jam-cloud/app/controllers/sessions_controller.rb

# this is not a jam session - this is an 'auth session'
class SessionsController < ApplicationController

  def new
    @login_error = false
    render :layout => "landing"
  end

  def create
    user = User.authenticate(params[:session][:email], params[:session][:password])

    if user.nil?
      @login_error = true
      render 'new', :layout => "landing"
    else
      @session_only_cookie = !jkclient_agent? && !params[:user].nil? && 0 == params[:user][:remember_me].to_i
      complete_sign_in user
    end
  end

# OAuth docs
# http://net.tutsplus.com/tutorials/ruby/how-to-use-omniauth-to-authenticate-your-users/
  def create_oauth
    auth_hash = request.env['omniauth.auth']
    authorization = UserAuthorization.find_by_provider_and_uid(auth_hash["provider"], auth_hash["uid"])
    if authorization
      # Sign in for a user who has already registered.
      complete_sign_in authorization.user
    else
      # Sign up for a completely new user.
      # First/last name: auth_hash["info"]["first_name"] and auth_hash["info"]["last_name"]
      # token: auth_hash["credentials"]["token"] -- "expires_at"
      #
      # For debugging - to see what all is there:
      # render :text => auth_hash.to_yaml
      #FbGraph.debug!
      #app = FbGraph::Application.new  '468555793186398', :secret => '546a5b253972f3e2e8b36d9a3dd5a06e'
      token = auth_hash[:credentials][:token]

      # FIXME:
      # This should probably be in a transaction somehow, meaning the user 
      # create and the authorization create. Concern is UserManager.new.signup sends
      # an email and whatnot.
      #
      # Also, should we grab their photo from facebook?
      user = UserManager.new.signup(request.remote_ip,
                                    auth_hash[:info][:first_name],
                                    auth_hash[:info][:last_name],
                                    auth_hash[:info][:email],
                                    nil,
                                    nil,
                                    nil, # instruments
                                    nil, # photo_url
                                    nil)
                              
      # Users who sign up using oauth are presumed to have valid email adddresses.
      user.confirm_email!
      
      auth = user.user_authorizations.build :provider => auth_hash[:provider], 
                                            :uid => auth_hash[:uid], 
                                            :token => auth_hash[:credentials][:token], 
                                            :token_expiration => Time.at(auth_hash[:credentials][:expires_at])
      user.save
      complete_sign_in user
    end
  end

  def complete_sign_in(user)
    sign_in user

    if !params[:sso].nil? && params[:sso] == "desk"
      # generate multipass token and sign it
      multipass = DeskMultipass.new(user)
      callback_url = SampleApp::Application.config.multipass_callback_url
      redirect_to "#{callback_url}?multipass=#{multipass.token}&signature=#{multipass.signature}"
    else
      redirect_back_or client_url
    end
  end

  def destroy
    # before signing out, clean up connection and music session (if necessary)
    conn_mgr = ConnectionManager.new
    conn_mgr.delete_connection(cookies[:client_id])
    cookies.delete(:client_id)
    sign_out
    redirect_to client_url
  end

  def failure

  end

  def connection_state
    if (defined?(TEST_CONNECT_STATES) && TEST_CONNECT_STATES) || 'development'==Rails.env
      @prefix = defined?(TEST_CONNECT_STATE_JS_LOG_PREFIX) ? TEST_CONNECT_STATE_JS_LOG_PREFIX : '*** '
      render('connection_state', :layout => 'client') && return
    end
    render :nothing => true, :status => 404
  end

end
* jam-web working for milestone1 2012-09-03 22:03:16 +00:00			`# this is not a jam session - this is an 'auth session'`
* removed all microposts/follower stuff; just user sign up and login 2012-08-31 03:01:52 +00:00			`class SessionsController < ApplicationController`

			`def new`
* signin shows error -- but pretty ugly 2013-06-05 02:43:41 +00:00			`@login_error = false`
* sign-in up to spec VRFS-323 2013-06-02 19:27:46 +00:00			`render :layout => "landing"`
* removed all microposts/follower stuff; just user sign up and login 2012-08-31 03:01:52 +00:00			`end`

			`def create`
* VRFS-88 api/login done 2012-11-14 05:57:10 +00:00			`user = User.authenticate(params[:session][:email], params[:session][:password])`

			`if user.nil?`
* signin shows error -- but pretty ugly 2013-06-05 02:43:41 +00:00			`@login_error = true`
			`render 'new', :layout => "landing"`
* VRFS-88 api/login done 2012-11-14 05:57:10 +00:00			`else`
vrfs-273/403: recognize remember me option using browser 2013-08-09 16:07:04 +00:00			`@session_only_cookie = !jkclient_agent? && !params[:user].nil? && 0 == params[:user][:remember_me].to_i`
another set of oauth work 2012-11-15 08:47:19 +00:00			`complete_sign_in user`
* removed all microposts/follower stuff; just user sign up and login 2012-08-31 03:01:52 +00:00			`end`
			`end`

now oauth is working 2012-11-15 09:30:30 +00:00			`# OAuth docs`
			`# http://net.tutsplus.com/tutorials/ruby/how-to-use-omniauth-to-authenticate-your-users/`
Omniauth routes 2012-11-12 20:12:32 +00:00			`def create_oauth`
			`auth_hash = request.env['omniauth.auth']`
facebook integration work 2012-11-15 06:18:37 +00:00			`authorization = UserAuthorization.find_by_provider_and_uid(auth_hash["provider"], auth_hash["uid"])`
			`if authorization`
			`# Sign in for a user who has already registered.`
			`complete_sign_in authorization.user`
			`else`
			`# Sign up for a completely new user.`
			`# First/last name: auth_hash["info"]["first_name"] and auth_hash["info"]["last_name"]`
			`# token: auth_hash["credentials"]["token"] -- "expires_at"`
			`#`
			`# For debugging - to see what all is there:`
			`# render :text => auth_hash.to_yaml`
another set of oauth work 2012-11-15 08:47:19 +00:00			`#FbGraph.debug!`
			`#app = FbGraph::Application.new '468555793186398', :secret => '546a5b253972f3e2e8b36d9a3dd5a06e'`
			`token = auth_hash[:credentials][:token]`

			`# FIXME:`
			`# This should probably be in a transaction somehow, meaning the user`
			`# create and the authorization create. Concern is UserManager.new.signup sends`
			`# an email and whatnot.`
Use maxmind to populate location fields, added tests 2012-12-02 06:46:30 +00:00			`#`
			`# Also, should we grab their photo from facebook?`
			`user = UserManager.new.signup(request.remote_ip,`
			`auth_hash[:info][:first_name],`
another set of oauth work 2012-11-15 08:47:19 +00:00			`auth_hash[:info][:last_name],`
			`auth_hash[:info][:email],`
			`nil,`
			`nil,`
VRFS 79 add image URL fields to users and bands tables 2012-11-28 05:26:43 +00:00			`nil, # instruments`
			`nil, # photo_url`
another set of oauth work 2012-11-15 08:47:19 +00:00			`nil)`
added spec tests 2012-11-20 09:48:48 +00:00
			`# Users who sign up using oauth are presumed to have valid email adddresses.`
			`user.confirm_email!`

oauth tests 2012-11-22 07:52:13 +00:00			`auth = user.user_authorizations.build :provider => auth_hash[:provider],`
			`:uid => auth_hash[:uid],`
			`:token => auth_hash[:credentials][:token],`
			`:token_expiration => Time.at(auth_hash[:credentials][:expires_at])`
facebook integration work 2012-11-15 06:18:37 +00:00			`user.save`
			`complete_sign_in user`
			`end`
			`end`

			`def complete_sign_in(user)`
			`sign_in user`
VRFS-377 desk.com integration 2013-07-01 01:06:22 +00:00
			`if !params[:sso].nil? && params[:sso] == "desk"`
VRFS-377 desk.com integration 2013-07-04 21:11:20 +00:00			`# generate multipass token and sign it`
			`multipass = DeskMultipass.new(user)`
			`callback_url = SampleApp::Application.config.multipass_callback_url`
VRFS-377 fix redirect url 2013-07-04 21:21:35 +00:00			`redirect_to "#{callback_url}?multipass=#{multipass.token}&signature=#{multipass.signature}"`
VRFS-377 desk.com integration 2013-07-01 01:06:22 +00:00			`else`
			`redirect_back_or client_url`
			`end`
Omniauth routes 2012-11-12 20:12:32 +00:00			`end`

* removed all microposts/follower stuff; just user sign up and login 2012-08-31 03:01:52 +00:00			`def destroy`
VRFS-286 clean up connection and music session if necessary and send notifications to friends when user signs out 2013-06-25 01:18:15 +00:00			`# before signing out, clean up connection and music session (if necessary)`
			`conn_mgr = ConnectionManager.new`
			`conn_mgr.delete_connection(cookies[:client_id])`
VRFS-377 desk.com integration 2013-07-04 21:11:20 +00:00			`cookies.delete(:client_id)`
* removed all microposts/follower stuff; just user sign up and login 2012-08-31 03:01:52 +00:00			`sign_out`
Initial version of landing page and support for non-logged-in client home. 2012-11-17 21:03:06 +00:00			`redirect_to client_url`
* removed all microposts/follower stuff; just user sign up and login 2012-08-31 03:01:52 +00:00			`end`
Omniauth routes 2012-11-12 20:12:32 +00:00
			`def failure`

			`end`
vrfs192: code cleanup 2013-02-28 18:44:33 +00:00
			`def connection_state`
vrfs192: added TEST_CONNECT_STATES bracked for connection states testing logic; added Capaybara::Poltergeist support; added connection_state.html.rb and associated actions/routes/tests for running connection state test suite in dev or test env 2013-03-01 01:51:15 +00:00			`if (defined?(TEST_CONNECT_STATES) && TEST_CONNECT_STATES) \|\| 'development'==Rails.env`
			`@prefix = defined?(TEST_CONNECT_STATE_JS_LOG_PREFIX) ? TEST_CONNECT_STATE_JS_LOG_PREFIX : '*** '`
			`render('connection_state', :layout => 'client') && return`
			`end`
			`render :nothing => true, :status => 404`
vrfs192: code cleanup 2013-02-28 18:44:33 +00:00			`end`

Omniauth routes 2012-11-12 20:12:32 +00:00			`end`