Module: Card::Auth

Defined in:

lib/card/auth.rb

Constant Summary

SETUP_COMPLETED_KEY =

'SETUP_COMPLETED'

DEFAULT_RECAPTCHA_SETTINGS =

{
  recaptcha_public_key: '6LeoHfESAAAAAN1NdQeYHREq4jTSQhu1foEzv6KC',
  recaptcha_private_key: '6LeoHfESAAAAAHLZpn7ijrO4_KGLEr2nGL4qjjis'
}

@@as_card =

@@as_id = @@current_id = @@current = nil

@@simulating_setup_need =

nil

Class Method Summary

• .[](email) ⇒ Object

  find account by email.

• .always_ok? ⇒ Boolean
• .always_ok_usr_id?(usr_id) ⇒ Boolean
• .among?(authzed) ⇒ Boolean
• .as(given_user) ⇒ Object
• .as_bot(&block) ⇒ Object
• .as_card ⇒ Object
• .as_id ⇒ Object
• .authenticate(email, password) ⇒ Object

  Authenticates a user by their login name and unencrypted password.

• .createable_types ⇒ Object

  PERMISSIONS.

• .current ⇒ Object
• .current_id ⇒ Object
• .current_id=(card_id) ⇒ Object
• .encrypt(password, salt) ⇒ Object

  Encrypts some data with the salt.

• .find_by_token(token) ⇒ Object
• .get_user_id(user) ⇒ Object
• .instant_account_activation ⇒ Object
• .needs_setup? ⇒ Boolean
• .password_valid?(account, password) ⇒ Boolean
• .session ⇒ Object
• .set_current_from_mark(mark) ⇒ Object
• .set_current_from_session ⇒ Object
• .set_current_from_token(token, current = nil) ⇒ Object
• .signed_in? ⇒ Boolean
• .signin(signin_id) ⇒ Object
• .simulate_setup_need!(mode = true) ⇒ Object

Class Method Details

.[](email) ⇒ Object

find account by email

# File 'lib/card/auth.rb', line 74

def [] email
  email = email.strip.downcase
  Auth.as_bot do
    Card.search(
      { right_id: Card::AccountID,
        right_plus: [{ id: Card::EmailID }, { content: email }]
        }, "find +*account for email(#{email})"
    ).first
  end
end

.always_ok? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/auth.rb', line 194

def always_ok?
  usr_id = as_id
  return false if !usr_id
  always_ok_usr_id? usr_id
end

.always_ok_usr_id?(usr_id) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/auth.rb', line 200

def always_ok_usr_id? usr_id
  return true if usr_id == Card::WagnBotID # cannot disable

  always = Card.cache.read('ALWAYS') || {}
  # warn(Rails.logger.warn "Auth.always_ok? #{usr_id}")
  if always[usr_id].nil?
    always = always.dup if always.frozen?
    always[usr_id] =
      !!Card[usr_id].all_roles.find { |r| r == Card::AdministratorID }
    # warn(Rails.logger.warn "update always hash #{always[usr_id]},
    # #{always.inspect}")
    Card.cache.write 'ALWAYS', always
  end
  # warn Rails.logger.warn("aok? #{usr_id}, #{always[usr_id]}")
  always[usr_id]
end

.among?(authzed) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/auth.rb', line 155

def among? authzed
  as_card.among? authzed
end

.as(given_user) ⇒ Object

# File 'lib/card/auth.rb', line 132

def as given_user
  tmp_id   = @@as_id
  tmp_card = @@as_card

  @@as_id   = get_user_id(given_user)
  @@as_card = nil
  # we could go ahead and set as_card if given a card...

  @@current_id = @@as_id if @@current_id.nil?

  return unless block_given?
  yield
ensure
  if block_given?
    @@as_id   = tmp_id
    @@as_card = tmp_card
  end
end

.as_bot(&block) ⇒ Object

# File 'lib/card/auth.rb', line 151

def as_bot &block
  as Card::WagnBotID, &block
end

.as_card ⇒ Object

# File 'lib/card/auth.rb', line 163

def as_card
  if @@as_card && @@as_card.id == as_id
    @@as_card
  else
    @@as_card = Card[as_id]
  end
end

.as_id ⇒ Object

# File 'lib/card/auth.rb', line 159

def as_id
  @@as_id || current_id
end

.authenticate(email, password) ⇒ Object

Authenticates a user by their login name and unencrypted password.

# File 'lib/card/auth.rb', line 18

def authenticate email, password
  account = Auth[email]
  case
  when !account                                 then nil
  when !account.active?                         then nil
  when Card.config.no_authentication            then account
  when password_valid?(account, password.strip) then account
  end
end

.createable_types ⇒ Object

PERMISSIONS

# File 'lib/card/auth.rb', line 219

def createable_types
  type_names =
    Auth.as_bot do
      Card.search(
        { type: Card::CardtypeID, return: :name,
          not: { codename: ['in'] + Card.config.non_createable_types } },
        'find createable types'
      )
    end

  type_names.select do |name|
    Card.new(type: name).ok? :create
  end.sort
end

.current ⇒ Object

# File 'lib/card/auth.rb', line 110

def current
  if @@current && @@current.id == current_id
    @@current
  else
    @@current = Card[current_id]
  end
end

.current_id ⇒ Object

# File 'lib/card/auth.rb', line 106

def current_id
  @@current_id ||= Card::AnonymousID
end

.current_id=(card_id) ⇒ Object

# File 'lib/card/auth.rb', line 118

def current_id= card_id
  @@current = @@as_id = @@as_card = nil
  card_id = card_id.to_i if card_id.present?
  @@current_id = card_id
end

.encrypt(password, salt) ⇒ Object

Encrypts some data with the salt.

# File 'lib/card/auth.rb', line 69

def encrypt password, salt
  Digest::SHA1.hexdigest "#{salt}--#{password}--"
end

.find_by_token(token) ⇒ Object

# File 'lib/card/auth.rb', line 58

def find_by_token token
  Auth.as_bot do
    Card.search(
      { right_id: Card::AccountID,
        right_plus: [{ id: Card::TokenID }, { content: token.strip }]
        }, 'find +*account card by token'
    ).first
  end
end

.get_user_id(user) ⇒ Object

# File 'lib/card/auth.rb', line 124

def get_user_id user
  case user
  when NilClass then nil
  when Card     then user.id
  else Card.fetch_id(user)
  end
end

.instant_account_activation ⇒ Object

# File 'lib/card/auth.rb', line 187

def instant_account_activation
  simulate_setup_need!
  yield
ensure
  simulate_setup_need! false
end

.needs_setup? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/auth.rb', line 175

def needs_setup?
  @@simulating_setup_need || (
    !Card.cache.read(SETUP_COMPLETED_KEY) &&
    !Card.cache.write(SETUP_COMPLETED_KEY, account_count > 2)
  )
  # every deck starts with WagnBot and Anonymous account
end

.password_valid?(account, password) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/auth.rb', line 28

def password_valid? account, password
  account.password == encrypt(password, account.salt)
end

.session ⇒ Object

# File 'lib/card/auth.rb', line 90

def session
  Card::Env[:session]
end

.set_current_from_mark(mark) ⇒ Object

# File 'lib/card/auth.rb', line 48

def set_current_from_mark mark
  self.current_id =
    if mark.to_s =~ /@/
      account = Auth[mark.downcase]
      account && account.active? ? account.left_id : Card::AnonymousID
    else
      mark
    end
end

.set_current_from_session ⇒ Object

# File 'lib/card/auth.rb', line 94

def set_current_from_session
  self.current_id =
    if session
      if (card_id = session[:user]) && Card.exists?(card_id)
        card_id
      else
        session[:user] = nil
      end
    end
  current_id
end

.set_current_from_token(token, current = nil) ⇒ Object

# File 'lib/card/auth.rb', line 32

def set_current_from_token token, current=nil
  account = find_by_token token
  if account && account.validate_token!(token)
    unless current && always_ok_usr_id?(account.left_id)
      current = account.left_id
    end
    set_current_from_mark current
  elsif Env.params[:live_token]
    true
    # Used for activations and resets.
    # Continue as anonymous and address problem later
  else
    false
  end
end

.signed_in? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/auth.rb', line 171

def signed_in?
  current_id != Card::AnonymousID
end

.signin(signin_id) ⇒ Object

# File 'lib/card/auth.rb', line 85

def signin signin_id
  self.current_id = signin_id
  session[:user] = signin_id if session
end

.simulate_setup_need!(mode = true) ⇒ Object

# File 'lib/card/auth.rb', line 183

def simulate_setup_need! mode=true
  @@simulating_setup_need = mode
end