Better auth. Fuck yeah!
This commit is contained in:
parent
67e79acf23
commit
e29d20550e
|
@ -1,43 +1,38 @@
|
||||||
require 'digest'
|
require 'digest'
|
||||||
|
require 'vkontakte'
|
||||||
|
|
||||||
class ApplicationController < ActionController::Base
|
class ApplicationController < ActionController::Base
|
||||||
protect_from_forgery
|
protect_from_forgery
|
||||||
before_filter :set_locale
|
before_filter :set_locale
|
||||||
|
|
||||||
def authorized?
|
def index; end
|
||||||
# secret_key = request.host == 'beathaven.org' ? 'sdgwSbl3nNE4ZxafuPrp' : 's5zyjb693z6uV4rbhEyc'
|
|
||||||
secret_key = 'sdgwSbl3nNE4ZxafuPrp'
|
|
||||||
unless params[:expire].nil? or params[:mid].nil? or params[:secret].nil? or params[:sid].nil? or params[:sig].nil?
|
|
||||||
# Calculating hash
|
|
||||||
hash = 'expire='+ params[:expire] +'mid='+ params[:mid] +'secret='+ params[:secret] +'sid='+ params[:sid] + secret_key
|
|
||||||
hash_md5 = Digest::MD5.hexdigest(hash)
|
|
||||||
if Digest::MD5.hexdigest(hash) == params[:sig]
|
|
||||||
return true
|
|
||||||
else
|
|
||||||
res = {status:'login failed'}
|
|
||||||
render :json => res
|
|
||||||
return false
|
|
||||||
end
|
|
||||||
else
|
|
||||||
res = {status:'bad params'}
|
|
||||||
render :json => res
|
|
||||||
return false
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def set_locale
|
|
||||||
session = Session.find_by_key(request.cookies['_beathaven_session'][0..31])
|
|
||||||
unless session.nil?
|
|
||||||
I18n.locale = session.user.lang
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def index
|
|
||||||
|
|
||||||
end
|
|
||||||
|
|
||||||
def greetings
|
def greetings
|
||||||
render :partial => 'greetings'
|
render :partial => 'greetings'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
protected
|
||||||
|
|
||||||
|
def authorize
|
||||||
|
unless Vkontakte.check(params)
|
||||||
|
render :json => { :status => 'login failed' }
|
||||||
|
false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def set_locale
|
||||||
|
session = Session.find_by_key(session_key)
|
||||||
|
unless session.nil?
|
||||||
|
I18n.locale = session.user.lang
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def session_key
|
||||||
|
unless request.cookies['_beathaven_session'].nil?
|
||||||
|
rails_key = request.cookies['_beathaven_session'][0..31]
|
||||||
|
else
|
||||||
|
rails_key = Digest::SHA512.hexdigest(Beathaven::Application.config.secret_token+Time.now.to_f.to_s+Random.rand().to_s)
|
||||||
|
end
|
||||||
|
Digest::SHA512.hexdigest(rails_key)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -3,13 +3,9 @@ require 'musicbrainz'
|
||||||
require 'nokogiri'
|
require 'nokogiri'
|
||||||
|
|
||||||
class ImportController < ApplicationController
|
class ImportController < ApplicationController
|
||||||
@@lastfm_api_key = '04fda005dbf61a50af5abc3e90f111f2'
|
|
||||||
@@lastfm_secret = '19e70e98b291e9f15d0516925945eb1b'
|
|
||||||
|
|
||||||
def self.importArtist name, dry_run = false
|
def self.importArtist name, dry_run = false
|
||||||
|
|
||||||
# Initializing gems
|
# Initializing gems
|
||||||
lastfm = Lastfm.new(@@lastfm_api_key, @@lastfm_secret)
|
lastfm = Lastfm.new(LastFmController.api_key, LastFmController.api_secret)
|
||||||
|
|
||||||
artist = Artist.find_or_create_by_name(name)
|
artist = Artist.find_or_create_by_name(name)
|
||||||
return 3 if artist.status == 1
|
return 3 if artist.status == 1
|
||||||
|
|
|
@ -2,7 +2,7 @@ require 'open-uri'
|
||||||
require 'lastfm'
|
require 'lastfm'
|
||||||
|
|
||||||
class LastFmController < ApplicationController
|
class LastFmController < ApplicationController
|
||||||
|
before_filter :authorize
|
||||||
@@api_key = '04fda005dbf61a50af5abc3e90f111f2'
|
@@api_key = '04fda005dbf61a50af5abc3e90f111f2'
|
||||||
@@secret = '19e70e98b291e9f15d0516925945eb1b'
|
@@secret = '19e70e98b291e9f15d0516925945eb1b'
|
||||||
|
|
||||||
|
@ -25,7 +25,6 @@ class LastFmController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def getinfo
|
def getinfo
|
||||||
return unless authorized?
|
|
||||||
@res = {}
|
@res = {}
|
||||||
|
|
||||||
user = User.find_by_vkid(params[:mid])
|
user = User.find_by_vkid(params[:mid])
|
||||||
|
@ -44,7 +43,6 @@ class LastFmController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def listening
|
def listening
|
||||||
return unless authorized?
|
|
||||||
@res = {}
|
@res = {}
|
||||||
|
|
||||||
if params[:artist].nil? or params[:album].nil? or params[:track].nil?
|
if params[:artist].nil? or params[:album].nil? or params[:track].nil?
|
||||||
|
@ -67,7 +65,6 @@ class LastFmController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def scrobble
|
def scrobble
|
||||||
return unless authorized?
|
|
||||||
@res = {}
|
@res = {}
|
||||||
|
|
||||||
if params[:artist].nil? or params[:album].nil? or params[:track].nil?
|
if params[:artist].nil? or params[:album].nil? or params[:track].nil?
|
||||||
|
@ -93,4 +90,7 @@ class LastFmController < ApplicationController
|
||||||
@@api_key
|
@@api_key
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def self.api_secret
|
||||||
|
@@secret
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
class UserController < ApplicationController
|
class UserController < ApplicationController
|
||||||
|
before_filter :authorize
|
||||||
|
|
||||||
def auth
|
def auth
|
||||||
return unless authorized?
|
|
||||||
|
|
||||||
@res = {:status => 'hello', :newbie => false}
|
@res = {:status => 'hello', :newbie => false}
|
||||||
user = User.find_by_vkid(params[:mid])
|
user = User.find_by_vkid(params[:mid])
|
||||||
if user.nil?
|
if user.nil?
|
||||||
|
@ -13,10 +12,9 @@ class UserController < ApplicationController
|
||||||
@res[:newbie] = true
|
@res[:newbie] = true
|
||||||
end
|
end
|
||||||
|
|
||||||
cookie_key = request.cookies['_beathaven_session'][0..31]
|
|
||||||
session = Session.find_or_create_by_user_id(user.id)
|
session = Session.find_or_create_by_user_id(user.id)
|
||||||
if session.key != cookie_key
|
if session.key != session_key
|
||||||
session.key = cookie_key
|
session.key = session_key
|
||||||
session.save
|
session.save
|
||||||
render :json => { 'ok_reload' => true }
|
render :json => { 'ok_reload' => true }
|
||||||
return
|
return
|
||||||
|
@ -37,13 +35,11 @@ class UserController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def settings
|
def settings
|
||||||
return unless authorized?
|
|
||||||
@user = User.find_by_vkid(params[:mid])
|
@user = User.find_by_vkid(params[:mid])
|
||||||
render :partial => 'settings'
|
render :partial => 'settings'
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
return unless authorized?
|
|
||||||
allowed_params = [:name, :email, :lang, :show]
|
allowed_params = [:name, :email, :lang, :show]
|
||||||
@res = {}
|
@res = {}
|
||||||
|
|
||||||
|
@ -78,7 +74,6 @@ class UserController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def fav
|
def fav
|
||||||
return unless authorized?
|
|
||||||
@res = {status: 'fail'}
|
@res = {status: 'fail'}
|
||||||
|
|
||||||
fav = Favorite.new
|
fav = Favorite.new
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
module Vkontakte
|
||||||
|
@@secret_key = 'sdgwSbl3nNE4ZxafuPrp'
|
||||||
|
|
||||||
|
def self.check params
|
||||||
|
unless params[:expire].nil? or params[:mid].nil? or params[:secret].nil? or params[:sid].nil? or params[:sig].nil?
|
||||||
|
return true if self.sign(params) == params[:sig]
|
||||||
|
end
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def self.sign params
|
||||||
|
Digest::MD5.hexdigest(%w(expire mid secret sid).map{ |_| _+'='+params[_.to_sym] }.join()+@@secret_key)
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue