1
0
Fork 0

Backbone ProtectedModel, WIP

This commit is contained in:
Gregory Eremin 2012-09-19 02:40:46 +04:00
parent 7cef7bfc9c
commit 95ac3e6eef
12 changed files with 69 additions and 33 deletions

View File

@ -1,2 +1,2 @@
class BeatHaven.Models.Artist extends Backbone.Model
class BeatHaven.Models.Artist extends BeatHaven.Modules.ProtectedModel
urlRoot: "/api/artists"

View File

@ -2,7 +2,7 @@ class BeatHaven.Models.User extends Backbone.Model
auth: ->
BH.log "Authenticating user ..."
this.query "/api/session/auth", {}, (response) ->
this.query "/api/session/auth", { user: @.get("vk_session")["user"] }, (response) ->
if response.error?
# report error
else
@ -12,11 +12,20 @@ class BeatHaven.Models.User extends Backbone.Model
# BH.VK.set_favorites()
query: (path, params, callback) ->
query_params = $.extend {}, @.get("vk_session"), params
query_params = $.extend {}, @auth_params(), params
query_params.authenticity_token = $('meta[name="csrf-token"]').attr("content")
$.post path, query_params, callback
$.get path, query_params, callback
false
auth_params: ->
params = @.get("vk_session")
vk_auth:
expire: params["expire"]
mid: params["mid"]
secret: params["secret"]
sid: params["sid"]
sig: params["sig"]
set_favorites: (tracks) ->
BH.log tracks
BH.log "Sending your Vkontakte media collection to BeatHaven ..."

View File

@ -0,0 +1,12 @@
class BeatHaven.Modules.ProtectedModel extends Backbone.Model
fetch: (options) ->
options = options ? _.clone(options) : {}
model = this
success = options.success
options.success = (resp, status, xhr) ->
if (!model.set(model.parse(resp, xhr), options)) return false;
if (success) success(model, resp);
};
options.error = Backbone.wrapError(options.error, model, options);
return (this.sync || Backbone.sync).call(this, 'read', this, options);

View File

@ -1,13 +1,16 @@
module Api
class AlbumsController < BaseController
before_filter :validate_request!
def picture
album = Album.find(params[:id])
redirect_to album.load_pic
redirect_to album.update_image.sized(:extralarge)
end
def show
@album = Album.find(params[:id])
return render json: { fail: true } if @album.nil?
end
end
end

View File

@ -1,8 +1,11 @@
module Api
class ArtistsController < BaseController
before_filter :validate_request!
def show
@artist = Artist.with_name(params[:id].gsub("+", " "))
return render json: { fail: true } if @artist.nil?
end
end
end

View File

@ -1,5 +1,27 @@
module Api
class BaseController < ::ApplicationController
respond_to :json
private
def validate_request!
@user = nil
render json: { error: "Signature verification failed!" } unless request_valid?
@user = User.find_by_vk_id(params[:vk_auth][:mid])
end
def request_valid?
%w[ expire mid secret sid sig ].each do |key|
raise "Parameter not set: #{key} (VK auth)" if params[:vk_auth][key].nil?
end
validation_string = %w[ expire mid secret sid ].map{ |key|
"#{key}=#{params[:vk_auth][key]}"
}.join() << BeatHaven::Application.config.api_accounts["vk"]["api_secret"]
params[:vk_auth][:sig] == Digest::MD5.hexdigest(validation_string)
end
end
end

View File

@ -1,5 +1,7 @@
module Api
class SearchController < BaseController
before_filter :validate_request!
def complete
return render json: { suggestions: [] } if params[:query].to_s.length == 0
@ -31,5 +33,6 @@ module Api
render json: { found: nil }
end
end
end

View File

@ -1,35 +1,19 @@
module Api
class SessionController < BaseController
before_filter :validate_request!
def auth
render json: { error: "Signature verification failed!" } unless request_valid?
user_name = "#{params[:user][:first_name]} #{params[:user][:last_name]}"
user = User.find_by_vk_id(params[:mid].to_i)
is_newbie = false
if user.nil?
user = User.create(name: user_name, vk_id: params[:mid].to_i)
if @user.nil?
@user = User.create(name: user_name, vk_id: params[:vk_auth][:mid].to_i)
is_newbie = true
elsif user.name != user_name
user.update_attributes(name: user_name)
elsif @user.name != user_name
@user.update_attributes(name: user_name)
end
render json: { user: user.dump_json, is_newbie: is_newbie }
end
private
def request_valid?
%w[ expire mid secret sid sig ].map(&:to_sym).each do |key|
raise "Parameter not set: #{key}" if params[key].nil?
end
validation_string = %w[ expire mid secret sid ].map{ |key|
"#{key}=#{params[key.to_sym]}"
}.join() << BeatHaven::Application.config.api_accounts["vk"]["api_secret"]
params[:sig] == Digest::MD5.hexdigest(validation_string)
render json: { user: @user.dump_json, is_newbie: is_newbie }
end
end

View File

@ -17,8 +17,8 @@ class Album < ActiveRecord::Base
VA = "Various Artists"
def pic_safe
unless pic.nil?
pic
unless image.nil?
image.sized(:extralarge)
else
"/api/albums/#{id}/picture"
end

View File

@ -14,7 +14,7 @@ class Artist < ActiveRecord::Base
}
def loaded?
image? && bio?
true
end
def update_image

View File

@ -1,6 +1,6 @@
json.artist_title @artist.name
json.artist_pic @artist.pic
json.artist_bio @artist.bio
json.artist_pic @artist.image.sized(:extralarge)
json.artist_bio @artist.bio(@user.lang || "en")
json.artist_loaded @artist.loaded?
json.artist_url @artist.url
json.artist_albums @artist.albums.shown.to_a do |json, album|

View File

@ -8,7 +8,7 @@ BeatHaven::Application.routes.draw do
collection { get :complete; get :wtfis }
end
resources :session, only: [] do
collection { post :auth }
collection { get :auth }
end
end