Adding interlock authentication

This commit is contained in:
Will Bradley 2014-02-23 05:55:00 -07:00
parent c5556a0d50
commit 095b6d3965
12 changed files with 81 additions and 15 deletions

View File

@ -13,6 +13,20 @@ class ApplicationController < ActionController::Base
@payment_methods = [[nil],["PayPal"],["Dwolla"],["Bill Pay"],["Check"],["Cash"],["Other"]] @payment_methods = [[nil],["PayPal"],["Dwolla"],["Bill Pay"],["Check"],["Cash"],["Other"]]
@payment_instructions = {nil => nil, :paypal => "Set up a monthly recurring payment to hslfinances@gmail.com", :dwolla => "Set up a monthly recurring payment to hslfinances@gmail.com", :billpay => "Have your bank send a monthly check to HeatSync Labs Treasurer, 140 W Main St, Mesa AZ 85201", :check => "Mail to HeatSync Labs Treasurer, 140 W Main St, Mesa AZ 85201 OR put in the drop safe at the Lab with a deposit slip firmly attached each month.", :cash => "Put in the drop safe at the Lab with a deposit slip firmly attached each month.", :other => "Hmm... talk to a Treasurer!"} @payment_instructions = {nil => nil, :paypal => "Set up a monthly recurring payment to hslfinances@gmail.com", :dwolla => "Set up a monthly recurring payment to hslfinances@gmail.com", :billpay => "Have your bank send a monthly check to HeatSync Labs Treasurer, 140 W Main St, Mesa AZ 85201", :check => "Mail to HeatSync Labs Treasurer, 140 W Main St, Mesa AZ 85201 OR put in the drop safe at the Lab with a deposit slip firmly attached each month.", :cash => "Put in the drop safe at the Lab with a deposit slip firmly attached each month.", :other => "Hmm... talk to a Treasurer!"}
# Check authorization of a user / sign them in manually
def check_auth(email,password)
resource = User.find_by_email(email)
if resource && resource.valid_password?(password)
resource.remember_me = true
sign_in :user, resource
return true
else
return false
end
end
end end
# Add a "fit" function to sanitize inputs for mac history # Add a "fit" function to sanitize inputs for mac history

View File

@ -1,6 +1,6 @@
class CardsController < ApplicationController class CardsController < ApplicationController
load_and_authorize_resource load_and_authorize_resource except: :authorize
before_filter :authenticate_user! before_filter :authenticate_user!, except: :authorize
# GET /cards # GET /cards
# GET /cards.json # GET /cards.json
@ -111,6 +111,41 @@ class CardsController < ApplicationController
end end
end end
def authorize
# Stop unless signed in already, OR if the supplied user/pass params are good.
unless current_user || check_auth(params['user'],params['pass'])
@auth = "bad_user_or_pass"
else
# Stop unless the user can access the door system
unless can? :authorize, Card
@auth = "bad_user_permissions"
Rails.logger.warn "----------\r\nWARNING: CARD AUTH ATTEMPT DENIED. USER #{current_user.inspect}\r\n----------"
else
begin
@card = Card.find(:first, :conditions => ["lower(card_number) = ?", params[:id].downcase])
@auth = @card.inspect
if @card && @card.user
@auth = @card.user.has_certification?(params[:device])
else
@auth = false
end
rescue
@auth = false
end
end
end
if @card && @card.user
username = @card.user.name
else
username = nil
end
render json: [@auth, username]
end
# DELETE /cards/1 # DELETE /cards/1
# DELETE /cards/1.json # DELETE /cards/1.json
def destroy def destroy

View File

@ -102,15 +102,4 @@ class SpaceApiController < ApplicationController
end end
def check_auth(email,password)
resource = User.find_by_email(email)
if resource && resource.valid_password?(password)
resource.remember_me = true
sign_in :user, resource
return true
else
return false
end
end
end end

View File

@ -24,6 +24,7 @@ class Ability
if user.card_access_enabled if user.card_access_enabled
can :access_doors_remotely, :door_access can :access_doors_remotely, :door_access
can :authorize, Card # used for interlock card/certification auth
end end
# Instructors can manage certs and see users # Instructors can manage certs and see users

View File

@ -1,5 +1,7 @@
class Certification < ActiveRecord::Base class Certification < ActiveRecord::Base
attr_accessible :description, :name attr_accessible :description, :name, :slug
has_many :user_certifications has_many :user_certifications
has_many :users, :through => :user_certifications has_many :users, :through => :user_certifications
validates_presence_of :name, :slug
end end

View File

@ -136,6 +136,14 @@ class User < ActiveRecord::Base
Rails.logger.info UserMailer.email(self,from_user,subject,body).deliver Rails.logger.info UserMailer.email(self,from_user,subject,body).deliver
end end
def has_certification?(cert_slug)
if self.certifications.find_by_slug(cert_slug)
true
else
false
end
end
private private
def send_new_user_email def send_new_user_email

View File

@ -15,6 +15,10 @@
<%= f.label :name %><br /> <%= f.label :name %><br />
<%= f.text_field :name %> <%= f.text_field :name %>
</div> </div>
<div class="field">
<%= f.label :slug, "Slug (lowercase, single-word identifier)" %><br />
<%= f.text_field :slug %>
</div>
<div class="field"> <div class="field">
<%= f.label :description %><br /> <%= f.label :description %><br />
<%= f.text_area :description %> <%= f.text_area :description %>

View File

@ -5,6 +5,7 @@
<ul> <ul>
<% @certifications.each do |certification| %> <% @certifications.each do |certification| %>
<li><%= link_to certification.name, certification %> <li><%= link_to certification.name, certification %>
(<%= certification.slug %>)
<% if can? :update, certification %> | <%= link_to 'Edit', edit_certification_path(certification) %><% end %> <% if can? :update, certification %> | <%= link_to 'Edit', edit_certification_path(certification) %><% end %>
<% if can? :destroy, certification %> | <%= link_to 'Destroy', certification, :confirm => 'Are you sure?', :method => :delete %><% end %> <% if can? :destroy, certification %> | <%= link_to 'Destroy', certification, :confirm => 'Are you sure?', :method => :delete %><% end %>
</li> </li>

View File

@ -3,6 +3,11 @@
<%= @certification.name %> <%= @certification.name %>
</p> </p>
<p>
<b>Slug (lowercase, single-word identifier):</b>
<%= @certification.slug %>
</p>
<p> <p>
<b>Description:</b> <b>Description:</b>
<%= simple_format @certification.description %> <%= simple_format @certification.description %>

View File

@ -44,6 +44,7 @@ Dooraccess::Application.routes.draw do
match 'users/create' => 'users#create', :via => :post # Use POST users/create instead of POST users to avoid devise conflict match 'users/create' => 'users#create', :via => :post # Use POST users/create instead of POST users to avoid devise conflict
match 'cards/upload_all' => 'cards#upload_all', :as => :upload_all match 'cards/upload_all' => 'cards#upload_all', :as => :upload_all
match 'cards/authorize/:id' => 'cards#authorize', :as => :authorize
resources :cards resources :cards
match 'cards/:id/upload' => 'cards#upload', :as => :upload match 'cards/:id/upload' => 'cards#upload', :as => :upload

View File

@ -0,0 +1,5 @@
class AddSlugToCertifications < ActiveRecord::Migration
def change
add_column :certifications, :slug, :string
end
end

View File

@ -11,7 +11,7 @@
# #
# It's strongly recommended to check this file into your version control system. # It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20140214070420) do ActiveRecord::Schema.define(:version => 20140223060554) do
create_table "cards", :force => true do |t| create_table "cards", :force => true do |t|
t.string "card_number" t.string "card_number"
@ -27,6 +27,7 @@ ActiveRecord::Schema.define(:version => 20140214070420) do
t.string "description" t.string "description"
t.datetime "created_at", :null => false t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false t.datetime "updated_at", :null => false
t.string "slug"
end end
create_table "door_logs", :force => true do |t| create_table "door_logs", :force => true do |t|