SHARE
TWEET

Untitled

a guest May 26th, 2018 128 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Rails.configuration.middleware.use Rack::OpenID
  2. Rails.configuration.middleware.use RailsWarden::Manager do |manager|
  3.   manager.default_strategies :remember_me_token, :password_form, :api_token, :openid
  4.   manager.failure_app = ExceptionsController
  5. end
  6.  
  7. # Setup Session Serialization
  8.  
  9. class Warden::SessionSerializer
  10.   def serialize(record)
  11.     [record.class, record.id]
  12.   end
  13.  
  14.   def deserialize(keys)
  15.     klass, id = keys
  16.     klass.get(id)
  17.   end
  18. end
  19.  
  20. # Remember-me cookie strategy
  21.  
  22. class RememberMeTokenStrategy < Warden::Strategies::Base
  23.   def authenticate!
  24.     if cookies[:remember_me_token]
  25.       u = User.authenticate_with_remember_me_token(cookies[:remember_me_token])
  26.       u && success!(u)
  27.     end
  28.   end
  29. end
  30. Warden::Strategies.add(:remember_me_token, RememberMeTokenStrategy)
  31.  
  32. # Password form strategy
  33.  
  34. class PasswordFormStrategy < Warden::Strategies::Base
  35.   def authenticate!
  36.     if (login = request.params[:login]) && (password = request.params[:password])
  37.       user = User.first(:email => login)
  38.       if user
  39.         if user.active?
  40.           if User.authenticate(login, password)
  41.             if request.params[:remember_me] == "1"
  42.               user.remember_me!
  43.               cookies['remember_me_token'] = { :value => user.remember_me_token, :expires => Time.parse(user.remember_me_token_expires_at.to_s) }
  44.             end
  45.             success! user
  46.           else
  47.             fail! "Invalid email/password combination"
  48.           end
  49.         else
  50.           fail! "Sorry, you need to activate your account first"
  51.         end
  52.       else
  53.         fail! "Invalid email/password combination"
  54.       end
  55.     end
  56.   end
  57. end
  58. Warden::Strategies.add(:password_form, PasswordFormStrategy)
  59.  
  60. # API token strategy
  61.  
  62. class ApiTokenStrategy < Warden::Strategies::Base
  63.   def authenticate!
  64.     if token = request.params[:api_token]
  65.       user = User.authenticate_with_api_token(token.strip)
  66.       user.nil? ? fail! : success!(user)
  67.     end
  68.   end
  69. end
  70. Warden::Strategies.add(:api_token, ApiTokenStrategy)
  71.  
  72. # OpenID strategy
  73.  
  74. class OpenIDStrategy < Warden::Strategies::Base
  75.   def authenticate!
  76.     if resp = request.env['rack.openid.response']
  77.       if [:failure, :missing].include?(resp.status)
  78.         fail! "OpenID authentication failed"
  79.       elsif resp.status == :cancel
  80.         fail! "OpenID authentication canceled"
  81.       elsif resp.status == :success
  82.         if user = User.first(:identity_url => resp.identity_url)
  83.           success! user
  84.         else
  85.           request.session['openid.url'] = resp.identity_url
  86.           sreg_response = ::OpenID::SReg::Response.from_success_response(resp)
  87.           request.session['openid.email'] = sreg_response.data["email"]
  88.           custom!([302, { "Location" => Rails::Application.routes.generate({ :use_route => :signup }) }, []])
  89.         end
  90.       end
  91.     elsif openid_url = request.params[:openid_url]
  92.       if openid_url.blank?
  93.         fail! "Please enter OpenID URL"
  94.       else
  95.         return_to = request.url
  96.         if request.params[:remember_me] == "1"
  97.           return_to << "?remember_me=1"
  98.         end
  99.         custom!([401, { "WWW-Authenticate" => Rack::OpenID.build_header(:identifier => openid_url, :return_to => return_to, :optional => ["email"]) }, []])
  100.       end
  101.     end
  102.   end
  103. end
  104. Warden::Strategies.add(:openid, OpenIDStrategy)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top