Backbone ProtectedModel, WIP
This commit is contained in:
Gregory Eremin
@@ -1,13 +1,16 @@
|
||||
module Api
|
||||
class AlbumsController < BaseController
|
||||
before_filter :validate_request!
|
||||
|
||||
def picture
|
||||
album = Album.find(params[:id])
|
||||
redirect_to album.load_pic
|
||||
redirect_to album.update_image.sized(:extralarge)
|
||||
end
|
||||
|
||||
def show
|
||||
@album = Album.find(params[:id])
|
||||
return render json: { fail: true } if @album.nil?
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,8 +1,11 @@
|
||||
module Api
|
||||
class ArtistsController < BaseController
|
||||
before_filter :validate_request!
|
||||
|
||||
def show
|
||||
@artist = Artist.with_name(params[:id].gsub("+", " "))
|
||||
return render json: { fail: true } if @artist.nil?
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,5 +1,27 @@
|
||||
module Api
|
||||
class BaseController < ::ApplicationController
|
||||
respond_to :json
|
||||
|
||||
private
|
||||
|
||||
def validate_request!
|
||||
@user = nil
|
||||
render json: { error: "Signature verification failed!" } unless request_valid?
|
||||
|
||||
@user = User.find_by_vk_id(params[:vk_auth][:mid])
|
||||
end
|
||||
|
||||
def request_valid?
|
||||
%w[ expire mid secret sid sig ].each do |key|
|
||||
raise "Parameter not set: #{key} (VK auth)" if params[:vk_auth][key].nil?
|
||||
end
|
||||
|
||||
validation_string = %w[ expire mid secret sid ].map{ |key|
|
||||
"#{key}=#{params[:vk_auth][key]}"
|
||||
}.join() << BeatHaven::Application.config.api_accounts["vk"]["api_secret"]
|
||||
|
||||
params[:vk_auth][:sig] == Digest::MD5.hexdigest(validation_string)
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
module Api
|
||||
class SearchController < BaseController
|
||||
before_filter :validate_request!
|
||||
|
||||
def complete
|
||||
return render json: { suggestions: [] } if params[:query].to_s.length == 0
|
||||
|
||||
@@ -31,5 +33,6 @@ module Api
|
||||
|
||||
render json: { found: nil }
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,35 +1,19 @@
|
||||
module Api
|
||||
class SessionController < BaseController
|
||||
before_filter :validate_request!
|
||||
|
||||
def auth
|
||||
render json: { error: "Signature verification failed!" } unless request_valid?
|
||||
|
||||
user_name = "#{params[:user][:first_name]} #{params[:user][:last_name]}"
|
||||
|
||||
user = User.find_by_vk_id(params[:mid].to_i)
|
||||
is_newbie = false
|
||||
if user.nil?
|
||||
user = User.create(name: user_name, vk_id: params[:mid].to_i)
|
||||
if @user.nil?
|
||||
@user = User.create(name: user_name, vk_id: params[:vk_auth][:mid].to_i)
|
||||
is_newbie = true
|
||||
elsif user.name != user_name
|
||||
user.update_attributes(name: user_name)
|
||||
elsif @user.name != user_name
|
||||
@user.update_attributes(name: user_name)
|
||||
end
|
||||
|
||||
render json: { user: user.dump_json, is_newbie: is_newbie }
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def request_valid?
|
||||
%w[ expire mid secret sid sig ].map(&:to_sym).each do |key|
|
||||
raise "Parameter not set: #{key}" if params[key].nil?
|
||||
end
|
||||
|
||||
validation_string = %w[ expire mid secret sid ].map{ |key|
|
||||
"#{key}=#{params[key.to_sym]}"
|
||||
}.join() << BeatHaven::Application.config.api_accounts["vk"]["api_secret"]
|
||||
|
||||
params[:sig] == Digest::MD5.hexdigest(validation_string)
|
||||
render json: { user: @user.dump_json, is_newbie: is_newbie }
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user