basic authentication stuff

2014-04-06 15:02:53 +02:00
parent 07830df9dd
commit dd8f0df6d2
16 changed files with 128 additions and 56 deletions
@@ -1,6 +1,18 @@
+#FB.init appId: '168928633304849'
+
+#Ember.Application.initializer
+  #name: 'authentication',
+  #initialize: (container, application)->
+    ## register the Facebook authenticator so the session can find it
+    #container.register 'authenticators:facebook', App.FacebookAuthenticator
+    #Ember.SimpleAuth.setup(container, application)
+
@App = Ember.Application.create
  LOG_TRANSITIONS: true
  rootElement: '#ember-app-container'
+  obtain_token: (message)->
+    message ||= ''
+    window.location = "#{$root_url}/obtain_token?message=#{message}"

 Ember.$.ajaxPrefilter (options) ->
  if options.type.toUpperCase() == 'GET'
@@ -14,6 +14,10 @@ App.ProductOrdersController = Ember.ArrayController.extend
      order = @store.createRecord('order', list: list, table: table)
      new_product_orders = @store.all('product_order').filterProperty('order', null)
      order.get('product_orders').pushObjects(new_product_orders)
+      #error = @ajaxError (jqXHR)=>
+        #new_product_orders.invoke 'eraseRecord'
+        #@redirect_to 'index',  message: 'order_could_not_be_processed'
+ 
      order.save().then (response)=>
        new_product_orders.invoke 'eraseRecord'
        if @get('controllers.application.list')
@@ -22,10 +26,10 @@ App.ProductOrdersController = Ember.ArrayController.extend
          # Get list info from the server
          @get('controllers.application').setCurrentList ->
            @transitionToRoute 'active_list'
-      , (jqXHR)=>
+      , @ajaxError (jqXHR)=>
+        debugger
        new_product_orders.invoke 'eraseRecord'
        @redirect_to 'index',  message: 'order_could_not_be_processed'
-
      #orders = @store.all('product_order').toArray()
      #data = orders.map( (order)->order.serialize() )
      #dataObject = {order: {}}
@@ -3,7 +3,7 @@ App.SelectQrcodeController = Ember.Controller.extend
    selectQr: (table)->
      Qstorage.setItem 'table_id', table._id
      @secured ->
-        $.getJSON(data_host + '/user/table_info.json?'+@authentication_string+'&table_id='+table._id).then (res)=>
+        $.getJSON($data_host + '/user/table_info.json?'+@authentication_string+'&table_id='+table._id).then (res)=>
          if res.current_table_id
            if res.other_supplier
              @redirect_to 'user_root', message: 'table_is_from_other_supplier'
@@ -24,7 +24,7 @@ App.TableController = Ember.ObjectController.extend
        @store.createRecord 'product_order', product: product
    joinOccupiedTable: ->
      #@secured =>
-      $.post('/user/join_occupied_table.json', table_id: @get('model.id'))
+      Ember.$.post('/user/join_occupied_table.json', table_id: @get('model.id'))
      @set 'join_request_sent', true # keeps the button deactivated
    toggleProductCategory: (product_category)->
      product_category.set 'collapsed', not product_category.get('collapsed')
@@ -1,8 +1,17 @@
+ControllerExtensions = Ember.Mixin.create
+  ajaxError: (callback)->
+    handler = (jqXHR, textStatus, errorThrown)=>
+      console.log "Error: #{textStatus}: #{errorThrown}"
+      callback.call(@, jqXHR)
+      if jqXHR.status == 401
+        App.__container__.lookup('route:application').unauthorized()
+    handler
+Ember.ArrayController.reopen ControllerExtensions
 Ember.Controller.reopen
  needs: ['application']
  secured: (callback)->
    unless Qstorage.getItem('auth_token') && typeof(Qstorage.getItem('auth_token')) == 'string' && Qstorage.getItem('auth_token').length > 0
-      return @transitionToRoute('obtain_token')
+      return App.obtain_token()
    @authentication_string = 'auth_token='+Qstorage.getItem('auth_token')
    @authentication_object = {auth_token: Qstorage.getItem('auth_token')}
    callback.call(@) if callback
@@ -52,7 +61,7 @@ Ember.ArrayController.reopen
  needs: ['application']
  secured: (callback)->
    unless Qstorage.getItem('auth_token') && typeof(Qstorage.getItem('auth_token')) == 'string' && Qstorage.getItem('auth_token').length > 0
-      return @transitionToRoute('obtain_token')
+      return App.obtain_token()
    @authentication_string = 'auth_token='+Qstorage.getItem('auth_token')
    @authentication_object = {auth_token: Qstorage.getItem('auth_token')}
    callback.call(@) if callback
@@ -6,7 +6,7 @@ App.Router.reopen

 App.Router.map ->
  @route 'select_qrcode'
-  @route 'obtain_token'
+  #@route 'obtain_token'
  @route 'active_list'
  @route 'table', path: '/tables/:table_id'
  @resource 'join_requests'
@@ -1,9 +1,10 @@
 App.ApplicationRoute = Ember.Route.extend
  setupController: (controller)->
    #@controllerFor('product_orders').set 'model', @store.filter('product_order', (po)-> !po.get('order')) # does not work (yet)
+    debugger
    @controllerFor('product_orders').set 'model', @store.filter('product_order', (po)-> !po.get('id'))
    controller.secured ->
-      faye = new Faye.Client(event_host)
+      faye = new Faye.Client($event_host)
      user_id = Qstorage.getItem('user_id')
      faye.subscribe "/user/"+user_id, (e)=>
        console.log e
@@ -13,8 +14,7 @@ App.ApplicationRoute = Ember.Route.extend
  unauthorized: ->
    Qstorage.setItem('auth_token', '')
    @controllerFor('application').set 'list', null
-    @transitionTo('obtain_token').then =>
-      @controllerFor('application').set('notice', t('messages.unauthorized'))
+    App.obtain_token(t('messages.unauthorized'))
  actions:
    openModal: (modalName, model)->
      @controllerFor(modalName).set('model', model)
@@ -33,12 +33,14 @@ App.ApplicationRoute = Ember.Route.extend
        ok: options.ok
    listNeedsPayment: ->
      @get('controller').secured ->
-        $.post(data_host + '/user/list_needs_payment.json', @authentication_object).then (res) =>
-          @set('list.needs_payment', true)
+        Ember.$.post '/user/list_needs_payment.json'
+        #Ember.$.post('/user/list_needs_payment.json').then (res) =>
+          #@set('list.needs_payment', true) # also done by faye
    listNeedsHelp: ->
      @get('controller').secured ->
-        $.post(data_host + '/user/needs_help.json', @authentication_object).then (res) =>
-          @set('list.needs_help', true)
+        Ember.$.post '/user/needs_help.json'
+        #Ember.$.post('/user/needs_help.json').then (res) =>
+          #@set('list.needs_help', true) # also done by faye
    scanQr: ->
      @transitionTo 'select_qrcode'
  events: ->
@@ -0,0 +1,18 @@
+@import foundation_and_overrides
+
+.form-row
+  @extend .row
+  .form-label
+    @media #{$small-only}
+      +grid-column($columns:10, $center:true)
+    @media #{$medium-only}
+      +grid-column($columns:4, $offset:1)
+    @media #{$large-up}
+      +grid-column(3)
+  .form-field
+    @media #{$small-only}
+      +grid-column($columns:10, $center:true, $last-column:true)
+    @media #{$medium-only}
+      +grid-column($columns:4, $last-column:true)
+    @media #{$large-up}
+      +grid-column($columns: 3, $last-column:true)
@@ -267,6 +267,23 @@ class UserController < Users::ApplicationController
    end
  end

+  def obtain_token
+    redirect_to user_omniauth_authorize_path('facebook') and return unless current_user.present?
+    respond_to do |format|
+      format.html { render layout: 'user/obtain_token' }
+      format.json do
+        render json: json_response(ok: false, status: 401) and return unless params[:user].present? && params[:user][:email].present? && params[:user][:password].present?
+        user = User.find_by_email(params[:user][:email])
+        render json: json_response(ok: false, status: 401) and return unless user
+        render json: json_response(ok: false, status: 401) and return unless user.valid_password?(params[:user][:password])
+        user.ensure_authentication_token
+        sign_in user
+        render json: json_response(ok: true, auth_token: user.authentication_token, user_id: user.id)
+      end
+
+    end
+  end
+
  def move_table
    render json: json_alert('messages.no_active_list', list_active: false) and return unless list.present?
    render json: json_alert('messages.table_not_found') and return unless params[:table_id].present?
@@ -20,23 +20,6 @@ module Users
      end
    end

-    def obtain_token
-      redirect_to user_omniauth_authorize_path('facebook') and return unless current_user.present?
-      respond_to do |format|
-        format.html
-        format.json do
-          render json: json_response(ok: false, status: 401) and return unless params[:user].present? && params[:user][:email].present? && params[:user][:password].present?
-          user = User.find_by_email(params[:user][:email])
-          render json: json_response(ok: false, status: 401) and return unless user
-          render json: json_response(ok: false, status: 401) and return unless user.valid_password?(params[:user][:password])
-          user.ensure_authentication_token
-          sign_in user
-          render json: json_response(ok: true, auth_token: user.authentication_token, user_id: user.id)
-        end
-
-      end
-    end
-
    def handle_message_params
      flash.now[:notice] = t('messages.the_list_has_been_closed', list: List.model_name.human) if params[:list_closed].present?
      flash.now[:notice] = t("messages.#{params[:message]}", list: List.model_name.human, supplier: Supplier.model_name.human) if params[:message].present? && params[:message] =~ /^\w+$/
@@ -24,8 +24,16 @@ module ApplicationHelper

  def user_dynamic_data_host
    case Rails.env
-    when 'test' then "data_host = 'http://#{request.host}:#{request.port}';".html_safe
-    when 'development' then "data_host = 'http://localhost:3000';".html_safe
+    when 'test' then "$data_host = data_host = 'http://#{request.host}:#{request.port}';".html_safe
+    when 'development' then "$data_host = data_host = 'http://localhost:3000';".html_safe
+    else ''
+    end
+  end
+
+  def user_dynamic_root_url
+    case Rails.env
+    when 'test' then "$root_url = 'http://#{request.host}:#{request.port}/user';".html_safe
+    when 'development' then "$root_url = 'http://localhost:3000/user';".html_safe
    else ''
    end
  end
@@ -7,22 +7,24 @@ html lang="en"
    title Qwaiter
    = stylesheet_link_tag "user/foundation/application"
    = javascript_include_tag "vendor/modernizr"
+    /= javascript_include_tag 'http://connect.facebook.net/en_US/all.js'
    = javascript_include_tag "user/flat/application"
    - if ENV['QWAITER_MOBILE_EXPORT'] == 'yes'
      javascript:
        var QMobile, Qwaiter, Quser;
-        var data_host = 'http://data.qwaiter.com';
-        var event_host = '#{Qwaiter.event_host}';
+        var $data_host = 'http://data.qwaiter.com';
+        var $event_host = '#{Qwaiter.event_host}';
        var $asset_path = '##assets_path##';
        var Qstorage = localStorage;
+        var $root_url = 'http://www.qwaiter.com/user';
    - else
      javascript:
        var QMobile, Qwaiter, Quser;
-        var data_host = 'http://data.qwaiter.com';
-        var event_host = '#{Qwaiter.event_host}';
+        var $event_host = '#{Qwaiter.event_host}';
        var $asset_path = '/assets/';
        var Qstorage = localStorage;
-        #{user_dynamic_data_host}
+        #{user_dynamic_data_host};
+        #{user_dynamic_root_url};
        QMobile || (QMobile = {
          scanQr: function(){window.location = '/select_qrcode'},
          activateRotation: function(){},
@@ -35,7 +37,7 @@ html lang="en"
            this.authentication_object_storage = '{"auth_token": "'+token+'"}'
          },
          root_url: function(){return 'file:///Users/bterkuile/Documents/workspace/Qwaiter/assets/user'},
-          root_url: function(){return '/user'},
+          $root_url: function(){return '/user'},
          goHome: function(){ redirect_to('user_root')},
          connection_problem: function(){alert('There is a problem connecting to the server')},
          token: function(){return this.auth_token},
@@ -0,0 +1,13 @@
+doctype html
+html lang="en"
+  head
+    meta charset="utf-8"
+    meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1"
+    meta name="viewport" content="width=device-width, initial-scale=1.0"
+    title Qwaiter
+    = stylesheet_link_tag "user/foundation/application"
+    = javascript_include_tag "vendor/modernizr"
+    javascript:
+      var Qstorage = localStorage;
+  body
+    = yield
@@ -1,20 +1,21 @@
-= top_bar title: 'obtain_token.title' do
-  span
-
-.well
-  .alert.alert-warming.user-alert.hide
-  form.form-horizontal
-    .control-group
-      label.control-label data-t='attributes.user.email' Email
-      .controls
-        input#user-email.email type="email" placeholder="Email"
-    .control-group
-      label.control-label data-t='attributes.user.password' Password
-      .controls
+.row
+  h1 data-t='obtain_token.title' = t('user.obtain_token.title')
+  hr
+  form
+    .form-row
+      .form-label
+        label.control-label data-t='attributes.user.email' = User.human_attribute_name(:email)
+      .form-field
+        input#user-email.email type="email" placeholder=User.human_attribute_name(:email)
+    .form-row
+      .form-label
+        label.control-label data-t='attributes.user.password' Password
+      .form-field
        input#user-password.password type="password" placeholder="Password"
-    .control-group
-      .controls
-        button.btn.btn-primary data-t="obtain_token.obtain" onclick="Quser.authenticate_user(); return false"
+    .form-row
+      .form-label
+      .form-field
+        button.btn.btn-primary data-t="obtain_token.obtain" onclick="Quser.authenticate_user(); return false" = t('user.obtain_token.obtain')
 - unless current_user.blank? || ENV['QWAITER_MOBILE_EXPORT']=='yes'
  javascript:
    Qstorage.setItem('auth_token', '#{current_user.authentication_token}');