Class: SessionsController

Inherits:
ApplicationController
  • Object
show all
Defined in:
app/controllers/sessions_controller.rb

Constant Summary collapse

APP_CONFIG =

Load configuration items (MANDATORY, must be included)

HashWithIndifferentAccess.new(YAML.load(File.read(File.expand_path('../../../config/podio/podio_config.yml', __FILE__))))

Instance Method Summary collapse

Instance Method Details

#change_session_as_userObject

End of Create_Session as user action



61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
 
# File 'app/controllers/sessions_controller.rb', line 61

def change_session_as_user
  begin
    SymmetricEncryption.load!

    constServiceAccountInfoKey = APP_CONFIG[:SERVICE_ACCOUNT_NAME]
    constServiceAccountPassKey = APP_CONFIG[:SERVICE_ACCOUNT_PASS]

    apiKey = Metadata.first({:conditions => ["key = ? and sites_id = ?", APP_CONFIG[:PODIO_API_KEY], session[:accessible_appid]]})
    secretKey = Metadata.first({:conditions => ["key = ? and sites_id = ?", APP_CONFIG[:PODIO_SECRET_KEY], session[:accessible_appid]]})

    # Get service user account information from database
    usrName = Metadata.where("key = ? and sites_id = ?", constServiceAccountInfoKey, session[:accessible_appid]).first
    usrPass = Metadata.where("key = ? and sites_id = ?", constServiceAccountPassKey, session[:accessible_appid]).first

    if (!usrName.nil? && !usrPass.nil? && !apiKey.nil? && !secretKey.nil?)
      Podio.setup(
          :api_url => 'https://api.podio.com',
          :api_key => apiKey.value.strip,
          :api_secret => secretKey.value.strip
      )

      # Authenticate using user ID
      Podio.client.authenticate_with_credentials(usrName.value.strip, SymmetricEncryption.decrypt(usrPass.value.strip))

      # Store authentication session variables
      session[:podio_access_token] = Podio.client.oauth_token.access_token
      session[:podio_refresh_token] = Podio.client.oauth_token.refresh_token

      # Store credential hash as cookies
      cookies.delete(:podio)
      cookies[:podio] = Digest::SHA2.hexdigest("#{usrName.value.strip}#{usrPass.value.strip}")

      render :json => {:status => "success"}
    else
      render :json => {:status => "failure"}
    end

  rescue Exception => ex

    render :json => {:status => "failure"}

  end
end

#create_session_as_userObject

Create_Session as user action



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'app/controllers/sessions_controller.rb', line 8

def create_session_as_user
  begin
    SymmetricEncryption.load!

    constServiceAccountInfoKey = APP_CONFIG[:SERVICE_ACCOUNT_NAME]
    constServiceAccountPassKey = APP_CONFIG[:SERVICE_ACCOUNT_PASS]

    apiKey = Metadata.first({:conditions => ["key = ? and sites_id = ?", APP_CONFIG[:PODIO_API_KEY], session[:accessible_appid]]
                            })
    secretKey = Metadata.first({:conditions => ["key = ? and sites_id = ?", APP_CONFIG[:PODIO_SECRET_KEY], session[:accessible_appid]]
                               })

    # Get service user account information from database
    usrName = Metadata.where("key = ? and sites_id = ?", constServiceAccountInfoKey, session[:accessible_appid]).first
    usrPass = Metadata.where("key = ? and sites_Id = ?", constServiceAccountPassKey, session[:accessible_appid]).first

    # API key, secret key, user and password credentials are required to proceed; if not, an error is raised
    if (!usrName.nil? && !usrPass.nil? && !apiKey.nil? && !secretKey.nil?)

      Podio.setup(
          :api_url => 'https://api.podio.com',
          :api_key => apiKey.value.strip,
          :api_secret => secretKey.value.strip
      )

      # Authenticate using user ID
      Podio.client.authenticate_with_credentials(usrName.value.strip, SymmetricEncryption.decrypt(usrPass.value.strip))

      # Store authentication session variables
      session[:podio_access_token] = Podio.client.oauth_token.access_token
      session[:podio_refresh_token] = Podio.client.oauth_token.refresh_token

      # Store credential hash as cookies
      cookies.delete(:podio)
      cookies[:podio] = Digest::SHA2.hexdigest("#{usrName.value.strip}#{usrPass.value.strip}")

      if (!cookies[:url].nil? && !cookies[:url].empty?)
        redirect_to cookies[:url].to_s
      else
        redirect_to "/"
      end
    else
      raise
    end

  rescue Exception => ex

    raise "#{ex.message}"

  end
end