diff --git a/app/assets/javascripts/user/application.js.erb b/app/assets/javascripts/user/application.js.erb
index 80e8bdf5..0f5bab5e 100644
--- a/app/assets/javascripts/user/application.js.erb
+++ b/app/assets/javascripts/user/application.js.erb
@@ -1,6 +1,6 @@
// This is a manifest file that'll be compiled into application.js, which will include all the files
// listed below.
-// a
+//
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
//
@@ -39,7 +39,7 @@ var path_mapping = {
list_products: '/list_products',
active_list: '/active_list',
history_list: '/history_list',
- obtain_user_token: '/obtain_token',
+ obtain_token: '/obtain_token',
lists_history: '/list_history'
}
var $translations = {
@@ -119,7 +119,7 @@ function redirect_to(mapping, variables){
var vars = [];
for(var name in variables){
vars.push(name + '=' +variables[name]);
- Qstorage[name] = variables[name];
+ Qstorage.setItem(name, variables[name]);
}
window.location = QMobile.root_url() + path_mapping[mapping] + '.html'
}
@@ -154,22 +154,21 @@ function t(path, vars){
$.ajaxSetup({
error: function(xhr, ajaxOptions, error, another){
if(xhr.status == 401){
- direct_to_site('obtain_user_token');
+ redirect_to('obtain_token');
}else if(xhr.status == 0){
QMobile.connection_problem();
}
}
});
-var Qstorage = sessionStorage;
$(function(){
- $locale = QMobile.locale();
- if(Qstorage.message){
+ $locale = Qstorage.getItem('locale') || 'en';
+ if(Qstorage.getItem('message')){
var container = $('.alert-success');
- container.find('div').text($translations[$locale]['messages'][Qstorage.message]);
+ container.find('div').text($translations[$locale]['messages'][Qstorage.getItem('message')]);
container.show();
Qstorage.removeItem('message');
}
- if(Qstorage.list_closed){
+ if(Qstorage.getItem('list_closed')){
var container = $('.alert-error');
container.find('div').text($translations[$locale]['messages']['the_list_has_been_closed']);
container.show();
@@ -178,7 +177,7 @@ $(function(){
setTranslations();
});
function setLocale(locale){
- QMobile.setLocale(locale);
+ Qstorage.setItem('locale', locale);
$locale = locale;
setTranslations();
}
diff --git a/app/assets/javascripts/user/quser.js.coffee b/app/assets/javascripts/user/quser.js.coffee
index cd59062b..597171fb 100644
--- a/app/assets/javascripts/user/quser.js.coffee
+++ b/app/assets/javascripts/user/quser.js.coffee
@@ -1,5 +1,5 @@
-authentication_string = QMobile.authentication_string()
-authentication_object = $.parseJSON(QMobile.authentication_object())
+#authentication_string = QMobile.authentication_string()
+#authentication_object = $.parseJSON(QMobile.authentication_object())
class Quser
format_date: (utc) ->
formatted = ''
@@ -9,7 +9,9 @@ class Quser
formatted
watch_events: ->
faye = new Faye.Client(event_host)
- faye.subscribe "/user/"+QMobile.user_id(), (e)=>
+ user_id = Qstorage.getItem('user_id')
+ return unless user_id && user_id.length > 0
+ faye.subscribe "/user/"+user_id, (e)=>
if(e.event == 'list_closed')
#redirect_to 'user_root', {list_closed: 'true'}
redirect_to 'history_list', {list_id: e.data.id, list_closed: true}
@@ -39,23 +41,49 @@ class Quser
$('.list-total-amount').html(currency(e.data.total_amount))
console.log(e)
false
- home_loader: ->
- $.getJSON(data_host + '/user/list_info.json?' + authentication_string, (res) => @handle_active_list_default_actions(res))
- handle_active_list: (callback) ->
- $.getJSON(data_host + '/user/list_info.json?' + authentication_string, (res) =>
- if(res.ok == false && res.status && res.status == 401)
- direct_to_site('obtain_user_token')
- else if !res.list_active
- redirect_to 'user_root', {list_closed: 'true'}
- return
- window.active_list = res
- callback.call() if callback
- @handle_active_list_default_actions(res)
+ reset_user: ->
+ Qstorage.removeItem('auth_token')
+ Qstorage.removeItem('user_id')
+ authenticate_user: ->
+ email = $('#user-email')
+ password = $('#user-password')
+ return unless email.length && password.length
+ return email.focus() unless email.val() && email.val().length > 0
+ return password.focus() unless password.val() && password.val().length > 0
+ $.post(data_host + '/user/obtain_token.json', {"user[email]": email.val(), "user[password]": password.val()}, (res)=>
+ if res.auth_token
+ Qstorage.setItem('auth_token', res.auth_token)
+ Qstorage.setItem('user_id', res.user_id)
+ redirect_to 'user_root'
+ else
+ $('.user-alert').html(t('obtain_token.invalid_combination')).show()
)
+
+ false
+ ensure_token: (callback)->
+ redirect_to('obtain_token') unless Qstorage.getItem('auth_token') && typeof(Qstorage.getItem('auth_token')) == 'string' && Qstorage.getItem('auth_token').length > 0
+ @authentication_string = 'auth_token='+Qstorage.getItem('auth_token')
+ @authentication_object = {auth_token: Qstorage.getItem('auth_token')}
+ callback.call() if callback
+ home_loader: ->
+ @ensure_token =>
+ $.getJSON(data_host + '/user/list_info.json?' + @authentication_string, (res) => @handle_active_list_default_actions(res))
+ handle_active_list: (callback) ->
+ @ensure_token =>
+ $.getJSON(data_host + '/user/list_info.json?' + @authentication_string, (res) =>
+ if(res.ok == false && res.status && res.status == 401)
+ redirect_to('obtain_token')
+ else if !res.list_active
+ redirect_to 'user_root', {list_closed: 'true'}
+ return
+ window.active_list = res
+ callback.call() if callback
+ @handle_active_list_default_actions(res)
+ )
handle_active_list_default_actions: (response)->
response ||= {}
if(response.ok == false && response.status && response.status == 401)
- direct_to_site('obtain_user_token')
+ redirect_to('obtain_token')
return
$('.table-number').text(response.table_number) if response.table_number
@@ -163,41 +191,46 @@ class Quser
return unless window.active_list && !window.active_list.needs_payment
$.post(data_host + '/user/list_needs_payment.json', authentication_object, (res) => window.active_list = res; window.Quser.list_needs_payment_default_action(res))
load_active_list: () ->
- $.getJSON(data_host + '/user/active_list.json?'+authentication_string, (res) =>
- window.active_list = res if res._id
- unless res.list_active
- redirect_to 'history_list', {list_id: window.active_list._id, list_closed: true}
- return
- @handle_active_list_default_actions(res)
- body = $('#active-list-table tbody')
- foot = $('#active-list-table tfoot')
- @build_list_table(body, foot, res)
- )
+ @ensure_token =>
+ $.getJSON(data_host + '/user/active_list.json?'+@authentication_string, (res) =>
+ if(res.ok == false && res.status && res.status == 401)
+ redirect_to('obtain_token')
+ window.active_list = res if res._id
+ unless res.list_active
+ redirect_to 'history_list', {list_id: window.active_list._id, list_closed: true}
+ return
+ @handle_active_list_default_actions(res)
+ body = $('#active-list-table tbody')
+ foot = $('#active-list-table tfoot')
+ @build_list_table(body, foot, res)
+ )
load_history_list: () ->
return unless list_id = Qstorage.list_id
- $.getJSON(data_host + '/user/history_list.json?list_id='+list_id+'&'+ authentication_string, (res) =>
- body = $('#history-list-table tbody')
- foot = $('#history-list-table tfoot')
- @build_list_table(body, foot, res)
- $('.list-created-at').text(@format_date(res.created_at))
- $('.list-closed-at').text(@format_date(res.closed_at))
- $('.supplier-name').text(res.supplier_name)
- )
+ @ensure_token =>
+ $.getJSON(data_host + '/user/history_list.json?list_id='+list_id+'&'+ @authentication_string, (res) =>
+ body = $('#history-list-table tbody')
+ foot = $('#history-list-table tfoot')
+ @build_list_table(body, foot, res)
+ $('.list-created-at').text(@format_date(res.created_at))
+ $('.list-closed-at').text(@format_date(res.closed_at))
+ $('.supplier-name').text(res.supplier_name)
+ )
load_list_history: ->
- page = Qstorage.page || 1
- page = parseInt(page)
- $.getJSON(data_host + '/user/list_history.json?'+authentication_string+'&page='+page, (res) =>
- @paginate(res, @load_list_history)
- container = $('#list-history-container').html('')
- for list in res.lists
- li = $('').appendTo(container)
- link = $('').appendTo(li)
- link.click(-> redirect_to 'history_list', list_id: list._id)
- txt = list.supplier_name
- txt += ' - '
- txt += @format_date(list.created_at)
- link.text(txt)
- )
+ @ensure_token =>
+ page = Qstorage.getItem('page') || 1
+ page = parseInt(page)
+ $.getJSON(data_host + '/user/list_history.json?'+@authentication_string+'&page='+page, (res) =>
+ @paginate(res, @load_list_history)
+ container = $('#list-history-container').html('')
+ for list in res.lists
+ li = $('').appendTo(container)
+ link = $('').appendTo(li)
+ link.click(-> redirect_to 'history_list', list_id: list._id)
+ txt = list.supplier_name
+ txt += ' - '
+ txt += @format_date(list.created_at)
+ link.text(txt)
+ )
paginate: (wrapper, callback) ->
container = $('nav.pagination')
container.html('')
@@ -235,12 +268,13 @@ class Quser
$('.list-total-amount').html(currency(m_obj.total_amount))
order_selected_products: ()->
- return if $.isEmptyObject(window.active_products_list)
- h = {}
- h['table_id'] = Qstorage.getItem('table_id') if Qstorage.getItem('table_id')
- for product_id, number of window.active_products_list
- h['products['+product_id+']'] = number
- $.post(data_host + '/user/order_selected_products', $.extend(h, authentication_object), ((res) => @handle_response(res)), 'json')
+ @ensure_token =>
+ return if $.isEmptyObject(window.active_products_list)
+ h = {}
+ h['table_id'] = Qstorage.getItem('table_id') if Qstorage.getItem('table_id')
+ for product_id, number of window.active_products_list
+ h['products['+product_id+']'] = number
+ $.post(data_host + '/user/order_selected_products', $.extend(h, @authentication_object), ((res) => @handle_response(res)), 'json')
handle_response: (res) ->
if(typeof(res) == 'string')
return unless res.length
@@ -268,10 +302,11 @@ class Quser
Qupdate('#active-order-container')
load_active_list_products: ->
- @populate_products_table('/user/list_products.json?'+authentication_string)
+ @populate_products_table('/user/list_products.json?'+@authentication_string)
load_table_products: ->
- return redirect_to 'user_root', {message: 'cannot_identify_table'} unless Qstorage.table_id
- @populate_products_table('/user/list_products_for_table.json?'+authentication_string+'&table_id='+Qstorage.table_id)
+ @ensure_token =>
+ return redirect_to 'user_root', {message: 'cannot_identify_table'} unless Qstorage.table_id
+ @populate_products_table('/user/list_products_for_table.json?'+@authentication_string+'&table_id='+Qstorage.table_id)
populate_products_table: (src)->
$.getJSON(data_host + src, (res) =>
include_order_buttons = res.my_list || !res.table_occupied
@@ -317,7 +352,7 @@ class Quser
actions_for_table: (table)->
table = JSON.parse(table) if typeof(table) == 'string'
Qstorage.table_id = table.table_id
- $.getJSON(data_host + '/user/table_info.json?'+authentication_string+'&table_id='+table.table_id, (res)=>
+ $.getJSON(data_host + '/user/table_info.json?'+@authentication_string+'&table_id='+table.table_id, (res)=>
if res.current_table_id
if res.other_supplier
redirect_to 'user_root', {message: 'table_is_from_other_supplier'}
@@ -337,7 +372,7 @@ class Quser
## Offer to move table
Qwaiter.confirm(
ok: ->
- $.post(data_host + '/user/move_table', $.extend({table_id: table.table_id}, authentication_object), (res2)->
+ $.post(data_host + '/user/move_table', $.extend({table_id: table.table_id}, @authentication_object), (res2)->
if res2.occupied
redirect_to 'user_root', {message: 'move_table.cannot_move_to_occupied_tabe'}
else
@@ -371,7 +406,7 @@ class Quser
cont.html('')
cont.append $($('![]()
').attr('src', "#{$asset_path}spinner.gif"))
cont.append $($('').html(t('join_request.waiting_for_confirmation')))
- $.post(data_host + '/user/join_occupied_table', $.extend({table_id: table_id}, authentication_object))
+ $.post(data_host + '/user/join_occupied_table', $.extend({table_id: table_id}, @authentication_object))
#setInterval('Quser.check_if_can_join_occupied_table("'+table_id+'")', 7500)
add_product: (product_id, count) ->
count ||= 1
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index bcfda3e4..05f8867f 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -1,6 +1,6 @@
class UserController < ApplicationController
before_filter :allow_mobile
- before_filter :user_authentication #, except: :obtain_token
+ before_filter :user_authentication, except: :obtain_token
layout 'phone'
def user_authentication
@@ -19,12 +19,20 @@ class UserController < ApplicationController
end
end
- def authenticate_user_wrapper!
- authenticate_user! unless request.format.html?
- authenticate_user! if params[:action] == 'obtain_token'
- end
-
def obtain_token
+ respond_to do |format|
+ format.html
+ format.json do
+ render json: json_response(ok: false, status: 401) and return unless params[:user].present? && params[:user][:email].present? && params[:user][:password].present?
+ user = User.find_by_email(params[:user][:email])
+ render json: json_response(ok: false, status: 401) and return unless user
+ render json: json_response(ok: false, status: 401) and return unless user.valid_password?(params[:user][:password])
+ user.ensure_authentication_token
+ sign_in user
+ render json: json_response(ok: true, auth_token: user.authentication_token, user_id: user.id)
+ end
+
+ end
end
alias :list :active_list
diff --git a/app/views/layouts/phone.html.slim b/app/views/layouts/phone.html.slim
index 9257f40c..42c4e046 100644
--- a/app/views/layouts/phone.html.slim
+++ b/app/views/layouts/phone.html.slim
@@ -23,6 +23,7 @@ html lang="en"
var event_host = '#{event_host}';
var $locale = 'en';
var $asset_path = '##assets_path##';
+ var Qstorage = localStorage;
- else
javascript:
var QMobile, Qwaiter, Quser;
@@ -30,6 +31,7 @@ html lang="en"
var event_host = '#{event_host}';
var $locale = 'en';
var $asset_path = '/assets/';
+ var Qstorage = localStorage;
#{Rails.env.production? ? '' : "data_host = 'http://qwaiter.dev';"}
//var data_host = 'http://localhost:3000';
QMobile || (QMobile = {
@@ -54,7 +56,6 @@ html lang="en"
user_id: function(){return this.stored_user_id },
log: function(str){console.log(str)}
});
- QMobile.setAuthToken('#{current_user.authentication_token}');QMobile.setUserId('#{current_user.id}');
body class=action_name
- unless ENV['QWAITER_MOBILE_EXPORT'] == 'yes'
@@ -82,8 +83,8 @@ html lang="en"
.span12
= yield
= javascript_include_tag "user/application"
- script#alert-template[type="text/html"]= render 'user/alert.mustache'
- script#join-request-template[type="text/html"]= render 'user/join_request.mustache'
+ script#alert-template[type="text/html"]= mustache_template 'user/alert'
+ script#join-request-template[type="text/html"]= mustache_template 'user/join_request'
= yield :footer
javascript:
jQuery(function(){#{onload_javascript}});
diff --git a/app/views/user/list_products.html.slim b/app/views/user/list_products.html.slim
index b54eeb65..f689c285 100644
--- a/app/views/user/list_products.html.slim
+++ b/app/views/user/list_products.html.slim
@@ -18,12 +18,4 @@
script#products-category-template[type="text/html"]= mustache_template 'products_category'
script#products-category-for-order-template[type="text/html"]= mustache_template 'products_category_for_order'
script#active-order-template[type="text/html"]= mustache_template 'active_order'
-- content_for :footer do
- javascript:
- jQuery(function(){
- Quser.handle_active_list(function(){
- Quser.load_active_list_products();
- Quser.watch_events();
- })
- })
-
+- onload_javascript 'Quser.handle_active_list(function(){Quser.load_active_list_products();Quser.watch_events()})'
diff --git a/app/views/user/list_products_for_table.html.slim b/app/views/user/list_products_for_table.html.slim
index 9e4e43e1..fcbbb2f1 100644
--- a/app/views/user/list_products_for_table.html.slim
+++ b/app/views/user/list_products_for_table.html.slim
@@ -8,13 +8,7 @@
tr
td= slider_image
#active-order-container
-script#products-category-template[type="text/html"]= render 'products_category.mustache'
-script#products-category-for-order-template[type="text/html"]= render 'products_category_for_order.mustache'
-script#active-order-template[type="text/html"]= render 'active_order.mustache'
-- content_for :footer do
- javascript:
- jQuery(function(){
- Quser.load_table_products();
- QMobile.activateRotation();
- })
-
+script#products-category-template[type="text/html"]= mustache_template 'products_category'
+script#products-category-for-order-template[type="text/html"]= mustache_template 'products_category_for_order'
+script#active-order-template[type="text/html"]= mustache_template 'active_order'
+- onload_javascript 'Quser.load_table_products()'
diff --git a/app/views/user/obtain_token.html.slim b/app/views/user/obtain_token.html.slim
index 8033eda9..faca970f 100644
--- a/app/views/user/obtain_token.html.slim
+++ b/app/views/user/obtain_token.html.slim
@@ -1,5 +1,17 @@
-- content_for :footer do
- javascript:
- QMobile.setAuthToken('#{current_user.authentication_token}');
- QMobile.setUserId('#{current_user.id}');
- QMobile.goHome();
+= top_bar title: 'obtain_token.title' do
+ span
+
+.well
+ .alert.alert-warming.user-alert.hide
+ form.form-horizontal
+ .control-group
+ label.control-label data-t='attributes.user.email' Email
+ .controls
+ input#user-email.email type="email" placeholder="Email"
+ .control-group
+ label.control-label data-t='attributes.user.password' Password
+ .controls
+ input#user-password.password type="password" placeholder="Password"
+ .control-group
+ .controls
+ button.btn.btn-primary data-t="obtain_token.obtain" onclick="Quser.authenticate_user(); return false"
diff --git a/config/locales/en.yml b/config/locales/en.yml
index bdcbfae4..7569cf6d 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -144,6 +144,9 @@ en:
total: Total
product_category:
other_name: Overig
+ obtain_token:
+ title: Authenticate Qwaiter
+ obtain: Authenticate
section:
first_section_title: Room
manage_tables:
diff --git a/config/locales/nl.yml b/config/locales/nl.yml
index bdff529b..f71e3cde 100644
--- a/config/locales/nl.yml
+++ b/config/locales/nl.yml
@@ -157,6 +157,9 @@ nl:
total: Totaal
product_category:
other_name: Overig
+ obtain_token:
+ title: Aanmelden bij Qwaiter
+ obtain: Aanmelden
section:
first_section_title: Ruimte
manage_tables:
diff --git a/config/routes.rb b/config/routes.rb
index 9c7e5adc..750cf313 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -55,6 +55,7 @@ Qwaiter::Application.routes.draw do
post '/user/approve_join_request' => 'user#approve_join_request'
post '/user/check_table_join_status' => 'user#check_table_join_status'
get '/user/obtain_token' => 'user#obtain_token', as: :user_obtain_token
+ post '/user/obtain_token' => 'user#obtain_token', constraints: {format: :json}