GitList

Browse code

Ukladanie prihlasovacich udajov do databazy a nie do session

Cinan Rakosnik authored on 12/05/2013 at 16:41:48
Showing 4 changed files

app/controllers/application_controller.rb index 83d6463..d1f57d6 100755
app/controllers/ws_roster_controller.rb index 1208c27..9b11f40 100644
app/libs/security.rb index 5f99c56..767de61 100644
app/models/user.rb index 1519902..f5e3b30 100644

app/controllers/application_controller.rb

@@ -43,13 +43,13 @@ class ApplicationController < ActionController::Base
                              session[:ip]         = request.remote_ip
                              if user_credentials
                     -            session[:users] = {} unless session[:users]
+                    -
                                  encrypted_pass = Security::encrypt(user_credentials[:password])
                                  cookies[:key] = Security::cipher_key
                                  cookies[:iv]  = Security::cipher_iv
                     -            session[:users][user_credentials[:jid]] = encrypted_pass
                     +            user = create_new_user(user_credentials)
                     +            user.update_pass(user_credentials[:jid], encrypted_pass)
                     +            user_id = user.id
                              end
                              @token.save_session(session, user_id)
@@ -58,7 +58,5 @@ class ApplicationController < ActionController::Base
                          def create_new_user(user_credentials)
                              jid  = user_credentials[:jid]
                              user = User.existing_jid(jid) || User.create_jid(jid)
+                    -
                     -        user.id
                          end
                      end

app/controllers/ws_roster_controller.rb

History View file @ 0c651ea

@@ -24,17 +24,15 @@ class WsRosterController < WsController
                          def connect
                              initialize_storage()
                     -        # TODO: Pouzit najprv:
                     -        # clients = Token.fing_user_accounts_having_to_token(session[:token])
                     -        # ale toto, az ked budem mat dokonceny multiaccount (settings a popup)
                     -        # TODO: skusit zrychlit
                              cookies = env['rack.request.cookie_hash'] # TODO: nahlasit bug na websocket-rails, lebo sa neda pristupit ku `cookies'
                              cipher_key = cookies['key']
                              cipher_iv = cookies['iv']
                     -        clients = session[:users].map do |jid, encrypted_pass|
                     -            decrypted_pass = Security::decrypt(encrypted_pass, cipher_key, cipher_iv)
                     -            {jid: jid, pass: decrypted_pass}
                     +        credentials = User.crendentials_for_token(session[:token])
+                    +
                     +        clients = credentials.map do |tuple|
                     +            decrypted_pass = Security::decrypt(tuple['pass'], cipher_key, cipher_iv)
                     +            {jid: tuple['jid'], pass: decrypted_pass}
                              end
                              clients.each do |client|

app/libs/security.rb

History View file @ 0c651ea

@@ -13,6 +13,8 @@ module Security
                              encrypted = cipher.update(unencrypted_message)
                              encrypted << cipher.final
+                    +
                     +        Base64.encode64(encrypted).encode('utf-8')
                          end
                          def self.decrypt(encrypted_message, key, iv)
@@ -23,7 +25,7 @@ module Security
                              cipher.iv  = @@cipher_iv = iv
                              begin
                     -            decrypted = cipher.update(encrypted_message)
                     +            decrypted = cipher.update(Base64.decode64(encrypted_message.encode('ascii-8bit')))
                                  decrypted << cipher.final
                              rescue
                                  decrypted = ''

app/models/user.rb

History View file @ 0c651ea

@@ -5,7 +5,7 @@ class User
                          def update_pass(jid, pass)
                              account_credentials = jids.detect do |f|
                     -            f[:jid] == jid || f["jid"] == jid
                     +            f[:jid] == jid || f['jid'] == jid
                              end
                              account_credentials[:pass] = pass
@@ -13,7 +13,7 @@ class User
                          end
                          def self.existing_jid(jid)
                     -        where("jids.jid" => jid).only(:jids).first
                     +        where('jids.jid' => jid).only(:jids).first
                          end
                          def self.create_jid(jid)
@@ -26,4 +26,16 @@ class User
                              jids << {jid: another_jid, pass: password}
                              save
                          end
+                    +
                     +    def self.crendentials_for_token(token)
                     +        found = Token.where(token: token).only(:user_id).limit(1).first
                     +        if found
                     +            user_id = found.user_id
                     +        else
                     +            return []
                     +        end
+                    +
                     +        user = find(user_id)
                     +        return user ? user.jids : []
                     +    end
                      end
                     \ No newline at end of file