Last active
August 29, 2015 14:19
-
-
Save DaKaZ/f5693752317d14335f0b to your computer and use it in GitHub Desktop.
API Session Controller
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module Api | |
module V1 | |
class SessionsController < ApiController | |
skip_before_filter :restrict_api_access | |
rescue_from 'FbGraph::InvalidToken' do |exception| | |
messages ||= Hash.new | |
messages[:error] ||= Array.new | |
messages[:error] << 'Invalid Facebook Authentication Token' | |
failure(messages) | |
end | |
def create | |
messages = init_messages | |
api_session = ApiSession.create(url: request.url, params: params, remote_ip: request.remote_ip.inspect, query_string: request.query_string.inspect, method: request.method.inspect, location: params[:location]) | |
device = Device.find_by_device_token(params[:device_token]) | |
if device.nil? | |
messages[:error] << 'Invalid Device Token' | |
failure (messages) | |
return | |
else | |
if device.expires_at.present? and device.expires_at < Date.today | |
messages[:error] << 'Device/application access expired, please update your application code at your app store' | |
failure(messages) | |
return | |
else | |
messages[:warning] << "This application has been marked for end-of-life at #{device.expires_at.to_formatted_s(:long_ordinal)}. Please update the application as soon as possible to avoid any problems with access." if device.expires_at.present? | |
begin | |
user = nil | |
if params[:auth_key].present? or params[:provider].present? | |
params[:provider] ||= 'identity' | |
if params[:provider] == 'identity' | |
if user = User.find_by_email(params[:auth_key]) | |
if user.valid_password?(params[:password]) | |
logger.info('User signed in successfully')#sign_in user | |
else | |
logger.error("Invalid Password: #{params[:password]}") | |
messages[:error] << 'Invalid password' | |
failure(messages, 401) | |
return | |
end | |
else | |
messages[:error] << 'Invalid user' | |
failure(messages, 401) | |
return | |
end | |
end | |
if params[:provider] == 'facebook' | |
token = params[:token] | |
fb_user = FbGraph::User.me(token) | |
fb_user = fb_user.fetch | |
if fb_user.email.blank? | |
messages[:error] << 'Facebook did not return a valid email, account could not be created.' | |
failure(messages, 401) | |
return | |
else | |
user = User.create_with_facebook(fb_user) | |
end | |
end | |
else | |
# anyonymous user | |
passwd = SecureRandom.hex(20) | |
user = User.create(:anonymous => true, :password => passwd, :password_confirmation => passwd, email: "anon_#{passwd}@useek.com") | |
end | |
if user.present? and (user.expiration_date.blank? or user.expiration_date > Date.today()) | |
Level.current_user = user | |
key = ApiKey.get_api_key(user) | |
api_session.update_attributes(api_key_id: key.id) | |
messages[:info] << 'Login successful!' | |
user.update_location!(params[:location]) if params[:location] | |
render :json => { user: user, | |
active_games: user.active_games, | |
# location: rewards[:location], | |
# active_rewards: rewards[:results], | |
# redeemed_rewards: user.redemptions, | |
messages: messages }, :status => 200 | |
return | |
else | |
if user.nil? | |
messages[:error] << 'Invalid email or password (nil)' | |
else | |
unless user.expiration_date.blank? or user.expiration_date < Date.today() | |
messages[:error] << 'Account Expired' | |
end | |
end | |
failure(messages) | |
return | |
end | |
rescue | |
messages[:error] << 'A unknown error occurred, sorry' | |
failure(messages) | |
return | |
end | |
end | |
end | |
end | |
def failure(msg, status = 401) | |
logger.error "API Session Create failed: #{msg}" | |
render :json => { :messages => msg }, :status => status | |
end | |
def destroy | |
messages = init_messages | |
api_key = params[:id] | |
# begin | |
key = ApiKey.find_by_access_token(api_key) | |
key.update_attribute(:expires_at, DateTime.now) | |
messages[:info] << 'Session was successfully destroyed.' | |
render :json => { messages: messages }, status: 200 | |
# rescue | |
# messages[:error] << 'An error occurred.' | |
# render :json => { messages: messages }, status: 500 | |
# end | |
end | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment