Better auth
This commit is contained in:
parent
9558f720ca
commit
704037b67c
|
@ -1,3 +1,26 @@
|
||||||
|
require 'digest'
|
||||||
|
|
||||||
class ApplicationController < ActionController::Base
|
class ApplicationController < ActionController::Base
|
||||||
protect_from_forgery
|
protect_from_forgery
|
||||||
|
|
||||||
|
def authorized?
|
||||||
|
secret_key = request.host == 'beathaven.org' ? 'sdgwSbl3nNE4ZxafuPrp' : 's5zyjb693z6uV4rbhEyc'
|
||||||
|
unless params[:expire].nil? or params[:mid].nil? or params[:secret].nil? or params[:sid].nil? or params[:sig].nil?
|
||||||
|
# Calculating hash
|
||||||
|
hash = 'expire='+ params[:expire] +'mid='+ params[:mid] +'secret='+ params[:secret] +'sid='+ params[:sid] + secret_key
|
||||||
|
hash_md5 = Digest::MD5.hexdigest(hash)
|
||||||
|
if Digest::MD5.hexdigest(hash) == params[:sig]
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
res = {status:'login failed'}
|
||||||
|
render :json => res
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
else
|
||||||
|
res = {status:'bad params'}
|
||||||
|
render :json => res
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,94 +1,64 @@
|
||||||
require 'digest'
|
|
||||||
|
|
||||||
class UserController < ApplicationController
|
class UserController < ApplicationController
|
||||||
|
|
||||||
def auth
|
def auth
|
||||||
|
return unless authorized?
|
||||||
@res = {}
|
@res = {}
|
||||||
check = check_auth(params)
|
|
||||||
|
|
||||||
if check == true
|
@res[:status] = 'hello'
|
||||||
@res[:status] = 'hello'
|
user = User.find_by_vkid(params[:mid])
|
||||||
user = User.find_by_vkid(params[:mid])
|
if user.nil?
|
||||||
if user.nil?
|
user = User.new
|
||||||
user = User.new
|
user.vkid = params[:mid]
|
||||||
user.vkid = params[:mid]
|
user.save
|
||||||
user.save
|
|
||||||
end
|
|
||||||
@res[:id] = user.id
|
|
||||||
@res[:username] = user.name
|
|
||||||
elsif check == false
|
|
||||||
@res[:status] = 'bad signature'
|
|
||||||
else
|
|
||||||
@res[:status] = 'bad params'
|
|
||||||
end
|
end
|
||||||
|
@res[:id] = user.id
|
||||||
|
@res[:username] = user.name
|
||||||
|
|
||||||
render :json => @res
|
render :json => @res
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
|
return unless authorized?
|
||||||
@res = {}
|
@res = {}
|
||||||
check = check_auth(params)
|
|
||||||
|
|
||||||
if check == true
|
user = User.find_by_vkid(params[:mid])
|
||||||
user = User.find_by_vkid(params[:mid])
|
unless params[:username].nil? or params[:email].nil?
|
||||||
unless params[:username].nil? or params[:email].nil?
|
user.name = params[:username]
|
||||||
user.name = params[:username]
|
user.email = params[:email]
|
||||||
user.email = params[:email]
|
user.save
|
||||||
user.save
|
|
||||||
end
|
|
||||||
@res[:username] = user.name
|
|
||||||
@res[:email] = user.email
|
|
||||||
end
|
end
|
||||||
|
@res[:username] = user.name
|
||||||
|
@res[:email] = user.email
|
||||||
|
|
||||||
render :json => @res
|
render :json => @res
|
||||||
end
|
end
|
||||||
|
|
||||||
def fav
|
def fav
|
||||||
|
return unless authorized?
|
||||||
@res = {status: 'fail'}
|
@res = {status: 'fail'}
|
||||||
check = check_auth(params)
|
|
||||||
|
|
||||||
if check == true
|
fav = Favorite.new
|
||||||
fav = Favorite.new
|
if not params[:artist].nil?
|
||||||
if not params[:artist].nil?
|
artist = Artist.find(params[:artist]);
|
||||||
artist = Artist.find(params[:artist]);
|
unless artist.nil?
|
||||||
unless artist.nil?
|
fav.artist_id = artist.id
|
||||||
fav.artist_id = artist.id
|
res[:status] = 'added'
|
||||||
res[:status] = 'added'
|
end
|
||||||
end
|
elsif not params[:album].nil?
|
||||||
elsif not params[:album].nil?
|
album = Album.find(params[:album]);
|
||||||
album = Album.find(params[:album]);
|
unless album.nil?
|
||||||
unless album.nil?
|
fav.album_id = album.id
|
||||||
fav.album_id = album.id
|
res[:status] = 'added'
|
||||||
res[:status] = 'added'
|
end
|
||||||
end
|
elsif not params[:track].nil?
|
||||||
elsif not params[:track].nil?
|
track = Track.find(params[:track]);
|
||||||
track = Track.find(params[:track]);
|
unless track.nil?
|
||||||
unless track.nil?
|
fav.track_id = track.id
|
||||||
fav.track_id = track.id
|
res[:status] = 'added'
|
||||||
res[:status] = 'added'
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
render :json => @res
|
render :json => @res
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
|
||||||
|
|
||||||
def check_auth params
|
|
||||||
secret_key = request.host == 'beathaven.org' ? 'sdgwSbl3nNE4ZxafuPrp' : 's5zyjb693z6uV4rbhEyc'
|
|
||||||
unless params[:expire].nil? or params[:mid].nil? or params[:secret].nil? or params[:sid].nil? or params[:sig].nil?
|
|
||||||
# Calculating hash
|
|
||||||
hash = 'expire='+ params[:expire] +'mid='+ params[:mid] +'secret='+ params[:secret] +'sid='+ params[:sid] + secret_key
|
|
||||||
hash_md5 = Digest::MD5.hexdigest(hash)
|
|
||||||
if Digest::MD5.hexdigest(hash) == params[:sig]
|
|
||||||
return true
|
|
||||||
else
|
|
||||||
return false
|
|
||||||
end
|
|
||||||
else
|
|
||||||
return 'bad params'
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
25
db/schema.rb
25
db/schema.rb
|
@ -10,7 +10,7 @@
|
||||||
#
|
#
|
||||||
# It's strongly recommended to check this file into your version control system.
|
# It's strongly recommended to check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(:version => 20110621001100) do
|
ActiveRecord::Schema.define(:version => 20110622000253) do
|
||||||
|
|
||||||
create_table "albums", :force => true do |t|
|
create_table "albums", :force => true do |t|
|
||||||
t.string "name"
|
t.string "name"
|
||||||
|
@ -49,6 +49,29 @@ ActiveRecord::Schema.define(:version => 20110621001100) do
|
||||||
|
|
||||||
add_index "delayed_jobs", ["priority", "run_at"], :name => "delayed_jobs_priority"
|
add_index "delayed_jobs", ["priority", "run_at"], :name => "delayed_jobs_priority"
|
||||||
|
|
||||||
|
create_table "favorites", :force => true do |t|
|
||||||
|
t.integer "user_id"
|
||||||
|
t.integer "artist_id"
|
||||||
|
t.integer "album_id"
|
||||||
|
t.integer "track_id"
|
||||||
|
t.datetime "created_at"
|
||||||
|
t.datetime "updated_at"
|
||||||
|
end
|
||||||
|
|
||||||
|
create_table "playlist_items", :force => true do |t|
|
||||||
|
t.integer "playlist_id"
|
||||||
|
t.integer "track_id"
|
||||||
|
t.datetime "created_at"
|
||||||
|
t.datetime "updated_at"
|
||||||
|
end
|
||||||
|
|
||||||
|
create_table "playlists", :force => true do |t|
|
||||||
|
t.integer "user_id"
|
||||||
|
t.string "name"
|
||||||
|
t.datetime "created_at"
|
||||||
|
t.datetime "updated_at"
|
||||||
|
end
|
||||||
|
|
||||||
create_table "tracks", :force => true do |t|
|
create_table "tracks", :force => true do |t|
|
||||||
t.string "name"
|
t.string "name"
|
||||||
t.integer "album_id"
|
t.integer "album_id"
|
||||||
|
|
Loading…
Reference in New Issue