oldhaven/app/controllers/user_controller.rb

require 'digest'

class UserController < ApplicationController
  
  def auth
    @res = {}
    check = check_auth(params)
    
    if check == true
      @res[:status] = 'hello'
      user = User.find_by_vkid(params[:mid])
      if user.nil?
        user = User.new
        user.vkid = params[:mid]
        user.save
      end
      @res[:id] = user.id
      @res[:username] = user.name
    elsif check == false
      @res[:status] = 'bad signature'
    else
      @res[:status] = 'bad params'
    end
    
    render :json => @res
  end
  
  def update
    @res = {}
    check = check_auth(params)
    
    if check == true
      user = User.find_by_vkid(params[:mid])
      unless params[:username].nil? or params[:email].nil?
        user.name = params[:username]
        user.email = params[:email]
        user.save
      end
      @res[:username] = user.name
      @res[:email] = user.email
    end
    
    render :json => @res
  end
  
  private
  
  def check_auth params
    secret_key = request.host == 'beathaven.org' ? 'sdgwSbl3nNE4ZxafuPrp' : 's5zyjb693z6uV4rbhEyc'
    unless params[:expire].nil? or params[:mid].nil? or params[:secret].nil? or params[:sid].nil? or params[:sig].nil?
      # Calculating hash
      hash = 'expire='+ params[:expire] +'mid='+ params[:mid] +'secret='+ params[:secret] +'sid='+ params[:sid] + secret_key
      hash_md5 = Digest::MD5.hexdigest(hash)
      if Digest::MD5.hexdigest(hash) == params[:sig]
        return true
      else
        return false
      end
    else
      return 'bad params'
    end
  end
  
end
Auth prototype 2011-06-20 23:28:09 +00:00			`require 'digest'`

			`class UserController < ApplicationController`
Settings draft 2011-06-21 20:44:19 +00:00
Auth prototype 2011-06-20 23:28:09 +00:00			`def auth`
			`@res = {}`
Settings draft 2011-06-21 20:44:19 +00:00			`check = check_auth(params)`
Auth prototype 2011-06-20 23:28:09 +00:00
Settings draft 2011-06-21 20:44:19 +00:00			`if check == true`
			`@res[:status] = 'hello'`
			`user = User.find_by_vkid(params[:mid])`
			`if user.nil?`
			`user = User.new`
			`user.vkid = params[:mid]`
			`user.save`
			`end`
			`@res[:id] = user.id`
			`@res[:username] = user.name`
			`elsif check == false`
			`@res[:status] = 'bad signature'`
			`else`
			`@res[:status] = 'bad params'`
			`end`

			`render :json => @res`
			`end`

			`def update`
Saving settings works ok 2011-06-21 23:29:18 +00:00			`@res = {}`
			`check = check_auth(params)`

			`if check == true`
			`user = User.find_by_vkid(params[:mid])`
			`unless params[:username].nil? or params[:email].nil?`
			`user.name = params[:username]`
			`user.email = params[:email]`
			`user.save`
			`end`
			`@res[:username] = user.name`
			`@res[:email] = user.email`
			`end`
Settings draft 2011-06-21 20:44:19 +00:00
Saving settings works ok 2011-06-21 23:29:18 +00:00			`render :json => @res`
Settings draft 2011-06-21 20:44:19 +00:00			`end`

			`private`

			`def check_auth params`
			`secret_key = request.host == 'beathaven.org' ? 'sdgwSbl3nNE4ZxafuPrp' : 's5zyjb693z6uV4rbhEyc'`
Auth prototype 2011-06-20 23:28:09 +00:00			`unless params[:expire].nil? or params[:mid].nil? or params[:secret].nil? or params[:sid].nil? or params[:sig].nil?`
			`# Calculating hash`
Settings draft 2011-06-21 20:44:19 +00:00			`hash = 'expire='+ params[:expire] +'mid='+ params[:mid] +'secret='+ params[:secret] +'sid='+ params[:sid] + secret_key`
Auth prototype 2011-06-20 23:28:09 +00:00			`hash_md5 = Digest::MD5.hexdigest(hash)`
			`if Digest::MD5.hexdigest(hash) == params[:sig]`
Settings draft 2011-06-21 20:44:19 +00:00			`return true`
Auth prototype 2011-06-20 23:28:09 +00:00			`else`
Settings draft 2011-06-21 20:44:19 +00:00			`return false`
Auth prototype 2011-06-20 23:28:09 +00:00			`end`
			`else`
Settings draft 2011-06-21 20:44:19 +00:00			`return 'bad params'`
Auth prototype 2011-06-20 23:28:09 +00:00			`end`
			`end`
Settings draft 2011-06-21 20:44:19 +00:00
Auth prototype 2011-06-20 23:28:09 +00:00			`end`