|
#!/usr/bin/env ruby |
|
# coding: utf-8 |
|
require 'rubygems' |
|
require 'gollum/app' |
|
require 'omniauth' |
|
require 'omniauth-github' |
|
require './om-pam' |
|
require 'json' |
|
|
|
GITHUB = {} |
|
GITHUB['id'] = '' |
|
GITHUB['secret'] = '' |
|
GITHUB['redict_url'] = '' |
|
|
|
use Rack::Session::Cookie, :key => 'rack.session', |
|
:path => '/', |
|
:expire_after => 2592000, |
|
:secret => '*********' |
|
|
|
use OmniAuth::Builder do |
|
configure do |config| |
|
config.path_prefix = '' |
|
config.full_host = '' |
|
config.form_css = File.read('./form.css') |
|
end |
|
provider :github, GITHUB['id'], GITHUB['secret'], { |
|
:scope => 'user' |
|
} |
|
provider :login |
|
end |
|
|
|
class OmniAuthSetGollumAuthor |
|
def initialize(app) |
|
@app = app |
|
end |
|
|
|
def call(env) |
|
request = Rack::Request.new(env) |
|
session = env['rack.session'] |
|
if session |
|
user_author = session['gollum.author'] |
|
end |
|
|
|
|
|
# Setting authentication information and redirect to previously intended location |
|
if request.path =~ /^\/auth\/[^\/]+\/callback/ |
|
if env['omniauth.auth'] |
|
nickname = env['omniauth.auth'][:info][:nickname] || 'Anonymous' |
|
name = env['omniauth.auth'][:info][:name] || nickname |
|
email = env['omniauth.auth'][:info][:email] |
|
if email.nil? |
|
email = name + '@test.com' |
|
end |
|
|
|
if env['omniauth.auth'][:provider] == 'github' |
|
File.open('users/fail', 'a') { |f| f.puts "#{nickname}, #{Time.now}" } |
|
return [401, {}, ['Authentication failure. Please contact XXXX.']] |
|
end |
|
|
|
session['gollum.author'] = { |
|
:name => nickname, |
|
:email => email, |
|
:group => 'shtech' |
|
} |
|
|
|
return_to = session[:return_to] |
|
# session.delete(:return_to) |
|
if return_to.nil? |
|
return_to = '/' |
|
end |
|
return [302, {'Location' => return_to}, []] |
|
end |
|
return [401, {}, ['Authentication failure. Please contact XXXX.']] |
|
end |
|
|
|
if request.path =~ /^\/auth\/failure/ |
|
return [401, {}, ['Authentication failure.']] |
|
end |
|
|
|
|
|
# Check whether we are authorized, if not redirect. |
|
if request.path =~ /^\/(((edit|create|revert|delete|upload|rename|push|adduser)\/)|(latest_changes|preview|uploadFile))/ |
|
author = session['gollum.author'] |
|
if (author.nil? |
|
session[:return_to] = request.fullpath |
|
return [302, {'Location' => '/auth/login'}, []] |
|
end |
|
end |
|
|
|
|
|
if request.path =~ /^\/login$/ |
|
return [302, {'Location' => '/auth/login'}, []] |
|
end |
|
|
|
if request.path =~ /^\/logout$/ |
|
if session['gollum.author'] |
|
session.delete 'gollum.author' |
|
end |
|
if user_author |
|
user_author = nil |
|
end |
|
return [302, {'Location' => '/'}, []] |
|
end |
|
|
|
@app.call(env) |
|
end |
|
end |
|
|
|
use OmniAuthSetGollumAuthor |
|
|
|
gollum_path = File.expand_path(File.dirname(__FILE__)) |
|
|
|
Precious::App.set(:gollum_path, gollum_path) |
|
Precious::App.set(:default_markup, :markdown) |
|
Precious::App.set(:wiki_options, { |
|
:mathjax => true, |
|
:h1_title => true, |
|
:live_preview => false, |
|
:allow_uploads => true, |
|
:css => true, |
|
:universal_toc => false, |
|
:user_icons => 'gravatar' |
|
}) |
|
|
|
Gollum::Page::FORMAT_NAMES = { |
|
:markdown => "Markdown", |
|
:org => "Org-mode", |
|
:asciidoc => "AsciiDoc" |
|
} |
|
|
|
map "/" do |
|
run Precious::App |
|
end |
|
|
|
|