# -*- encoding : utf-8 -*- module KirguduBase module Security class AuthenticationsController < ::KirguduBase::ApplicationController before_action :redirect_if_loggedin, only: :login # before_action :on_before_login, only: :login # after_action :on_after_login, only: :login #include ApplicationHelper DEFAULT_FROM = "kirgudu.net@gmail.com" def login local_data = { messages: [], errors: [] } params_to_local_data = [:email, :password, :token_id, :redirect_to] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end session[:redirect_to] = params[:redirect_to] if params[:redirect_to] logger.info("AUTH CONTROLLER TEMPLATE: #{self.class.get_method_latest_result(:get_kb_template)}") logger.info("LOGIN VIEW PATH: #{self.class.get_method_latest_result(:get_kb_template)}/authentications/login") render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/login", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application" end def login_process local_data = { messages: [], errors: [] } local_data[:user] = ::KirguduBase::Security::User.where(email: params[:email]).first params_to_local_data = [:email, :password, :token_id, :redirect_to] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end process_result = false if local_data[:user] && local_data[:user].password == ::ChupakabraTools::Security.get_password_hash(params[:password]) session_expire_timeout = nil # session_expire_timeout = @settings_manager.get('session_expire_timeout') if @settings_manager.get('session_expire_timeout') && params[:remember_me] == false # session_expire_timeout = @settings_manager.get('session_expire_remember_timeout') if @settings_manager.get('session_expire_remember_timeout') && params[:remember_me] == true session_expire_timeout = 1.hour if session_expire_timeout.nil? session[:user_id] = local_data[:user].id session[:user_expire] = DateTime.now + session_expire_timeout session[:remember_me] = params[:remember_me] == true process_result = true else local_data[:errors] << I18n.t("kirgudu_base.authentications.login.errors.generic_user_password") end unless verify_recaptcha local_data[:errors] << I18n.t("kirgudu_base.authentications.login.errors.captcha_error") process_result = false end if process_result redirect_to session[:return_to] || ::KirguduBase.url_for_default_redirection_after_login || "/" else render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/login", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application" end end def one_time_pass_login local_data = {} render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/token_login", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application" end def one_time_pass_login_process end def direct_login local_data[:app_id] = params[:app_id] local_data[:email] = params[:email] local_data[:password] = params[:password] end def logout security_logout(session) session[:user_id] = nil session[:user_expire] = 1.day.ago session[:remember_me] = false redirect_to url_for(controller: ::KirguduBase::Security::AuthenticationsController.to_route_path, action: 'login') end def create omniauth = request.env["omniauth.auth"] # Checking if External Authentication Services Allowed external_authentication_allowed = Option.where(name: 'external_authentication_allowed').first if !external_authentication_allowed.nil? && external_authentication_allowed == false flash[:error] = "External Authentication Services are prohibited. Pleas Login with Your Local Account" redirect_to ::KirguduBase::Security::AuthenticationsController.to_url_for(action: :login) return end authentication = ::KirguduBase::Security::Authentication.find_by_provider_and_uid(omniauth['provider'], omniauth['uid']) if authentication flash[:notice] = "Signed in successfully." session[:user_id] = authentication.user.id session[:user_provider] = authentication.provider #sign_in_and_redirect(:user, authentication.user) #redirect_to home_path return elsif @current_website authentication = @current_website.authentications.create!( provider: omniauth['provider'], uid: omniauth['uid'] ) session[:user_provider] = authentication.provider flash[:notice] = "Authentication successful." #redirect_to home_path return else user_params = { first_name: omniauth.info.first_name || "", last_name: omniauth.info.last_name || "", email: omniauth.info.email, #phone: "", password: ::ChupakabraTools::Security.generate_secret(length: 10) } local_data[:user] = ::KirguduBase::Security::User.new(user_params) if local_data[:user].save authentication = local_data[:user].authentications.create!( provider: omniauth['provider'], uid: omniauth['uid'] ) session[:user_provider] = authentication.provider flash[:notice] = "Signed in successfully." session[:user_id] = local_data[:user].id #redirect_to home_path return else #session[:omniauth] = omniauth.except('extra') redirect_to url_for(controller: ::KirguduBase::Security::AuthenticationsController.to_route_path, action: :register) return end end end def register local_data = { messages: [], errors: [], user: ::KirguduBase::Security::User.new } params_to_local_data = [:token_id, :redirect_to] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/register", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application" end def register_process params_user = params[::KirguduBase::Security::User.for_form_params] local_data = { errors: [], messages: [], user: ::KirguduBase::Security::User.new(self.strong_params_on_create) } params_to_local_data = [:token_id, :redirect_to] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end local_data[:user].email = params_user[:email] local_data[:user].password = params_user[:password] local_data[:user].password_confirmation = params_user[:password_confirmation] local_data[:user].uin ||= ::SecureRandom.uuid process_result = false existent_user = ::KirguduBase::Security::User.get_by_email(local_data[:user].email) if existent_user local_data[:user].errors[:email] << I18n.t("kirgudu_base.authentications.register.errors.user_already_exists") else local_data[:user].created_at = DateTime.now local_data[:user].updated_at = DateTime.now if local_data[:user].valid? user_plain_text_password = local_data[:user].password local_data[:user].password = ::ChupakabraTools::Security.get_password_hash(local_data[:user].password) local_data[:user].password_confirmation = local_data[:user].password ActiveRecord::Base.transaction do if local_data[:user].save if local_data[:user].authentications.create!(provider: "kirgudu", uid: local_data[:user].uin) local_data[:messages] << I18n.t("kirgudu_base.authentications.register.messages.user_created") process_result = true else local_data[:errors] << I18n.t("kirgudu_base.authentications.register.errors.cannot_create_authentication") raise ::ActiveRecord::Rollback end else local_data[:errors] << I18n.t("kirgudu_base.authentications.register.errors.failed_to_save_user") end end end end unless verify_recaptcha local_data[:errors] << I18n.t("kirgudu_base.authentications.register.errors.captcha_error") process_result = false end if process_result local_data[:user].password = user_plain_text_password local_data[:user].password_confirmation = local_data[:user].password render "/authentications/register_successful", locals: {data: local_data} else render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/register", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application" end end def restore_password local_data = { errors: [], messages: [] } params_to_local_data = [:token_id, :redirect_to, :email] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application" end def restore_password_send local_data = { errors: [], messages: [] } params_to_local_data = [:token_id, :redirect_to, :email] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end process_result = false if verify_recaptcha if local_data[:email] && !local_data[:email].blank? if local_data[:email] user = ::KirguduBase::Security::User.get_by_email(local_data[:email]) if user restore = ::KirguduBase::Security::RestorePasswordCode.where { (expire_at > Time.now) & (is_used == false) }.order(::KirguduBase::Security::RestorePasswordCode.for_sql_order_by(:created_at, :desc)).first unless restore restore = ::KirguduBase::Security::RestorePasswordCode.new(expire_at: 30.minute.from_now, code: 100000 + SecureRandom.random_number(899999), user_id: user.id) unless restore.save restore = nil local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.cant_create_restore_code") end end if restore # begin ::KirguduBase::AuthenticationsMailer.restore_password_code(DEFAULT_FROM, user.email, user, restore).deliver! process_result = true restore.sent_at = Time.now restore.save # rescue # local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.mail_delivery_error") # end end else local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.user_not_found") end else local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.email_wrong_format") end else local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.email_cannot_be_empty") end else local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password.errors.captcha_error") end if process_result redirect_to ::KirguduBase.authentications_controller.to_url_for(:restore_password_code, email: user.email) else render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application" end end def restore_password_code local_data = { errors: [], messages: [] } params_to_local_data = [:token_id, :redirect_to, :email, :id, :code] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password_code", locals: {data: local_data}, layout: "#{self.class.get_method_latest_result(:get_kb_template)}/layouts/application" end def restore_password_code_process local_data = { errors: [], messages: [] } params_to_local_data = [:token_id, :redirect_to, :email, :id, :code] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end restore_code = nil restore_code = ::KirguduBase::Security::RestorePasswordCode.find(local_data[:id]) if local_data[:id] process_result = false if restore_code && restore_code.code == local_data[:code] unless restore_code.is_used? password = ::ChupakabraTools::Security.generate_secret(length: 8) restore_code.user.password = ::ChupakabraTools::Security.get_password_hash(password) if restore_code.user.save #begin ::KirguduBase::AuthenticationsMailer.restore_password_success(DEFAULT_FROM, restore_code.user.email, restore_code.user, password).deliver! local_data[:email] = restore_code.user.email process_result = true restore_code.is_used = true restore_code.save # rescue # local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password_code.errors.failed_to_send_password") # end else local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password_code.errors.failed_to_save_password") end else local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password_code.errors.used_code") end else local_data[:errors] << I18n.t("kirgudu_base.authentications.restore_password_code.errors.wrong_code") process_result = false end if process_result redirect_to ::KirguduBase.authentications_controller.to_url_for(:restore_password_success, email: local_data[:email]) else render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password_code", locals: {data: local_data} end end def restore_password_success local_data = { errors: [], messages: [] } params_to_local_data = [:token_id, :redirect_to, :email, :id, :code] params_to_local_data.each do |param_name| local_data[param_name] = params[param_name] if params[param_name] end render "#{self.class.get_method_latest_result(:get_kb_template)}/authentications/restore_password_success", locals: {data: local_data} end def confirm_email local_data = { errors: [], messages: [] } end def confirm_email_process end def destroy end def destroy_process local_data = {} local_data[:user] = ::KirguduBase::Security::User.where(id: session[:user_id]) if local_data[:user] if local_data[:user].destroy flash[:notice] = "Successfully destroyed authentication." redirect_to authentications_url else # failed to delete user end else end end protected def on_before_login end def on_after_login end def strong_params_on_create params.require(::KirguduBase::Security::User.for_form_params).permit(:email, :first_name, :last_name, :password, :password_confirmation) end private def redirect_if_loggedin if @current_user if session[:token_id] else redirect_to params[:return_to] || session[:return_to] || ::KirguduBase.url_for_default_redirection_after_login || "/" end end end end end end