-
-
Save valexl/082edeff275b92d3b604 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class VAlexL::RCCW::Auth::Bitrix | |
attr_reader :company | |
def initialize(company, bitrix_user_attrs) | |
@company = company | |
@bitrix_user_attrs = bitrix_user_attrs | |
end | |
def sign_in_to_bitrix? | |
@bitrix_user_attrs.present? | |
end | |
def current_user | |
return nil unless sign_in_to_bitrix? | |
return @current_user if @current_user | |
@current_user = company.users.find_or_initialize_by email: @bitrix_user_attrs[:email].downcase | |
@current_user.bitrix_user_id = @bitrix_user_attrs[:user_id] | |
if @current_user.name.blank? | |
@current_user.name, @current_user.lastname = @bitrix_user_attrs[:login].split(".") | |
end | |
@current_user.save if @current_user.new_record? || @current_user.changed? | |
@current_user | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class VAlexL::RCCW::Auth::Main | |
def initialize(company, session) | |
@company = company | |
@session = session.clone | |
@bitrix_auth = VAlexL::RCCW::Auth::Bitrix.new @company, @session[:bitrix_user] | |
@manually_auth = VAlexL::RCCW::Auth::Manually.new @company, id: @session[:user_id] | |
end | |
def user_sign_in? | |
return true if @bitrix_auth.sign_in_to_bitrix? && current_user.present? | |
return false if time_of_session_is_up? # if there is not any information about user in memchache or if there is information that user is logged of | |
# then get infromation about current user session | |
current_user.present? | |
end | |
def current_user | |
@current_user ||= @manually_auth.current_user | |
@current_user ||= @bitrix_auth.current_user | |
return nil if @current_user.blank? || @current_user.is_inactive? | |
@current_user | |
end | |
private | |
def time_of_session_is_up? | |
return false unless last_touch_either_blank_or_was_24_hours_ago? | |
Rails.logger.info '------------**************-------------' | |
Rails.logger.info '#### The time of session is up ####' | |
Rails.logger.info '------------**************-------------' | |
true | |
end | |
def last_touch_either_blank_or_was_24_hours_ago? | |
return true if @session[:last_touch].blank? | |
@session[:last_touch].to_time < Time.now - 24.hours | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class VAlexL::RCCW::Auth::Manually | |
# check current session state | |
include ActiveModel::Validations | |
attr_reader :company, :password, :email, :user_id | |
def initialize(company, user_auth_data) | |
@company = company | |
@user_id = user_auth_data[:id] | |
@email = user_auth_data[:email] | |
@password = user_auth_data[:password] | |
end | |
def check_permission! | |
return true if access_is_allowed? && is_user_active? | |
errors.add(:base, I18n.t('activerecord.errors.libs.auth.access_denied')) unless access_is_allowed? | |
errors.add(:base, I18n.t('activerecord.errors.libs.auth.inactive_user')) if access_is_allowed? && not(is_user_active?) | |
false | |
end | |
def current_use | |
return @current_user if @current_user.present? | |
@current_user = User.server_admins.find_by_id user_id | |
@current_user ||= User.server_admins.find_by_email email | |
if company.present? | |
@current_user ||= company.users.find_by_id user_id | |
@current_user ||= company.users.find_by_email email | |
end | |
@current_user | |
end | |
private | |
def access_is_allowed? | |
current_user.present? && valid_password? | |
end | |
def valid_password? | |
return false if current_user.encrypted_password.blank? | |
bcrypt = ::BCrypt::Password.new(current_user.encrypted_password) | |
eng_password = ::BCrypt::Engine.hash_secret("#{password}", bcrypt.salt) | |
secure_compare(eng_password, current_user.encrypted_password) | |
end | |
def secure_compare(a, b) | |
return false if a.blank? || b.blank? || a.bytesize != b.bytesize | |
l = a.unpack "C#{a.bytesize}" | |
res = 0 | |
b.each_byte { |byte| res |= byte ^ l.shift } | |
res == 0 | |
end | |
def is_user_active? | |
return true if current_user.blank? || current_user.is_active? | |
false | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment