senaduka/old-ribica
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

stuff not ready to be pushed to master

Browse Source
This commit is contained in:
Edin Dazdarevic
2015-03-08 22:29:37 +01:00
parent fce49c9f5b
commit cb37ff0391
9 changed files with 234 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
front-api/controllers/user.rb
View File

@@ -1,6 +1,28 @@
require 'openssl'
require "base64"
post '/user/logout' do
response.delete_cookie("ribica_auth", :path => "/")
#response.delete_cookie("anonymous_user_id", :path => "/")
auid = AnonymousUser.uid
response.set_cookie('anonymous_user_id', :path=> '/', :httponly => true, :value=>auid, :expires=> Time.now + 100.year)
#Cart.find_or_create(auid, -1)
end
def encrypt(data)
cipher = OpenSSL::Cipher.new('AES-128-CBC')
cipher.encrypt
cipher.key = COOKIE_SECRET_KEY
encrypted = cipher.update(data) + cipher.final
Base64.encode64(encrypted)
end
def decrypt(data)
data = Base64.decode64(data)
cipher = OpenSSL::Cipher.new('AES-128-CBC')
cipher.decrypt
cipher.key = COOKIE_SECRET_KEY
decrypted = cipher.update(data) + cipher.final
end
post '/user/login' do
@@ -13,7 +35,9 @@ post '/user/login' do
res = User.find_by(email: email).try(:authenticate, password) # => false
if res
#TODO : encrypt this cookie
response.set_cookie('ribica_auth', :path=> '/', :httponly => true, :value=>res.id, :expires=>Time.now+100.year)
val = encrypt(res.id.to_s)
response.set_cookie('ribica_auth', :path=> '/', :httponly => true, :value=>val, :expires=>Time.now+100.year)
#Cart.find_or_create(anonymous_id, res.id)
res.to_json(except: 'password_digest')
else
status 401
@@ -24,6 +48,7 @@ end
get '/user' do
auth = cookies['ribica_auth']
if not auth.nil?
auth = decrypt(auth)
return User.find_by(id: auth).to_json(except: 'password_digest')
end
end
@@ -36,7 +61,8 @@ post '/user' do
user.from_json(json, false)
if user.save
response.set_cookie('ribica_auth', :path=> '/', :httponly => true, :value=>user.id, :expires=>Time.now+100.year)
val = encrypt(user.id.to_s)
response.set_cookie('ribica_auth', :path=> '/', :httponly => true, :value=>val, :expires=>Time.now+100.year)
user.to_json(except: 'password_digest')
else
status 400