret

data/lib/generators/templates/xd_receiver.html

@@ -0,0 +1,15 @@
+<!DOCTYPE HTML>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <title></title>
+  <script type="text/javascript">
+    window.opener.VLG.successLogin(window.location.hash.substring(1));
+  </script>
+</head>
+<body><p>Loading...</p>
+</body>
+</html>
+
+
+

data/lib/generators/village_auth/helpers.rb

@@ -0,0 +1,19 @@
+module VillageAuth
+  module Generators
+    module Helpers
+      def model_exists?
+        File.exists?(File.join(destination_root, model_path))
+      end
+
+      def model_path
+        @model_path ||= File.join("app", "models", "#{file_path}.rb")
+      end
+      
+      def model_contents
+<<-CONTENT
+  include VillageAuth::Model
+CONTENT
+      end
+    end
+  end
+end

data/lib/generators/village_auth/village_auth_generator.rb

@@ -0,0 +1,24 @@
+module VillageAuth
+  module Generators
+    class VillageAuthGenerator < Rails::Generators::NamedBase
+      namespace "village_auth"
+      source_root File.expand_path("../../templates", __FILE__)
+
+      desc "Installs village_auth: generates a model plus includes required extensions."
+      
+      hook_for :orm
+      
+      def inject_controller_content
+        inject_into_class(File.join("app", "controllers", "application_controller.rb"), 'ApplicationController', "  village_auth_for :#{file_path}\n")
+      end
+      
+      def copy_xd_receiver
+        copy_file 'xd_receiver.html', 'public/xd_receiver.html'
+      end
+      
+      def copy_yml
+        copy_file 'village_auth.yml', 'config/village_auth.yml'
+      end
+    end
+  end
+end

data/lib/village_auth.rb

@@ -0,0 +1,48 @@
+require 'rack/utils'
+require 'digest/md5'
+
+require 'village_auth/controller_extensions'
+require 'village_auth/helpers'
+require 'village_auth/model'
+ActionController::Base.extend(VillageAuth::ControllerExtensions)
+ActionController::Base.helper(VillageAuth::Helpers)
+
+module VillageAuth
+  class LoginRequiredException < Exception
+  end
+  
+  class << self
+    def config
+      @config ||= YAML.load_file(Rails.root.join("config/village_auth.yml"))
+    end
+    
+    def url
+      "http://www.the-village.ru"
+    end
+    
+    def signup_url
+      "#{url}/signup"
+    end
+    
+    def uri
+      URI.parse(url)
+    end
+    
+    def cookie_id
+      "village_#{config['app_id']}"
+    end
+    
+    def valid_cookie?(data)
+      valid_hash?(parse_cookie_to_hash(data))
+    end
+    
+    def parse_cookie_to_hash(data)
+      Rack::Utils.parse_query(Rack::Utils.unescape(data.to_s.gsub('"', '')))
+    end
+    
+    def valid_hash?(hash)
+      Digest::MD5.hexdigest(hash.except('sig').sort.map{|v| v.join('=')}.join + VillageAuth.config['secret']) == hash['sig']
+    end
+  end
+end
+

data/lib/village_auth/controller_extensions.rb

@@ -0,0 +1,53 @@
+module VillageAuth
+  module ControllerExtensions
+    def village_auth_for(klass)
+      class_attribute :user_model_class_name
+      self.user_model_class_name = klass
+      
+      helper_method(:current_user, :logged_in?)
+      before_filter :login_from_cookie
+      
+      extend ClassMethods
+      include InstanceMethods
+      protected :logged_in?, :current_user, :current_user=, :access_token, :login_from_cookie, :login_required
+    end
+    
+    module ClassMethods
+      def user_model_class
+        user_model_class_name.to_s.classify.constantize
+      end
+    end
+    
+    module InstanceMethods
+      def logged_in?
+        !!current_user
+      end
+  
+      def current_user
+        @current_user ||= session[:user] && self.class.user_model_class.find_by_id(session[:user])
+      end
+  
+      def current_user=(new_user)
+        session[:user] = new_user && new_user.id
+        @current_user = new_user
+      end
+  
+      def access_token
+        cookie = cookies[VillageAuth.cookie_id]
+        VillageAuth.valid_cookie?(cookie) && VillageAuth.parse_cookie_to_hash(cookie)['access_token']
+      end
+  
+      def login_from_cookie
+        if logged_in?
+          !access_token && self.current_user = nil
+        else
+          access_token && self.current_user = self.class.user_model_class.find_by_access_token(access_token)
+        end
+      end
+  
+      def login_required
+        logged_in? || raise(LoginRequiredException)
+      end
+    end
+  end
+end

data/lib/village_auth/helpers.rb

@@ -0,0 +1,18 @@
+module VillageAuth
+  module Helpers
+    def village_auth_include_tag
+      javascript_include_tag("http://assets0.the-village.ru/api/js/VLG.Login.js")
+    end
+  
+    def village_auth_init_tag(options = {})
+      options.reverse_merge!(
+        :app_id          => VillageAuth.config['app_id'],
+        :panel_node_id   => 'village-root', 
+        :fixed           => false
+      )      
+      options.reverse_merge!(:xd_receiver_url => VillageAuth.config['return_url']) if VillageAuth.config['return_url']
+      
+      javascript_tag("VLG.init({#{options.map{|k, v| "#{k.to_s.camelize(:lower)}: #{v.inspect}"}.join(",\n")}});")
+    end
+  end
+end

data/lib/village_auth/model.rb

@@ -0,0 +1,54 @@
+require 'net/http'
+require 'net/https'
+module VillageAuth
+  module Model
+    def self.included(base)
+      base.validates_presence_of :login, :email
+      base.validates_uniqueness_of :login, :email
+      base.serialize :profile
+      base.send(:extend, ClassMethods)
+    end
+    
+    module ClassMethods
+      def find_by_access_token(access_token)
+        Rails.logger.info("Trying to authorize a token #{access_token.inspect} ")
+
+        village_uri = VillageAuth.uri
+        http = Net::HTTP.new(village_uri.host, village_uri.port)
+        response, body = http.get("#{village_uri.path}/users/me", {'Authorization' => "Token token=\"#{access_token}\""})
+        if response.code == "200"
+          data = ActiveSupport::JSON.decode(body)
+          Rails.logger.info("...success: #{data.inspect}")
+          create_or_update_by_auth_data(data)
+        else
+          Rails.logger.info("...failed with #{response.code}!")
+          nil
+        end
+      rescue Net::ProtoRetriableError => detail
+        Rails.logger.info("...failed!")
+        Rails.logger.info(detail)
+        nil
+      end
+
+      def create_or_update_by_auth_data(data)
+        user = find_or_initialize_by_login(data['login'])
+        user.update_attributes data.slice(*%w{email first_name last_name}).merge(
+          'userpic' => data['userpic']['icon'], 
+          'profile' => data.except(*%w{login email first_name last_name userpic})
+        )
+        user
+      end
+    end
+    
+    def name
+      [first_name, last_name].select(&:present?).join(" ")
+    end
+    
+    def userpic(version = :icon)
+      pic = read_attribute(:userpic)
+      return nil if pic.blank?
+      pic.sub(/user-userpic-\w+/, "user-userpic-#{version}")
+    end  
+    
+  end
+end

data/lib/village_auth/version.rb

@@ -0,0 +1,3 @@
+module VillageAuth
+  VERSION = "1.0.0"
+end

data/village_auth.gemspec

@@ -0,0 +1,19 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "village_auth/version"
+
+Gem::Specification.new do |s|
+  s.name        = "village_auth"
+  s.version     = VillageAuth::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Max Macovsky", "Anton Platonov"]
+  s.email       = ["robotector@gmail.com", "platosha@lookatme.ru"]
+  s.homepage    = "http://github.com/macovsky/village_auth"
+  s.summary     = %q{Аутентификация для спецпроектов The Village}
+  s.description = %q{}
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

metadata

@@ -0,0 +1,86 @@
+--- !ruby/object:Gem::Specification 
+name: village_auth
+version: !ruby/object:Gem::Version 
+  hash: 23
+  prerelease: 
+  segments: 
+  - 1
+  - 0
+  - 0
+  version: 1.0.0
+platform: ruby
+authors: 
+- Max Macovsky
+- Anton Platonov
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2012-06-25 00:00:00 Z
+dependencies: []
+
+description: ""
+email: 
+- robotector@gmail.com
+- platosha@lookatme.ru
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- README.rdoc
+- Rakefile
+- lib/generators/active_record/templates/migration.rb
+- lib/generators/active_record/village_auth_generator.rb
+- lib/generators/templates/village_auth.yml
+- lib/generators/templates/xd_receiver.html
+- lib/generators/village_auth/helpers.rb
+- lib/generators/village_auth/village_auth_generator.rb
+- lib/village_auth.rb
+- lib/village_auth/controller_extensions.rb
+- lib/village_auth/helpers.rb
+- lib/village_auth/model.rb
+- lib/village_auth/version.rb
+- village_auth.gemspec
+homepage: http://github.com/macovsky/village_auth
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: !binary |
+  0JDRg9GC0LXQvdGC0LjRhNC40LrQsNGG0LjRjyDQtNC70Y8g0YHQv9C10YbQ
+  v9GA0L7QtdC60YLQvtCyIFRoZSBWaWxsYWdl
+
+test_files: []
+