require 'open-uri' class LastFmController < ApplicationController @@api_key = '04fda005dbf61a50af5abc3e90f111f2' @@secret = '19e70e98b291e9f15d0516925945eb1b' def connect unless params[:sid].nil? or params[:token].nil? session = Session.find_by_key(params[:sid]) unless session.nil? session.user.lastfm_token = params[:token] session.user.save render :text => '' else render :text => 'You Don\'t Fool Me' end else render :text => 'So Much Trouble In The World' end end def getinfo #return unless authorized? @res = {} user = User.find_by_vkid(1217744)#params[:mid]) @res[:connected] = false @res[:lastfm_login_url] = 'http://www.last.fm/api/auth?api_key='+ @@api_key +'&cb=http://localhost/lastfm/connect/?sid='+ user.session.key unless user.lastfm_token.nil? lastfm_response = auth_query({:method => 'auth.getSession', :token => user.lastfm_token}) render :json => lastfm_response return if lastfm_response user.lastfm_token = lastfm_response[1] user.save @res[:connected] = true @res[:username] = lastfm_response[0]; end end render :json => @res end private def auth_query params url = 'http://ws.audioscrobbler.com/2.0/?' params[:api_key] = @@api_key params.each do |k, v| url << k.to_s << '=' << v << '&' end url << 'api_sig=' << get_signature(params) begin open(url).read.match(/(.*?)<\/name>.*?(.*?)<\/key>/m) rescue false end end def get_signature params params = params.to_a.sort! { |a, b| a[0] <=> b[0] } params = Hash[params] str = ''; params.each do |k, v| str << k.to_s << v end Digest::MD5.hexdigest(str + @@secret) end end