require 'digest' class ApplicationController < ActionController::Base protect_from_forgery def authorized? secret_key = request.host == 'beathaven.org' ? 'sdgwSbl3nNE4ZxafuPrp' : 's5zyjb693z6uV4rbhEyc' unless params[:expire].nil? or params[:mid].nil? or params[:secret].nil? or params[:sid].nil? or params[:sig].nil? # Calculating hash hash = 'expire='+ params[:expire] +'mid='+ params[:mid] +'secret='+ params[:secret] +'sid='+ params[:sid] + secret_key hash_md5 = Digest::MD5.hexdigest(hash) if Digest::MD5.hexdigest(hash) == params[:sig] return true else res = {status:'login failed'} render :json => res return false end else res = {status:'bad params'} render :json => res return false end end def index end end