wordjelly-auth 0.0.1

data/app/controllers/auth/confirmations_controller.rb

@@ -0,0 +1,3 @@
+class Auth::ConfirmationsController <  Devise::ConfirmationsController
+ 	
+end

data/app/controllers/auth/mailgun_controller.rb

@@ -0,0 +1,8 @@
+class Auth::MailgunController <  ApplicationController
+ 	skip_before_filter :verify_authenticity_token
+
+ 	def email_webhook
+
+ 	end
+
+end

data/app/controllers/auth/omniauth_callbacks_controller.rb

@@ -0,0 +1,6 @@
+class Auth::OmniauthCallbacksController < DeviseController
+
+  respond_to :json,:html
+  include Auth::Concerns::OmniConcern
+
+end

data/app/controllers/auth/passwords_controller.rb

@@ -0,0 +1,4 @@
+class Auth::PasswordsController < Devise::PasswordsController
+
+
+end

data/app/controllers/auth/profiles_controller.rb

@@ -0,0 +1,156 @@
+class Auth::ProfilesController < Auth::ApplicationController
+		
+	CONDITIONS_FOR_TOKEN_AUTH = [:get_user_id,:show,:update,:set_proxy_resource]
+
+	TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
+
+	include Auth::Concerns::DeviseConcern	
+	include Auth::Concerns::TokenConcern
+
+	before_action :do_before_request, TCONDITIONS
+	before_action :initialize_vars, TCONDITIONS
+	before_action :is_admin_user, :only => [:set_proxy_user]
+	
+	
+	def initialize_vars
+		@resource_params = {}
+		@profile_resource = nil
+		@all_params = permitted_params.deep_symbolize_keys
+		
+	  	if collection = @all_params[:resource]
+	  		
+	  		if Auth.configuration.auth_resources[collection.singularize.capitalize]
+
+	  			@resource_class = collection.singularize.capitalize.constantize
+	  			@resource_symbol = collection.singularize.to_sym
+	  			
+	  			@resource_params = @all_params.fetch(@resource_symbol,{})
+	  			
+	  			@profile_resource = @all_params[:id] ? @resource_class.find_resource(@all_params[:id],current_signed_in_resource) : @resource_class.new(@resource_params)
+	  		end
+	  	end	    
+	end
+
+
+	## this method needs token authentication, or for the user to be authenticated.
+	## this method also needs an :id, hence the profile_resource is returned.
+	## so what if i sign in as one user,and send in the id of another user?, no because we use the find_resource method, which also considers the current_signed_in_Resource.
+	def show
+		@profile_resource
+	end
+
+
+	## this method needs the token authentication and an :id, hence the profile resource is updated.
+	## expected params hash:
+	##{:resource => "users", :user => {:admin,:request_send_reset_password_link}, :id}
+	def update
+		check_for_update(@profile_resource)
+		
+		if @resource_params[:admin]
+			@profile_resource.admin = @resource_params[:admin]
+		end
+
+		if @resource_params[:created_by_admin]
+			@profile_resource.created_by_admin = @resource_params[:created_by_admin]
+		end
+
+		@profile_resource.m_client = self.m_client
+		
+		
+		respond_to do |format|
+  		  if @profile_resource.save
+  		  	  flash[:notice] = "Success"
+	  		  format.json {head :no_content}
+	  		  format.html {redirect_to profile_path({:id => @profile_resource.id.to_s, :resource => @profile_resource.class.name.pluralize.downcase.to_s})}
+  		  else
+  		  	  flash[:notice] = "Failed"
+  		  	  format.json {render :json => @profile_resource.errors, :status => :unprocessable_entity}
+  		  	  format.html {redirect_to profile_path({:id => @profile_resource.id.to_s, :resource => @profile_resource.class.name.pluralize.downcase.to_s})}
+  		  end
+  		end
+	end
+
+	## here the idea is to just return the current_signed_in_resource's id.
+	## it doesn't have anything to do with the profiel
+	## since no id is sent into the params, so profile_resource will never be found.
+	def get_user_id
+		res = current_signed_in_resource
+		res.m_client = self.m_client
+		respond_with current_signed_in_resource do |format|
+			format.json {render json: current_signed_in_resource.as_json({:show_id => true})}
+		end
+	end
+
+	## THIS IS HOW YOU SET A PROXY USER AS AN ADMIN.
+	## this method takes an id.
+	## it also needs current signed in user to be an admin.
+	## it basically takes the @profile_resource
+	## then it shoves it into the session as  proxy_resource_id and proxy_resource_class
+	## then it returns the profile_resource.
+	## it responds only to js
+	## it is meant to be used only for setting the proxied user by an admin in the web application.
+	## expect the params to contain 
+	## params[:proxy_resource_id] and params[:proxy_resource_class]
+	def set_proxy_resource
+		not_found("that user doesn't exist") unless @profile_resource
+		session[:proxy_resource_id] = @profile_resource.id.to_s
+		session[:proxy_resource_class] = @profile_resource.class.name.to_s
+		#puts "the session variables set are as follows:"
+		#puts session[:proxy_resource_id]
+		#puts session[:proxy_resource_class]
+	end
+
+
+	
+
+	##@used_in: email check if already exists. 
+	## this method is only usable through web.
+	## not available currently for api use.
+	def credential_exists
+		filt = permitted_params
+		resource = get_model(filt["resource"])
+		is_valid = false
+		if resource
+			conditions = resource.credential_exists(filt)
+			is_valid = (resource.or(*conditions).count == 0)
+		end
+		respond_to do |format|
+		  format.json { render json: {"is_valid" => is_valid} }
+		end
+	end
+
+	private
+	def permitted_params
+		if action_name.to_s == "credential_exists"
+			params.require(:credential).permit(Devise.authentication_keys + [:resource])	
+		else
+			filters = []
+			## this basically enables passing in something like;
+			## to help us to set a user as admin.
+			## provided that the current_signed_in_Resource is an admin.
+			## "user" => {:admin => true}
+			## we also want to allow to set :created_by_admin => true, 
+			## so that is also enabled, if the user is an admin,
+	  		Auth.configuration.auth_resources.keys.each do |model|
+	  			if current_signed_in_resource && current_signed_in_resource.is_admin?
+	  				filters << {model.downcase.to_sym => [:admin,:created_by_admin]}
+	  			end
+	  		end
+	  		filters << [:resource,:api_key,:current_app_id,:id]
+	  		params.permit(filters)
+		end
+	end
+
+	##@used_in : profiles_controller
+ 	##@param[String] resource name : it is expected to end with the model name, preceeded by a slash. eg: authenticate/user
+ 	##@return[Object] : returns the the klass of the model. eg.: User
+ 	def get_model(resource_name)
+ 		model_name = nil
+ 		resource_name.scan(/\/(?<model_name>[a-z]+)$/) do |jj|
+ 			ll = Regexp.last_match
+ 			model_name = ll[:model_name]
+ 		end
+ 		return unless model_name
+ 		return Object.const_get(model_name.singularize.capitalize)
+ 	end
+end

data/app/controllers/auth/registrations_controller.rb

@@ -0,0 +1,99 @@
+class Auth::RegistrationsController < Devise::RegistrationsController
+	
+	TCONDITIONS = {:only => [:update,:destroy]}
+
+	include Auth::Concerns::TokenConcern
+
+	#before_action :check_recaptcha, only: [:create, :update]
+
+
+	def create
+		check_recaptcha
+		build_resource(sign_up_params)
+		resource.m_client = self.m_client
+	 	resource.set_client_authentication
+	    resource.save
+	    yield resource if block_given?
+	    if resource.persisted?
+	      if resource.active_for_authentication?
+	        set_flash_message! :notice, :signed_up
+	        sign_up(resource_name, resource)
+	        respond_with resource, location: after_sign_up_path_for(resource)
+	      else
+	        set_flash_message! :notice, :"signed_up_but_#{resource.inactive_message}"
+	        expire_data_after_sign_in!
+	        respond_with resource, location: after_inactive_sign_up_path_for(resource)
+	      end
+	    else
+	      clean_up_passwords resource
+	      set_minimum_password_length
+	      respond_with resource
+	    end
+
+	end
+
+
+	
+
+
+	def update
+		check_recaptcha
+		self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
+	    prev_unconfirmed_email = resource.unconfirmed_email if resource.respond_to?(:unconfirmed_email)
+	    ## added these two lines
+	    resource.m_client = self.m_client
+	 	resource.set_client_authentication
+	 	## end.
+	    resource_updated = update_resource(resource, account_update_params)
+	    yield resource if block_given?
+	    if resource_updated
+	      if is_flashing_format?
+	        flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ?
+	          :update_needs_confirmation : :updated
+	        set_flash_message :notice, flash_key
+	      end
+	      sign_in resource_name, resource, bypass: true
+	      respond_with resource, location: after_update_path_for(resource)
+	    else
+	      clean_up_passwords resource
+	      respond_with resource
+	    end
+	end
+
+	##had to do this, cuz after update, the authentication token changes, and that needs to be communicated back to the client, or they will never be able to update or access the resource again.
+    def respond_with(*args)
+      if is_json_request?
+        if args[0] && args[0].respond_to?(:authentication_token)
+          render :json => args[0] 
+        else
+          super(*args)
+        end
+      else
+        super(*args)
+      end
+    end
+
+    def respond_with_navigational(*args, &block)
+      if is_json_request?
+        respond_with(*args)
+      else
+        respond_with(*args) do |format|
+          format.any(*navigational_formats, &block)
+        end
+      end
+    end
+
+    
+    ## only required in case of registrations controller, for the update action, and destroy actions, wherein we need to make sure that the resource is authenticated before doing anything.
+    ## have overridden the devise method here.
+    ## it has nothing to do with the simple_token_authentication being done in other controllers. 
+    ## this was just done here because we cannot add simple_token_authentication to a devise controller.
+    def authenticate_scope!
+      
+     
+      do_before_request  
+
+    end
+	
+end
+

data/app/controllers/auth/search_controller.rb

@@ -0,0 +1,61 @@
+class Auth::SearchController < ApplicationController
+		
+
+	CONDITIONS_FOR_TOKEN_AUTH = [:authenticated_user_search]
+
+	TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
+
+	include Auth::Concerns::DeviseConcern	
+	include Auth::Concerns::TokenConcern
+
+	before_action :do_before_request, TCONDITIONS
+	
+			
+	## the intention of this action is :
+	## to search all records as admin.
+	## to search a user's own records if you are user.
+	## to search all public records
+
+	## so if the user is an admin, then no resource_id is provided to the search.(basically all records are searched)
+	## if he's not an admin, then the lookup_resource user's id is provided.
+	
+	## this action assumes that the user is signed_in, will return not authenticated otherwise.
+
+	## rendering logic : 
+	## @js erb -> renders html erb -> there each result class is detected and the requisite "_search.html.erb" partial is found for that class and rendered.
+	## @json => authenticated_user_search.json is rendered.
+	## @html => currently does not support html request.
+	def authenticated_user_search	
+		
+		## m client will be available at this stage.
+		## the problem is that it is hard to pass it forward to the mongoid elasticsearch object.
+		## because while initializing the user it will have to first be set on the user.
+		## is there any other way to achieve this?
+		query = permitted_params[:query]
+		query[:resource_id] = lookup_resource.id.to_s if !current_signed_in_resource.is_admin?
+		
+		@search_results = Auth::Search::Main.search(query)
+		
+		puts "these are the search results."
+		puts @search_results.to_s
+
+		#dummy_product = Auth.configuration.product_class.constantize.new
+		#dummy_product.name = "test product"
+		#dummy_product.price = 100.20
+		#@search_results = [dummy_product,dummy_product]
+		@search_results.each do |res|
+			if res.respond_to? :m_client
+				res.m_client = self.m_client
+			end
+		end
+		respond_with @search_results
+	end
+
+
+
+	def permitted_params
+		params.permit({query: [:query_string, :size]})
+	end
+
+
+end

data/app/controllers/auth/sessions_controller.rb

@@ -0,0 +1,20 @@
+class Auth::SessionsController < Devise::SessionsController
+ 	
+  
+
+  def create
+    self.resource = warden.authenticate!(auth_options)
+    ## added these two lines
+    resource.m_client = self.m_client
+ 	resource.set_client_authentication
+ 	## end.
+    set_flash_message!(:notice, :signed_in)
+    sign_in(resource_name, resource)
+    yield resource if block_given?
+    respond_with resource, location: after_sign_in_path_for(resource)
+  end
+
+
+
+
+end

data/app/controllers/auth/shopping/cart_items_controller.rb

@@ -0,0 +1,14 @@
+class Auth::Shopping::CartItemsController < Auth::Shopping::ShoppingController
+	include Auth::Concerns::Shopping::CartItemControllerConcern
+
+		
+	## only these actions need an authenticated user to be present for them to be executed.
+    CONDITIONS_FOR_TOKEN_AUTH = [:create,:update,:destroy,:edit,:new,:index,:show,:create_multiple]
+
+    TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
+    ##this ensures api access to this controller.
+    include Auth::Concerns::DeviseConcern
+    include Auth::Concerns::TokenConcern
+    before_filter :do_before_request , TCONDITIONS
+    before_filter :initialize_vars , TCONDITIONS
+end

data/app/controllers/auth/shopping/carts_controller.rb

@@ -0,0 +1,13 @@
+class Auth::Shopping::CartsController < Auth::Shopping::ShoppingController
+	include Auth::Concerns::Shopping::CartControllerConcern
+		
+	## only these actions need an authenticated user to be present for them to be executed.
+    CONDITIONS_FOR_TOKEN_AUTH = [:create,:update,:destroy,:edit,:new,:index,:show]
+
+    TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
+    ##this ensures api access to this controller.
+    include Auth::Concerns::DeviseConcern
+    include Auth::Concerns::TokenConcern
+    before_filter :do_before_request , TCONDITIONS
+    before_filter :initialize_vars , TCONDITIONS
+end

data/app/controllers/auth/shopping/discounts_controller.rb

@@ -0,0 +1,19 @@
+class Auth::Shopping::DiscountsController < Auth::Shopping::ShoppingController
+  
+  include Auth::Concerns::Shopping::DiscountControllerConcern
+  ## only these actions need an authenticated user to be present for them to be executed.
+  ## SHOW IS EXCLUDED SO THAT NON SIGNED IN USERS CAN view any discount/ product bundle.
+  CONDITIONS_FOR_TOKEN_AUTH = [:create,:update,:destroy,:edit,:new,:index]
+
+  TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
+  ##this ensures api access to this controller.
+  include Auth::Concerns::DeviseConcern
+  include Auth::Concerns::TokenConcern
+  before_filter :do_before_request , TCONDITIONS
+  before_filter :initialize_vars , TCONDITIONS
+
+  ## remember to add the before_filter is_admin as well.
+
+  
+
+end

data/app/controllers/auth/shopping/payments_controller.rb

@@ -0,0 +1,13 @@
+class Auth::Shopping::PaymentsController < Auth::Shopping::ShoppingController
+	include Auth::Concerns::Shopping::PaymentControllerConcern
+		
+	## only these actions need an authenticated user to be present for them to be executed.
+    CONDITIONS_FOR_TOKEN_AUTH = [:create,:update,:destroy,:edit,:new,:index,:show]
+
+    TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
+    ##this ensures api access to this controller.
+    include Auth::Concerns::DeviseConcern
+    include Auth::Concerns::TokenConcern
+    before_filter :do_before_request , TCONDITIONS
+    before_filter :initialize_vars , TCONDITIONS
+end

data/app/controllers/auth/shopping/products_controller.rb

@@ -0,0 +1,17 @@
+class Auth::Shopping::ProductsController < Auth::Shopping::ShoppingController
+
+
+	include Auth::Concerns::Shopping::ProductControllerConcern
+		
+	## only these actions need an authenticated user to be present for them to be executed.
+    CONDITIONS_FOR_TOKEN_AUTH = [:create,:update,:destroy,:edit,:new]
+
+    TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
+    ##this ensures api access to this controller.
+    include Auth::Concerns::DeviseConcern
+    include Auth::Concerns::TokenConcern
+    before_filter :do_before_request , TCONDITIONS
+    before_filter :initialize_vars , TCONDITIONS
+    before_filter :is_admin_user , :only => [:create,:update,:destroy,:edit]
+	
+end