Module: JunglePath::API::Helpers::AuthLocalUser

Defined in:
lib/jungle_path/api/helpers/auth_local_user.rb

Defined Under Namespace

Classes: Identity

Instance Method Summary collapse

Instance Method Details

#authenticate(no_cache = false) ⇒ Object

If you are using this module, make sure your user table has these columns:

id,
user_name,
phone,
sms_verification_code,
hash,
key,
role



20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 20

def authenticate no_cache=false
	puts "AuthLocalUser.authenticate !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
	remote_user = request.env['REMOTE_USER']
	remote_password = request.env['REMOTE_PASSWORD']
	puts "remote_user: #{remote_user}."
	puts "remote_password: #{remote_password}."
	is_authenticated = basic_authentication(remote_user, remote_password, no_cache)
	unless is_authenticated
		# force no_cache = true
		halt 401 unless basic_authentication(remote_user, remote_password, true)
	end
	#puts "content-type: #{request.content_type}."
	request.body.rewind
	#puts "body:\n#{request.body.read}."
	#puts "params:\n#{params}."
end

#authenticate_assumed_identity(identity, no_cache = false) ⇒ Object 



78
79
80
81
82
83
84
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 78

def authenticate_assumed_identity identity, no_cache=false
	id = identity.dup
	id.user = get_assumed_user(identity.user_name, no_cache)
	id.key = id.user
	id.valid = (id.user and id.user.is_valid)
	id
end

#authenticate_identity(identity, no_cache = false) ⇒ Object 



70
71
72
73
74
75
76
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 70

def authenticate_identity identity, no_cache=false
	id = identity.dup
	id.user = get_user(identity.user_name, identity.remote_password, no_cache)
	id.key = id.user
	id.valid = (id.user and id.user.is_valid)
	id
end

#authenticate_user(user_name, password, no_cache = false) ⇒ Object 



86
87
88
89
90
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 86

def authenticate_user user_name, password, no_cache=false
	user = get_user(user_name, password, no_cache)
	set_current_user(user)
	valid = (user and user.is_valid)
end

#basic_authentication(remote_user, remote_password, no_cache = false) ⇒ Object 



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 37

def basic_authentication remote_user, remote_password, no_cache=false
	identity, assume_identity = parse_identities(remote_user, remote_password)
	puts "identity: #{identity}"
	puts "assume_identity: #{assume_identity}"
	#puts "APIHelpers::AuthLocalUser.#{__method__}."
	#if user_name and user_name.start_with?("sk_")

	#valid = authenticate_user(auth.user_name, password, no_cache)
	valid = false
	identity = authenticate_identity(identity, no_cache)
	if identity.valid
		identity.roles = get_roles(identity.key, no_cache)
		identity.auth = get_auth(identity.roles, no_cache)
		#set_current_roles roles
		#set_current_auth
		if assume_identity
			puts "assume_identity..."
			assume_identity = authenticate_assumed_identity(assume_identity, no_cache)
			assume_identity.roles = get_roles(assume_identity.key, no_cache)
			assume_identity.auth = get_auth(assume_identity.roles, no_cache)
			valid = assume_identity.valid
			set_current_identity assume_identity, no_cache
		else
			valid = identity.valid
			set_current_identity identity, no_cache
		end
	else
		#set_current_roles nil
		set_current_identity identity, no_cache
	end
	valid
end

#current_authObject 



274
275
276
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 274

def current_auth
	@current_auth
end

#current_identityObject 



254
255
256
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 254

def current_identity
	@current_identity
end

#current_keyObject 



262
263
264
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 262

def current_key
	@current_user
end

#current_query_filtersObject 



278
279
280
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 278

def current_query_filters
	@current_query_filters
end

#current_roleObject 



270
271
272
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 270

def current_role
	@current_role
end

#current_rolesObject 



266
267
268
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 266

def current_roles
	@current_roles
end

#current_userObject 



258
259
260
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 258

def current_user
	@current_user
end

#get_assumed_user(user_name, no_cache = false) ⇒ Object 



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 92

def get_assumed_user user_name, no_cache=false
	cache_key = "#{user_name}.password"
	user = cache[cache_key]
	if user == nil or no_cache
		lowercase_user_name = nil
		lowercase_user_name = user_name.downcase if user_name
		ds = db.base['select id, user_name, name, first_name, last_name, phone, email, hash, key, active from "user" where user_name = ? or email = ?', lowercase_user_name, lowercase_user_name]
		hash = ds.first
		#puts "get_user: hash: #{hash}."
		user = Schema::User.new(hash, false) if hash
		halt 401, "Unauthorized" unless user
		halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
		user.is_valid = true
		cache[cache_key] = user if user
	end
	user
end

#get_auth(roles, no_cache = false) ⇒ Object 



188
189
190
191
192
193
194
195
196
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 188

def get_auth roles, no_cache=false
	cache_key = "#{roles}_auth"
	puts "get_auth cache_key: #{cache_key}."
	auth = cache.get(cache_key)
	if auth == nil or no_cache
		auth = JunglePath::Authorization::Filter.new roles, Schema::Base.models, configatron.application.role_permissions, configatron.application.role_restrictions, configatron.application.role_schema_filters, configatron.schema.filters
	end
	auth
end

#get_query_filters(no_cache = false) ⇒ Object 



198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 198

def get_query_filters no_cache=false
	# get filters from query_filter table.
	return nil unless current_key
	cache_key = "#{current_key.id}_query_filters"
	query_filters = cache.get(cache_key)
	if query_filters == nil or no_cache
		query_filters = []
		#filters = SQL::QueryFilter.by_key(db, current_key)
		#filters.each do |filter|
		#  query_filters << Query::Filter.new(filter[:base_table_name], filter[:sub_select])
		#end
		if app_defined_query_filters
			app_defined_query_filters.each do |filter|
				query_filters << filter
			end
		end
		cache.set cache_key, query_filters
	end
	query_filters
end

#get_roles(key, no_cache = false) ⇒ Object 



166
167
168
169
170
171
172
173
174
175
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 166

def get_roles key, no_cache=false
	return nil unless key
	cache_key = "#{key.id}_roles"
	roles = cache.get(cache_key)
	if roles == nil or no_cache
		roles = SQL::Role.by_user(db, key)
		cache.set cache_key, roles if roles
	end
	roles
end

#get_user(user_name, password, no_cache = false) ⇒ Object 



110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 110

def get_user user_name, password, no_cache=false
	# is this username/password valid?
	cache_key = "#{user_name}.#{password}"
	user = cache[cache_key]
	if user == nil or no_cache
		#assumed_user = nil
		ds = nil
		if user_name_is_key? user_name
			ds = db.base['select id, user_name, name, first_name, last_name, phone, email, hash, key, active from "user" where key = ?', user_name.downcase]
		else
			lowercase_user_name = nil
			lowercase_user_name = user_name.downcase if user_name
			ds = db.base['select id, user_name, name, first_name, last_name, phone, email, hash, key, active from "user" where user_name = ?', lowercase_user_name]
		end
		hash = ds.first
		#puts "get_user: hash: #{hash}."
		user = Schema::User.new(hash, false) if hash
		halt 401, "Unauthorized" unless user
		halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
		if user_name_is_key? user_name
			user.is_valid = true
		else
			user.is_valid = valid_user?(user, password)
		end
		cache[cache_key] = user if user
	end
	user.password = password
	user
end

#parse_identities(remote_user, remote_password) ⇒ Object 



144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 144

def parse_identities remote_user, remote_password
	identity = Identity.new
	identity.remote_user = remote_user
	identity.remote_password = remote_password
	assume_identity = nil
	if remote_user and remote_user.include?("|")
		parts = remote_user.split('|')
		identity.user_name = parts[1]
		assume_identity = Identity.new
		assume_identity.user_name = parts[0]
		assume_identity.remote_user = remote_user
		assume_identity.remote_password = remote_password
	else
		identity.user_name = remote_user
	end
	return identity, assume_identity
end

#set_current_auth(auth) ⇒ Object 



243
244
245
246
247
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 243

def set_current_auth auth
	#@current_auth = ::Authorization::Filter.new current_roles, configatron.application.role_permissions, configatron.application.role_restrictions
	@current_auth = auth
	@current_user.auth = @current_auth if @current_user
end

#set_current_identity(identity, no_cache = false) ⇒ Object 



219
220
221
222
223
224
225
226
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 219

def set_current_identity identity, no_cache=false
	puts "set_current_identity: #{identity.user.user_name}" if identity and identity.user
	@current_identity = identity
	set_current_user identity.user
	set_current_roles identity.roles
	set_current_auth identity.auth
	set_current_query_filters no_cache
end

#set_current_query_filters(no_cache = false) ⇒ Object 



249
250
251
252
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 249

def set_current_query_filters no_cache=false
	@current_query_filters = get_query_filters(no_cache)
	@current_user.query_filters = @current_query_filters
end

#set_current_roles(roles) ⇒ Object 



232
233
234
235
236
237
238
239
240
241
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 232

def set_current_roles roles
	@current_role = nil #configatron.default.role
	@current_roles = roles
	if roles
		roles.each do |role|
			@current_role = role[:name]
			break
		end
	end
end

#set_current_user(user) ⇒ Object 



228
229
230
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 228

def set_current_user user
	@current_user = user
end

#user_name_is_key?(user_name) ⇒ Boolean

Returns:

  • (Boolean) 


140
141
142
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 140

def user_name_is_key? user_name
	user_name and user_name.start_with?("sk_") and !user_name.include?("@")
end

#valid_user?(user, password) ⇒ Boolean

Returns:

  • (Boolean) 


162
163
164
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 162

def valid_user?(user, password)
	valid = (user and PasswordHash.validatePassword(password, user.hash))
end

#zget_roles(no_cache = false) ⇒ Object 



177
178
179
180
181
182
183
184
185
186
 
# File 'lib/jungle_path/api/helpers/auth_local_user.rb', line 177

def zget_roles no_cache=false
	return nil unless current_key
	cache_key = "#{current_key.id}_roles"
	roles = cache.get(cache_key)
	if roles == nil or no_cache
		roles = SQL::Role.by_user(db, current_key)
		cache.set cache_key, roles if roles
	end
	roles
end