Skip to content

Instantly share code, notes, and snippets.

@RichGuk
Created September 18, 2008 09:42
Show Gist options
  • Save RichGuk/11408 to your computer and use it in GitHub Desktop.
Save RichGuk/11408 to your computer and use it in GitHub Desktop.
class CookieLoginStrategy < ::Authentication::Strategy
def run!
u = cookies[:auth_token] && User.first(:remember_token => cookies[:auth_token])
if u && u.remember_token?
cookies[:auth_token] = { :value => u.remember_token, :expires => Time.parse(u.remember_token_expires_at.to_s) }
u
end
end
end
class PasswordStrategy < ::Authentication::Strategy
def run!
if params[:login] && params[:password]
u = User.authenticate(params[:login], params[:password])
if u && params[:remember_me] == "1"
u.remember_me
expires = Time.parse(u.remember_token_expires_at.to_s)
cookies[:auth_token] = { :value => u.remember_token, :expires => expires }
else
controller.session.authentication.errors.clear!
controller.session.authentication.errors.add(:login, 'Username or password were incorrect')
end
u
end
end
end
class OpenIDStrategy < ::Authentication::Strategy
def run!
if params[:'openid.mode']
response = consumer.complete(controller.request.send(:query_params), "#{controller.request.protocol}#{controller.request.host}" + controller.request.path)
if response.status.to_s == 'success'
if user = User.first(:identity_url => response.identity_url)
if params[:remember_me]
user.remember_me
expires = Time.parse(user.remember_token_expires_at.to_s)
cookies[:auth_token] = { :value => user.remember_token, :expires => expires }
end
user
else
sreg_response = OpenID::SReg::Response.from_success_response(response)
controller.session[:'openid.email'] = sreg_response.data['email'] unless sreg_response.data['email'].nil?
controller.session[:'openid.nickname'] = sreg_response.data['nickname'] unless sreg_response.data['nickname'].nil?
controller.session[:'openid.url'] = response.identity_url
throw(:halt, controller.redirect(controller.url(:signup)))
end
elsif response.status.to_s == 'failure'
controller.session.authentication.errors.clear!
controller.session.authentication.errors.add(:openid, 'OpenID verification failed, maybe the provider is down? Or the session timed out')
nil
elsif response.status.to_s == 'setup_needed'
controller.session.authentication.errors.clear!
controller.session.authentication.errors.add(:openid, 'OpenID does not seem to be configured correctly')
nil
elsif response.status.to_s == 'cancel'
controller.session.authentication.errors.clear!
controller.session.authentication.errors.add(:openid, 'OpenID rejected our request')
nil
end
elsif identity_url = params[:openid_url]
begin
openid_request = consumer.begin(identity_url)
openid_reg = OpenID::SReg::Request.new
openid_reg.request_fields(['nickname', 'email'])
openid_request.add_extension(openid_reg)
openid_request.return_to_args['remember_me'] = '1' if params[:remember_me] == '1'
throw(:halt, controller.redirect(openid_request.redirect_url("#{controller.request.protocol}#{controller.request.host}", controller.absolute_url(:openid))))
rescue OpenID::OpenIDError => e
controller.session.authentication.errors.clear!
controller.session.authentication.errors.add(:openid, 'The OpenID verification failed')
nil
end
end
end
protected
def consumer
@consumer ||= OpenID::Consumer.new(controller.session, OpenID::Store::Filesystem.new("#{Merb.root}/tmp/openid"))
end
end
class Authentication
def store_user(user)
return nil unless user
user.id
end
def fetch_user(session_info)
User.get(session_info)
end
end
#OpenID strategy needs:
require 'openid'
require 'openid/store/filesystem'
require 'openid/extensions/sreg'
class Sessions < Application
before :ensure_authenticated, :only => [:create, :openid]
def new
render
end
def create
url = session[:return_to] || '/'
session[:return_to] = nil
redirect url
end
def openid
url = session[:return_to] || '/'
session[:return_to] = nil
redirect url
end
def destroy
session.user.forget_me! unless session.user.nil?
cookies.delete :auth_token
session.abandon!
redirect '/'
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment