Merge pull request #129 from ZeusWPI/API

Added User API and userkey
This commit is contained in:
redfast00 2019-04-19 20:44:38 +02:00 committed by GitHub
commit 9c1d505a10
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 53 additions and 4 deletions

View file

@ -2,7 +2,10 @@ class ApplicationController < ActionController::Base
protect_from_forgery with: :exception protect_from_forgery with: :exception
rescue_from CanCan::AccessDenied do |exception| rescue_from CanCan::AccessDenied do |exception|
redirect_to root_path, flash: { error: message_for(exception) } respond_to do |format|
format.json { render json: [ "Diefstal is een misdrijf." ], status: :forbidden }
format.html { redirect_to root_path, flash: { error: message_for(exception) } }
end
end end
def after_sign_in_path_for(resource) def after_sign_in_path_for(resource)

View file

@ -25,6 +25,10 @@ class UsersController < ApplicationController
before_action :init, only: :show before_action :init, only: :show
def show def show
respond_to do |format|
format.json { render json: @user }
format.html {}
end
end end
def update def update
@ -81,6 +85,17 @@ class UsersController < ApplicationController
end end
def init def init
@user ||= current_user @user ||= current_user || user_token || User.new
end
def user_token
@user_token ||= authenticate_with_http_token do |token, options|
User.find_by userkey: token
end
end
def reset_key
@user.generate_key!
redirect_to @user
end end
end end

View file

@ -24,6 +24,9 @@ class Ability
def initialize_user(user) def initialize_user(user)
can :read, :all can :read, :all
cannot :read, User do |otheruser|
otheruser != user && !user.admin? && !user.koelkast
end
can :manage, User, id: user.id can :manage, User, id: user.id
can :create, Order do |order| can :create, Order do |order|
order.user == user && user.try(:balance).try(:>, -500) order.user == user && user.try(:balance).try(:>, -500)

View file

@ -37,6 +37,7 @@ class User < ActiveRecord::Base
where(name: auth.uid).first_or_create do |user| where(name: auth.uid).first_or_create do |user|
user.name = auth.uid user.name = auth.uid
user.avatar = Identicon.data_url_for auth.uid user.avatar = Identicon.data_url_for auth.uid
user.generate_key!
end end
end end
@ -89,4 +90,18 @@ class User < ActiveRecord::Base
user.koelkast = true user.koelkast = true
end end
end end
def generate_key
set_key unless self.userkey
end
def generate_key!
set_key
self.save
end
private
def set_key
self.userkey = SecureRandom.base64(16)
end
end end

View file

@ -22,6 +22,7 @@ Rails.application.routes.draw do
member do member do
get 'quickpay' => 'users#quickpay' get 'quickpay' => 'users#quickpay'
get 'dagschotel/edit' => 'users#edit_dagschotel', as: 'edit_dagschotel' get 'dagschotel/edit' => 'users#edit_dagschotel', as: 'edit_dagschotel'
post :reset_key
end end
end end

View file

@ -0,0 +1,10 @@
class AddApiToken < ActiveRecord::Migration
def change
add_column :users, :userkey, :string
User.all.each do |user|
user.generate_key
user.save
end
end
end

View file

@ -11,7 +11,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20160304192839) do ActiveRecord::Schema.define(version: 20190415182036) do
create_table "barcodes", force: :cascade do |t| create_table "barcodes", force: :cascade do |t|
t.integer "product_id" t.integer "product_id"
@ -86,7 +86,9 @@ ActiveRecord::Schema.define(version: 20160304192839) do
t.string "name" t.string "name"
t.boolean "private", default: false t.boolean "private", default: false
t.integer "frecency", default: 0, null: false t.integer "frecency", default: 0, null: false
t.boolean "quickpay_hidden" t.boolean "quickpay_hidden", default: false
t.string "key"
t.string "userkey"
end end
add_index "users", ["koelkast"], name: "index_users_on_koelkast" add_index "users", ["koelkast"], name: "index_users_on_koelkast"