RubyGems - wordjelly-auth - Versions diffs - 1.4.0 → 1.4.2 - Mend

wordjelly-auth 1.4.0 → 1.4.2

Files changed (171) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3c28ede55f386ae6c79303d2195d8ddc3ea23356d81ea8ede3fca0876e96cb9f
-  data.tar.gz: f75d093c9c4aaa6efd00c385beb97f4083f6ee490c72510beb0edb7f171fcc81
+  metadata.gz: e8b9a7732006538788000f0f4bc628b26f0b0d76867ee2d8454b69a06133451a
+  data.tar.gz: 4f30284e7d804e450394e02da9e3b45e19e594927c4b272f879250e162c87f3e
 SHA512:
-  metadata.gz: 5e4752e1bfae8f1aca1a7256885ca065738a426ca444d31f144a8a99dce8dba139777c6b2d171cd2c2340c800cdae5e4d121c9313363b20c1253cf934098e868
-  data.tar.gz: f74ee701d2a8543ecd0ea0dac3e4e399f6e216796763d75332a3fd5f8c9ca2fd1d477949de38206044cc8f2dfdbeddc2e892a8014b382b0878299a7df2942cd6
+  metadata.gz: '09d068fd538fc155fd7fda4df5f3ec0ed872b94ebcf2d86f5c2884809ea2816ff1639f60d37b57497f29be33b6fd1640e5668f68657444ac5a9a1707df0c7e75'
+  data.tar.gz: 7576dfbbd10f34f41dbd5ec685d86d3e3d465d7b9c58b5bba13f8bb2b3d524f3e947b2ac784805095dd1c8e49ceb11a7be1eec07c467c603da83e2cf01183071

data/app/controllers/auth/admin_create_users_controller.rb CHANGED

@@ -1,13 +1,14 @@
 class Auth::AdminCreateUsersController < ApplicationController
   ## only these actions need an authenticated user to be present for them to be executed.
   CONDITIONS_FOR_TOKEN_AUTH = [:create,:update,:destroy,:edit,:new,:index,:show]
   TCONDITIONS = {:only => CONDITIONS_FOR_TOKEN_AUTH}
   include Auth::Concerns::DeviseConcern
   include Auth::Concerns::TokenConcern
-  before_filter :do_before_request , TCONDITIONS
-  before_filter :initialize_vars , TCONDITIONS
+  before_action :do_before_request , TCONDITIONS
+  before_action :initialize_vars , TCONDITIONS
   ## ensures that only admin users.
-  before_filter :is_admin_user , TCONDITIONS
+  #before_action :is_admin_user , TCONDITIONS
   ## called before all the actions.
@@ -45,14 +46,11 @@ class Auth::AdminCreateUsersController < ApplicationController
   #  User.where(:email => "bhargav.r.raut@gmail.com").first.delete
   # POST /auth/admin_create_users
   def create
-    @auth_user.password = @auth_user.password_confirmation = SecureRandom.hex(24)
+    k = SecureRandom.hex(24)
+    @auth_user.password = k
+    @auth_user.password_confirmation = k
     @auth_user.m_client = self.m_client
     @auth_user.created_by_admin = true
-    ## we will have to set the m_client.
-    ## but what if that client is different from the client that was used to create the user?
-    ## no this will not happen here.
-    ## here we will only create.
     respond_to do |format|
       if @auth_user.save
         if !@auth_user.additional_login_param.blank?

data/app/controllers/auth/application_controller.rb CHANGED

@@ -8,7 +8,7 @@ module Auth
   		respond_to do |format|
 	       format.json {render json: {:errors => e.to_s}, status: 422}
   		   format.js   {render :partial => "auth/modals/resource_errors.js.erb", locals: {:errors => [e.to_s]}}
-	       format.html {render :text => e.to_s}
+	       format.html {render :plain => e.to_s.html_safe}
 	    end
   	end
@@ -160,7 +160,5 @@ module Auth
 	 	puts Rails.application.routes.url_helpers.to_s
 	 end
   end
 end

data/app/controllers/auth/concerns/devise_concern.rb CHANGED

@@ -43,7 +43,7 @@ module Auth::Concerns::DeviseConcern
     def ignore_json_request
       if is_json_request?
-        render :nothing => true, :status => 406 and return
+        head 406
       end
     end
@@ -139,15 +139,16 @@ module Auth::Concerns::DeviseConcern
                 #puts "action name is something else."
 		    	if session[:client].nil?
                     puts "cient is nil so rendering nothing."
-		      		render :nothing => true , :status => :unauthorized
-		      	else
+		      		#render :nothing => true , :status => :unauthorized
+		      	    head :unauthorized
+                else
                 end
 	      	end
         else
             if verify_authenticity_token == false
-                render :nothing => true, :status => :unauthorized
+                head :unauthorized
             end
         end
 	end

data/app/controllers/auth/concerns/otp_concern.rb CHANGED

@@ -4,17 +4,20 @@ module Auth::Concerns::OtpConcern
 	included do
 		include Auth::Concerns::DeviseConcern
 	    ##refer to auth/applicationcontroller for the not_found def, and its rescue block.
-	    before_filter :do_before_request
-	    before_filter :initialize_vars
-	    before_filter :check_recaptcha, only: [:send_sms_otp,:verify_otp]
+	    before_action :do_before_request
+	    before_action :initialize_vars
+	    before_action :check_recaptcha, only: [:send_sms_otp,:verify_otp]
 	end
 	def initialize_vars
 	  	##deep symbolize the incoming params after passing through permitted params.
-	  	@resource_params = permitted_params.deep_symbolize_keys
+	  	@resource_params = permitted_params
+	  	puts "the resoure params are:"
+	  	puts @resource_params.to_s
 	  	##if the resource is defined, assign the class and the symbol for use further in the file
 	  	##eg: resource is provided in the route as : users, so
 	  	##@resource_class => User

data/app/controllers/auth/concerns/token_concern.rb CHANGED

@@ -4,10 +4,11 @@ module Auth::Concerns::TokenConcern
   extend ActiveSupport::Concern
   included do
     attr_accessor :authentication_done
-    TCONDITIONS ||= {:only => [:show]}
+    TCONDITIONS = {:only => [:show]} unless defined? TCONDITIONS
     LAST_FALLBACK = :devise unless defined? LAST_FALLBACK
@@ -17,12 +18,17 @@ module Auth::Concerns::TokenConcern
       ## how many models are defined in the preinitializer
       auth_resources_count = Auth.configuration.auth_resources.size
+      puts "auth_resources count:"
+      puts auth_resources_count.to_s
+      res = Auth.configuration.auth_resources.keys[0]
+      puts "the TCONDITIONS ARE: #{self::TCONDITIONS}"
+      #acts_as_token_authentication_handler_for(res.constantize,Auth.configuration.auth_resources[res].merge({:fallback => self::LAST_FALLBACK}).merge(self::TCONDITIONS || {}))
       ## if we have more than one auth resource model.
       if auth_resources_count > 1
           ## take all of them except the last, and add the fallback as none to them.
           ## also merge the controller level conditions defined above.
+          puts "there is more than one."
           Auth.configuration.auth_resources.keys.slice(0,auth_resources_count - 1).each do |res|
             acts_as_token_authentication_handler_for(res.constantize,Auth.configuration.auth_resources[res].merge({:fallback => :none}).merge(self::TCONDITIONS))
@@ -39,14 +45,20 @@ module Auth::Concerns::TokenConcern
       else
         ## in case there is only one authentication resource, then the conditions are like the last one in case there are multiple(like above.)
         res = Auth.configuration.auth_resources.keys[0]
+        #puts "the last resource is:"
+        #puts "the action is: #{action_name}"
+        #puts res.to_s
+        #puts "conditions are:"
+        puts res.constantize,Auth.configuration.auth_resources[res].merge({:fallback => self::LAST_FALLBACK}).merge(self::TCONDITIONS || {})
         acts_as_token_authentication_handler_for(res.constantize,Auth.configuration.auth_resources[res].merge({:fallback => self::LAST_FALLBACK}).merge(self::TCONDITIONS || {}))
+        #puts "crosses token auth handler"
       end
     end
-    before_filter :set_resource
+    before_action :set_resource
     ## made this a helper so that it can be used in views as well.
     helper_method :lookup_resource
@@ -60,7 +72,7 @@ module Auth::Concerns::TokenConcern
   ## basically a convenience method to set @resource variable, since when we have more than one model that is being authenticated with Devise, there is no way to know which one to call.
   def set_resource
-    #puts "came to set resource."
+    puts "--------------------came to set resource."
     Auth.configuration.auth_resources.keys.each do |resource|
       break if @resource = self.send("current_#{resource.downcase}")
@@ -78,7 +90,7 @@ module Auth::Concerns::TokenConcern
   def lookup_resource
-    #puts "came to lookup resource."
+    puts "came to lookup resource."
     ## if the current signed in resource si not an admin, just return it, because the concept of proxy arises only if the current_signed in resource is an admin.
     #puts "current signed in resource : #{current_signed_in_resource}"
     return current_signed_in_resource unless current_signed_in_resource.is_admin?

data/app/controllers/auth/profiles_controller.rb CHANGED

@@ -15,7 +15,7 @@ class Auth::ProfilesController < Auth::ApplicationController
 		@resource_params = {}
 		@profile_resource = nil
-		@all_params = permitted_params.deep_symbolize_keys
+		@all_params = permitted_params
 	  	if collection = @all_params[:resource]

data/app/controllers/auth/registrations_controller.rb CHANGED

@@ -1,22 +1,16 @@
 class Auth::RegistrationsController < Devise::RegistrationsController
-	TCONDITIONS = {:only => [:update,:destroy]}
+	TCONDITIONS = {:only => [:update,:destroy,:show]}
 	include Auth::Concerns::TokenConcern
 	#before_action :check_recaptcha, only: [:create, :update]
 	def create
-		#puts "CAME TO CREATE."
-		#puts "sign up params."
-		#puts sign_up_params
 		check_recaptcha
 		build_resource(sign_up_params)
 		resource.m_client = self.m_client
 	 	resource.set_client_authentication
-	 	#puts "resource attributes are:"
-	 	#puts resource.attributes.to_s
 	    resource.save
 	    yield resource if block_given?
 	    if resource.persisted?

data/app/controllers/auth/sessions_controller.rb CHANGED

@@ -14,7 +14,4 @@ class Auth::SessionsController < Devise::SessionsController
     respond_with resource, location: after_sign_in_path_for(resource)
   end
 end

data/app/models/auth/concerns/chief_model_concern.rb CHANGED

@@ -7,7 +7,7 @@ module Auth::Concerns::ChiefModelConcern
 		include Mongoid::Document
 		include Mongoid::Timestamps
-		include Mongoid::EmbeddedErrors
+		#include Mongoid::EmbeddedErrors
 		include Auth::Concerns::CloneConcern
 		include Auth::Concerns::ImageLoadConcern
 		## expected to be a hash with names of callbacks and boolean values.

data/app/models/auth/concerns/notification_concern.rb CHANGED

@@ -156,8 +156,6 @@ module Auth::Concerns::NotificationConcern
 	end
 	################### SEND SMS NOTIFICATION ####################
 	## defaults to just sending the sms direclty.
 	## override using a background job to actually call the send_sms method.
 	def send_sms_background(resource)

data/app/models/auth/concerns/user_concern.rb CHANGED

@@ -862,6 +862,7 @@ module Auth::Concerns::UserConcern
     ## now first we are going to test it with the ui.
     ## and we are going to test it with one admin and one non admin account
     ## before that, we are going to
+    ## personality class kaha se ayega bhosadike?
     def set_secondary_links
    	    unless self.secondary_links["Add New Account"]
 			self.secondary_links["Add New User"] = {
@@ -886,13 +887,13 @@ module Auth::Concerns::UserConcern
 		end
 		## switch to the user, and see all associated people.
-		unless self.secondary_links["See All Associated People"]
-			self.secondary_links["See All Associated People"] = {
-				:url => Rails.application.routes.url_helpers.send(Auth::OmniAuth::Path.create_or_index_path(Auth.configuration.personality_class))
-			}
+		unless Auth.configuration.personality_class.blank?
+			unless self.secondary_links["See All Associated People"]
+				self.secondary_links["See All Associated People"] = {
+					:url => Rails.application.routes.url_helpers.send(Auth::OmniAuth::Path.create_or_index_path(Auth.configuration.personality_class))
+				}
+			end
 		end
     end
 end

data/app/views/layouts/auth/navbar/_personalization.html.erb CHANGED

@@ -2,7 +2,6 @@
 	<span id="personalization_nav_links">
 		<%= content_for(:personalization_nav_links) if content_for?(:personalization_nav_links) %>
 	</span>
-	<li><%= link_to "Products", products_path %></li>
 	<li data-resource-singular="<%= current_res.class.name.downcase %>" data-resource="<%= Auth.configuration.mount_path[1..-1] + "/" +current_res.class.name.downcase.pluralize %>"><%= link_to "Account Settings", edit_res_registration_path,:class => "profile_nav_option" %></li>
 	<li data-resource-singular="<%= current_res.class.name.downcase %>" data-resource="<%= Auth.configuration.mount_path[1..-1] + "/" +current_res.class.name.downcase.pluralize %>"><%= link_to "Profile", profile_path({:id => current_res.id, :resource => current_res.class.name.downcase.pluralize}),{:class => "profile_nav_option"} %></li>
 	<li><%= link_to('Sign Out', destroy_res_session_path, :method => :delete, id: "sign_out") %></li>
@@ -11,7 +10,6 @@
 		<% Auth.configuration.auth_resources.keys.each do |res| %>
 			<% if Auth.configuration.auth_resources[res][:nav_bar] %>
 				<li class="sign_in_nav_option" data-resource-singular="<%=res.downcase %>" data-resource="<%= Auth.configuration.mount_path[1..-1] + "/" + res.downcase.pluralize %>"><a href="#">Sign In</a></li>
-				<li><%= link_to "Products", products_path %></li>
 			<% end %>
 		<% end %>
 	<% end %>

data/config/initializers/devise.rb CHANGED

@@ -280,7 +280,6 @@ end
 DeviseController.class_eval do
   include Auth::Concerns::DeviseConcern
   ##add to devise concern.
@@ -346,14 +345,13 @@ DeviseController.class_eval do
       end
   end
-  def render(*args)
+  def render(*args)
        cli = session[:client]
        if (session[:client] && (session[:client].is_a? Hash))
         cli = Auth::Client.new(session[:client])
        end
        #if resource && resource.set_client_authentication?(action_name,controller_name,cli)
        #  resource.set_client_authentication(cli)
        #end
@@ -370,7 +368,6 @@ DeviseController.class_eval do
               redirect_to (session.delete(:redirect_url) + "?authentication_token=" + resource.authentication_token + "&es=" + curr_app_es)
             else
               super(*args)
             end
         end
@@ -380,35 +377,38 @@ DeviseController.class_eval do
   ##add to devise_concern.
   def require_no_authentication
+    puts "------------ CAME TO REQUIRE NO AUTH ---------------"
+    puts "action is:#{action_name}"
     do_before_request
-    #puts "came past do before request."
+    puts "came past do before request."
     assert_is_devise_resource!
-    #puts "came past assert is devise resource"
+    puts "came past assert is devise resource"
     return unless is_navigational_format?
-    #puts "came past is navigational format."
+    puts "came past is navigational format."
     no_input = devise_mapping.no_input_strategies
-    #puts "no input is: #{no_input}"
+    puts "no input is: #{no_input}"
     authenticated = if no_input.present?
       args = no_input.dup.push scope: resource_name
-      #puts "authenticated already."
+      puts "authenticated already."
       warden.authenticate?(*args)
     else
-      #puts "check if authenticated"
+      puts "check if authenticated"
       warden.authenticated?(resource_name)
     end
+    puts "came past autnenticated."
+    puts "authenticated is: #{authenticated}"
+    puts "Resource is: #{resource}"
     if authenticated && resource = warden.user(resource_name)
       if @redirect_url.nil?
-        #puts "came to failure."
+        puts "came to failure."
         flash[:alert] = I18n.t("devise.failure.already_authenticated")
         redirect_to after_sign_in_path_for(resource)
       else
@@ -453,7 +453,7 @@ module Devise
     ##otherwise we do nothing.
     def verify_signed_out_user
       if is_json_request?
-        render :nothing => true, :status => 406 and return
+        head 406 and return
       end
       if all_signed_out?
         set_flash_message! :notice, :already_signed_out
@@ -488,7 +488,7 @@ module Devise
       if resource.errors.empty?
         if is_json_request?
-          render :nothing => true, :status => 201 and return
+          head 201 and return
         end
         set_flash_message! :notice, :unlocked
         respond_with_navigational(resource){ redirect_to after_unlock_path_for(resource) }
@@ -515,7 +515,7 @@ module Devise
       if resource.errors.empty?
         set_flash_message!(:notice, :confirmed)
         if is_json_request?
-          render :nothing => true, :status => 201 and return
+          head 201 and return
         else
           ##when we have first signed into the accoutn, and then we want to change the email, then when we click the confirmation link for the new email, in that case, we cannot set the resource to nil, since the user is already signed in, so we do this check to see if who we have signed in , is the same as the user who has confirmed, and in that case, we just let things proceed.
           current_resource = self.send("current_#{self.resource.class.name.downcase.to_s}")

data/config/initializers/omniauth.rb CHANGED

@@ -334,6 +334,10 @@ module OmniAuth
 	            ## #callback_url -> ref to it in #http://www.rubydoc.info/github/intridea/omniauth-oauth2/OmniAuth/Strategies/OAuth2#callback_url-instance_method
 	            ## that method calls 'full_host', but that may be the wrong host, especially in case of above mentioned android issue.
 	            ## make sure that the host you specify in Auth.configuration
+	            puts "host name: #{Auth.configuration.host_name}"
+	            puts "script name: #{script_name}"
+	            puts "callback path: #{callback_path}"
 	            url_to_pass_as_callback = Auth.configuration.host_name + script_name + callback_path
@@ -432,7 +436,9 @@ module SimpleTokenAuthentication
 		## but then the gem attempts authentication of the second model also, and failing that, triggers the not authenticated fallback.
 		## to prevent that from happening, we ignore the fallback if we are already signed in.
 		def fallback!(entity, fallback_handler)
+		  puts "came to fallback!"
       	  return if self.signed_in?
 	      fallback_handler.fallback!(self, entity)
@@ -472,17 +478,17 @@ module SimpleTokenAuthentication
 	    def find_record_from_identifier(entity)
 	    	## you are supposed to find the record using one of the other parameters.
-	    	#puts "came to find entity from identifier -----------------------------------"
+	    	puts "came to find entity from identifier -----------------------------------"
 	    	additional_identifiers = entity.get_additional_identifiers_from_headers(self)
-      		#puts "additional_identifiers"
-      		#puts additional_identifiers
+      		puts "additional_identifiers"
+      		puts additional_identifiers
 	    	app_id_value = additional_identifiers["X-User-Aid"]
 	    	user_es_value = additional_identifiers["X-User-Es"]
 	    	token = entity.get_token_from_params_or_headers(self)
-		   	#puts "token:#{token}"
+		   	puts "token:#{token}"
 		    if token