From 1b144d63d7b9d468af2b1ec116023402af93aa56 Mon Sep 17 00:00:00 2001
From: Benjamin Young <byoung@bigbluehat.com>
Date: Tue, 8 May 2012 16:26:46 -0400
Subject: [PATCH] added BrowserID login; beers added to user doc

User docs are stored as sha1($email) for some level of privacy.
The list of beers is stored as a pipe (|) delimited list of beer
doc IDs.
---
 .gitmodules                 |   3 ++
 assets/ico/sign_in_blue.png | Bin 0 -> 1798 bytes
 beers.php                   |  24 +++++++-----
 index.php                   |  44 ++++++++++++++++++++++
 templates/layout.mustache   |  73 ++++++++++++++++++++++++++++++++++++
 vendors/Resty               |   1 +
 6 files changed, 136 insertions(+), 9 deletions(-)
 create mode 100644 assets/ico/sign_in_blue.png
 create mode 160000 vendors/Resty

diff --git a/.gitmodules b/.gitmodules
index 5e1848d..6ee5232 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -4,3 +4,6 @@
 [submodule "vendors/Slim"]
 	path = vendors/Slim
 	url = https://github.com/codeguy/Slim.git
+[submodule "vendors/Resty"]
+	path = vendors/Resty
+	url = https://github.com/fictivekin/Resty.php.git
diff --git a/assets/ico/sign_in_blue.png b/assets/ico/sign_in_blue.png
new file mode 100644
index 0000000000000000000000000000000000000000..919a5c7a3598ff2665d509b9dcfb03cdc1753a0f
GIT binary patch
literal 1798
zcmV+h2l@DkP)<h;3K|Lk000e1NJLTq002(_000&U1^@s6fwjT8000KfNkl<ZSi|j^
zT})f&8OP70bd{>2Dczcl6e^|3#j-YPcUvjS#hOmLnx<8vOEpbUUsP)^cE5{ilNJVD
z(u9;GYqG2%24X`93kh)m^Nj<<gkS>x#5VTv$2qnskPom4{P#ZZ**P^B2TsdwXkY24
z_kGUuaqPdI_nhNnLHKTb^D!|o@q8kYIFyp*5=JRo8=l7g8*#%M{n!>97(nR(8;-m_
zh__$u$IH5elO*Y|EXz$vSxzPs32c`AtuhYW#&#n8+HKr>bpRFn2C#Qi9Y?~YQYmbf
zge+_P*d$}O1>1&VE3nrFykbLpQ7;ZXRlHa%c8GOeQjd7aWD>F@Y5cHW!miepZ%oO+
z%9hm0=8g6hyw$BQr;z0o_j87e2bSK>D_%SvFOlLB+lI*;0)YSq`Uf<~R(%OM0m@VP
zL2V2#+<5X-4zxW%wQB|Tqynvf(Y4HdN5@w{gN|)fM-S0QD|nF6U-L!wSquA?v8!)+
zWLNLfFV__>5{Z<?V==I;n?qk;Uk=%R*0G>ml>%cF1udDp*b~cKpt|uHoE=HPGn0m0
zUgo}%wiND)bNHP_ergT9)Q`yw>1*Zgv}EvN?-G90lVJib<_Z{%Mh($Olnb$z-rl|(
z*2ctH*HOO8jv5g=niq5UO?O5SZZw9%njn61DU3azkK<QnANLnDe2EWlPUC0)nbmR*
zwx>~M%Wzbip!H90q&c)Ezq($_;j1Fvy%E*y&E}~*)0)O}?6W`DogNXai>tSAG#oWV
zM3Hq)Jcpj{o*dSTi$!Cg8Y;pUAqZC=ucEAHo{QHNe1v`17qsKgHq7z4v_H-LW&O(W
zzm6(mM;|KPs*a1UG~R4m;Onb_4Cd3ycBh$+uRZS_X$f{I!`FK9R>3~+j!q_~bzw;8
zSU9MO7Y>FEVn}3N6U#vqBk1bt)*ySmI3glOL3LDwe+3~lKGgWWF%FOXP!nNTdV;^)
zO>6!#>x?2Eo5`lpG9jV3dITRfJGoua?Z?gwJ_whUSa)&}f4t_xd!})2pL9H4bxy(_
zQQ)?Yyd17Qf?#EF9gkZCOQMjA7Yqgsp<sv$lTDZjFgE5uS7(<7*>rqutVUP_)lw18
z`5~C*HC{jOz-ikw+*u+vPGz|757rd7X(pRS&6u)&vsvPH)yRxii{D%ZBM>ezYGrPp
z%JQq&#RnX{dFyhO(Z+<dJorcv&mS}d13@l|$~61p){f4+kUu+KB{Urd)grDmUV-pW
z)+O~{eno8x-#h2U&Qo^0b-|A4oU)C6-ZGEhw<Y+RW{N#(^|39rjG_1vpWV^}?5mm5
zYVnS-C-d4Wns_?%*5%496OIXZbH0*`=lA*z0e^shah1{0d+6w}=7s#(@dOD<b%@4>
zMhK_f5R9q(T#VtAEyO?kk@gw9XHmL<X7YdBFJpdj301cvc&By@1t*6g)W}*sjT6I(
zytc|6ah{_$FNX%!ovpK+Jtta~&hvV`2EWgbU~pQay{%(Ivf~4+)2If~U~Yi$nUjel
zuVQ~w3YB*s@>#Vbb7|gv!npvB+>9$ivYGrtk;mK~5+7kOx&X6xLCYm*93PVM+A4R#
za~!>StGLWM^ZE>D&+*n4_S;^$=6T&-gU{>Jx`w!Qt8GKnSpQT2luwvVW(ZZ25dJOY
z@Ihw^;#_*wo%2p;7QZ&$<NkMBqx=}nWWRFeF5Wkf;ZLnToUn<k3!h*znbzvjI5sHd
zwN-|haD?7GjXEaYwG^lL`1K+7X!q6K*6ns1n1Gn_1vD&{TN^@gKCd5?OPEY12%kFG
zT{f~l)lNKH(Sw6$Z74I1@>%%DZFXIpQv7GUC^*`|=igeC?NoAI$rGv^_+nVu;%Yq}
zTjj`WYtT6ey?KN&2BBHz>^^pFggw`;e$I2bT%{hThY2yI3$Moq$|Ek<Uxsjub<pRb
zjX5)=Y-^hH#Oyrh!TdsocWTA(EY3QVyJYj2xVdv|1sB=5n&O<@pK#%Fe_>3HPnNhQ
z-CT^#;$fXeIRqE3l3mPC`?ij14-QuM;AFQKgP}RJdsC?DVmF{l+t!{Z9~T1b1`+1G
zRME7)a5Nka=OO2PXVUHT!sFT)igQl5IQ4Z*xWBV4@tJ$;Ie8z#C#?40Iw6#IE9?Kq
zdDe2CiD#bX6jfds&e^Kj!(45Co^@Z-<b5afP+wcmu2**U{Nvx2yi{&(r`L5Gz7Vau
zRCm~DtZS+@)+XzW_1FxBe?E`ma`U#LsN9?`DmUFLI%=w59k*B4e;A}Rd(~9JC}r>Y
o4Br<1_kEAh7G;kjoBj{uzdiZkuSqo1!T<mO07*qoM6N<$f~i%04*&oF

literal 0
HcmV?d00001

diff --git a/beers.php b/beers.php
index 72d406a..cc1681f 100644
--- a/beers.php
+++ b/beers.php
@@ -16,16 +16,22 @@ function breweryUrl($name) {
 });
 
 $app->get('/beers/:id', function($id) use ($app, $cb) {
-  $beer = json_decode($cb->get('beer_' . str_replace(' ', '_', urldecode($id))), true);
-  if ($beer !== null) {
-    if (isset($beer['brewery'])) {
-      $beer['brewery_url'] = breweryUrl($beer['brewery']);
-    }
-    $app->view()->appendData($beer);
-    $content = $app->view()->render('beer.mustache');
-    $app->render('layout.mustache', compact('content'));
+  if (!isset($_SESSION['email'])) {
+    $app->response()->status(401);
   } else {
-    $app->notFound();
+    $beer_id = 'beer_' . str_replace(' ', '_', urldecode($id));
+    $beer = json_decode($cb->get($beer_id), true);
+    if ($beer !== null) {
+      $cb->append(sha1($_SESSION['email']), $beer_id . '|');
+      if (isset($beer['brewery'])) {
+        $beer['brewery_url'] = breweryUrl($beer['brewery']);
+      }
+      $app->view()->appendData($beer);
+      $content = $app->view()->render('beer.mustache');
+      $app->render('layout.mustache', compact('content'));
+    } else {
+      $app->notFound();
+    }
   }
 });
 
diff --git a/index.php b/index.php
index 1b5ed9f..2b542fd 100755
--- a/index.php
+++ b/index.php
@@ -1,6 +1,7 @@
 <?php
 
 // require stuffs
+require 'vendors/Resty/Resty.php';
 require 'vendors/Slim/Slim/Slim.php';
 require 'vendors/Slim-Extras/Views/MustacheView.php';
 
@@ -14,6 +15,8 @@
   'current_url' => $env['PATH_INFO']
 ));
 
+$app->add(new Slim_Middleware_SessionCookie());
+
 // Setup Couchbase connected objects
 try {
   $cb = new Couchbase("127.0.0.1:8091", "Administrator", "asdasd", "beer-sample");
@@ -28,6 +31,47 @@
   $content = $app->view()->render('index.mustache');
   $app->render('layout.mustache', compact('content') + array('on_index' => true));
 });
+
+// GET BrowserID verification
+$app->post('/browserid/login', function () use ($app, $cb) {
+  header('Content-Type: application/json');
+  $resty = new Resty();
+  $resty->debug(true);
+  $assertion=$app->request()->post('assertion');
+  // get the POSTed assertion
+  $post_data = array('assertion' => $assertion, 'audience' => $_SERVER['SERVER_NAME']);
+  // SERVER is my site's hostname
+  $resty->setBaseURL('https://browserid.org/');
+  // This makes a post request to browserid.org
+  $r = $resty->post('verify',$post_data);
+
+  if ($r['body']->status == 'okay') {
+    // This logs the user in if we have an account for that email address,
+    // or creates it otherwise
+    //$email = sha1($r['body']['email']);
+    $email = $_SESSION['email'] = $r['body']->email;
+    if ($cb->get(sha1($email)) === null) {
+      $cb->set(sha1($email), '');
+    }
+    echo json_encode($email);
+  } else {
+    $msg = 'Could not log you in';
+    $status = false;
+    echo json_encode(array('message'=>$msg,'status'=>$status));
+  }
+});
+
+$app->post('/browserid/logout', function() use ($app) {
+  unset($_SESSION['email']);
+});
+
+$app->get('/browserid/whoami', function() use ($app) {
+  header('Content-Type: application/json');
+  if (isset($_SESSION['email'])) {
+    echo json_encode($_SESSION['email']);
+  }
+});
+
 // beer routes
 require_once 'beers.php';
 // brewery routes
diff --git a/templates/layout.mustache b/templates/layout.mustache
index e49eda3..b96d9a7 100644
--- a/templates/layout.mustache
+++ b/templates/layout.mustache
@@ -13,6 +13,7 @@
       body {
         padding-top: 60px; /* 60px to make the container go all the way to the bottom of the topbar */
       }
+      #logout {display:none}
     </style>
     <link href="{{base_url}}/assets/css/bootstrap-responsive.css" rel="stylesheet">
 
@@ -40,6 +41,17 @@
             <input type="search" placeholder="Whatcha drinkin'?" class="search-query span2" name="id">
           </form>
           {{/on_index}}
+          <ul class="nav pull-right">
+            <li>
+              <a href="#" id="browserid" title="Sign-in with BrowserID">
+                <img src="{{base_url}}/assets/ico/sign_in_blue.png" alt="Sign in">
+              </a>
+              <a href="#" id="logout">
+                Hi yeah, <span id="whoami">??</span>
+                Wanna logout?
+              </a>
+            </li>
+          </ul>
         </div>
       </div>
     </div>
@@ -65,5 +77,66 @@
     <script src="{{base_url}}/assets/js/bootstrap-carousel.js"></script>
     <script src="{{base_url}}/assets/js/bootstrap-typeahead.js"></script>
 
+    <script src="https://browserid.org/include.js" type="text/javascript"></script>
+    <script>
+    function loggedIn(res) {
+      $('#whoami').html(res);
+      $('#browserid, #logout').toggle();
+    }
+
+    function loggedOut() {
+      $('#browserid, #logout').toggle();
+    }
+
+    function gotVerifiedEmail(assertion) {
+      // got an assertion, now send it up to the server for verification
+      if (assertion !== null) {
+        $.ajax({
+          type: 'POST',
+          url: '{{base_url}}/browserid/login',
+          data: { assertion: assertion },
+          success: function(res, status, xhr) {
+            if (res === null) loggedOut();
+            else loggedIn(res);
+          },
+          error: function(res, status, xhr) {
+            alert("login failure" + res);
+          }
+        });
+      } else {
+        loggedOut();
+      }
+    }
+
+    $(function() {
+      $.get('{{base_url}}/browserid/whoami', function (res) {
+        if (res === null) {
+          // see if we are logged in by default
+          if (navigator.id.get) {
+            navigator.id.get(gotVerifiedEmail, {silent: true});
+          } else {
+            loggedOut();
+          }
+        } else {
+          loggedIn(res, true);
+        }
+      }, 'json');
+
+      $('#browserid').on('click', function() {
+        navigator.id.get(gotVerifiedEmail, {allowPersistent: true});
+        return false;
+      });
+
+      $('#logout').on('click', function() {
+        $.ajax({
+          type: 'POST',
+          url: '{{base_url}}/browserid/logout',
+          success: function(res, status, xhr) {
+            loggedOut();
+          }
+        });
+      });
+    });
+    </script>
   </body>
 </html>
\ No newline at end of file
diff --git a/vendors/Resty b/vendors/Resty
new file mode 160000
index 0000000..5230845
--- /dev/null
+++ b/vendors/Resty
@@ -0,0 +1 @@
+Subproject commit 5230845b04f26a8a895552e3b13129b22dd27ded