Good registration & fair auth #23
This commit is contained in:
parent
e20ed483c1
commit
957a883ccf
|
@ -2,7 +2,10 @@
|
||||||
class ArtistController < ApplicationController
|
class ArtistController < ApplicationController
|
||||||
require 'open-uri'
|
require 'open-uri'
|
||||||
def view
|
def view
|
||||||
if params[:name].nil?
|
unless MainController.logged_in request.session['session_id']
|
||||||
|
redirect_to '/login'
|
||||||
|
end
|
||||||
|
if params[:name].nil?
|
||||||
name = ''
|
name = ''
|
||||||
else
|
else
|
||||||
if request.request_method == 'POST'
|
if request.request_method == 'POST'
|
||||||
|
|
|
@ -1,5 +1,17 @@
|
||||||
class MainController < ApplicationController
|
class MainController < ApplicationController
|
||||||
def index
|
def index
|
||||||
|
unless MainController.logged_in request.session['session_id']
|
||||||
|
redirect_to '/login'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
def self.logged_in session_id
|
||||||
end
|
user_data = User.collection.find({session_key: Digest::SHA256.hexdigest(session_id)}).first
|
||||||
|
unless user_data.nil?
|
||||||
|
user_data['lastvisit'] = Time.now()
|
||||||
|
User.collection.update({_id: user_data._id}, user_data.attributes)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -1,11 +1,26 @@
|
||||||
class UserController < ApplicationController
|
class UserController < ApplicationController
|
||||||
|
def login
|
||||||
|
unless params[:email].nil? or params[:password].nil?
|
||||||
|
user_data = User.collection.find({email: params[:email], password: Digest::SHA256.hexdigest(params[:password])}).first
|
||||||
|
unless user_data.nil?
|
||||||
|
user_data['session_key'] = Digest::SHA256.hexdigest(request.session['session_id'])
|
||||||
|
User.collection.update({_id: user_data._id}, user_data.attributes)
|
||||||
|
redirect_to '/'
|
||||||
|
else
|
||||||
|
redirect_to '/login'
|
||||||
|
end
|
||||||
|
else
|
||||||
|
redirect_to '/login'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def register
|
def register
|
||||||
data = Invite.where(:email => params[:email], :code => params[:code]).first
|
data = Invite.where(:email => params[:email], :code => params[:code]).first
|
||||||
unless data.nil?
|
unless data.nil?
|
||||||
@code = data.code
|
@code = data.code
|
||||||
@email = data.email
|
@email = data.email
|
||||||
else
|
else
|
||||||
redirect_to '/'
|
redirect_to '/login'
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -30,7 +45,7 @@ class UserController < ApplicationController
|
||||||
|
|
||||||
Invite.collection.remove({email: params[:invite_email], code: params[:invite_code]})
|
Invite.collection.remove({email: params[:invite_email], code: params[:invite_code]})
|
||||||
else
|
else
|
||||||
redirect_to '/'
|
redirect_to '/login'
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
<%= csrf_meta_tag %>
|
<%= csrf_meta_tag %>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
|
<br/><br/><br/><br/>
|
||||||
|
<%= @params %>
|
||||||
<div id="contents">
|
<div id="contents">
|
||||||
<div class="inner-1">
|
<div class="inner-1">
|
||||||
<div id="player">
|
<div id="player">
|
||||||
|
|
|
@ -0,0 +1,24 @@
|
||||||
|
<div id="registration">
|
||||||
|
<h1>Do BeatHaven know you?</h1>
|
||||||
|
<%= form_tag('/login', :method => 'post') do -%>
|
||||||
|
<%= label_tag 'email', 'E-mail' %><%= email_field_tag 'email', nil %>
|
||||||
|
<%= label_tag 'password', 'Password' %><%= password_field_tag 'password', nil %><div id="password_error"></div>
|
||||||
|
<div class="complete">
|
||||||
|
<%= submit_tag 'Let me in!' %>
|
||||||
|
</div>
|
||||||
|
<% end -%>
|
||||||
|
</div>
|
||||||
|
<script type="text/javascript" charset="utf-8">
|
||||||
|
$(function(){
|
||||||
|
$('#email').focus();
|
||||||
|
$('form').submit(function(){
|
||||||
|
$('#password_error, #password_c_error').html('');
|
||||||
|
if ($('#password').val().length < 6) {
|
||||||
|
$('#password_error').html('* You must be kidding?');
|
||||||
|
$('#password').focus();
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
})
|
||||||
|
})
|
||||||
|
</script>
|
|
@ -8,8 +8,9 @@ Beathaven::Application.routes.draw do
|
||||||
match 'search/autocomplete' => 'artist#autocomplete'
|
match 'search/autocomplete' => 'artist#autocomplete'
|
||||||
|
|
||||||
# Registration & login
|
# Registration & login
|
||||||
match 'reg/:email/:code' => 'user#register', :constraints => { :email => /[-a-z0-9\._@]+/i, :code => /[a-z0-9]{8}/ }
|
match 'reg/:email/:code' => 'user#register', :constraints => { :email => /[-a-z0-9\._@]+/i, :code => /[a-f0-9]{64}/ }
|
||||||
match 'reg/complete' => 'user#complete'
|
match 'reg/complete' => 'user#complete'
|
||||||
|
match 'login' => 'user#login'
|
||||||
|
|
||||||
match '*a', :to => 'errors#routing'
|
match '*a', :to => 'errors#routing'
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue