Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rails.configuration.middleware.use Rack::OpenID
- Rails.configuration.middleware.use RailsWarden::Manager do |manager|
- manager.default_strategies :remember_me_token, :password_form, :api_token, :openid
- manager.failure_app = ExceptionsController
- end
- # Setup Session Serialization
- class Warden::SessionSerializer
- def serialize(record)
- [record.class, record.id]
- end
- def deserialize(keys)
- klass, id = keys
- klass.get(id)
- end
- end
- # Remember-me cookie strategy
- class RememberMeTokenStrategy < Warden::Strategies::Base
- def authenticate!
- if cookies[:remember_me_token]
- u = User.authenticate_with_remember_me_token(cookies[:remember_me_token])
- u && success!(u)
- end
- end
- end
- Warden::Strategies.add(:remember_me_token, RememberMeTokenStrategy)
- # Password form strategy
- class PasswordFormStrategy < Warden::Strategies::Base
- def authenticate!
- if (login = request.params[:login]) && (password = request.params[:password])
- user = User.first(:email => login)
- if user
- if user.active?
- if User.authenticate(login, password)
- if request.params[:remember_me] == "1"
- user.remember_me!
- cookies['remember_me_token'] = { :value => user.remember_me_token, :expires => Time.parse(user.remember_me_token_expires_at.to_s) }
- end
- success! user
- else
- fail! "Invalid email/password combination"
- end
- else
- fail! "Sorry, you need to activate your account first"
- end
- else
- fail! "Invalid email/password combination"
- end
- end
- end
- end
- Warden::Strategies.add(:password_form, PasswordFormStrategy)
- # API token strategy
- class ApiTokenStrategy < Warden::Strategies::Base
- def authenticate!
- if token = request.params[:api_token]
- user = User.authenticate_with_api_token(token.strip)
- user.nil? ? fail! : success!(user)
- end
- end
- end
- Warden::Strategies.add(:api_token, ApiTokenStrategy)
- # OpenID strategy
- class OpenIDStrategy < Warden::Strategies::Base
- def authenticate!
- if resp = request.env['rack.openid.response']
- if [:failure, :missing].include?(resp.status)
- fail! "OpenID authentication failed"
- elsif resp.status == :cancel
- fail! "OpenID authentication canceled"
- elsif resp.status == :success
- if user = User.first(:identity_url => resp.identity_url)
- success! user
- else
- request.session['openid.url'] = resp.identity_url
- sreg_response = ::OpenID::SReg::Response.from_success_response(resp)
- request.session['openid.email'] = sreg_response.data["email"]
- custom!([302, { "Location" => Rails::Application.routes.generate({ :use_route => :signup }) }, []])
- end
- end
- elsif openid_url = request.params[:openid_url]
- if openid_url.blank?
- fail! "Please enter OpenID URL"
- else
- return_to = request.url
- if request.params[:remember_me] == "1"
- return_to << "?remember_me=1"
- end
- custom!([401, { "WWW-Authenticate" => Rack::OpenID.build_header(:identifier => openid_url, :return_to => return_to, :optional => ["email"]) }, []])
- end
- end
- end
- end
- Warden::Strategies.add(:openid, OpenIDStrategy)
Add Comment
Please, Sign In to add comment