From dd8f0df6d2f3f620dd32aa98cbdea77c255414b9 Mon Sep 17 00:00:00 2001 From: Benjamin ter Kuile Date: Sun, 6 Apr 2014 15:02:53 +0200 Subject: [PATCH] basic authentication stuff --- app/assets/javascripts/user/app/app.js.coffee | 12 +++++++ .../product_orders_controller.js.coffee | 8 +++-- .../select_qrcode_controller.js.coffee | 2 +- .../controllers/table_controller.js.coffee | 2 +- .../controller_modifications.js.coffee | 13 ++++++-- .../javascripts/user/app/router.js.coffee | 2 +- .../app/routes/application_route.js.coffee | 16 +++++---- .../user/foundation/forms.css.sass | 18 ++++++++++ app/controllers/user_controller.rb | 17 ++++++++++ .../users/application_controller.rb | 17 ---------- app/helpers/application_helper.rb | 12 +++++-- app/views/layouts/user/foundation.html.slim | 14 ++++---- app/views/layouts/user/obtain_token.html.slim | 13 ++++++++ app/views/user/obtain_token.html.slim | 33 ++++++++++--------- config/locales/models.en.yml | 3 +- config/locales/models.nl.yml | 2 ++ 16 files changed, 128 insertions(+), 56 deletions(-) create mode 100644 app/assets/stylesheets/user/foundation/forms.css.sass create mode 100644 app/views/layouts/user/obtain_token.html.slim diff --git a/app/assets/javascripts/user/app/app.js.coffee b/app/assets/javascripts/user/app/app.js.coffee index 2c7ed8c1..9a38e23c 100644 --- a/app/assets/javascripts/user/app/app.js.coffee +++ b/app/assets/javascripts/user/app/app.js.coffee @@ -1,6 +1,18 @@ +#FB.init appId: '168928633304849' + +#Ember.Application.initializer + #name: 'authentication', + #initialize: (container, application)-> + ## register the Facebook authenticator so the session can find it + #container.register 'authenticators:facebook', App.FacebookAuthenticator + #Ember.SimpleAuth.setup(container, application) + @App = Ember.Application.create LOG_TRANSITIONS: true rootElement: '#ember-app-container' + obtain_token: (message)-> + message ||= '' + window.location = "#{$root_url}/obtain_token?message=#{message}" Ember.$.ajaxPrefilter (options) -> if options.type.toUpperCase() == 'GET' diff --git a/app/assets/javascripts/user/app/controllers/product_orders_controller.js.coffee b/app/assets/javascripts/user/app/controllers/product_orders_controller.js.coffee index 5833e1f8..22dc5aba 100644 --- a/app/assets/javascripts/user/app/controllers/product_orders_controller.js.coffee +++ b/app/assets/javascripts/user/app/controllers/product_orders_controller.js.coffee @@ -14,6 +14,10 @@ App.ProductOrdersController = Ember.ArrayController.extend order = @store.createRecord('order', list: list, table: table) new_product_orders = @store.all('product_order').filterProperty('order', null) order.get('product_orders').pushObjects(new_product_orders) + #error = @ajaxError (jqXHR)=> + #new_product_orders.invoke 'eraseRecord' + #@redirect_to 'index', message: 'order_could_not_be_processed' + order.save().then (response)=> new_product_orders.invoke 'eraseRecord' if @get('controllers.application.list') @@ -22,10 +26,10 @@ App.ProductOrdersController = Ember.ArrayController.extend # Get list info from the server @get('controllers.application').setCurrentList -> @transitionToRoute 'active_list' - , (jqXHR)=> + , @ajaxError (jqXHR)=> + debugger new_product_orders.invoke 'eraseRecord' @redirect_to 'index', message: 'order_could_not_be_processed' - #orders = @store.all('product_order').toArray() #data = orders.map( (order)->order.serialize() ) #dataObject = {order: {}} diff --git a/app/assets/javascripts/user/app/controllers/select_qrcode_controller.js.coffee b/app/assets/javascripts/user/app/controllers/select_qrcode_controller.js.coffee index cc82c6b8..327e6aac 100644 --- a/app/assets/javascripts/user/app/controllers/select_qrcode_controller.js.coffee +++ b/app/assets/javascripts/user/app/controllers/select_qrcode_controller.js.coffee @@ -3,7 +3,7 @@ App.SelectQrcodeController = Ember.Controller.extend selectQr: (table)-> Qstorage.setItem 'table_id', table._id @secured -> - $.getJSON(data_host + '/user/table_info.json?'+@authentication_string+'&table_id='+table._id).then (res)=> + $.getJSON($data_host + '/user/table_info.json?'+@authentication_string+'&table_id='+table._id).then (res)=> if res.current_table_id if res.other_supplier @redirect_to 'user_root', message: 'table_is_from_other_supplier' diff --git a/app/assets/javascripts/user/app/controllers/table_controller.js.coffee b/app/assets/javascripts/user/app/controllers/table_controller.js.coffee index b74b0b56..e5801ccd 100644 --- a/app/assets/javascripts/user/app/controllers/table_controller.js.coffee +++ b/app/assets/javascripts/user/app/controllers/table_controller.js.coffee @@ -24,7 +24,7 @@ App.TableController = Ember.ObjectController.extend @store.createRecord 'product_order', product: product joinOccupiedTable: -> #@secured => - $.post('/user/join_occupied_table.json', table_id: @get('model.id')) + Ember.$.post('/user/join_occupied_table.json', table_id: @get('model.id')) @set 'join_request_sent', true # keeps the button deactivated toggleProductCategory: (product_category)-> product_category.set 'collapsed', not product_category.get('collapsed') diff --git a/app/assets/javascripts/user/app/modifications/controller_modifications.js.coffee b/app/assets/javascripts/user/app/modifications/controller_modifications.js.coffee index e6bbd5b3..2acd0c4c 100644 --- a/app/assets/javascripts/user/app/modifications/controller_modifications.js.coffee +++ b/app/assets/javascripts/user/app/modifications/controller_modifications.js.coffee @@ -1,8 +1,17 @@ +ControllerExtensions = Ember.Mixin.create + ajaxError: (callback)-> + handler = (jqXHR, textStatus, errorThrown)=> + console.log "Error: #{textStatus}: #{errorThrown}" + callback.call(@, jqXHR) + if jqXHR.status == 401 + App.__container__.lookup('route:application').unauthorized() + handler +Ember.ArrayController.reopen ControllerExtensions Ember.Controller.reopen needs: ['application'] secured: (callback)-> unless Qstorage.getItem('auth_token') && typeof(Qstorage.getItem('auth_token')) == 'string' && Qstorage.getItem('auth_token').length > 0 - return @transitionToRoute('obtain_token') + return App.obtain_token() @authentication_string = 'auth_token='+Qstorage.getItem('auth_token') @authentication_object = {auth_token: Qstorage.getItem('auth_token')} callback.call(@) if callback @@ -52,7 +61,7 @@ Ember.ArrayController.reopen needs: ['application'] secured: (callback)-> unless Qstorage.getItem('auth_token') && typeof(Qstorage.getItem('auth_token')) == 'string' && Qstorage.getItem('auth_token').length > 0 - return @transitionToRoute('obtain_token') + return App.obtain_token() @authentication_string = 'auth_token='+Qstorage.getItem('auth_token') @authentication_object = {auth_token: Qstorage.getItem('auth_token')} callback.call(@) if callback diff --git a/app/assets/javascripts/user/app/router.js.coffee b/app/assets/javascripts/user/app/router.js.coffee index f65aefc9..3cd25f75 100644 --- a/app/assets/javascripts/user/app/router.js.coffee +++ b/app/assets/javascripts/user/app/router.js.coffee @@ -6,7 +6,7 @@ App.Router.reopen App.Router.map -> @route 'select_qrcode' - @route 'obtain_token' + #@route 'obtain_token' @route 'active_list' @route 'table', path: '/tables/:table_id' @resource 'join_requests' diff --git a/app/assets/javascripts/user/app/routes/application_route.js.coffee b/app/assets/javascripts/user/app/routes/application_route.js.coffee index 36df816f..74a2c271 100644 --- a/app/assets/javascripts/user/app/routes/application_route.js.coffee +++ b/app/assets/javascripts/user/app/routes/application_route.js.coffee @@ -1,9 +1,10 @@ App.ApplicationRoute = Ember.Route.extend setupController: (controller)-> #@controllerFor('product_orders').set 'model', @store.filter('product_order', (po)-> !po.get('order')) # does not work (yet) + debugger @controllerFor('product_orders').set 'model', @store.filter('product_order', (po)-> !po.get('id')) controller.secured -> - faye = new Faye.Client(event_host) + faye = new Faye.Client($event_host) user_id = Qstorage.getItem('user_id') faye.subscribe "/user/"+user_id, (e)=> console.log e @@ -13,8 +14,7 @@ App.ApplicationRoute = Ember.Route.extend unauthorized: -> Qstorage.setItem('auth_token', '') @controllerFor('application').set 'list', null - @transitionTo('obtain_token').then => - @controllerFor('application').set('notice', t('messages.unauthorized')) + App.obtain_token(t('messages.unauthorized')) actions: openModal: (modalName, model)-> @controllerFor(modalName).set('model', model) @@ -33,12 +33,14 @@ App.ApplicationRoute = Ember.Route.extend ok: options.ok listNeedsPayment: -> @get('controller').secured -> - $.post(data_host + '/user/list_needs_payment.json', @authentication_object).then (res) => - @set('list.needs_payment', true) + Ember.$.post '/user/list_needs_payment.json' + #Ember.$.post('/user/list_needs_payment.json').then (res) => + #@set('list.needs_payment', true) # also done by faye listNeedsHelp: -> @get('controller').secured -> - $.post(data_host + '/user/needs_help.json', @authentication_object).then (res) => - @set('list.needs_help', true) + Ember.$.post '/user/needs_help.json' + #Ember.$.post('/user/needs_help.json').then (res) => + #@set('list.needs_help', true) # also done by faye scanQr: -> @transitionTo 'select_qrcode' events: -> diff --git a/app/assets/stylesheets/user/foundation/forms.css.sass b/app/assets/stylesheets/user/foundation/forms.css.sass new file mode 100644 index 00000000..1a286502 --- /dev/null +++ b/app/assets/stylesheets/user/foundation/forms.css.sass @@ -0,0 +1,18 @@ +@import foundation_and_overrides + +.form-row + @extend .row + .form-label + @media #{$small-only} + +grid-column($columns:10, $center:true) + @media #{$medium-only} + +grid-column($columns:4, $offset:1) + @media #{$large-up} + +grid-column(3) + .form-field + @media #{$small-only} + +grid-column($columns:10, $center:true, $last-column:true) + @media #{$medium-only} + +grid-column($columns:4, $last-column:true) + @media #{$large-up} + +grid-column($columns: 3, $last-column:true) diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 6bd9d9f0..fc39d016 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -267,6 +267,23 @@ class UserController < Users::ApplicationController end end + def obtain_token + redirect_to user_omniauth_authorize_path('facebook') and return unless current_user.present? + respond_to do |format| + format.html { render layout: 'user/obtain_token' } + format.json do + render json: json_response(ok: false, status: 401) and return unless params[:user].present? && params[:user][:email].present? && params[:user][:password].present? + user = User.find_by_email(params[:user][:email]) + render json: json_response(ok: false, status: 401) and return unless user + render json: json_response(ok: false, status: 401) and return unless user.valid_password?(params[:user][:password]) + user.ensure_authentication_token + sign_in user + render json: json_response(ok: true, auth_token: user.authentication_token, user_id: user.id) + end + + end + end + def move_table render json: json_alert('messages.no_active_list', list_active: false) and return unless list.present? render json: json_alert('messages.table_not_found') and return unless params[:table_id].present? diff --git a/app/controllers/users/application_controller.rb b/app/controllers/users/application_controller.rb index da2cab62..c52adea9 100644 --- a/app/controllers/users/application_controller.rb +++ b/app/controllers/users/application_controller.rb @@ -20,23 +20,6 @@ module Users end end - def obtain_token - redirect_to user_omniauth_authorize_path('facebook') and return unless current_user.present? - respond_to do |format| - format.html - format.json do - render json: json_response(ok: false, status: 401) and return unless params[:user].present? && params[:user][:email].present? && params[:user][:password].present? - user = User.find_by_email(params[:user][:email]) - render json: json_response(ok: false, status: 401) and return unless user - render json: json_response(ok: false, status: 401) and return unless user.valid_password?(params[:user][:password]) - user.ensure_authentication_token - sign_in user - render json: json_response(ok: true, auth_token: user.authentication_token, user_id: user.id) - end - - end - end - def handle_message_params flash.now[:notice] = t('messages.the_list_has_been_closed', list: List.model_name.human) if params[:list_closed].present? flash.now[:notice] = t("messages.#{params[:message]}", list: List.model_name.human, supplier: Supplier.model_name.human) if params[:message].present? && params[:message] =~ /^\w+$/ diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 92ffcb77..f841eb4d 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -24,8 +24,16 @@ module ApplicationHelper def user_dynamic_data_host case Rails.env - when 'test' then "data_host = 'http://#{request.host}:#{request.port}';".html_safe - when 'development' then "data_host = 'http://localhost:3000';".html_safe + when 'test' then "$data_host = data_host = 'http://#{request.host}:#{request.port}';".html_safe + when 'development' then "$data_host = data_host = 'http://localhost:3000';".html_safe + else '' + end + end + + def user_dynamic_root_url + case Rails.env + when 'test' then "$root_url = 'http://#{request.host}:#{request.port}/user';".html_safe + when 'development' then "$root_url = 'http://localhost:3000/user';".html_safe else '' end end diff --git a/app/views/layouts/user/foundation.html.slim b/app/views/layouts/user/foundation.html.slim index f324074f..add14897 100644 --- a/app/views/layouts/user/foundation.html.slim +++ b/app/views/layouts/user/foundation.html.slim @@ -7,22 +7,24 @@ html lang="en" title Qwaiter = stylesheet_link_tag "user/foundation/application" = javascript_include_tag "vendor/modernizr" + /= javascript_include_tag 'http://connect.facebook.net/en_US/all.js' = javascript_include_tag "user/flat/application" - if ENV['QWAITER_MOBILE_EXPORT'] == 'yes' javascript: var QMobile, Qwaiter, Quser; - var data_host = 'http://data.qwaiter.com'; - var event_host = '#{Qwaiter.event_host}'; + var $data_host = 'http://data.qwaiter.com'; + var $event_host = '#{Qwaiter.event_host}'; var $asset_path = '##assets_path##'; var Qstorage = localStorage; + var $root_url = 'http://www.qwaiter.com/user'; - else javascript: var QMobile, Qwaiter, Quser; - var data_host = 'http://data.qwaiter.com'; - var event_host = '#{Qwaiter.event_host}'; + var $event_host = '#{Qwaiter.event_host}'; var $asset_path = '/assets/'; var Qstorage = localStorage; - #{user_dynamic_data_host} + #{user_dynamic_data_host}; + #{user_dynamic_root_url}; QMobile || (QMobile = { scanQr: function(){window.location = '/select_qrcode'}, activateRotation: function(){}, @@ -35,7 +37,7 @@ html lang="en" this.authentication_object_storage = '{"auth_token": "'+token+'"}' }, root_url: function(){return 'file:///Users/bterkuile/Documents/workspace/Qwaiter/assets/user'}, - root_url: function(){return '/user'}, + $root_url: function(){return '/user'}, goHome: function(){ redirect_to('user_root')}, connection_problem: function(){alert('There is a problem connecting to the server')}, token: function(){return this.auth_token}, diff --git a/app/views/layouts/user/obtain_token.html.slim b/app/views/layouts/user/obtain_token.html.slim new file mode 100644 index 00000000..a74ecdfc --- /dev/null +++ b/app/views/layouts/user/obtain_token.html.slim @@ -0,0 +1,13 @@ +doctype html +html lang="en" + head + meta charset="utf-8" + meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" + meta name="viewport" content="width=device-width, initial-scale=1.0" + title Qwaiter + = stylesheet_link_tag "user/foundation/application" + = javascript_include_tag "vendor/modernizr" + javascript: + var Qstorage = localStorage; + body + = yield diff --git a/app/views/user/obtain_token.html.slim b/app/views/user/obtain_token.html.slim index 8c09b0a8..22eba05a 100644 --- a/app/views/user/obtain_token.html.slim +++ b/app/views/user/obtain_token.html.slim @@ -1,20 +1,21 @@ -= top_bar title: 'obtain_token.title' do - span - -.well - .alert.alert-warming.user-alert.hide - form.form-horizontal - .control-group - label.control-label data-t='attributes.user.email' Email - .controls - input#user-email.email type="email" placeholder="Email" - .control-group - label.control-label data-t='attributes.user.password' Password - .controls +.row + h1 data-t='obtain_token.title' = t('user.obtain_token.title') + hr + form + .form-row + .form-label + label.control-label data-t='attributes.user.email' = User.human_attribute_name(:email) + .form-field + input#user-email.email type="email" placeholder=User.human_attribute_name(:email) + .form-row + .form-label + label.control-label data-t='attributes.user.password' Password + .form-field input#user-password.password type="password" placeholder="Password" - .control-group - .controls - button.btn.btn-primary data-t="obtain_token.obtain" onclick="Quser.authenticate_user(); return false" + .form-row + .form-label + .form-field + button.btn.btn-primary data-t="obtain_token.obtain" onclick="Quser.authenticate_user(); return false" = t('user.obtain_token.obtain') - unless current_user.blank? || ENV['QWAITER_MOBILE_EXPORT']=='yes' javascript: Qstorage.setItem('auth_token', '#{current_user.authentication_token}'); diff --git a/config/locales/models.en.yml b/config/locales/models.en.yml index 55d6db65..c2b36565 100644 --- a/config/locales/models.en.yml +++ b/config/locales/models.en.yml @@ -58,4 +58,5 @@ en: from_number: From number to_number: To number created_at: Created - + user: + email: 'E-mail' diff --git a/config/locales/models.nl.yml b/config/locales/models.nl.yml index bc66eeb0..c2730b8b 100644 --- a/config/locales/models.nl.yml +++ b/config/locales/models.nl.yml @@ -59,3 +59,5 @@ nl: from_number: Vanaf nummer to_number: Tot nummer created_at: Aangemaakt + user: + email: 'E-mail'