wordjelly-auth 0.0.1

data/app/assets/stylesheets/auth/overrides.scss

@@ -0,0 +1,26 @@
+/***
+get rid of the ghastly yellow background color that chrome adds when autofilling forms.
+**/
+input:-webkit-autofill,
+input:-webkit-autofill:hover,
+input:-webkit-autofill:focus,
+input:-webkit-autofill:active {
+    transition: background-color 5000s ease-in-out 0s;
+}
+
+input[type=submit] {
+  -webkit-appearance: none !important;
+}
+
+label{
+	width:100%;
+	left:0px !important; 
+}
+
+.spinner-layer{
+	border-color: white !important;
+}
+
+.g-recaptcha{
+	display:inline-block;
+}

data/app/assets/stylesheets/auth/search.css

@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/

data/app/assets/stylesheets/auth/shopping/discounts.css

@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/

data/app/assets/stylesheets/auth/users/profiles.scss

@@ -0,0 +1,40 @@
+/***
+eg of importing font and using it in a css file.
+@import url(http://fonts.googleapis.com/css?family=Lato:300,400,700);
+body {
+    font-family: 'Lato', Calibri, Arial, sans-serif;
+    background: #f9f9f9 url(../images/bg.jpg);
+    font-weight: 300;
+    font-size: 15px;
+    color: #333;
+    height: 100%;
+}
+****/
+
+.shadow{
+  display: block;
+  width: 250px;
+  height: 250px;
+  margin: 1em auto;
+  background-size: cover;
+  background-repeat: no-repeat;
+  background-position: center center;
+  -webkit-border-radius: 99em;
+  -moz-border-radius: 99em;
+  border-radius: 99em;
+  border: 5px solid #eee;
+  box-shadow: 0 3px 2px rgba(0, 0, 0, 0.3);  
+}
+
+
+.helper{
+    display: inline-block;
+    height: 100%;
+    vertical-align: middle;
+}
+
+.calendar_day_background_image{
+   width: 100%;
+   height: auto;
+   vertical-align:middle;
+}

data/app/assets/stylesheets/scaffold.css

@@ -0,0 +1,56 @@
+body { background-color: #fff; color: #333; }
+
+body, p, ol, ul, td {
+  font-family: verdana, arial, helvetica, sans-serif;
+  font-size:   13px;
+  line-height: 18px;
+}
+
+pre {
+  background-color: #eee;
+  padding: 10px;
+  font-size: 11px;
+}
+
+a { color: #000; }
+a:visited { color: #666; }
+a:hover { color: #fff; background-color:#000; }
+
+div.field, div.actions {
+  margin-bottom: 10px;
+}
+
+#notice {
+  color: green;
+}
+
+.field_with_errors {
+  padding: 2px;
+  background-color: red;
+  display: table;
+}
+
+#error_explanation {
+  width: 450px;
+  border: 2px solid red;
+  padding: 7px;
+  padding-bottom: 0;
+  margin-bottom: 20px;
+  background-color: #f0f0f0;
+}
+
+#error_explanation h2 {
+  text-align: left;
+  font-weight: bold;
+  padding: 5px 5px 5px 15px;
+  font-size: 12px;
+  margin: -7px;
+  margin-bottom: 0px;
+  background-color: #c00;
+  color: #fff;
+}
+
+#error_explanation ul li {
+  font-size: 12px;
+  list-style: square;
+}

data/app/controllers/auth/admin_create_users_controller.rb

@@ -0,0 +1,89 @@
+class Auth::AdminCreateUsersController < ApplicationController
+  ## only these actions need an authenticated user to be present for them to be executed.
+  CONDITIONS_FOR_TOKEN_AUTH = [:create,:update,:destroy,:edit,:new,:index,:show]
+  TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
+  include Auth::Concerns::DeviseConcern
+  include Auth::Concerns::TokenConcern
+  before_filter :do_before_request , TCONDITIONS
+  before_filter :initialize_vars , TCONDITIONS
+  ## ensures that only admin users.
+  before_filter :is_admin_user , TCONDITIONS
+
+
+  ## called before all the actions.
+  def initialize_vars
+    
+    @auth_user_class = Auth.configuration.user_class.constantize
+
+    @auth_user_params = permitted_params.fetch(:user,{}) 
+
+    @auth_user = params[:id] ? @auth_user_class.find_self(params[:id],current_signed_in_resource) : @auth_user_class.new(@auth_user_params)
+    
+  end
+
+  # GET /auth/admin_create_users
+  def index
+    #@auth_admin_create_users = Auth::AdminCreateUser.all
+  end
+
+  # GET /auth/admin_create_users/1
+  def show
+  end
+
+  # GET /auth/admin_create_users/new
+  def new
+    # what kind of form should be presented to the admin.
+
+    #@auth_admin_create_user = Auth::AdminCreateUser.new
+    ## just render a form with the user model.
+  end
+
+  # GET /auth/admin_create_users/1/edit
+  def edit
+  end
+
+  #  User.where(:email => "bhargav.r.raut@gmail.com").first.delete
+  # POST /auth/admin_create_users
+  def create
+    @auth_user.password = @auth_user.password_confirmation =SecureRandom.hex(24)
+    @auth_user.m_client = self.m_client
+    @auth_user.created_by_admin = true
+
+    ## we will have to set the m_client.
+    ## but what if that client is different from the client that was used to create the user?
+    ## no this will not happen here.
+    ## here we will only create.
+    respond_to do |format|
+      if @auth_user.save
+        if !@auth_user.additional_login_param.blank?
+          format.html {render "auth/confirmations/enter_otp.html.erb"}
+          format.json {render json: @auth_user.to_json, status: :created}
+        else
+          format.html {render "auth/admin_create_users/show.html.erb"}
+          format.json {render json: @auth_user.to_json, status: :created}
+        end
+      else
+        format.html {render "new.html.erb"}
+        format.json {render json:  {:errors => @auth_user.errors}, status: 422}
+      end
+    end
+  end
+
+  # PATCH/PUT /auth/admin_create_users/1
+  def update
+    ## should also allow stuff like
+    ## resend sms otp
+    ## resend confirmation email
+  end
+
+  # DELETE /auth/admin_create_users/1
+  def destroy
+    @auth_admin_create_user.destroy
+    redirect_to auth_admin_create_users_url, notice: 'Admin create user was successfully destroyed.'
+  end
+
+  def permitted_params
+    params.permit({user: [:email,:additional_login_param, :password, :password_confirmation]},:id)    
+  end
+
+end

data/app/controllers/auth/application_controller.rb

@@ -0,0 +1,97 @@
+module Auth
+  class ApplicationController < ::ApplicationController
+  	
+    protect_from_forgery with: :exception
+  	
+    rescue_from ActionController::RoutingError do |e|
+    	puts "e is : #{e.to_s}"
+  		respond_to do |format|
+	       format.json {render json: {:errors => e.to_s}, status: 422}
+  		   format.js   {render :partial => "auth/modals/resource_errors.js.erb", locals: {:errors => [e.to_s]}}
+	       format.html {render :text => e.to_s}
+	    end
+  	end  
+
+  
+    def from_bson(bson_doc,klass)
+
+	 	if !bson_doc.nil?
+
+	 		user = Mongoid::Factory.from_db(klass,bson_doc)
+	 		return user
+
+	 	else
+
+	 		return nil
+
+	 	end
+
+ 	end
+
+ 	def from_view(view,klass)
+
+	 	if !view.nil? && view.count > 0
+
+	 		user = Mongoid::Factory.from_db(klass,view.first)
+	 		return user
+
+	 	else
+
+	 		return nil
+
+	 	end
+
+	 end
+
+	 ##CURRENTLY BEING USED IN THE DUMMY APP IN OTP_CONTROLLER
+	 ##RENDERS A NOT FOUND RESPONSE, in case the user is not found.
+	 ##
+	 def not_found(error = 'Not Found')
+	 	  raise ActionController::RoutingError.new(error)
+	 end
+
+
+	 
+	def check_for_update(obj)
+		puts "Came to check for update."
+		not_found if obj.nil?
+    	not_found("please provide a valid id for the update") if obj.new_record?
+	end
+
+	def check_for_create(obj)
+		not_found if obj.nil?
+		obj.new_record? or not_found("this is not a new record")
+	end
+  	
+	def check_for_destroy(obj)
+		not_found("please provide a cart id") if obj.new_record?
+	end
+
+	## will call authenticate_(first_key_in_the_auth_resources) if there is no currently signed in scoep
+	## will return true, for the first auth_resource that gives a current_(user/whatever)
+	## if nothing returns true, will redirect to not_found,
+	## use this function wherever you want to protect a controller just using devise authentication.
+	## only makes sense to use in the scope of the web app.
+	def authenticate_resource!
+  		send("authenticate_#{Auth.configuration.auth_resources.keys.first.downcase}!") if (signed_in? == false)
+  		Auth.configuration.auth_resources.keys.each do |model|
+  			break if @resource_for_web_app = send("current_#{model.downcase}")
+  		end
+  		return if @resource_for_web_app
+  		not_found("Could not authenticate")
+  	end
+
+
+
+  	
+
+	 protected 
+
+	 def check_method_missing
+	 	puts Rails.application.routes.url_helpers.to_s
+	 end
+
+	 
+
+  end
+end

data/app/controllers/auth/clients_controller.rb

@@ -0,0 +1,105 @@
+require_dependency "auth/application_controller"
+module Auth
+  class ClientsController < ApplicationController
+ 
+    respond_to :html
+  
+    before_action :authenticate_resource!
+
+    before_action :set_client 
+
+    ## what if the client id is not the same as the user id.
+    ## in that case an error should be raised.
+
+    before_action :verify_client_belongs_to_user
+
+
+    # GET /clients
+    def index
+      render :nothing => true, :status => 200
+    end
+
+    # GET /clients/1
+    def show
+      respond_with @client
+    end
+
+    # GET /clients/new
+    def new
+      #@client = Client.new
+      render :nothing => true, :status => 200
+    end
+
+    # GET /clients/1/edit
+    def edit
+      ## edit should show forms for adding an app id.
+      ## design the form.
+    end
+
+    # POST /clients
+    def create
+      render :nothing => true, :status => 200
+    end
+
+    # response code of 204 is ok.
+    # anything else means fail.
+    # PATCH/PUT /clients/1
+    def update
+      
+
+      @client.redirect_urls << client_params[:add_redirect_url] if client_params[:add_redirect_url]
+      
+      @client.app_ids << BSON::ObjectId.new.to_s if client_params[:add_app_id]
+      
+      
+      @client.versioned_update({"redirect_urls" => 1, "app_ids" => 1})
+
+      if @client.op_success?
+        render "show"
+      else
+        render "edit"
+      end
+      
+    end
+
+    # response status of 404 or 204 is ok.
+    # 404 means client doesnt exist
+    # 204 means it was destroyed.
+    # DELETE /clients/1
+    def destroy
+      @client.destroy
+      #redirect_to clients_url, notice: 'Client was successfully destroyed.'
+      respond_with(status: 200)
+    end
+
+    private
+      # Use callbacks to share common setup or constraints between actions.
+      # the find method is overriden in the model, where it uses the :id (which is actually the user_id, because we have overridden the to_param method to use user_id). 
+      def set_client
+        @client = Auth::Client.find(params[:id])
+        if @client.nil?
+          render :nothing => true, :status => 404
+        else
+          return
+        end
+      end
+
+      ## if the resource_signed_in is an admin, just return
+      ## otherwise if the user's id is not the same as the id passed in, then throw a not_found.
+      def verify_client_belongs_to_user
+        return if @resource_for_web_app.is_admin?
+        not_found("client does not belong to user") if @resource_for_web_app.id.to_s != params[:id]
+      end
+
+      # Only allow a trusted parameter "white list" through.
+      def client_params
+        params.require(:client).permit({:redirect_urls => []},{:app_ids => []}, :add_app_id, :add_redirect_url)
+      end
+
+      #def ensure_json_request  
+      #  return if request.format == :json
+      #  render :nothing => true, :status => 406  
+      #end 
+
+  end
+end

data/app/controllers/auth/concerns/activity_controller_concern.rb

@@ -0,0 +1,32 @@
+module Auth::Concerns::ActivityControllerConcern
+	
+	extend ActiveSupport::Concern
+
+	included do 
+
+		respond_to :html,:json,:js
+
+	end
+
+	##@used_in: jquery.calendario.js
+	##@param[Hash] : params should have range key(which is itself a hash, and a user_id key which is a string.), {range: {"from" => date[format: ], "to" => date[format: ]}, user_id: String}
+	##@return[Hash]: timestamp => activity_object hashified.
+	def get_activities
+		filt_test = permitted_params
+		activities_hash = model.get_in_range(filt_test)
+		respond_with activities_hash
+	end
+
+	
+	
+
+	##gives the model class from the underlying controller
+	def model
+		Object.const_get(controller_name.classify)
+	end
+
+	def permitted_params
+		params.permit(:user_id, range: [:from, :to], only: [])
+	end
+
+end