Removed not used logon_session feature. Added web socket authentication. Prepared browser finger print.
This commit is contained in:
parent
f2ef65d67d
commit
2760137eef
6 changed files with 60 additions and 50 deletions
|
@ -47,6 +47,32 @@ class App.Browser
|
||||||
# allow browser
|
# allow browser
|
||||||
true
|
true
|
||||||
|
|
||||||
|
@fingerprint: ->
|
||||||
|
localStorage = window['localStorage']
|
||||||
|
|
||||||
|
# read from local storage
|
||||||
|
if localStorage
|
||||||
|
fingerprint = localStorage.getItem('fingerprint')
|
||||||
|
return fingerprint if fingerprint
|
||||||
|
|
||||||
|
# detect fingerprint
|
||||||
|
data = @detection()
|
||||||
|
resolution = "#{window.screen.availWidth}x#{window.screen.availHeight}/#{window.screen.pixelDepth}"
|
||||||
|
timezone = new Date().toString().match(/\s\(.+?\)$/)
|
||||||
|
hashCode = (s) ->
|
||||||
|
s.split('').reduce(
|
||||||
|
(a,b) ->
|
||||||
|
a=((a<<5)-a)+b.charCodeAt(0)
|
||||||
|
a&a
|
||||||
|
0
|
||||||
|
)
|
||||||
|
fingerprint = hashCode("#{data.browser.name}#{data.browser.major}#{data.os}#{resolution}#{timezone}")
|
||||||
|
|
||||||
|
# write to local storage
|
||||||
|
if localStorage
|
||||||
|
localStorage.setItem('fingerprint', fingerprint)
|
||||||
|
fingerprint
|
||||||
|
|
||||||
@message: (data, version) ->
|
@message: (data, version) ->
|
||||||
new App.ControllerModal(
|
new App.ControllerModal(
|
||||||
head: 'Browser too old!'
|
head: 'Browser too old!'
|
||||||
|
|
|
@ -115,8 +115,8 @@ class _webSocketSingleton extends App.Controller
|
||||||
# logon websocket
|
# logon websocket
|
||||||
data =
|
data =
|
||||||
action: 'login'
|
action: 'login'
|
||||||
session:
|
session_id: App.Config.get('session_id')
|
||||||
id: App.Session.get('id')
|
fingerprint: App.Browser.fingerprint()
|
||||||
@send(data)
|
@send(data)
|
||||||
|
|
||||||
spool: =>
|
spool: =>
|
||||||
|
|
|
@ -140,25 +140,6 @@ class ApplicationController < ActionController::Base
|
||||||
|
|
||||||
error_message = 'authentication failed'
|
error_message = 'authentication failed'
|
||||||
|
|
||||||
# check logon session
|
|
||||||
if params['logon_session']
|
|
||||||
logon_session = ActiveRecord::SessionStore::Session.where( session_id: params['logon_session'] ).first
|
|
||||||
|
|
||||||
# set logon session user to current user
|
|
||||||
if logon_session
|
|
||||||
userdata = User.find( logon_session.data[:user_id] )
|
|
||||||
current_user_set(userdata)
|
|
||||||
|
|
||||||
session[:persistent] = true
|
|
||||||
|
|
||||||
return {
|
|
||||||
auth: true
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
error_message = 'no valid session, user_id'
|
|
||||||
end
|
|
||||||
|
|
||||||
# check sso
|
# check sso
|
||||||
sso_userdata = User.sso(params)
|
sso_userdata = User.sso(params)
|
||||||
if sso_userdata
|
if sso_userdata
|
||||||
|
@ -296,10 +277,14 @@ class ApplicationController < ActionController::Base
|
||||||
config['timezones'][ t.name ] = diff
|
config['timezones'][ t.name ] = diff
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# remember if we can to swich back to user
|
||||||
if session[:switched_from_user_id]
|
if session[:switched_from_user_id]
|
||||||
config['switch_back_to_possible'] = true
|
config['switch_back_to_possible'] = true
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# remember session_id for websocket logon
|
||||||
|
config['session_id'] = session.id
|
||||||
|
|
||||||
config
|
config
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -42,18 +42,6 @@ class SessionsController < ApplicationController
|
||||||
# get models
|
# get models
|
||||||
models = SessionHelper.models(user)
|
models = SessionHelper.models(user)
|
||||||
|
|
||||||
# check logon session
|
|
||||||
logon_session_key = nil
|
|
||||||
if params['logon_session']
|
|
||||||
logon_session_key = Digest::MD5.hexdigest( rand(999_999).to_s + Time.zone.now.to_s )
|
|
||||||
# session = ActiveRecord::SessionStore::Session.create(
|
|
||||||
# :session_id => logon_session_key,
|
|
||||||
# :data => {
|
|
||||||
# :user_id => user['id']
|
|
||||||
# }
|
|
||||||
# )
|
|
||||||
end
|
|
||||||
|
|
||||||
# sessions created via this
|
# sessions created via this
|
||||||
# controller are persistent
|
# controller are persistent
|
||||||
session[:persistent] = true
|
session[:persistent] = true
|
||||||
|
@ -62,10 +50,10 @@ class SessionsController < ApplicationController
|
||||||
render status: :created,
|
render status: :created,
|
||||||
json: {
|
json: {
|
||||||
session: user,
|
session: user,
|
||||||
|
config: config_frontend,
|
||||||
models: models,
|
models: models,
|
||||||
collections: collections,
|
collections: collections,
|
||||||
assets: assets,
|
assets: assets,
|
||||||
logon_session: logon_session_key,
|
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -78,14 +66,6 @@ class SessionsController < ApplicationController
|
||||||
user_id = session[:user_id]
|
user_id = session[:user_id]
|
||||||
end
|
end
|
||||||
|
|
||||||
# check logon session
|
|
||||||
if params['logon_session']
|
|
||||||
session = SessionHelper.get( params['logon_session'] )
|
|
||||||
if session
|
|
||||||
user_id = session.data[:user_id]
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
if !user_id
|
if !user_id
|
||||||
# get models
|
# get models
|
||||||
models = SessionHelper.models()
|
models = SessionHelper.models()
|
||||||
|
@ -96,7 +76,7 @@ class SessionsController < ApplicationController
|
||||||
models: models,
|
models: models,
|
||||||
collections: {
|
collections: {
|
||||||
Locale.to_app_model => Locale.where( active: true )
|
Locale.to_app_model => Locale.where( active: true )
|
||||||
}
|
},
|
||||||
}
|
}
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
@ -117,10 +97,10 @@ class SessionsController < ApplicationController
|
||||||
# return current session
|
# return current session
|
||||||
render json: {
|
render json: {
|
||||||
session: user,
|
session: user,
|
||||||
|
config: config_frontend,
|
||||||
models: models,
|
models: models,
|
||||||
collections: collections,
|
collections: collections,
|
||||||
assets: assets,
|
assets: assets,
|
||||||
config: config_frontend,
|
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -37,7 +37,7 @@ module SessionHelper
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.get(id)
|
def self.get(id)
|
||||||
ActiveRecord::SessionStore::Session.where( id: id ).first
|
ActiveRecord::SessionStore::Session.find_by( id: id )
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.list(limit = 10_000)
|
def self.list(limit = 10_000)
|
||||||
|
@ -45,7 +45,7 @@ module SessionHelper
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.destroy(id)
|
def self.destroy(id)
|
||||||
session = ActiveRecord::SessionStore::Session.where( id: id ).first
|
session = ActiveRecord::SessionStore::Session.find_by( id: id )
|
||||||
return if !session
|
return if !session
|
||||||
session.destroy
|
session.destroy
|
||||||
end
|
end
|
||||||
|
|
|
@ -12,6 +12,12 @@ require 'sessions'
|
||||||
require 'optparse'
|
require 'optparse'
|
||||||
require 'daemons'
|
require 'daemons'
|
||||||
|
|
||||||
|
# load rails env
|
||||||
|
dir = File.expand_path(File.join(File.dirname(__FILE__), '..'))
|
||||||
|
Dir.chdir dir
|
||||||
|
RAILS_ENV = ENV['RAILS_ENV'] || 'development'
|
||||||
|
require File.join(dir, 'config', 'environment')
|
||||||
|
|
||||||
# Look for -o with argument, and -I and -D boolean arguments
|
# Look for -o with argument, and -I and -D boolean arguments
|
||||||
@options = {
|
@options = {
|
||||||
p: 6042,
|
p: 6042,
|
||||||
|
@ -176,8 +182,21 @@ EventMachine.run {
|
||||||
|
|
||||||
# get session
|
# get session
|
||||||
if data['action'] == 'login'
|
if data['action'] == 'login'
|
||||||
@clients[client_id][:session] = data['session']
|
|
||||||
Sessions.create( client_id, data['session'], { type: 'websocket' } )
|
# get user_id
|
||||||
|
if data['session_id']
|
||||||
|
session = ActiveRecord::SessionStore::Session.find_by( session_id: data['session_id'] )
|
||||||
|
end
|
||||||
|
|
||||||
|
if session && session.data && session.data['user_id']
|
||||||
|
new_session_data = { 'id' => session.data['user_id'] }
|
||||||
|
else
|
||||||
|
new_session_data = {}
|
||||||
|
end
|
||||||
|
|
||||||
|
@clients[client_id][:session] = new_session_data
|
||||||
|
|
||||||
|
Sessions.create( client_id, new_session_data, { type: 'websocket' } )
|
||||||
|
|
||||||
# remember ping, send pong back
|
# remember ping, send pong back
|
||||||
elsif data['action'] == 'ping'
|
elsif data['action'] == 'ping'
|
||||||
|
|
Loading…
Reference in a new issue