[api]用户认证完成

This commit is contained in:
www 2014-11-27 19:43:04 +08:00
parent b0db7dfece
commit 53ecf8718f
10 changed files with 1545 additions and 1321 deletions

View File

@ -8,6 +8,7 @@ unless RUBY_PLATFORM =~ /w32/
gem 'zip-zip'
end
gem 'grape', '~> 0.9.0'
gem 'seems_rateable', path: 'lib/seems_rateable'
gem "rails", "3.2.13"
gem "jquery-rails", "~> 2.0.2"
@ -18,6 +19,7 @@ gem "builder", "3.0.0"
gem 'acts-as-taggable-on', '2.4.1'
group :development do
gem 'puma'
gem 'better_errors', path: 'lib/better_errors'
gem 'rack-mini-profiler', path: 'lib/rack-mini-profiler'
end

View File

@ -52,6 +52,10 @@ GEM
acts-as-taggable-on (2.4.1)
rails (>= 3, < 5)
arel (3.0.3)
axiom-types (0.1.1)
descendants_tracker (~> 0.0.4)
ice_nine (~> 0.11.0)
thread_safe (~> 0.3, >= 0.3.1)
builder (3.0.0)
capybara (2.4.1)
mime-types (>= 1.16)
@ -68,6 +72,8 @@ GEM
cocaine (0.5.4)
climate_control (>= 0.0.3, < 1.0)
coderay (1.0.9)
coercible (1.0.0)
descendants_tracker (~> 0.0.1)
coffee-rails (3.2.2)
coffee-script (>= 2.2.0)
railties (~> 3.2.0)
@ -75,6 +81,9 @@ GEM
coffee-script-source
execjs
coffee-script-source (1.7.1)
descendants_tracker (0.0.4)
thread_safe (~> 0.3, >= 0.3.1)
equalizer (0.0.9)
erubis (2.7.0)
execjs (2.2.1)
factory_girl (4.4.0)
@ -83,6 +92,16 @@ GEM
ffi (1.9.3)
ffi (1.9.3-x86-mingw32)
formatador (0.2.5)
grape (0.9.0)
activesupport
builder
hashie (>= 2.1.0)
multi_json (>= 1.3.2)
multi_xml (>= 0.5.2)
rack (>= 1.3.0)
rack-accept
rack-mount
virtus (>= 1.0.0)
guard (2.6.1)
formatador (>= 0.2.4)
listen (~> 2.7)
@ -98,9 +117,12 @@ GEM
guard-test (1.0.0)
guard (>= 1.8)
test-unit (~> 2.2)
hashie (3.3.1)
hike (1.2.3)
htmlentities (4.3.2)
i18n (0.6.1)
ice_nine (0.11.0)
iconv (1.0.4)
journey (1.0.4)
jquery-rails (2.0.3)
railties (>= 3.1.0, < 5.0)
@ -125,6 +147,7 @@ GEM
mocha (1.1.0)
metaclass (~> 0.0.1)
multi_json (1.10.1)
multi_xml (0.5.5)
mysql2 (0.3.11)
mysql2 (0.3.11-x86-mingw32)
net-ldap (0.3.1)
@ -149,9 +172,15 @@ GEM
win32console (~> 1.3)
pry-nav (0.2.3)
pry (~> 0.9.10)
puma (2.10.1)
rack (>= 1.1, < 2.0)
rack (1.4.5)
rack-accept (0.4.5)
rack (>= 0.4)
rack-cache (1.2)
rack (>= 0.4)
rack-mount (0.8.3)
rack (>= 1.0.0)
rack-openid (1.4.2)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
@ -193,6 +222,7 @@ GEM
sass-rails
rmagick (2.13.2)
ruby-openid (2.1.8)
ruby-prof (0.15.2)
rubyzip (1.1.6)
sass (3.3.10)
sass-rails (3.2.6)
@ -224,6 +254,7 @@ GEM
libv8 (~> 3.16.14.0)
ref
thor (0.19.1)
thread_safe (0.3.4)
tilt (1.4.1)
timers (1.1.0)
treetop (1.4.15)
@ -233,10 +264,17 @@ GEM
uglifier (2.5.1)
execjs (>= 0.3.0)
json (>= 1.8.0)
virtus (1.0.3)
axiom-types (~> 0.1)
coercible (~> 1.0)
descendants_tracker (~> 0.0, >= 0.0.3)
equalizer (~> 0.0, >= 0.0.9)
websocket (1.0.7)
win32console (1.3.2-x86-mingw32)
xpath (2.0.0)
nokogiri (~> 1.3)
zip-zip (0.3)
rubyzip (>= 1.0.0)
PLATFORMS
ruby
@ -253,11 +291,13 @@ DEPENDENCIES
coffee-rails (~> 3.2.1)
factory_girl (~> 4.4.0)
fastercsv (~> 1.5.0)
grape (~> 0.9.0)
guard-rails (~> 0.5.3)
guard-spork (~> 1.5.1)
guard-test (~> 1.0.0)
htmlentities
i18n (~> 0.6.0)
iconv
jquery-rails (~> 2.0.2)
kaminari
mocha (~> 1.1.0)
@ -267,12 +307,15 @@ DEPENDENCIES
paperclip (~> 3.5.4)
pry
pry-nav
puma
rack-mini-profiler!
rack-openid
rails (= 3.2.13)
rich (= 1.4.6)
rmagick (>= 2.0.0)
ruby-openid (~> 2.1.4)
ruby-prof (~> 0.15.1)
rubyzip
sass-rails (~> 3.2.3)
seems_rateable!
selenium-webdriver (~> 2.42.0)
@ -280,3 +323,4 @@ DEPENDENCIES
spork-testunit (~> 0.0.8)
therubyracer
uglifier (>= 1.0.3)
zip-zip

39
app/api/mobile/api.rb Normal file
View File

@ -0,0 +1,39 @@
module Mobile
$LOAD_PATH << File.expand_path('..',__FILE__)
autoload :Auth, 'apis/auth'
autoload :Users, 'apis/users'
autoload :Courses, 'apis/courses'
class API < Grape::API
version 'v1', using: :path
format :json
helpers do
def logger
API.logger
end
def authticate!
error!('Unauthorized. Invalid or expired token.', 401) unless current_user
end
def current_user
token = ApiKey.where(access_token: params[:token]).first
if token && !token.expired?
@current_user = User.find(token.user_id)
else
nil
end
end
end
mount Auth
mount Users
mount Courses
end
end

View File

@ -0,0 +1,23 @@
module Mobile
class Auth < Grape::API
resource :auth do
desc "Creates and returns access_token if valid login"
params do
requires :login, type: String, desc: 'Username or email'
requires :password, type: String, desc: 'Password'
end
post :login do
user,last_logon = ::User.try_to_login(params[:login], params[:password])
if user
::ApiKey.delete_all(user_id: user.id)
key = ::ApiKey.create!(user_id: user.id)
{token: key.access_token}.merge(user.as_json).merge(user.extensions.as_json)
else
error!('Unauthorized.', 401)
end
end
end
end
end

View File

@ -0,0 +1,39 @@
module Mobile
class Courses < Grape::API
resource :courses do
desc "get all courses"
params do
requires :per_page_count, type: Integer
requires :page, type: Integer, desc: 'current page no'
end
get do
per_page_option = params[:per_page_count] || 10
page_no = params[:page] || 1
@courses_all = Course.active.visible.
joins("LEFT JOIN #{CourseStatus.table_name} ON #{Course.table_name}.id = #{CourseStatus.table_name}.course_id")
@course_count = @courses_all.count
@course_pages = Redmine::Pagination::Paginator.new @course_count, per_page_option,page_no
@course_activity_count=Hash.new
@courses_all.each do |course|
@course_activity_count[course.id]=0
end
@courses = @courses_all.order("created_at desc")
@s_type = 0
@courses = @courses.offset(@course_pages.offset).limit(@course_pages.per_page)
# @course_activity_count=get_course_activity @courses, @course_activity_count
end
desc "Return a course"
params do
requires :id, type: Integer
end
route_param :id do
get do
Course.find(params[:id])
end
end
end
end
end

View File

@ -0,0 +1,30 @@
module Mobile
class Users < Grape::API
resource :users do
desc "get all users"
get do
['hello']
end
desc "add a user"
params do
requires :login, type: String, desc: 'username'
requires :email, type: String, desc: 'email'
requires :password, type: String, desc: 'password'
end
post do
user = User.new
user.login = params[:login]
user.mail = params[:email]
user.password = params[:password]
user.password_confirmation = params[:password]
user.activate
if user.save!
UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
end
user
end
end
end
end

21
app/models/api_key.rb Normal file
View File

@ -0,0 +1,21 @@
class ApiKey < ActiveRecord::Base
attr_accessible :access_token, :active, :expires_at, :user_id
before_create :generate_access_token
before_create :set_experation
# validates_presence_of :user_id, :access_token
def expired?
DateTime.now >= self.expires_at
end
private
def generate_access_token
self.access_token = SecureRandom.hex
end
def set_experation
self.expires_at = DateTime.now + 30
end
end

View File

@ -26,10 +26,10 @@
# Example: :via => :get ====> :via => :get
RedmineApp::Application.routes.draw do
#match '/contests/:id/contestnotifications', :controller => 'contestnotifications', :action => 'index'
mount Mobile::API => '/api'
resources :homework_users
resources :no_uses
delete 'no_uses', :to => 'no_uses#delete'

View File

@ -0,0 +1,14 @@
class CreateApiKeys < ActiveRecord::Migration
def change
create_table :api_keys do |t|
t.string :access_token
t.datetime :expires_at
t.integer :user_id
t.boolean :active, default: true
t.timestamps
end
add_index :api_keys, :user_id
add_index :api_keys, :access_token
end
end

View File

@ -11,7 +11,7 @@
#
# It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20141120091234) do
ActiveRecord::Schema.define(:version => 20141127015431) do
create_table "activities", :force => true do |t|
t.integer "act_id", :null => false
@ -23,6 +23,18 @@ ActiveRecord::Schema.define(:version => 20141120091234) do
add_index "activities", ["user_id", "act_type"], :name => "index_activities_on_user_id_and_act_type"
add_index "activities", ["user_id"], :name => "index_activities_on_user_id"
create_table "api_keys", :force => true do |t|
t.string "access_token"
t.datetime "expires_at"
t.integer "user_id"
t.boolean "active", :default => true
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "api_keys", ["access_token"], :name => "index_api_keys_on_access_token"
add_index "api_keys", ["user_id"], :name => "index_api_keys_on_user_id"
create_table "applied_projects", :force => true do |t|
t.integer "project_id", :null => false
t.integer "user_id", :null => false