28 lines
738 B
Ruby
28 lines
738 B
Ruby
module Api
|
|
class BaseController < ::ApplicationController
|
|
respond_to :json
|
|
|
|
private
|
|
|
|
def validate_request!
|
|
@user = nil
|
|
render json: { error: "Signature verification failed!" } unless request_valid?
|
|
|
|
@user = User.find_by_vk_id(params[:vk_auth][:mid])
|
|
end
|
|
|
|
def request_valid?
|
|
%w[ expire mid secret sid sig ].each do |key|
|
|
raise "Parameter not set: #{key} (VK auth)" if params[:vk_auth][key].nil?
|
|
end
|
|
|
|
validation_string = %w[ expire mid secret sid ].map{ |key|
|
|
"#{key}=#{params[:vk_auth][key]}"
|
|
}.join() << BeatHaven::Application.config.api_accounts["vk"]["api_secret"]
|
|
|
|
params[:vk_auth][:sig] == Digest::MD5.hexdigest(validation_string)
|
|
end
|
|
|
|
end
|
|
end
|