localhots
/
beathaven
1
0
Fork 0
Code Releases Activity

Backbone ProtectedModel, WIP

This commit is contained in:
Gregory Eremin 2012-09-19 02:40:46 +04:00
parent 7cef7bfc9c
commit 95ac3e6eef
12 changed files with 69 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/assets/javascripts/backbone/models/artist.js.coffee
View File

@ -1,2 +1,2 @@
class BeatHaven.Models.Artist extends Backbone.Model class BeatHaven.Models.Artist extends BeatHaven.Modules.ProtectedModel
urlRoot: "/api/artists" urlRoot: "/api/artists"

15
app/assets/javascripts/backbone/models/user.js.coffee
View File

@ -2,7 +2,7 @@ class BeatHaven.Models.User extends Backbone.Model
auth: -> auth: ->
BH.log "Authenticating user ..." BH.log "Authenticating user ..."
this.query "/api/session/auth", {}, (response) -> this.query "/api/session/auth", { user: @.get("vk_session")["user"] }, (response) ->
if response.error? if response.error?
# report error # report error
else else
@ -12,11 +12,20 @@ class BeatHaven.Models.User extends Backbone.Model
# BH.VK.set_favorites() # BH.VK.set_favorites()
query: (path, params, callback) -> query: (path, params, callback) ->
query_params = $.extend {}, @.get("vk_session"), params query_params = $.extend {}, @auth_params(), params
query_params.authenticity_token = $('meta[name="csrf-token"]').attr("content") query_params.authenticity_token = $('meta[name="csrf-token"]').attr("content")
$.post path, query_params, callback $.get path, query_params, callback
false false
auth_params: ->
params = @.get("vk_session")
vk_auth:
expire: params["expire"]
mid: params["mid"]
secret: params["secret"]
sid: params["sid"]
sig: params["sig"]
set_favorites: (tracks) -> set_favorites: (tracks) ->
BH.log tracks BH.log tracks
BH.log "Sending your Vkontakte media collection to BeatHaven ..." BH.log "Sending your Vkontakte media collection to BeatHaven ..."

12
app/assets/javascripts/backbone/modules/protected_model.js.coffee Normal file
View File

@ -0,0 +1,12 @@
class BeatHaven.Modules.ProtectedModel extends Backbone.Model
fetch: (options) ->
options = options ? _.clone(options) : {}
model = this
success = options.success
options.success = (resp, status, xhr) ->
if (!model.set(model.parse(resp, xhr), options)) return false;
if (success) success(model, resp);
};
options.error = Backbone.wrapError(options.error, model, options);
return (this.sync || Backbone.sync).call(this, 'read', this, options);

5
app/controllers/api/albums_controller.rb
View File

@ -1,13 +1,16 @@
module Api module Api
class AlbumsController < BaseController class AlbumsController < BaseController
before_filter :validate_request!
def picture def picture
album = Album.find(params[:id]) album = Album.find(params[:id])
redirect_to album.load_pic redirect_to album.update_image.sized(:extralarge)
end end
def show def show
@album = Album.find(params[:id]) @album = Album.find(params[:id])
return render json: { fail: true } if @album.nil? return render json: { fail: true } if @album.nil?
end end
end end
end end

3
app/controllers/api/artists_controller.rb
View File

@ -1,8 +1,11 @@
module Api module Api
class ArtistsController < BaseController class ArtistsController < BaseController
before_filter :validate_request!
def show def show
@artist = Artist.with_name(params[:id].gsub("+", " ")) @artist = Artist.with_name(params[:id].gsub("+", " "))
return render json: { fail: true } if @artist.nil? return render json: { fail: true } if @artist.nil?
end end
end end
end end

22
app/controllers/api/base_controller.rb
View File

@ -1,5 +1,27 @@
module Api module Api
class BaseController < ::ApplicationController class BaseController < ::ApplicationController
respond_to :json respond_to :json
private
def validate_request!
@user = nil
render json: { error: "Signature verification failed!" } unless request_valid?
@user = User.find_by_vk_id(params[:vk_auth][:mid])
end
def request_valid?
%w[ expire mid secret sid sig ].each do |key|
raise "Parameter not set: #{key} (VK auth)" if params[:vk_auth][key].nil?
end
validation_string = %w[ expire mid secret sid ].map{ |key|
"#{key}=#{params[:vk_auth][key]}"
}.join() << BeatHaven::Application.config.api_accounts["vk"]["api_secret"]
params[:vk_auth][:sig] == Digest::MD5.hexdigest(validation_string)
end
end end
end end

3
app/controllers/api/search_controller.rb
View File

@ -1,5 +1,7 @@
module Api module Api
class SearchController < BaseController class SearchController < BaseController
before_filter :validate_request!
def complete def complete
return render json: { suggestions: [] } if params[:query].to_s.length == 0 return render json: { suggestions: [] } if params[:query].to_s.length == 0
@ -31,5 +33,6 @@ module Api
render json: { found: nil } render json: { found: nil }
end end
end end
end end

28
app/controllers/api/session_controller.rb
View File

@ -1,35 +1,19 @@
module Api module Api
class SessionController < BaseController class SessionController < BaseController
before_filter :validate_request!
def auth def auth
render json: { error: "Signature verification failed!" } unless request_valid?
user_name = "#{params[:user][:first_name]} #{params[:user][:last_name]}" user_name = "#{params[:user][:first_name]} #{params[:user][:last_name]}"
user = User.find_by_vk_id(params[:mid].to_i)
is_newbie = false is_newbie = false
if user.nil? if @user.nil?
user = User.create(name: user_name, vk_id: params[:mid].to_i) @user = User.create(name: user_name, vk_id: params[:vk_auth][:mid].to_i)
is_newbie = true is_newbie = true
elsif user.name != user_name elsif @user.name != user_name
user.update_attributes(name: user_name) @user.update_attributes(name: user_name)
end end
render json: { user: user.dump_json, is_newbie: is_newbie } render json: { user: @user.dump_json, is_newbie: is_newbie }
end
private
def request_valid?
%w[ expire mid secret sid sig ].map(&:to_sym).each do |key|
raise "Parameter not set: #{key}" if params[key].nil?
end
validation_string = %w[ expire mid secret sid ].map{ |key|
"#{key}=#{params[key.to_sym]}"
}.join() << BeatHaven::Application.config.api_accounts["vk"]["api_secret"]
params[:sig] == Digest::MD5.hexdigest(validation_string)
end end
end end

4
app/models/album.rb
View File

@ -17,8 +17,8 @@ class Album < ActiveRecord::Base
VA = "Various Artists" VA = "Various Artists"
def pic_safe def pic_safe
unless pic.nil? unless image.nil?
pic image.sized(:extralarge)
else else
"/api/albums/#{id}/picture" "/api/albums/#{id}/picture"
end end

2
app/models/artist.rb
View File

@ -14,7 +14,7 @@ class Artist < ActiveRecord::Base
} }
def loaded? def loaded?
image? && bio? true
end end
def update_image def update_image

4
app/views/api/artists/show.json.jbuilder
View File

@ -1,6 +1,6 @@
json.artist_title @artist.name json.artist_title @artist.name
json.artist_pic @artist.pic json.artist_pic @artist.image.sized(:extralarge)
json.artist_bio @artist.bio json.artist_bio @artist.bio(@user.lang || "en")
json.artist_loaded @artist.loaded? json.artist_loaded @artist.loaded?
json.artist_url @artist.url json.artist_url @artist.url
json.artist_albums @artist.albums.shown.to_a do |json, album| json.artist_albums @artist.albums.shown.to_a do |json, album|

2
config/routes.rb
View File

@ -8,7 +8,7 @@ BeatHaven::Application.routes.draw do
collection { get :complete; get :wtfis } collection { get :complete; get :wtfis }
end end
resources :session, only: [] do resources :session, only: [] do
collection { post :auth } collection { get :auth }
end end
end end