From 7812adfdbce4cef30b135fa6bbca4f8f67949dc1 Mon Sep 17 00:00:00 2001
From: "konstantin.grabar" <santaux@gmail.com>
Date: Fri, 21 Sep 2012 23:15:48 +0400
Subject: [PATCH] [refs #374] Add custom http basic auth for api

---
 apidocs/lib/resources.rb                          | 4 ++--
 app/controllers/api/v1/base_controller.rb         | 9 +++++++++
 app/controllers/api/v1/build_lists_controller.rb  | 4 ++--
 app/controllers/api/v1/platforms_controller.rb    | 4 ++--
 app/controllers/api/v1/projects_controller.rb     | 2 +-
 app/controllers/api/v1/repositories_controller.rb | 2 +-
 app/controllers/application_controller.rb         | 7 +++++++
 config/initializers/http_basic.rb                 | 4 ++++
 config/locales/en.yml                             | 2 ++
 config/locales/ru.yml                             | 2 ++
 10 files changed, 32 insertions(+), 8 deletions(-)
 create mode 100644 config/initializers/http_basic.rb

diff --git a/apidocs/lib/resources.rb b/apidocs/lib/resources.rb
index da29333e7..b543c758b 100644
--- a/apidocs/lib/resources.rb
+++ b/apidocs/lib/resources.rb
@@ -396,11 +396,11 @@ module GitHub
     }
 
     ERROR_AUTH = {
-      "error" => "You need to sign in or sign up before continuing."
+      "message" => "You need to sign in or sign up before continuing."
     }
 
     ERROR_WRONG_PASS = {
-      "error" => "Invalid email or password."
+      "message" => "Invalid email or password."
     }
 
     ERROR_RATE_LIMIT = {
diff --git a/app/controllers/api/v1/base_controller.rb b/app/controllers/api/v1/base_controller.rb
index 2fec686d9..515258490 100644
--- a/app/controllers/api/v1/base_controller.rb
+++ b/app/controllers/api/v1/base_controller.rb
@@ -1,5 +1,6 @@
 # -*- encoding : utf-8 -*-
 class Api::V1::BaseController < ApplicationController
+  before_filter :http_auth
   before_filter :restrict_paginate, :only => :index
 
   protected
@@ -8,4 +9,12 @@ class Api::V1::BaseController < ApplicationController
     params[:per_page] = 30  if params[:per_page].blank? or params[:per_page].to_i < 1
     params[:per_page] = 100 if params[:per_page].to_i >100
   end
+
+  def http_auth
+    authenticate_or_request_with_http_basic do |email, password|
+      raise HttpBasicAuthError if email.blank? && password.blank?
+      @current_user = User.find_by_email(email)
+      @current_user && @current_user.valid_password?(password) ? true : raise(HttpBasicWrongPassError)
+    end
+  end
 end
diff --git a/app/controllers/api/v1/build_lists_controller.rb b/app/controllers/api/v1/build_lists_controller.rb
index 0b3e395f1..43996de5e 100644
--- a/app/controllers/api/v1/build_lists_controller.rb
+++ b/app/controllers/api/v1/build_lists_controller.rb
@@ -1,7 +1,7 @@
 # -*- encoding : utf-8 -*-
 class Api::V1::BuildListsController < Api::V1::BaseController
-  before_filter :authenticate_user!
-  skip_before_filter :authenticate_user!, :only => [:show, :index] if APP_CONFIG['anonymous_access']
+  #before_filter :authenticate_user!
+  #skip_before_filter :authenticate_user!, :only => [:show, :index] if APP_CONFIG['anonymous_access']
 
   load_and_authorize_resource :project, :only => :index
   load_and_authorize_resource :build_list, :only => [:show, :create, :cancel, :publish, :reject_publish]#, :shallow => true
diff --git a/app/controllers/api/v1/platforms_controller.rb b/app/controllers/api/v1/platforms_controller.rb
index 930201b7f..e98bcd024 100644
--- a/app/controllers/api/v1/platforms_controller.rb
+++ b/app/controllers/api/v1/platforms_controller.rb
@@ -1,8 +1,8 @@
 # -*- encoding : utf-8 -*-
 class Api::V1::PlatformsController < Platforms::BaseController
 
-  before_filter :authenticate_user!
-  skip_before_filter :authenticate_user!, :only => [:advisories] if APP_CONFIG['anonymous_access']
+  #before_filter :authenticate_user!
+  #skip_before_filter :authenticate_user!, :only => [:advisories] if APP_CONFIG['anonymous_access']
   load_and_authorize_resource
 
   autocomplete :user, :uname
diff --git a/app/controllers/api/v1/projects_controller.rb b/app/controllers/api/v1/projects_controller.rb
index dca7fc7b5..cd556e902 100644
--- a/app/controllers/api/v1/projects_controller.rb
+++ b/app/controllers/api/v1/projects_controller.rb
@@ -1,6 +1,6 @@
 # -*- encoding : utf-8 -*-
 class Api::V1::ProjectsController < Api::V1::BaseController
-  before_filter :authenticate_user!
+  #before_filter :authenticate_user!
   load_and_authorize_resource
 
   def get_id
diff --git a/app/controllers/api/v1/repositories_controller.rb b/app/controllers/api/v1/repositories_controller.rb
index 76c22f036..767dd6347 100644
--- a/app/controllers/api/v1/repositories_controller.rb
+++ b/app/controllers/api/v1/repositories_controller.rb
@@ -1,6 +1,6 @@
 # -*- encoding : utf-8 -*-
 class Api::V1::RepositoriesController < Api::V1::BaseController
-  before_filter :authenticate_user!
+  #before_filter :authenticate_user!
 
   load_and_authorize_resource :repository, :through => :platform, :shallow => true
 end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index a7df2ec34..d0a18d1e9 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -40,6 +40,13 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  rescue_from HttpBasicAuthError do |exception|
+    render :json => {:message => t("flash.http_basic_error_msg")}.to_json, :status => 401
+  end
+  rescue_from HttpBasicWrongPassError do |exception|
+    render :json => {:message => t("flash.http_basic_wrong_pass_error_message")}.to_json, :status => 401
+  end
+
   rescue_from Grit::NoSuchPathError, :with => :not_found
 
   protected
diff --git a/config/initializers/http_basic.rb b/config/initializers/http_basic.rb
new file mode 100644
index 000000000..eda76154b
--- /dev/null
+++ b/config/initializers/http_basic.rb
@@ -0,0 +1,4 @@
+class HttpBasicWrongPassError < StandardError
+end
+class HttpBasicAuthError < StandardError
+end
diff --git a/config/locales/en.yml b/config/locales/en.yml
index de9d9a391..465d4fd13 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -138,6 +138,8 @@ en:
 
     500_message: Error 500. Something went wrong.  We've been notified about this issue and we'll take a look at it shortly.
     404_message: Error 404. Resource not found!
+    http_basic_auth_error_message: You need to sign in or sign up before continuing
+    http_basic_wrong_pass_error_message: Invalid email or password
 
     collaborators:
       successfully_changed: Collaborators list successfully changed
diff --git a/config/locales/ru.yml b/config/locales/ru.yml
index baa7fd1d2..be2f292df 100644
--- a/config/locales/ru.yml
+++ b/config/locales/ru.yml
@@ -138,6 +138,8 @@ ru:
 
     500_message: Ошибка 500. Что-то пошло не так. Мы уже в курсе данной проблемы и постараемся поскорее ее решить.
     404_message: Ошибка 404. Страница не найдена!
+    http_basic_auth_error_message: Вы должны авторизоваться или зарегестрироваться
+    http_basic_wrong_pass_error_message: Неверный имейл или пароль
 
     collaborators:
       successfully_changed: Список коллабораторов успешно изменен