[refs #396] Add token auth for atom feed

2012-04-18 16:46:09 +04:00 · 2012-04-18 16:46:09 +04:00 · 8ef020427d
parent 8d723ee0be
commit 8ef020427d
4 changed files with 35 additions and 13 deletions
--- a/app/controllers/activity_feeds_controller.rb
+++ b/app/controllers/activity_feeds_controller.rb
@ -1,10 +1,10 @@
 # -*- encoding : utf-8 -*-
 class ActivityFeedsController < ApplicationController
-  before_filter :authenticate_user!
+  before_filter :custom_authenticate!

  def index
    @filter = t('feed_menu').has_key?(params[:filter].try(:to_sym)) ? params[:filter].to_sym : :all
-    @activity_feeds = current_user.activity_feeds
+    @activity_feeds = @user.activity_feeds
    @activity_feeds = @activity_feeds.where(:kind => "ActivityFeed::#{@filter.upcase}".constantize) unless @filter == :all
    @activity_feeds = @activity_feeds.paginate :page => params[:page]
    respond_to do |format|
@ -12,4 +12,15 @@ class ActivityFeedsController < ApplicationController
      format.atom
    end
  end
+
+  private
+
+  def custom_authenticate!
+    if params[:token]
+      @user = User.find_by_authentication_token params[:token]
+      redirect_to(new_user_session_path) unless @user.present?
+    else
+      @user = current_user if authenticate_user!
+    end
+  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -5,7 +5,7 @@ class User < ActiveRecord::Base
  LANGUAGES = LANGUAGES_FOR_SELECT.map(&:last)
  MAX_AVATAR_SIZE = 5.megabyte

-  devise :database_authenticatable, :registerable, :omniauthable, # :token_authenticatable, :encryptable, :timeoutable
+  devise :database_authenticatable, :registerable, :omniauthable, :token_authenticatable,# :encryptable, :timeoutable
         :recoverable, :rememberable, :validatable, :lockable, :confirmable#, :reconfirmable, :trackable
  has_attached_file :avatar, :styles =>
    { :micro => { :geometry => "16x16#",  :format => :jpg, :convert_options => '-strip -background white -flatten -quality 70'},
@ -56,6 +56,7 @@ class User < ActiveRecord::Base
  scope :real, where(:role => ['', nil])

  after_create lambda { self.create_notifier }
+  before_create :ensure_authentication_token

  def admin?
    role == 'admin'
--- a/db/migrate/20120418100619_add_token_authenticatable_to_users.rb
+++ b/db/migrate/20120418100619_add_token_authenticatable_to_users.rb
@ -0,0 +1,11 @@
+class AddTokenAuthenticatableToUsers < ActiveRecord::Migration
+  def change
+    change_table :users do |t|
+      t.token_authenticatable
+    end
+
+    User.all.each do |user|
+      user.ensure_authentication_token!
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.

-ActiveRecord::Schema.define(:version => 20120413160722) do
+ActiveRecord::Schema.define(:version => 20120418100619) do

  create_table "activity_feeds", :force => true do |t|
    t.integer  "user_id",    :null => false
@ -190,7 +190,7 @@ ActiveRecord::Schema.define(:version => 20120413160722) do
    t.string   "owner_type"
    t.string   "visibility",         :default => "open", :null => false
    t.string   "platform_type",      :default => "main", :null => false
-    t.string   "distrib_type",                           :null => false
+    t.string   "distrib_type"
  end

  add_index "platforms", ["name"], :name => "index_platforms_on_name", :unique => true, :case_sensitive => false
@ -261,27 +261,25 @@ ActiveRecord::Schema.define(:version => 20120413160722) do
    t.text     "description"
    t.string   "ancestry"
    t.boolean  "has_issues",         :default => true
+    t.boolean  "has_wiki",           :default => false
    t.string   "srpm_file_name"
    t.string   "srpm_content_type"
    t.integer  "srpm_file_size"
    t.datetime "srpm_updated_at"
-    t.boolean  "has_wiki",           :default => false
    t.string   "default_branch",     :default => "master"
    t.boolean  "is_rpm",             :default => true
    t.integer  "average_build_time", :default => 0,        :null => false
    t.integer  "build_count",        :default => 0,        :null => false
  end

-  add_index "projects", ["owner_id"], :name => "index_projects_on_name_and_owner_id_and_owner_type", :unique => true
-
  create_table "register_requests", :force => true do |t|
    t.string   "name"
    t.string   "email"
    t.string   "token"
    t.boolean  "approved",   :default => false
    t.boolean  "rejected",   :default => false
-    t.datetime "created_at"
-    t.datetime "updated_at"
+    t.datetime "created_at",                    :null => false
+    t.datetime "updated_at",                    :null => false
    t.string   "interest"
    t.text     "more"
  end
@ -343,6 +341,9 @@ ActiveRecord::Schema.define(:version => 20120413160722) do
    t.string   "uname"
    t.string   "role"
    t.string   "language",                               :default => "en"
+    t.string   "confirmation_token"
+    t.datetime "confirmed_at"
+    t.datetime "confirmation_sent_at"
    t.integer  "own_projects_count",                     :default => 0,    :null => false
    t.datetime "reset_password_sent_at"
    t.text     "professional_experience"
@ -356,9 +357,7 @@ ActiveRecord::Schema.define(:version => 20120413160722) do
    t.integer  "failed_attempts",                        :default => 0
    t.string   "unlock_token"
    t.datetime "locked_at"
-    t.string   "confirmation_token"
-    t.datetime "confirmed_at"
-    t.datetime "confirmation_sent_at"
+    t.string   "authentication_token"
  end

  add_index "users", ["confirmation_token"], :name => "index_users_on_confirmation_token", :unique => true