37 lines
1.0 KiB
Ruby
37 lines
1.0 KiB
Ruby
module Api
|
|
class SessionController < ApplicationController
|
|
|
|
def auth
|
|
render json: { error: "Signature verification failed!" } unless request_valid?
|
|
|
|
user_name = "#{params[:user][:first_name]} #{params[:user][:last_name]}"
|
|
|
|
user = User.find_by_vk_id(params[:mid].to_i)
|
|
is_newbie = false
|
|
if user.nil?
|
|
user = User.create(name: user_name, vk_id: params[:mid].to_i)
|
|
is_newbie = true
|
|
elsif user.name != user_name
|
|
user.update_attributes(name: user_name)
|
|
end
|
|
|
|
render json: { user: user.dump_json, is_newbie: is_newbie }
|
|
end
|
|
|
|
private
|
|
|
|
def request_valid?
|
|
%w[ expire mid secret sid sig ].map(&:to_sym).each do |key|
|
|
raise "Parameter not set: #{key}" if params[key].nil?
|
|
end
|
|
|
|
validation_string = %w[ expire mid secret sid ].map{ |key|
|
|
"#{key}=#{params[key.to_sym]}"
|
|
}.join() << BeatHaven::Application.config.api_accounts["vk"]["api_secret"]
|
|
|
|
params[:sig] == Digest::MD5.hexdigest(validation_string)
|
|
end
|
|
|
|
end
|
|
end
|