Permalink
Browse files

Adds Persona logins!

  • Loading branch information...
aaronpk committed Jun 23, 2013
1 parent 1e5581b commit 2dd7d58e26b65af53ea0a3c8659e1779dcb7be41
View
@@ -22,6 +22,7 @@ gem 'omniauth-openid'
gem 'mechanize'
gem 'unshorten', ">=0.2.1"
+gem 'rest-client'
gem 'twilio-ruby'
gem 'mysql2', '0.3.7'
View
@@ -103,6 +103,8 @@ GEM
unicorn (~> 4.1)
raindrops (0.10.0)
rake (10.0.3)
+ rest-client (1.6.7)
+ mime-types (>= 1.16)
ruby-openid (2.2.2)
shotgun (0.9)
rack (>= 1.0)
@@ -166,6 +168,7 @@ DEPENDENCIES
omniauth-twitter
rainbows
rake
+ rest-client
shotgun
sinatra
sinatra-namespace
View
@@ -62,6 +62,8 @@ def verify_user_profile(me_parser, profile, user)
if profile.match RelParser.sms_regex
provider = Provider.first :code => 'sms'
+ elsif profile.match RelParser.email_regex
+ provider = Provider.first :code => 'email'
else
# Search the "profile" page for a rel=me link back to "me"
profile_parser = RelParser.new profile
@@ -83,7 +85,7 @@ def verify_user_profile(me_parser, profile, user)
:verified => false
})
- if provider.code == 'sms'
+ if provider.code == 'sms' or provider.code == 'email'
verified = true
else
verified = me_parser.verify_link profile, profile_parser
@@ -238,6 +240,57 @@ def auth_param_setup
}
end
+ post '/auth/verify_email.json' do
+ data = RestClient.post 'https://verifier.login.persona.org/verify', {
+ :audience => SiteConfig.base_uri,
+ :assertion => params[:assertion]
+ }
+ response = JSON.parse data
+ if response and response['status'] == 'okay'
+
+ me = params[:me].sub(/(\/)+$/,'')
+ me = "http://#{me}" unless me.match /^https?:\/\//
+
+ user = User.first :href => me
+ profile = user.profiles.first :href => "mailto:#{response['email']}"
+ if profile.nil?
+ json_error 400, {
+ status: 'mismatch',
+ reason: 'logged in as a different user'
+ }
+ else
+
+ login = Login.create :user => user,
+ :provider => Provider.first(:code => 'email'),
+ :profile => profile,
+ :complete => true,
+ :token => Login.generate_token,
+ :redirect_uri => params[:redirect_uri]
+
+ if login.redirect_uri
+ redirect_uri = URI.parse login.redirect_uri
+ p = Rack::Utils.parse_query redirect_uri.query
+ p['token'] = login.token
+ redirect_uri.query = Rack::Utils.build_query p
+ redirect_uri = redirect_uri.to_s
+ else
+ redirect_uri = "/success?token=#{login.token}"
+ end
+
+ json_response 200, {
+ status: response['status'],
+ email: response['email'],
+ redirect: redirect_uri
+ }
+ end
+ else
+ json_error 400, {
+ status: response['status'],
+ reason: response['reason']
+ }
+ end
+ end
+
get '/auth/start' do
# TODO: handle these errors differently by redirecting to an error page instead of returning JSON
View
@@ -4,6 +4,10 @@ def self.sms_regex
/sms:\/?\/?([0-9\-+]+)/
end
+ def self.email_regex
+ /mailto:\/?\/?(.+@.+\..+)/
+ end
+
attr_accessor :url
def initialize(opts={})
@@ -54,7 +58,7 @@ def get(tag)
if link.rel?(tag)
# puts " --> #{link.href.inspect}"
- if link.href.match RelParser.sms_regex
+ if link.href.match RelParser.sms_regex or link.href.match RelParser.email_regex
links << link.href
else
begin
View
@@ -84,6 +84,10 @@ body {
font-size: 1.12em;
}
+.persona-login {
+ cursor: pointer;
+}
+
/**
* Headers
*/
Binary file not shown.
Binary file not shown.
View
@@ -64,7 +64,7 @@ function set_up_sms_auth() {
$.get("/auth/send_sms.json", {
me: me,
- profile: $(this).attr('href'),
+ profile: btn.attr('href'),
redirect_uri: redirect_uri
}, function(data){
if(data.result == "sent") {
@@ -79,6 +79,41 @@ function set_up_sms_auth() {
});
}
+function set_up_email_auth() {
+ $(".persona-login").click(function(){
+ var img = $(this);
+ var status = $(this).parents('li').children('.status');
+
+ img.attr("src", "/img/email_sign_in_disabled.png");
+ status.text("Launching Persona login");
+
+ navigator.id.get(function(assertion){
+
+ if(assertion == null) {
+ img.attr("src", "/img/email_sign_in_blue.png");
+ status.text("Ok! Click to authenticate using this provider.");
+ } else {
+ console.log(assertion);
+ status.text("Verifying login...");
+
+ $.post("/auth/verify_email.json", {
+ me: me,
+ profile: img.data('email'),
+ redirect_uri: redirect_uri,
+ assertion: assertion
+ }, function(data) {
+ if(data.status == "okay") {
+ status.text("Login succeeded! Redirecting...");
+ window.location = data.redirect;
+ } else {
+ status.text("Auth failed: " + data.reason);
+ }
+ });
+ }
+ });
+ });
+}
+
function format_sms_number(href) {
href = href.replace(/sms:\/?\/?/, '');
if(match=href.match(/^\+1([0-9]{3})([0-9]{3})([0-9]{4})$/)) {
@@ -111,6 +146,9 @@ $(function(){
if(data.provider == "sms") {
$("#profile_"+i+" .link").html('<a href="'+link+'" class="btn btn-success sms-auth">'+format_sms_number(link)+'</a>');
set_up_sms_auth();
+ } else if(data.provider == "email") {
+ $("#profile_"+i+" .link").html('<img src="/img/email_sign_in_blue.png" class="persona-login" data-email="'+link+'" />');
+ set_up_email_auth();
} else {
$("#profile_"+i+" .link").html('<a href="'+data.auth_path+'&redirect_uri='+encodeURIComponent(redirect_uri)+'" class="btn btn-success">'+link.replace(/^(https|http|sms):\/\//, "")+'</a>');
}
View
@@ -117,11 +117,9 @@
<li><div class="thumbnail">
<img src="/img/providers/sms.png" alt="SMS" width="57" height="57" />
</div></li>
-<!--
<li><div class="thumbnail">
<img src="/img/providers/persona.png" alt="Persona" width="57" height="57" />
</div></li>
--->
<!--
<li><div class="thumbnail">
<img src="/img/providers/flickr.png" alt="Flickr" width="57" height="57" />
View
@@ -64,5 +64,6 @@
<%= yield %>
+ <script src="https://login.persona.org/include.js"></script>
</body>
</html>
@@ -18,7 +18,8 @@
<li><a href="https://twitter.com/aaronpk" rel="me">@aaronpk on Twitter</a></li>
<li><a href="https://github.com/aaronpk" rel="me">Github</a></li>
<li><a href="http://profiles.google.com/aaron.parecki" rel="me">Google</a></li>
- <li><a href="sms://+15035551212" rel="me">(503) 555-1212</a></li>
+ <li><a href="sms:+15035551212" rel="me">(503) 555-1212</a></li>
+ <li><a href="mailto:me@example.com" rel="me">me@example.com</a></li>
</ul>
' %></code></pre>
</p>
@@ -44,7 +45,6 @@
<li><a href="https://twitter.com/settings/profile">Twitter</a></li>
<li><a href="https://plus.google.com/me/about/edit/d">Google</a></li>
<li><a href="https://github.com/settings/profile">Github</a></li>
- <li><a href="http://www.flickr.com/profile_edit.gne">Flickr</a></li>
<li><a href="https://geoloqi.com/account/profile">Geoloqi</a></li>
</ul>

0 comments on commit 2dd7d58

Please sign in to comment.