seven1m / onebody fork watch download tarball
public
Forks18Right
Watchers74Right
Description: OneBody is web-based software that connects community members, especially churches, on the web.
Homepage: http://beonebody.com
Clone URL: git://github.com/seven1m/onebody.git 
Added API key support and http basic authentication.
Tim Morgan (author)
Tue Aug 05 06:14:00 -0700 2008
commit  c07a5659540caa54be9dd050b4836e498addc329
tree    d7557d1b9ff9b728c1da1fd3ecb33149a702582d
parent  78744b9b9f919a7c7f975395f39c7428468fcc3b
0
app/controllers/application.rb 
...
50
51
52
 
 
 
 
53
54
 
55
56
57
...
77
78
79
80
 
81
82
83
84
85
86
87
 
 
 
 
 
88
89
90
91
 
92
93
94
 
...
50
51
52
53
54
55
56
57
 
58
59
60
61
...
81
82
83
 
84
85
86
87
 
 
 
 
88
89
90
91
92
93
94
95
 
96
97
98
99
 
0
@@ -50,8 +50,12 @@ class ApplicationController < ActionController::Base
0
         Person.logged_in = @logged_in = Person.find_by_id(id)
0
       end
0
     end
0
+    
0
+    def authenticate_user # default
0
+      authenticate_user_with_http_basic_or_session
0
+    end
0
   
0
-    def authenticate_user
0
+    def authenticate_user_with_session
0
       if id = session[:logged_in_id]
0
         unless person = Person.find_by_id(id)
0
           session[:logged_in_id] = nil
0
@@ -77,18 +81,19 @@ class ApplicationController < ActionController::Base
0
     
0
     def authenticate_user_with_code_or_session
0
       unless params[:code] and Person.logged_in = @logged_in = Person.find_by_feed_code(params[:code])
0
-        authenticate_user
0
+        authenticate_user_with_session
0
       end
0
     end
0
     
0
-    def authenticate_user_with_http_basic
0
-      authenticate_with_http_basic do |username, password|
0
-        if (key = password.any? ? password : username).any?
0
-          Person.logged_in = @logged_in = Person.find_by_feed_code(key)
0
+    def authenticate_user_with_http_basic_or_session
0
+      authenticate_with_http_basic do |email, api_key|
0
+        if email.to_s.any? and api_key.to_s.length == 50
0
+          Person.logged_in = @logged_in = Person.find_by_email_and_api_key(email, api_key)
0
+          Person.logged_in = @logged_in = nil unless @logged_in.super_admin?
0
         end
0
       end
0
       unless @logged_in
0
-        authenticate_user
0
+        authenticate_user_with_session
0
       end
0
     end
0
     
0
app/models/person.rb 
...
481
482
483
484
 
485
486
487
488
 
 
 
 
489
490
491
 
...
481
482
483
 
484
485
486
487
488
489
490
491
492
493
494
495
 
0
@@ -481,11 +481,15 @@ class Person < ActiveRecord::Base
0
   before_create :update_feed_code
0
   def update_feed_code
0
     begin # ensure unique
0
-      code = (1..50).collect { (i = Kernel.rand(62); i += ((i < 10) ? 48 : ((i < 36) ? 55 : 61 ))).chr }.join
0
+      code = random_chars(50)
0
       write_attribute :feed_code, code
0
     end while Person.count('*', :conditions => ['feed_code = ?', code]) > 0
0
   end
0
   
0
+  def generate_api_key
0
+    write_attribute :api_key, random_chars(50)
0
+  end
0
+  
0
   def update_from_params(params)
0
     person_basics = %w(first_name last_name suffix mobile_phone work_phone fax city state zip birthday anniversary gender address1 address2 city state zip)
0
     if params[:photo_url] and params[:photo_url].length > 7 # not just "http://"
0
config/routes.rb 
...
71
72
73
 
74
75
76
 
...
71
72
73
74
75
76
77
 
0
@@ -71,6 +71,7 @@ ActionController::Routing::Routes.draw do |map|
0
 
0
   map.admin 'admin', :controller => 'administration/dashboards'
0
   map.namespace :administration, :path_prefix => 'admin' do |admin|
0
+    admin.resource :api_key
0
     admin.resources :updates
0
     admin.resources :admins
0
     admin.resources :membership_requests

Comments