Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

added BrowserID login; beers added to user doc

User docs are stored as sha1($email) for some level of privacy.
The list of beers is stored as a pipe (|) delimited list of beer
doc IDs.
  • Loading branch information...
commit 1b144d63d7b9d468af2b1ec116023402af93aa56 1 parent 5665de9
@BigBlueHat BigBlueHat authored
View
3  .gitmodules
@@ -4,3 +4,6 @@
[submodule "vendors/Slim"]
path = vendors/Slim
url = https://github.com/codeguy/Slim.git
+[submodule "vendors/Resty"]
+ path = vendors/Resty
+ url = https://github.com/fictivekin/Resty.php.git
View
BIN  assets/ico/sign_in_blue.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
24 beers.php
@@ -16,16 +16,22 @@ function breweryUrl($name) {
});
$app->get('/beers/:id', function($id) use ($app, $cb) {
- $beer = json_decode($cb->get('beer_' . str_replace(' ', '_', urldecode($id))), true);
- if ($beer !== null) {
- if (isset($beer['brewery'])) {
- $beer['brewery_url'] = breweryUrl($beer['brewery']);
- }
- $app->view()->appendData($beer);
- $content = $app->view()->render('beer.mustache');
- $app->render('layout.mustache', compact('content'));
+ if (!isset($_SESSION['email'])) {
+ $app->response()->status(401);
} else {
- $app->notFound();
+ $beer_id = 'beer_' . str_replace(' ', '_', urldecode($id));
+ $beer = json_decode($cb->get($beer_id), true);
+ if ($beer !== null) {
+ $cb->append(sha1($_SESSION['email']), $beer_id . '|');
+ if (isset($beer['brewery'])) {
+ $beer['brewery_url'] = breweryUrl($beer['brewery']);
+ }
+ $app->view()->appendData($beer);
+ $content = $app->view()->render('beer.mustache');
+ $app->render('layout.mustache', compact('content'));
+ } else {
+ $app->notFound();
+ }
}
});
View
44 index.php
@@ -1,6 +1,7 @@
<?php
// require stuffs
+require 'vendors/Resty/Resty.php';
require 'vendors/Slim/Slim/Slim.php';
require 'vendors/Slim-Extras/Views/MustacheView.php';
@@ -14,6 +15,8 @@
'current_url' => $env['PATH_INFO']
));
+$app->add(new Slim_Middleware_SessionCookie());
+
// Setup Couchbase connected objects
try {
$cb = new Couchbase("127.0.0.1:8091", "Administrator", "asdasd", "beer-sample");
@@ -28,6 +31,47 @@
$content = $app->view()->render('index.mustache');
$app->render('layout.mustache', compact('content') + array('on_index' => true));
});
+
+// GET BrowserID verification
+$app->post('/browserid/login', function () use ($app, $cb) {
+ header('Content-Type: application/json');
+ $resty = new Resty();
+ $resty->debug(true);
+ $assertion=$app->request()->post('assertion');
+ // get the POSTed assertion
+ $post_data = array('assertion' => $assertion, 'audience' => $_SERVER['SERVER_NAME']);
+ // SERVER is my site's hostname
+ $resty->setBaseURL('https://browserid.org/');
+ // This makes a post request to browserid.org
+ $r = $resty->post('verify',$post_data);
+
+ if ($r['body']->status == 'okay') {
+ // This logs the user in if we have an account for that email address,
+ // or creates it otherwise
+ //$email = sha1($r['body']['email']);
+ $email = $_SESSION['email'] = $r['body']->email;
+ if ($cb->get(sha1($email)) === null) {
+ $cb->set(sha1($email), '');
+ }
+ echo json_encode($email);
+ } else {
+ $msg = 'Could not log you in';
+ $status = false;
+ echo json_encode(array('message'=>$msg,'status'=>$status));
+ }
+});
+
+$app->post('/browserid/logout', function() use ($app) {
+ unset($_SESSION['email']);
+});
+
+$app->get('/browserid/whoami', function() use ($app) {
+ header('Content-Type: application/json');
+ if (isset($_SESSION['email'])) {
+ echo json_encode($_SESSION['email']);
+ }
+});
+
// beer routes
require_once 'beers.php';
// brewery routes
View
73 templates/layout.mustache
@@ -13,6 +13,7 @@
body {
padding-top: 60px; /* 60px to make the container go all the way to the bottom of the topbar */
}
+ #logout {display:none}
</style>
<link href="{{base_url}}/assets/css/bootstrap-responsive.css" rel="stylesheet">
@@ -40,6 +41,17 @@
<input type="search" placeholder="Whatcha drinkin'?" class="search-query span2" name="id">
</form>
{{/on_index}}
+ <ul class="nav pull-right">
+ <li>
+ <a href="#" id="browserid" title="Sign-in with BrowserID">
+ <img src="{{base_url}}/assets/ico/sign_in_blue.png" alt="Sign in">
+ </a>
+ <a href="#" id="logout">
+ Hi yeah, <span id="whoami">??</span>
+ Wanna logout?
+ </a>
+ </li>
+ </ul>
</div>
</div>
</div>
@@ -65,5 +77,66 @@
<script src="{{base_url}}/assets/js/bootstrap-carousel.js"></script>
<script src="{{base_url}}/assets/js/bootstrap-typeahead.js"></script>
+ <script src="https://browserid.org/include.js" type="text/javascript"></script>
+ <script>
+ function loggedIn(res) {
+ $('#whoami').html(res);
+ $('#browserid, #logout').toggle();
+ }
+
+ function loggedOut() {
+ $('#browserid, #logout').toggle();
+ }
+
+ function gotVerifiedEmail(assertion) {
+ // got an assertion, now send it up to the server for verification
+ if (assertion !== null) {
+ $.ajax({
+ type: 'POST',
+ url: '{{base_url}}/browserid/login',
+ data: { assertion: assertion },
+ success: function(res, status, xhr) {
+ if (res === null) loggedOut();
+ else loggedIn(res);
+ },
+ error: function(res, status, xhr) {
+ alert("login failure" + res);
+ }
+ });
+ } else {
+ loggedOut();
+ }
+ }
+
+ $(function() {
+ $.get('{{base_url}}/browserid/whoami', function (res) {
+ if (res === null) {
+ // see if we are logged in by default
+ if (navigator.id.get) {
+ navigator.id.get(gotVerifiedEmail, {silent: true});
+ } else {
+ loggedOut();
+ }
+ } else {
+ loggedIn(res, true);
+ }
+ }, 'json');
+
+ $('#browserid').on('click', function() {
+ navigator.id.get(gotVerifiedEmail, {allowPersistent: true});
+ return false;
+ });
+
+ $('#logout').on('click', function() {
+ $.ajax({
+ type: 'POST',
+ url: '{{base_url}}/browserid/logout',
+ success: function(res, status, xhr) {
+ loggedOut();
+ }
+ });
+ });
+ });
+ </script>
</body>
</html>
1  vendors/Resty
@@ -0,0 +1 @@
+Subproject commit 5230845b04f26a8a895552e3b13129b22dd27ded
Please sign in to comment.
Something went wrong with that request. Please try again.