edit api for login

2017-01-25 11:05:06 +06:30
parent fa2b51e5e4
commit dbcee40b68
4 changed files with 40 additions and 29 deletions
--- a/app/controllers/api/auth_controller.rb
+++ b/app/controllers/api/auth_controller.rb
@@ -4,11 +4,15 @@ class Api::AuthController < ApplicationController
 		username = params[:username]
    access = params[:access_code]
   		 
-   		user = Member.find_by_email(username)
-		if user && user.valid_password?(access)
-		 	user.session_token = SecureRandom.hex 		 	 
-      		if user.save
-      			@out=true,user.session_token
+   	member = Member.find_by_email(username)
+		if member && member.valid_password?(access)
+		 	member.session_token = SecureRandom.hex 		 	 
+      		if member.save
+            find_user=User.find_by_id(member.user_id)
+            if !find_user.nil?
+               arr_user={:id => find_user.id,:name => find_user.name,:nrc => find_user.nrc,:email =>find_user.email,:is_active =>find_user.is_active,:phone =>find_user.phone,:address => find_user.address,:session_token => member.session_token} 
+            end
+      			@out=true,arr_user
      		else
      			@out=false,"Error occurs in login process."
      		end
--- a/app/controllers/api/batches_controller.rb
+++ b/app/controllers/api/batches_controller.rb
@@ -23,9 +23,9 @@ class Api::BatchesController < ApplicationController
  		session_token=params[:session_token]  
  		batch_id=params[:batch_id]
  	 
-  		is_authorize= Member.authenticate_session_token(session_token)
+  		check_member= Member.authenticate_session_token(session_token)

-  		if  is_authorize
+  		if  !check_member.nil?
 	  		batch=Batch.find_by_id(batch_id)
 	  		if !batch.nil?
 		  		batch.batch_end_time = DateTime.now.beginning_of_day.utc.to_time.strftime("%Y-%m-%d")
@@ -46,28 +46,33 @@ class Api::BatchesController < ApplicationController
  		session_token=params[:session_token]
  	    batch_id=params[:batch_id]

-  		is_authorize= Member.authenticate_session_token(session_token)
-  		if is_authorize  			 
+  		check_member= Member.authenticate_session_token(session_token)
+  		if !check_member.nil?  			 
  			batch=Batch.find_by_id(batch_id)
-  			tickets=batch.tickets.count
-  			@out=true,tickets
+  			batch_line_items=batch.batch_line_item.count
+  			@out=true,batch_line_items
  		else
  			@out = false, "Sorry!Unauthorized user!"  
  		end
  	end
  	def batch_progress_list 
-  	    created_by=params[:created_by]
-  
-  	    if !created_by.nil?  	    	
-  	    	batches = Batch.where('batch_end is null and created_by=?', created_by)
-  	    	puts batches
-  	    	if !batches.blank?
-  	    		@out=true,batches
-  	    	else
-  	    		@out = false, "No Batch"  
-  	    	end
-  	    else
-  	    	@out = false, "Sorry!Unauthorized user!"  
-  	    end   	
+     session_token=params[:session_token]  
+  	 created_by=params[:created_by]  
+
+      check_member= Member.authenticate_session_token(session_token)
+      if !check_member.nil?  
+    	    if !created_by.nil?  	    	
+    	    	batches = Batch.where('batch_end is null and created_by=?', created_by)    	    
+    	    	if !batches.blank?
+    	    		@out=true,batches
+    	    	else
+    	    		@out = false, "No Batch"  
+    	    	end
+    	    else
+    	    	@out = false, "Sorry!Unauthorized user!"  
+    	    end   	
+      else
+            @out = false, "Sorry!Unauthorized user!" 
+      end
  	end
 end
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -28,6 +28,11 @@ class UsersController < ApplicationController
    @user = User.new(user_params)
    email=params[:registered_email]
    @user.is_active=true
+    cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
+    key=cipher.random_key
+    secrect_key= Base64.encode64(key)
+    @user.secrect_key=secrect_key  
+
    respond_to do |format|
      if @user.save
        member_id= current_member.id
@@ -50,6 +55,7 @@ class UsersController < ApplicationController
  # PATCH/PUT /users/1
  # PATCH/PUT /users/1.json
  def update
+
    respond_to do |format|
      if @user.update(user_params)
        format.html { redirect_to @user, notice: 'User was successfully updated.' }
--- a/app/views/users/_form.html.erb
+++ b/app/views/users/_form.html.erb
@@ -48,11 +48,7 @@
          <div class ="form-group" >
            <label for="address" class="string optional control-label">Address:</label>
            <%= f.input :address,:error=>false,:label =>false,:placeholder =>'Please enter user address',input_html: { class: "form-control" }  %>
-          </div> 
-          <div class ="form-group" >
-            <label for="secret_key" class="string optional control-label">Secrect Key:</label>
-            <%= f.input :secrect_key,:error=>false,:label =>false,:placeholder =>'Please enter user secret key',input_html: { class: "form-control" }  %>
-          </div>          
+          </div>                      
          <% if !@user.id.nil? %>             
              <div class ="form-group" >
                <label for="is_active" class="string optional control-label">Active:</label>