Module: JunglePath::API::Helpers::AuthLocalUser

Defined in:
lib/jungle_path/api/helpers/auth_local_user.rb

Defined Under Namespace

Classes: Identity

Instance Method Summary collapse

Instance Method Details

#authenticate(no_cache = false) ⇒ Object

If you are using this module, make sure your user table has these columns:

id,
user_name,
phone,
sms_verification_code,
hash,
key,
role



20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 20

def authenticate no_cache=false
  puts "AuthLocalUser.authenticate !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
  remote_user = request.env['REMOTE_USER']
  remote_password = request.env['REMOTE_PASSWORD']
  puts "remote_user: #{remote_user}."
  puts "remote_password: #{remote_password}."
  is_authenticated = basic_authentication(remote_user, remote_password, no_cache)
  unless is_authenticated
    # force no_cache = true
    halt 401 unless basic_authentication(remote_user, remote_password, true)
  end
  #puts "content-type: #{request.content_type}."
  request.body.rewind
  #puts "body:\n#{request.body.read}."
  #puts "params:\n#{params}."
end

#authenticate_assumed_identity(identity, no_cache = false) ⇒ Object 



78
79
80
81
82
83
84
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 78

def authenticate_assumed_identity identity, no_cache=false
  id = identity.dup
  id.user = get_assumed_user(identity.user_name, no_cache)
  id.key = id.user
  id.valid = (id.user and id.user.is_valid)
  id
end

#authenticate_identity(identity, no_cache = false) ⇒ Object 



70
71
72
73
74
75
76
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 70

def authenticate_identity identity, no_cache=false
  id = identity.dup
  id.user = get_user(identity.user_name, identity.remote_password, no_cache)
  id.key = id.user
  id.valid = (id.user and id.user.is_valid)
  id
end

#authenticate_user(user_name, password, no_cache = false) ⇒ Object 



86
87
88
89
90
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 86

def authenticate_user user_name, password, no_cache=false
  user = get_user(user_name, password, no_cache)
  set_current_user(user)
  valid = (user and user.is_valid)
end

#basic_authentication(remote_user, remote_password, no_cache = false) ⇒ Object 



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 37

def basic_authentication remote_user, remote_password, no_cache=false
  identity, assume_identity = parse_identities(remote_user, remote_password)
  puts "identity: #{identity}"
  puts "assume_identity: #{assume_identity}"
  #puts "APIHelpers::AuthLocalUser.#{__method__}."
  #if user_name and user_name.start_with?("sk_")

  #valid = authenticate_user(auth.user_name, password, no_cache)
  valid = false
  identity = authenticate_identity(identity, no_cache)
  if identity.valid
    identity.roles = get_roles(identity.key, no_cache)
    identity.auth = get_auth(identity.roles, no_cache)
    #set_current_roles roles
    #set_current_auth
    if assume_identity
      puts "assume_identity..."
      assume_identity = authenticate_assumed_identity(assume_identity, no_cache)
      assume_identity.roles = get_roles(assume_identity.key, no_cache)
      assume_identity.auth = get_auth(assume_identity.roles, no_cache)
      valid = assume_identity.valid
      set_current_identity assume_identity, no_cache
    else
      valid = identity.valid
      set_current_identity identity, no_cache
    end
  else
    #set_current_roles nil
    set_current_identity identity, no_cache
  end
  valid
end

#current_authObject 



274
275
276
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 274

def current_auth
  @current_auth
end

#current_identityObject 



254
255
256
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 254

def current_identity
  @current_identity
end

#current_keyObject 



262
263
264
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 262

def current_key
  @current_user
end

#current_query_filtersObject 



278
279
280
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 278

def current_query_filters
  @current_query_filters
end

#current_roleObject 



270
271
272
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 270

def current_role
  @current_role
end

#current_rolesObject 



266
267
268
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 266

def current_roles
  @current_roles
end

#current_userObject 



258
259
260
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 258

def current_user
  @current_user
end

#get_assumed_user(user_name, no_cache = false) ⇒ Object 



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 92

def get_assumed_user user_name, no_cache=false
  cache_key = "#{user_name}.password"
  user = cache[cache_key]
  if user == nil or no_cache
    lowercase_user_name = nil
    lowercase_user_name = user_name.downcase if user_name
    ds = db.base['select id, user_name, name, first_name, last_name, phone, email, hash, key, active from "user" where user_name = ? or email = ?', lowercase_user_name, lowercase_user_name]
    hash = ds.first
    #puts "get_user: hash: #{hash}."
    user = Schema::User.new(hash, false) if hash
    halt 401, "Unauthorized" unless user
    halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
    user.is_valid = true
    cache[cache_key] = user if user
  end
  user
end

#get_auth(roles, no_cache = false) ⇒ Object 



188
189
190
191
192
193
194
195
196
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 188

def get_auth roles, no_cache=false
  cache_key = "#{roles}_auth"
  puts "get_auth cache_key: #{cache_key}."
  auth = cache.get(cache_key)
  if auth == nil or no_cache
    auth = JunglePath::Authorization::Filter.new roles, Schema::Base.models, configatron.application.role_permissions, configatron.application.role_restrictions, configatron.application.role_schema_filters, configatron.schema.filters
  end
  auth
end

#get_query_filters(no_cache = false) ⇒ Object 



198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 198

def get_query_filters no_cache=false
  # get filters from query_filter table.
  return nil unless current_key
  cache_key = "#{current_key.id}_query_filters"
  query_filters = cache.get(cache_key)
  if query_filters == nil or no_cache
    query_filters = []
    #filters = SQL::QueryFilter.by_key(db, current_key)
    #filters.each do |filter|
    #  query_filters << Query::Filter.new(filter[:base_table_name], filter[:sub_select])
    #end
    if app_defined_query_filters
      app_defined_query_filters.each do |filter|
        query_filters << filter
      end
    end
    cache.set cache_key, query_filters
  end
  query_filters
end

#get_roles(key, no_cache = false) ⇒ Object 



166
167
168
169
170
171
172
173
174
175
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 166

def get_roles key, no_cache=false
  return nil unless key
  cache_key = "#{key.id}_roles"
  roles = cache.get(cache_key)
  if roles == nil or no_cache
    roles = SQL::Role.by_user(db, key)
    cache.set cache_key, roles if roles
  end
  roles
end

#get_user(user_name, password, no_cache = false) ⇒ Object 



110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 110

def get_user user_name, password, no_cache=false
  # is this username/password valid?
  cache_key = "#{user_name}.#{password}"
  user = cache[cache_key]
  if user == nil or no_cache
    #assumed_user = nil
    ds = nil
    if user_name_is_key? user_name
      ds = db.base['select id, user_name, name, first_name, last_name, phone, email, hash, key, active from "user" where key = ?', user_name.downcase]
    else
      lowercase_user_name = nil
      lowercase_user_name = user_name.downcase if user_name
      ds = db.base['select id, user_name, name, first_name, last_name, phone, email, hash, key, active from "user" where user_name = ?', lowercase_user_name]
    end
    hash = ds.first
    #puts "get_user: hash: #{hash}."
    user = Schema::User.new(hash, false) if hash
    halt 401, "Unauthorized" unless user
    halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
    if user_name_is_key? user_name
      user.is_valid = true
    else
      user.is_valid = valid_user?(user, password)
    end
    cache[cache_key] = user if user
  end
  user.password = password
  user
end

#parse_identities(remote_user, remote_password) ⇒ Object 



144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 144

def parse_identities remote_user, remote_password
  identity = Identity.new
  identity.remote_user = remote_user
  identity.remote_password = remote_password
  assume_identity = nil
  if remote_user and remote_user.include?("|")
    parts = remote_user.split('|')
    identity.user_name = parts[1]
    assume_identity = Identity.new
    assume_identity.user_name = parts[0]
    assume_identity.remote_user = remote_user
    assume_identity.remote_password = remote_password
  else
    identity.user_name = remote_user
  end
  return identity, assume_identity
end

#set_current_auth(auth) ⇒ Object 



243
244
245
246
247
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 243

def set_current_auth auth
  #@current_auth = ::Authorization::Filter.new current_roles, configatron.application.role_permissions, configatron.application.role_restrictions
  @current_auth = auth
  @current_user.auth = @current_auth if @current_user
end

#set_current_identity(identity, no_cache = false) ⇒ Object 



219
220
221
222
223
224
225
226
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 219

def set_current_identity identity, no_cache=false
  puts "set_current_identity: #{identity.user.user_name}" if identity and identity.user
  @current_identity = identity
  set_current_user identity.user
  set_current_roles identity.roles
  set_current_auth identity.auth
  set_current_query_filters no_cache
end

#set_current_query_filters(no_cache = false) ⇒ Object 



249
250
251
252
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 249

def set_current_query_filters no_cache=false
  @current_query_filters = get_query_filters(no_cache)
  @current_user.query_filters = @current_query_filters
end

#set_current_roles(roles) ⇒ Object 



232
233
234
235
236
237
238
239
240
241
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 232

def set_current_roles roles
  @current_role = nil #configatron.default.role
  @current_roles = roles
  if roles
    roles.each do |role|
      @current_role = role[:name]
      break
    end
  end
end

#set_current_user(user) ⇒ Object 



228
229
230
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 228

def set_current_user user
  @current_user = user
end

#user_name_is_key?(user_name) ⇒ Boolean

Returns:

  • (Boolean) 


140
141
142
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 140

def user_name_is_key? user_name
  user_name and user_name.start_with?("sk_") and !user_name.include?("@")
end

#valid_user?(user, password) ⇒ Boolean

Returns:

  • (Boolean) 


162
163
164
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 162

def valid_user?(user, password)
  valid = (user and PasswordHash.validatePassword(password, user.hash))
end

#zget_roles(no_cache = false) ⇒ Object 



177
178
179
180
181
182
183
184
185
186
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 177

def zget_roles no_cache=false
  return nil unless current_key
  cache_key = "#{current_key.id}_roles"
  roles = cache.get(cache_key)
  if roles == nil or no_cache
    roles = SQL::Role.by_user(db, current_key)
    cache.set cache_key, roles if roles
  end
  roles
end