trabajo-afectivo/app/controllers/sessions_controller.rb

class SessionsController < ApplicationController
#  def create
#    render :text => request.env['rack.auth'].inspect
#  end

  # "Create" a login, aka "log the user in"
  def create

    user = User.authenticate( params[:username], params[:password] )

    # auth failed
    if !user
      render :json => { :error => 'login failed' }, :status => :unprocessable_entity
      return
    end
    
    user = User.find_fulldata(user.id)
    
    # auto population of default collections
    default_collection = default_collections()
    
    # set session user_id
    session[:user_id] = user['id']

    # check logon session
    logon_session_key = nil
    if params['logon_session']
      logon_session_key = Digest::MD5.hexdigest( rand(999999).to_s + Time.new.to_s )
      session = ActiveRecord::SessionStore::Session.create(
        :session_id => logon_session_key,
        :data => {
          :user_id => user['id']
        }
      )
    end

    # remember me - set session cookie to expire later
    if params[:remember_me]
      request.env['rack.session.options'][:expire_after] = 1.year.from_now
    end

    # return new session data
    render :json => {
      :session             => user,
      :default_collections => default_collection,
      :logon_session       => logon_session_key,
    },
    :status => :created
  end

  def show

    user_id = nil

    # no valid sessions
    if session[:user_id]
      user_id = session[:user_id]
    end

    # check logon session
    if params['logon_session']
      session = ActiveRecord::SessionStore::Session.where( :session_id => params['logon_session'] ).first
      if session
        user_id = session.data[:user_id]
      end
    end

    if !user_id
      render :json => {
        :error  => 'no valid session',
        :config => config_frontend,
      }
      return
    end

    # Save the user ID in the session so it can be used in
    # subsequent requests
    user = user_data_full( user_id )

    # auto population of default collections
    default_collection = default_collections()

    # return current session
    render :json => {
      :session             => user,
      :default_collections => default_collection,
      :config              => config_frontend,
    }
  end

  # "Delete" a login, aka "log the user out"
  def destroy

    # Remove the user id from the session
    @_current_user = session[:user_id] = nil

    # reset session cookie (set :expire_after to '' in case remember_me is active)
    request.env['rack.session.options'][:expire_after] = -1.year.from_now
    request.env['rack.session.options'][:renew] = true

    render :json => { }
  end
    
  def create_omniauth
    auth = request.env['omniauth.auth']

    if !auth
      logger.info("AUTH IS NULL, SERVICE NOT LINKED TO ACCOUNT")

      # redirect to app
      redirect_to '/app#'
    end

    # Create a new user or add an auth to existing user, depending on
    # whether there is already a user signed in.
    authorization = Authorization.find_from_hash(auth)
    if !authorization
      authorization = Authorization.create_from_hash(auth, current_user)
    end

    # Log the authorizing user in.
    session[:user_id] = authorization.user.id

    # redirect to app
    redirect_to '/app#'
  end
  
  private
    def default_collections
      
      # auto population of default collections
      default_collection = {}
      default_collection['Role']          = Role.all
      default_collection['Group']         = Group.all
      default_collection['Organization']  = Organization.all
      
      # load collections to deliver from external files
      dir = File.expand_path('../', __FILE__)
      files = Dir.glob( "#{dir}/sessions/collection_*.rb" )
      for file in files
        load file
        ExtraCollection.add(default_collection)
      end
      
      return default_collection  
    end
end
Init version. 2012-04-10 14:06:46 +00:00			`class SessionsController < ApplicationController`
			`# def create`
			`# render :text => request.env['rack.auth'].inspect`
			`# end`

			`# "Create" a login, aka "log the user in"`
			`def create`
Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00
Code cleanup. 2012-04-11 06:37:54 +00:00			`user = User.authenticate( params[:username], params[:password] )`
Init version. 2012-04-10 14:06:46 +00:00
Code cleanup. 2012-04-11 06:37:54 +00:00			`# auth failed`
			`if !user`
			`render :json => { :error => 'login failed' }, :status => :unprocessable_entity`
Moved to logon sessions for authentication. 2012-04-20 06:45:22 +00:00			`return`
Init version. 2012-04-10 14:06:46 +00:00			`end`
Code cleanup. 2012-04-11 06:37:54 +00:00
Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00			`user = User.find_fulldata(user.id)`

Code cleanup. 2012-04-11 06:37:54 +00:00			`# auto population of default collections`
			`default_collection = default_collections()`

			`# set session user_id`
Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00			`session[:user_id] = user['id']`
Moved to logon sessions for authentication. 2012-04-20 06:45:22 +00:00
			`# check logon session`
			`logon_session_key = nil`
			`if params['logon_session']`
			`logon_session_key = Digest::MD5.hexdigest( rand(999999).to_s + Time.new.to_s )`
Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00			`session = ActiveRecord::SessionStore::Session.create(`
Moved to logon sessions for authentication. 2012-04-20 06:45:22 +00:00			`:session_id => logon_session_key,`
			`:data => {`
Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00			`:user_id => user['id']`
Moved to logon sessions for authentication. 2012-04-20 06:45:22 +00:00			`}`
			`)`
			`end`

Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00			`# remember me - set session cookie to expire later`
			`if params[:remember_me]`
			`request.env['rack.session.options'][:expire_after] = 1.year.from_now`
			`end`

Code cleanup. 2012-04-11 06:37:54 +00:00			`# return new session data`
Moved to logon sessions for authentication. 2012-04-20 06:45:22 +00:00			`render :json => {`
			`:session => user,`
			`:default_collections => default_collection,`
			`:logon_session => logon_session_key,`
			`},`
			`:status => :created`
Init version. 2012-04-10 14:06:46 +00:00			`end`

			`def show`
Moved to logon sessions for authentication. 2012-04-20 06:45:22 +00:00
			`user_id = nil`

Code cleanup. 2012-04-11 06:37:54 +00:00			`# no valid sessions`
Moved to logon sessions for authentication. 2012-04-20 06:45:22 +00:00			`if session[:user_id]`
			`user_id = session[:user_id]`
			`end`

			`# check logon session`
			`if params['logon_session']`
			`session = ActiveRecord::SessionStore::Session.where( :session_id => params['logon_session'] ).first`
			`if session`
			`user_id = session.data[:user_id]`
			`end`
			`end`

			`if !user_id`
Code cleanup. 2012-04-11 06:37:54 +00:00			`render :json => {`
			`:error => 'no valid session',`
			`:config => config_frontend,`
Improved session login check. 2012-04-10 19:57:33 +00:00			`}`
Code cleanup. 2012-04-11 06:37:54 +00:00			`return`
			`end`
Improved session login check. 2012-04-10 19:57:33 +00:00
Code cleanup. 2012-04-11 06:37:54 +00:00			`# Save the user ID in the session so it can be used in`
			`# subsequent requests`
Moved to logon sessions for authentication. 2012-04-20 06:45:22 +00:00			`user = user_data_full( user_id )`
Improved session login check. 2012-04-10 19:57:33 +00:00
Code cleanup. 2012-04-11 06:37:54 +00:00			`# auto population of default collections`
			`default_collection = default_collections()`
Improved session login check. 2012-04-10 19:57:33 +00:00
Code cleanup. 2012-04-11 06:37:54 +00:00			`# return current session`
			`render :json => {`
			`:session => user,`
			`:default_collections => default_collection,`
			`:config => config_frontend,`
			`}`
Init version. 2012-04-10 14:06:46 +00:00			`end`

			`# "Delete" a login, aka "log the user out"`
			`def destroy`
Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00
Init version. 2012-04-10 14:06:46 +00:00			`# Remove the user id from the session`
			`@_current_user = session[:user_id] = nil`
Code cleanup. 2012-04-11 06:37:54 +00:00
Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00			`# reset session cookie (set :expire_after to '' in case remember_me is active)`
Do not give any password to frontend. Only keep them in rest storage. Use old password if no new one is given. 2012-04-20 15:39:50 +00:00			`request.env['rack.session.options'][:expire_after] = -1.year.from_now`
Added remember_me feature to login page. 2012-04-20 12:24:37 +00:00			`request.env['rack.session.options'][:renew] = true`

Code cleanup. 2012-04-11 06:37:54 +00:00			`render :json => { }`
Init version. 2012-04-10 14:06:46 +00:00			`end`
Refactoring. 2012-04-18 08:33:42 +00:00
Init version. 2012-04-10 14:06:46 +00:00			`def create_omniauth`
			`auth = request.env['omniauth.auth']`

			`if !auth`
			`logger.info("AUTH IS NULL, SERVICE NOT LINKED TO ACCOUNT")`
Refactoring. 2012-04-18 08:33:42 +00:00
			`# redirect to app`
			`redirect_to '/app#'`
Init version. 2012-04-10 14:06:46 +00:00			`end`
Refactoring. 2012-04-18 08:33:42 +00:00
			`# Create a new user or add an auth to existing user, depending on`
			`# whether there is already a user signed in.`
Fixed user creation one external login and not user already exists. 2012-04-18 12:36:30 +00:00			`authorization = Authorization.find_from_hash(auth)`
			`if !authorization`
Refactoring. 2012-04-18 08:33:42 +00:00			`authorization = Authorization.create_from_hash(auth, current_user)`
Init version. 2012-04-10 14:06:46 +00:00			`end`
Refactoring. 2012-04-18 08:33:42 +00:00
Init version. 2012-04-10 14:06:46 +00:00			`# Log the authorizing user in.`
Refactoring. 2012-04-18 08:33:42 +00:00			`session[:user_id] = authorization.user.id`
Init version. 2012-04-10 14:06:46 +00:00
			`# redirect to app`
Refactoring. 2012-04-18 08:33:42 +00:00			`redirect_to '/app#'`
Init version. 2012-04-10 14:06:46 +00:00			`end`

			`private`
			`def default_collections`

			`# auto population of default collections`
			`default_collection = {}`
Added module layer to load default collections. 2012-05-18 13:53:20 +00:00			`default_collection['Role'] = Role.all`
			`default_collection['Group'] = Group.all`
			`default_collection['Organization'] = Organization.all`

Small improvements. 2012-05-18 15:32:06 +00:00			`# load collections to deliver from external files`
Added module layer to load default collections. 2012-05-18 13:53:20 +00:00			`dir = File.expand_path('../', __FILE__)`
			`files = Dir.glob( "#{dir}/sessions/collection_*.rb" )`
			`for file in files`
Small improvements. 2012-05-18 15:32:06 +00:00			`load file`
Added module layer to load default collections. 2012-05-18 13:53:20 +00:00			`ExtraCollection.add(default_collection)`
			`end`

Init version. 2012-04-10 14:06:46 +00:00			`return default_collection`
			`end`
			`end`