lib/simple_admin_auth.rb test/unit/simple_admin_test.rb @@ -1,14 +1,27 @@ class SessionsController < ApplicationController + def new + render :layout => nil + end + def create if openid = request.env["rack.openid.response"] if openid.status == :success if sa = SimpleAdmin.find(openid.display_identifier) - current_user = sa.openid - render :text => "Welcome: #{sa.openid}" + self.current_user = sa.openid + p self.current_user + if session[:return_to] + redirect_to session[:return_to] + else + redirect_to '/' + end + else + flash[:error] = "Not Authorized" + render :new end else - render :text => "Error: #{openid.status}" + flash[:error] = "Error: #{openid.status}" + render :new end else response.headers['WWW-Authenticate'] = Rack::OpenID.build_header( @@ -24,13 +37,4 @@ class SessionsController < ApplicationController redirect_to '/' end - private - - def current_user=(openid) - session[:simple_admin] = openid - end - - def current_user - SimpleAdmin.find(session[:simple_admin]) - end end \ No newline at end of file app/controllers/sessions_controller.rb @@ -4,9 +4,10 @@ class SimpleAdmin def self.find(user) admins = YAML.load_file(File.join(RAILS_ROOT, 'config', 'simple_admins.yml')) - if admins.include?(user) - self.new(user) - end + matches = admins.delete_if {|admin| + !(admin.match(/^(http:\/\/)?#{user.to_s}\/?$/) || user.to_s.match(/^(http:\/\/)?#{admin}\/?$/)) + } + matches.empty? ? nil : self.new(user) end def initialize(user) app/models/simple_admin.rb @@ -1,9 +1,69 @@ -<% form_tag(session_url, :id => 'openid_form', :selected => true) do %> - <fieldset> - <legend>Sign-in or Create New Account</legend> - <div id="openid_input_area" selected="true"> - <input id="openid_identifier" name="openid_identifier" type="text" value="http://" /> - <input id="openid_submit" type="submit" value="Sign-In"/> - </div> - </fieldset> -<% end %> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> +<head> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> + <title>Simple Admin Login</title> + <style type="text/css" media="screen"> + body{background:#555;font-size:1.3em;font-family:"Helvetica",Helvetica,sans-serif;} + h1,h2,h3{text-align:center;} + h1{color:#222;text-shadow:1px 1px 1px #ddd;margin-bottom:0.5em;} + h2{color:#888;width:80%;margin:0.5em auto 30px auto;font-family:"Palantino",Georgia;font-size:80%;font-style:italic;font-weight:normal;} + p,label, span{text-shadow:1px 1px 1px #f2f2f2;} + label{color:#444;display:block;font-variant:small-caps;text-transform:lowercase;} + p{font-size:77%;color:#444;} + input{width:440px;font-size:1.5em;margin-bottom:0.75em;} + .explanation{text-align:center;} + + fieldset{width:440px;margin:10px auto;border:none;} + hr{border:0px transparent solid;border-top:1px #fdfdfd solid;border-bottom:1px #ddd solid;margin:20px 0 30px 0;} + .container{width:480px;} + .container{padding:30px 30px;margin:100px auto 30px auto;background:#fff;-moz-border-radius:11px;-khtml-border-radius:11px;-webkit-border-radius:11px;border-radius:11px;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;-webkit-box-shadow:3px 0px 7px #222;-khtml-box-sizing:content-box;box-sizing:content-box; + } + .footer{margin:0 auto;display:block;color:#555;text-align:center;font-size:0.6em;} + .footer span{display:block;line-height:1.5em;} + .big_button { + background: rgb(135, 181, 0); + color: rgb(236, 245, 222); + -webkit-border-bottom-left-radius: 5px 5px; + -webkit-border-bottom-right-radius: 5px 5px; + -webkit-border-top-left-radius: 5px 5px; + -webkit-border-top-right-radius: 5px 5px; + border-bottom: 1px solid rgb(104, 147, 0); + border-left: solid rgb(221, 221, 221); + border-width: 0px 1px 1px; + border-right: 1px solid rgb(104, 147, 0); + border-top: 0px solid rgb(221, 221, 221); + color: white; + cursor: pointer; + font-size: 22px; + height: 42px; + width:445px; + line-height: 42px; + margin: 0px; + overflow: visible; + padding: 0px 15px; + } + </style> +</head> + +<body> + <div class="container"> + <% if flash[:error] %> + <h2 style='color:red;'><%= flash[:error] %></h2> + <% end %> + <h1>Admin Only</h1> + <% form_tag(session_url, :id => 'openid_form', :selected => true) do %> + <fieldset> + <label>OpenID</label> + <div id="openid_input_area" selected="true"> + <input id="openid_identifier" name="openid_identifier" type="text" value="http://" /> + <input id="openid_submit" type="submit" value="Log In" class='big_button'/> + </div> + </fieldset> + <% end %> + </div> + +</body> +</html> app/views/sessions/new.erb @@ -6,4 +6,6 @@ config.to_prepare do config.middleware.use ::Rack::OpenID, OpenID::Store::Filesystem.new("#{RAILS_ROOT}/tmp/openid") + OpenID::Util.logger = Rails.logger + ActionController::Base.send :include, SimpleAdminAuth end init.rb @@ -1,17 +1,6 @@ require 'test/unit' require 'rubygems' - -gem 'activesupport' -require 'active_support' - -gem 'actionpack' -require 'action_controller' - -gem 'mocha' -require 'mocha' - -gem 'ruby-openid' require 'openid' RAILS_ROOT = File.dirname(__FILE__) unless defined? RAILS_ROOT -require File.dirname(__FILE__) + "/../lib/open_id_authentication" + test/unit/test_helper.rb test/performance/browsing_test.rb test/test_helper.rb test/unit/open_id_authentication_test.rb test/unit/status_test.rb 7523b0fefcc34fefa61426d6b930a366188f0ee7 Mark Percival mark@mpercival.com http://github.com/markpercival/simple_admin/commit/986147ae14230ce544ca6c81e5169ce673a3dbf9 986147ae14230ce544ca6c81e5169ce673a3dbf9 2009-11-05T07:13:27-08:00 2009-11-05T07:13:27-08:00 fixed and working 9ff6801ea2fe7ccc288b9c25b2abb55ac666676d Mark Percival mark@mpercival.com