Last active
December 20, 2015 15:38
-
-
Save adimitrov/6155194 to your computer and use it in GitHub Desktop.
Jira Authentication for Rails Admin Panel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
=require twitter-bootstrap-static/bootstrap | |
Use Font Awesome icons (default) | |
To use Glyphicons sprites instead of Font Awesome, replace with "require twitter-bootstrap-static/sprites" | |
=require twitter-bootstrap-static/fontawesome | |
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module AdminAuthentication | |
def self.included(klass) | |
klass.class_eval do | |
include InstanceMethods | |
klass.send :helper_method, :current_admin, :admin_logged_in? | |
end | |
end | |
module InstanceMethods | |
# To be used as before_filter. | |
# Will trigger auto-login attempts via the call to logged_in? | |
# If all attempts to auto-login fail, the failure callback will be called. | |
def require_admin_login | |
if !admin_logged_in? | |
redirect_to admin_login_url | |
end | |
end | |
# Takes credentials and returns a user on successful authentication. | |
# Runs hooks after login or failed login. | |
def login(username, password) | |
@current_admin = nil | |
response = CrowdRest::Session.create(username, password) | |
response.code # => 201 | |
if response.code == 201 | |
reset_session # protect from session fixation attacks | |
session[:token] = response.token | |
current_admin | |
else | |
nil | |
end | |
end | |
# Resets the session and runs hooks before and after. | |
def logout | |
if admin_logged_in? | |
reset_session | |
@current_admin = nil | |
end | |
end | |
# attempts to auto-login from session and cookie | |
# returns the logged in user if found, false if not (using old restful-authentication trick, nil != false). | |
def current_admin | |
if @current_admin.blank? | |
response = CrowdRest::Session.find(session[:token], :include => :user) | |
@current_admin = response.user if response.code = 200 | |
end | |
@current_admin | |
end | |
def current_admin=(admin) | |
@current_admin = admin | |
end | |
# Overwrite Rails' handle unverified request | |
def handle_unverified_request | |
cookies[:remember_me_token] = nil | |
@current_user = nil | |
super # call the default behaviour which resets the session | |
end | |
def admin_logged_in? | |
!!current_admin | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Admin::ApplicationController < ApplicationController | |
include AdminAuthentication | |
before_filter :require_admin_login | |
layout "admin" | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CrowdRest.config do |c| | |
c.crowd_url = "http://jira.portal" | |
c.app_name = "user" | |
c.app_pass = "pass" | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gem 'crowd_rest' | |
gem "twitter-bootstrap-rails" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- app/view/admin/sessions/new.html.erb --> | |
<!DOCTYPE html> | |
<html lang="en"> | |
<head> | |
<meta charset="utf-8"> | |
<title>Sign in · Madmoo Portal Admin</title> | |
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | |
<meta name="description" content=""> | |
<meta name="author" content=""> | |
<!-- Le styles --> | |
<%= stylesheet_link_tag "admin", :media => "all" %> | |
<%= javascript_include_tag "admin" %> | |
<%= csrf_meta_tags %> | |
<style type="text/css"> | |
body { | |
padding-top: 40px; | |
padding-bottom: 40px; | |
background-color: #f5f5f5; | |
} | |
.form-signin { | |
max-width: 300px; | |
padding: 19px 29px 29px; | |
margin: 0 auto 20px; | |
background-color: #fff; | |
border: 1px solid #e5e5e5; | |
-webkit-border-radius: 5px; | |
-moz-border-radius: 5px; | |
border-radius: 5px; | |
-webkit-box-shadow: 0 1px 2px rgba(0,0,0,.05); | |
-moz-box-shadow: 0 1px 2px rgba(0,0,0,.05); | |
box-shadow: 0 1px 2px rgba(0,0,0,.05); | |
} | |
.form-signin .form-signin-heading, | |
.form-signin .checkbox { | |
margin-bottom: 10px; | |
} | |
.form-signin input[type="text"], | |
.form-signin input[type="password"] { | |
font-size: 16px; | |
height: auto; | |
margin-bottom: 15px; | |
padding: 7px 9px; | |
} | |
</style> | |
<!-- HTML5 shim, for IE6-8 support of HTML5 elements --> | |
<!--[if lt IE 9]> | |
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> | |
<![endif]--> | |
</head> | |
<body> | |
<div class="container"> | |
<%= form_tag admin_sessions_path, class: "form-signin" do %> | |
<h2 class="form-signin-heading">Please sign in</h2> | |
<%= text_field_tag :username, params[:username], class: "input-block-level", placeholder: "Jira Username" %> | |
<%= password_field_tag :password, "", class: "input-block-level", placeholder: "Jira Password" %> | |
<button class="btn btn-large btn-primary" type="submit">Sign in</button> | |
<% end %> | |
</div> <!-- /container --> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
namespace :admin do | |
resources :sessions | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Admin::SessionsController < Admin::ApplicationController | |
layout false | |
skip_before_filter :require_admin_login | |
def new | |
end | |
def create | |
@admin = login(params[:username], params[:password]) | |
if @admin | |
redirect_to admin_root_url, :notice => "Logged in!" | |
else | |
flash[:error] = "Invalid email or password" | |
render "new" | |
end | |
end | |
def destroy | |
logout | |
redirect_to root_url, :notice => "Logged out!" | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment