[api]用户认证完成

Gemfile

@@ -8,6 +8,7 @@ unless RUBY_PLATFORM =~ /w32/
   gem 'zip-zip'
 end
 
+gem 'grape', '~> 0.9.0'
 gem 'seems_rateable', path: 'lib/seems_rateable'
 gem "rails", "3.2.13"
 gem "jquery-rails", "~> 2.0.2"
@@ -18,6 +19,7 @@ gem "builder", "3.0.0"
 gem 'acts-as-taggable-on', '2.4.1'
 
 group :development do
+  gem 'puma'
   gem 'better_errors', path: 'lib/better_errors'
   gem 'rack-mini-profiler', path: 'lib/rack-mini-profiler'
 end

Gemfile.lock

@@ -52,6 +52,10 @@ GEM
     acts-as-taggable-on (2.4.1)
       rails (>= 3, < 5)
     arel (3.0.3)
+    axiom-types (0.1.1)
+      descendants_tracker (~> 0.0.4)
+      ice_nine (~> 0.11.0)
+      thread_safe (~> 0.3, >= 0.3.1)
     builder (3.0.0)
     capybara (2.4.1)
       mime-types (>= 1.16)
@@ -68,6 +72,8 @@ GEM
     cocaine (0.5.4)
       climate_control (>= 0.0.3, < 1.0)
     coderay (1.0.9)
+    coercible (1.0.0)
+      descendants_tracker (~> 0.0.1)
     coffee-rails (3.2.2)
       coffee-script (>= 2.2.0)
       railties (~> 3.2.0)
@@ -75,6 +81,9 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.7.1)
+    descendants_tracker (0.0.4)
+      thread_safe (~> 0.3, >= 0.3.1)
+    equalizer (0.0.9)
     erubis (2.7.0)
     execjs (2.2.1)
     factory_girl (4.4.0)
@@ -83,6 +92,16 @@ GEM
     ffi (1.9.3)
     ffi (1.9.3-x86-mingw32)
     formatador (0.2.5)
+    grape (0.9.0)
+      activesupport
+      builder
+      hashie (>= 2.1.0)
+      multi_json (>= 1.3.2)
+      multi_xml (>= 0.5.2)
+      rack (>= 1.3.0)
+      rack-accept
+      rack-mount
+      virtus (>= 1.0.0)
     guard (2.6.1)
       formatador (>= 0.2.4)
       listen (~> 2.7)
@@ -98,9 +117,12 @@ GEM
     guard-test (1.0.0)
       guard (>= 1.8)
       test-unit (~> 2.2)
+    hashie (3.3.1)
     hike (1.2.3)
     htmlentities (4.3.2)
     i18n (0.6.1)
+    ice_nine (0.11.0)
+    iconv (1.0.4)
     journey (1.0.4)
     jquery-rails (2.0.3)
       railties (>= 3.1.0, < 5.0)
@@ -125,6 +147,7 @@ GEM
     mocha (1.1.0)
       metaclass (~> 0.0.1)
     multi_json (1.10.1)
+    multi_xml (0.5.5)
     mysql2 (0.3.11)
     mysql2 (0.3.11-x86-mingw32)
     net-ldap (0.3.1)
@@ -149,9 +172,15 @@ GEM
       win32console (~> 1.3)
     pry-nav (0.2.3)
       pry (~> 0.9.10)
+    puma (2.10.1)
+      rack (>= 1.1, < 2.0)
     rack (1.4.5)
+    rack-accept (0.4.5)
+      rack (>= 0.4)
     rack-cache (1.2)
       rack (>= 0.4)
+    rack-mount (0.8.3)
+      rack (>= 1.0.0)
     rack-openid (1.4.2)
       rack (>= 1.1.0)
       ruby-openid (>= 2.1.8)
@@ -193,6 +222,7 @@ GEM
       sass-rails
     rmagick (2.13.2)
     ruby-openid (2.1.8)
+    ruby-prof (0.15.2)
     rubyzip (1.1.6)
     sass (3.3.10)
     sass-rails (3.2.6)
@@ -224,6 +254,7 @@ GEM
       libv8 (~> 3.16.14.0)
       ref
     thor (0.19.1)
+    thread_safe (0.3.4)
     tilt (1.4.1)
     timers (1.1.0)
     treetop (1.4.15)
@@ -233,10 +264,17 @@ GEM
     uglifier (2.5.1)
       execjs (>= 0.3.0)
       json (>= 1.8.0)
+    virtus (1.0.3)
+      axiom-types (~> 0.1)
+      coercible (~> 1.0)
+      descendants_tracker (~> 0.0, >= 0.0.3)
+      equalizer (~> 0.0, >= 0.0.9)
     websocket (1.0.7)
     win32console (1.3.2-x86-mingw32)
     xpath (2.0.0)
       nokogiri (~> 1.3)
+    zip-zip (0.3)
+      rubyzip (>= 1.0.0)
 
 PLATFORMS
   ruby
@@ -253,11 +291,13 @@ DEPENDENCIES
   coffee-rails (~> 3.2.1)
   factory_girl (~> 4.4.0)
   fastercsv (~> 1.5.0)
+  grape (~> 0.9.0)
   guard-rails (~> 0.5.3)
   guard-spork (~> 1.5.1)
   guard-test (~> 1.0.0)
   htmlentities
   i18n (~> 0.6.0)
+  iconv
   jquery-rails (~> 2.0.2)
   kaminari
   mocha (~> 1.1.0)
@@ -267,12 +307,15 @@ DEPENDENCIES
   paperclip (~> 3.5.4)
   pry
   pry-nav
+  puma
   rack-mini-profiler!
   rack-openid
   rails (= 3.2.13)
   rich (= 1.4.6)
   rmagick (>= 2.0.0)
   ruby-openid (~> 2.1.4)
+  ruby-prof (~> 0.15.1)
+  rubyzip
   sass-rails (~> 3.2.3)
   seems_rateable!
   selenium-webdriver (~> 2.42.0)
@@ -280,3 +323,4 @@ DEPENDENCIES
   spork-testunit (~> 0.0.8)
   therubyracer
   uglifier (>= 1.0.3)
+  zip-zip

app/api/mobile/api.rb

@@ -0,0 +1,39 @@
+module Mobile
+
+  $LOAD_PATH << File.expand_path('..',__FILE__)
+
+  autoload :Auth,  'apis/auth'
+  autoload :Users, 'apis/users'
+  autoload :Courses, 'apis/courses'
+
+  class API < Grape::API
+    version 'v1', using: :path
+    format :json
+
+    helpers do
+      def logger
+        API.logger
+      end
+
+      def authticate!
+        error!('Unauthorized. Invalid or expired token.', 401) unless current_user
+      end
+
+      def current_user
+        token = ApiKey.where(access_token: params[:token]).first
+        if token && !token.expired?
+          @current_user = User.find(token.user_id)
+        else
+          nil
+        end
+      end
+    end
+
+    mount Auth
+    mount Users
+    mount Courses
+
+  end
+end
+
+

app/api/mobile/apis/auth.rb

@@ -0,0 +1,23 @@
+module Mobile
+  class Auth < Grape::API
+    resource :auth do
+      desc "Creates and returns access_token if valid login"
+      params do
+        requires :login, type: String, desc: 'Username or email'
+        requires :password, type: String, desc: 'Password'
+      end
+      post :login do 
+        user,last_logon = ::User.try_to_login(params[:login], params[:password])
+        if user
+          ::ApiKey.delete_all(user_id: user.id)
+          key = ::ApiKey.create!(user_id: user.id)
+          {token: key.access_token}.merge(user.as_json).merge(user.extensions.as_json)
+        else
+          error!('Unauthorized.', 401)
+        end
+      end
+    end
+  end
+end
+
+

app/api/mobile/apis/courses.rb

@@ -0,0 +1,39 @@
+module Mobile
+  class Courses < Grape::API
+    resource :courses do
+      desc "get all courses"
+      params do
+        requires :per_page_count, type: Integer
+        requires :page, type: Integer, desc: 'current page no'
+      end
+      get do
+        per_page_option = params[:per_page_count] || 10
+        page_no = params[:page] || 1
+        @courses_all = Course.active.visible.
+          joins("LEFT JOIN #{CourseStatus.table_name} ON #{Course.table_name}.id = #{CourseStatus.table_name}.course_id")
+        @course_count = @courses_all.count
+        @course_pages = Redmine::Pagination::Paginator.new @course_count, per_page_option,page_no 
+        @course_activity_count=Hash.new
+        @courses_all.each do |course|
+          @course_activity_count[course.id]=0
+        end
+        @courses = @courses_all.order("created_at desc")
+        @s_type = 0
+        @courses = @courses.offset(@course_pages.offset).limit(@course_pages.per_page)
+        # @course_activity_count=get_course_activity @courses, @course_activity_count
+      end
+
+      desc "Return a course"
+      params do
+        requires :id, type: Integer
+      end
+      route_param :id do
+        get do
+          Course.find(params[:id])
+        end
+      end
+
+    end
+  end
+end
+

app/api/mobile/apis/users.rb

@@ -0,0 +1,30 @@
+module Mobile
+  class Users < Grape::API
+    resource :users do
+      desc "get all users"
+      get do
+        ['hello']
+      end
+      desc "add a user"
+      params do
+        requires :login, type: String, desc: 'username'
+        requires :email, type: String, desc: 'email'
+        requires :password, type: String, desc: 'password'
+      end
+      post do
+        user = User.new
+        user.login = params[:login]
+        user.mail = params[:email]
+        user.password = params[:password]
+        user.password_confirmation = params[:password]
+        user.activate
+        if user.save!
+          UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
+        end
+        user
+      end
+    end
+  end
+end
+
+

app/models/api_key.rb

@@ -0,0 +1,21 @@
+class ApiKey < ActiveRecord::Base
+  attr_accessible :access_token, :active, :expires_at, :user_id
+  before_create :generate_access_token
+  before_create :set_experation
+
+  # validates_presence_of :user_id, :access_token
+
+  def expired?
+    DateTime.now >= self.expires_at
+  end
+
+  private
+  def generate_access_token
+    self.access_token = SecureRandom.hex
+  end
+
+  def set_experation
+    self.expires_at = DateTime.now + 30
+  end
+
+end

config/routes.rb

@@ -26,10 +26,10 @@
 # Example: :via =>  :get ====> :via => :get
 
 RedmineApp::Application.routes.draw do
-  
-
   #match '/contests/:id/contestnotifications', :controller => 'contestnotifications', :action => 'index'
 
+  mount Mobile::API => '/api'
+
   resources :homework_users
   resources :no_uses
   delete 'no_uses', :to => 'no_uses#delete'

db/migrate/20141127015431_create_api_keys.rb

@@ -0,0 +1,14 @@
+class CreateApiKeys < ActiveRecord::Migration
+  def change
+    create_table :api_keys do |t|
+      t.string :access_token
+      t.datetime :expires_at
+      t.integer :user_id
+      t.boolean :active, default: true
+
+      t.timestamps
+    end
+    add_index :api_keys, :user_id
+    add_index :api_keys, :access_token
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20141120091234) do
+ActiveRecord::Schema.define(:version => 20141127015431) do
 
   create_table "activities", :force => true do |t|
     t.integer "act_id",   :null => false
@@ -23,6 +23,18 @@ ActiveRecord::Schema.define(:version => 20141120091234) do
   add_index "activities", ["user_id", "act_type"], :name => "index_activities_on_user_id_and_act_type"
   add_index "activities", ["user_id"], :name => "index_activities_on_user_id"
 
+  create_table "api_keys", :force => true do |t|
+    t.string   "access_token"
+    t.datetime "expires_at"
+    t.integer  "user_id"
+    t.boolean  "active",       :default => true
+    t.datetime "created_at",                     :null => false
+    t.datetime "updated_at",                     :null => false
+  end
+
+  add_index "api_keys", ["access_token"], :name => "index_api_keys_on_access_token"
+  add_index "api_keys", ["user_id"], :name => "index_api_keys_on_user_id"
+
   create_table "applied_projects", :force => true do |t|
     t.integer "project_id", :null => false
     t.integer "user_id",    :null => false