Permalink
Browse files

* added new params

* fixed validation authlogic session
  • Loading branch information...
1 parent 9f33141 commit a1c269097e3b0de70799cb31375c196f0c528030 Dmitry Vorotilin committed Feb 1, 2011
Showing with 54 additions and 18 deletions.
  1. +1 −1 README.rdoc
  2. +1 −1 lib/vkontakte.js
  3. +13 −0 lib/vkontakte/authentication.rb
  4. +39 −16 lib/vkontakte/session.rb
View
@@ -3,7 +3,7 @@
This is beta version of aavkontakte - another authlogic vkontakte authorization gem. It provides vkontakte authorization to authlogic.
This gem is tested with authlogic and authlogic-rpx on my project. Please report me about bugs.
Vkontakte uses domain protection for url address of your site. But I noticed that:
-http://your-really-domain:3000/ after closing popup window is works too. You must add your domain in /etc/hosts
+http://your-really-domain:3000 after closing popup window is works too. You must add your domain in /etc/hosts
== Install
View
@@ -26,7 +26,7 @@ function vkLogin(options) {
if (response.settings){ /* Selected user access settings */ }
}
else { /* User pressed the Cancel button */ }
- }, VK.access.FRIENDS | VK.access.WIKI);
+ });
return false;
}
@@ -27,6 +27,15 @@ def vkontakte_enabled_value(value = nil)
rw_config(:vkontakte_enabled, value, false)
end
+ def vkontakte_auto_registration(value = true)
+ rw_config(:vkontakte_auto_registration, value, true)
+ end
+ alias_method :vkontakte_auto_registration=, :vkontakte_auto_registration
+
+ def vkontakte_auto_registration_value(value = nil)
+ rw_config(:vkontakte_enabled, value, true)
+ end
+
def vk_app_id(value = nil)
rw_config(:vk_app_id, value)
ActiveRecord::Base.send(:rw_config, :vk_app_id, value)
@@ -50,6 +59,10 @@ def self.included(klass)
end
end
+ def using_vkontakte?
+ authenticating_with_vkontakte?
+ end
+
private
def validate_password_not_vkontakte?
!authenticating_with_vkontakte? && (defined?(AuthlogicRpx) ? !using_rpx? : true) && require_password?
View
@@ -5,6 +5,7 @@ def self.included(klass)
extend Config
include InstanceMethods
validate :validate_by_vk_cookie, :if => :authenticating_with_vkontakte?
+ before_destroy :destroy_vkontakte_cookies
end
end
@@ -24,32 +25,50 @@ def vk_id_field(value = nil)
end
module InstanceMethods
+ def new_registration=(value)
+ @new_registration = value
+ end
+
+ def new_registration?
+ @new_registration.presence
+ end
+
private
def authenticating_with_vkontakte?
- if record_class.vkontakte_enabled_value && controller.cookies[record_class.vk_app_cookie].present?
- delete_cookie(record_class.vk_app_cookie)
- return true
- else
- return false
- end
+ record_class.vkontakte_enabled_value && controller.cookies[record_class.vk_app_cookie].present?
end
def validate_by_vk_cookie
- user_session = controller.params[:user_session]
- result = "expire=%smid=%ssecret=%ssid=%s%s" % [user_session[:expire], user_session[:mid], user_session[:secret], user_session[:sid], record_class.vk_app_password]
- if MD5.md5(result).to_s == user_session[:sig].to_s
+ @vkontakte_data = controller.params[:user_session] if controller.params[:user_session]
+ auth_data = CGI::parse(controller.cookies[record_class.vk_app_cookie])
+ result = "expire=%smid=%ssecret=%ssid=%s%s" % [ auth_data['expire'], auth_data['mid'], auth_data['secret'], auth_data['sid'], record_class.vk_app_password ]
+ if MD5.md5(result).to_s == auth_data['sig'].to_s
raise(NotInitializedError, "You must define vk_id column in your User model") unless record_class.respond_to? find_by_vk_id_method
- possible_record = search_for_record(find_by_vk_id_method, user_session[:mid])
- if possible_record.nil?
- possible_record = record_class.new
- possible_record.send "#{vk_id_field}=", user_session[:mid]
- possible_record.send :persistence_token=, Authlogic::Random.hex_token if possible_record.respond_to? :persistence_token=
- possible_record.send :save, false
+ if @vkontakte_data
+ self.attempted_record = klass.send(find_by_vk_id_method, @vkontakte_data[:mid])
+ if self.attempted_record.blank?
+ # creating a new account
+ self.new_registration = true
+ self.attempted_record = record_class.new
+ self.attempted_record.send "#{vk_id_field}=", @vkontakte_data[:mid]
+ self.attempted_record.send :persistence_token=, Authlogic::Random.hex_token if self.attempted_record.respond_to? :persistence_token=
+ map_vkontakte_data
+ self.attempted_record.save_without_session_maintenance
+ end
end
- self.attempted_record = possible_record
+ return true
+ else
+ errors.add_to_base("Authentication failed. Please try again.")
+ return false
end
end
+ def map_vkontakte_data
+ self.attempted_record.send("#{klass.login_field}=", @vkontakte_data[:user][:nickname]) if self.attempted_record.send(klass.login_field).blank?
+ self.attempted_record.send("first_name=", @vkontakte_data[:user][:first_name]) if @vkontakte_data[:user][:first_name]
+ self.attempted_record.send("last_name=", @vkontakte_data[:user][:last_name]) if @vkontakte_data[:user][:last_name]
+ end
+
def find_by_vk_id_method
self.class.find_by_vk_id_method
end
@@ -67,6 +86,10 @@ def delete_cookie(key)
domain = controller.request.domain
[".#{domain}", "#{domain}"].each { |d| controller.cookies.delete(key, :domain => d) }
end
+
+ def destroy_vkontakte_cookies
+ delete_cookie(record_class.vk_app_cookie)
+ end
end
end
end

0 comments on commit a1c2690

Please sign in to comment.