added BrowserID login; beers added to user doc

User docs are stored as sha1($email) for some level of privacy. The list of beers is stored as a pipe (|) delimited list of beer doc IDs.
couchbaselabs · May 8, 2012 · 1b144d6 · 1b144d6
1 parent 5665de9
commit 1b144d6
Show file tree

Hide file tree

Showing 6 changed files with 136 additions and 9 deletions.
diff --git a/.gitmodules b/.gitmodules
@@ -4,3 +4,6 @@
 [submodule "vendors/Slim"]
 	path = vendors/Slim
 	url = https://github.com/codeguy/Slim.git
+[submodule "vendors/Resty"]
+	path = vendors/Resty
+	url = https://github.com/fictivekin/Resty.php.git
diff --git a/assets/ico/sign_in_blue.png b/assets/ico/sign_in_blue.png
diff --git a/beers.php b/beers.php
@@ -16,16 +16,22 @@ function breweryUrl($name) {
 });
 
 $app->get('/beers/:id', function($id) use ($app, $cb) {
-  $beer = json_decode($cb->get('beer_' . str_replace(' ', '_', urldecode($id))), true);
-  if ($beer !== null) {
-    if (isset($beer['brewery'])) {
-      $beer['brewery_url'] = breweryUrl($beer['brewery']);
-    }
-    $app->view()->appendData($beer);
-    $content = $app->view()->render('beer.mustache');
-    $app->render('layout.mustache', compact('content'));
+  if (!isset($_SESSION['email'])) {
+    $app->response()->status(401);
   } else {
-    $app->notFound();
+    $beer_id = 'beer_' . str_replace(' ', '_', urldecode($id));
+    $beer = json_decode($cb->get($beer_id), true);
+    if ($beer !== null) {
+      $cb->append(sha1($_SESSION['email']), $beer_id . '|');
+      if (isset($beer['brewery'])) {
+        $beer['brewery_url'] = breweryUrl($beer['brewery']);
+      }
+      $app->view()->appendData($beer);
+      $content = $app->view()->render('beer.mustache');
+      $app->render('layout.mustache', compact('content'));
+    } else {
+      $app->notFound();
+    }
   }
 });
 

diff --git a/index.php b/index.php
@@ -1,6 +1,7 @@
 <?php
 
 // require stuffs
+require 'vendors/Resty/Resty.php';
 require 'vendors/Slim/Slim/Slim.php';
 require 'vendors/Slim-Extras/Views/MustacheView.php';
 
@@ -14,6 +15,8 @@
   'current_url' => $env['PATH_INFO']
 ));
 
+$app->add(new Slim_Middleware_SessionCookie());
+
 // Setup Couchbase connected objects
 try {
   $cb = new Couchbase("127.0.0.1:8091", "Administrator", "asdasd", "beer-sample");
@@ -28,6 +31,47 @@
   $content = $app->view()->render('index.mustache');
   $app->render('layout.mustache', compact('content') + array('on_index' => true));
 });
+
+// GET BrowserID verification
+$app->post('/browserid/login', function () use ($app, $cb) {
+  header('Content-Type: application/json');
+  $resty = new Resty();
+  $resty->debug(true);
+  $assertion=$app->request()->post('assertion');
+  // get the POSTed assertion
+  $post_data = array('assertion' => $assertion, 'audience' => $_SERVER['SERVER_NAME']);
+  // SERVER is my site's hostname
+  $resty->setBaseURL('https://browserid.org/');
+  // This makes a post request to browserid.org
+  $r = $resty->post('verify',$post_data);
+
+  if ($r['body']->status == 'okay') {
+    // This logs the user in if we have an account for that email address,
+    // or creates it otherwise
+    //$email = sha1($r['body']['email']);
+    $email = $_SESSION['email'] = $r['body']->email;
+    if ($cb->get(sha1($email)) === null) {
+      $cb->set(sha1($email), '');
+    }
+    echo json_encode($email);
+  } else {
+    $msg = 'Could not log you in';
+    $status = false;
+    echo json_encode(array('message'=>$msg,'status'=>$status));
+  }
+});
+
+$app->post('/browserid/logout', function() use ($app) {
+  unset($_SESSION['email']);
+});
+
+$app->get('/browserid/whoami', function() use ($app) {
+  header('Content-Type: application/json');
+  if (isset($_SESSION['email'])) {
+    echo json_encode($_SESSION['email']);
+  }
+});
+
 // beer routes
 require_once 'beers.php';
 // brewery routes

diff --git a/templates/layout.mustache b/templates/layout.mustache
@@ -13,6 +13,7 @@
       body {
         padding-top: 60px; /* 60px to make the container go all the way to the bottom of the topbar */
       }
+      #logout {display:none}
     </style>
     <link href="{{base_url}}/assets/css/bootstrap-responsive.css" rel="stylesheet">
 
@@ -40,6 +41,17 @@
             <input type="search" placeholder="Whatcha drinkin'?" class="search-query span2" name="id">
           </form>
           {{/on_index}}
+          <ul class="nav pull-right">
+            <li>
+              <a href="#" id="browserid" title="Sign-in with BrowserID">
+                <img src="{{base_url}}/assets/ico/sign_in_blue.png" alt="Sign in">
+              </a>
+              <a href="#" id="logout">
+                Hi yeah, <span id="whoami">??</span>
+                Wanna logout?
+              </a>
+            </li>
+          </ul>
         </div>
       </div>
     </div>
@@ -65,5 +77,66 @@
     <script src="{{base_url}}/assets/js/bootstrap-carousel.js"></script>
     <script src="{{base_url}}/assets/js/bootstrap-typeahead.js"></script>
 
+    <script src="https://browserid.org/include.js" type="text/javascript"></script>
+    <script>
+    function loggedIn(res) {
+      $('#whoami').html(res);
+      $('#browserid, #logout').toggle();
+    }
+
+    function loggedOut() {
+      $('#browserid, #logout').toggle();
+    }
+
+    function gotVerifiedEmail(assertion) {
+      // got an assertion, now send it up to the server for verification
+      if (assertion !== null) {
+        $.ajax({
+          type: 'POST',
+          url: '{{base_url}}/browserid/login',
+          data: { assertion: assertion },
+          success: function(res, status, xhr) {
+            if (res === null) loggedOut();
+            else loggedIn(res);
+          },
+          error: function(res, status, xhr) {
+            alert("login failure" + res);
+          }
+        });
+      } else {
+        loggedOut();
+      }
+    }
+
+    $(function() {
+      $.get('{{base_url}}/browserid/whoami', function (res) {
+        if (res === null) {
+          // see if we are logged in by default
+          if (navigator.id.get) {
+            navigator.id.get(gotVerifiedEmail, {silent: true});
+          } else {
+            loggedOut();
+          }
+        } else {
+          loggedIn(res, true);
+        }
+      }, 'json');
+
+      $('#browserid').on('click', function() {
+        navigator.id.get(gotVerifiedEmail, {allowPersistent: true});
+        return false;
+      });
+
+      $('#logout').on('click', function() {
+        $.ajax({
+          type: 'POST',
+          url: '{{base_url}}/browserid/logout',
+          success: function(res, status, xhr) {
+            loggedOut();
+          }
+        });
+      });
+    });
+    </script>
   </body>
 </html>
diff --git a/vendors/Resty b/vendors/Resty