API login/logout with http header token

2017-04-14 23:22:58 +06:30
parent db75780267
commit 5ca9615e38
11 changed files with 47 additions and 22 deletions
--- a/1
+++ b/1
@@ -23,6 +23,7 @@ gem 'coffee-rails', '~> 4.2'
 gem 'simple_form'
 gem 'bootstrap', '~> 4.0.0.alpha3'
 gem "font-awesome-rails"
+gem 'rack-cors'

 #Report and Printing gems
 gem 'cups', '~> 0.0.7'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -107,6 +107,7 @@ GEM
      prawn (>= 1.3.0, < 3.0.0)
    puma (3.8.2)
    rack (2.0.1)
+    rack-cors (0.4.1)
    rack-test (0.6.3)
      rack (>= 1.0)
    rails (5.0.2)
@@ -224,6 +225,7 @@ DEPENDENCIES
  prawn
  prawn-table
  puma (~> 3.0)
+  rack-cors
  rails (~> 5.0.2)
  rspec-rails (~> 3.5)
  sass-rails (~> 5.0)
--- a/app/controllers/api/api_controller.rb
+++ b/app/controllers/api/api_controller.rb
@@ -10,5 +10,4 @@ class Api::ApiController < ActionController::API
      return token
    end
  end
-
 end
--- a/app/controllers/api/authenticate_controller.rb
+++ b/app/controllers/api/authenticate_controller.rb
@@ -1,9 +1,36 @@
-class Api::AuthenticateController < ActionController::API
+class Api::AuthenticateController < Api::ApiController
+  skip_before_action  :authenticate

  def create
+    emp_id = params[:emp_id]
+    password = params[:password]
+
+    if emp_id && password
+      @employee = Employee.login(emp_id, password)
+
+      if @employee
+        render json: JSON.generate({:status => true, :session_token => @employee.token_session, :name => @employee.name, :role => @employee.role})
+      else
+        render json: JSON.generate({:status => false, :error_message => "Bad Emp_ID or Password."})
+      end
+    else
+      render json: JSON.generate({:status => false, :error_message => "Input Parameters missing."})
+
+    end
  end

  def destroy
+    logout_status = Employee.logout(params[:session_token])
+    if logout_status
+      render json: JSON.generate({:status => true})
+
+    else
+      render json: JSON.generate({:status => false, :error_message => "Session Token Invalid or Missing"})
+
+    end
  end

+  def authenticate_params
+    params.permit(:emp_id, :password, :session_token)
+  end
 end
--- a/app/controllers/api/restaurant/menu_controller.rb
+++ b/app/controllers/api/restaurant/menu_controller.rb
@@ -1,4 +1,4 @@
-class Api::Restaurant::MenuController < ActionController::API
+class Api::Restaurant::MenuController < Api::ApiController
  before :authenticate_token

  #Description
--- a/app/controllers/api/restaurant/rooms_controller.rb
+++ b/app/controllers/api/restaurant/rooms_controller.rb
@@ -1,4 +1,4 @@
-class Api::Restaurant::RoomsController < ActionController::API
+class Api::Restaurant::RoomsController < Api::ApiController
  before_action :set_room, only: [:show]

  def index
--- a/app/controllers/api/restaurant/seatings_controller.rb
+++ b/app/controllers/api/restaurant/seatings_controller.rb
@@ -1,4 +1,4 @@
-class Api::Restaurant::SeatingsController < ActionController::API
+class Api::Restaurant::SeatingsController < Api::ApiController
  before_action :set_table, only: [:show]

  def index
--- a/app/controllers/api/restaurant/takeaway_controller.rb
+++ b/app/controllers/api/restaurant/takeaway_controller.rb
@@ -1,4 +1,4 @@
-class Api::Restaurant::TakeawaysController < ActionController::API
+class Api::Restaurant::TakeawaysController < Api::ApiController
  def index
      render json: SeatTable.order("order_by")
  end
--- a/app/controllers/api/restaurant/zones_controller.rb
+++ b/app/controllers/api/restaurant/zones_controller.rb
@@ -1,4 +1,4 @@
-class Api::Restaurant::ZonesController < ActionController::API
+class Api::Restaurant::ZonesController < Api::ApiController

  def index
      render json: Zone.includes([:tables, :rooms]).where("is_active = true")
--- a/app/controllers/concerns/token_verification.rb
+++ b/app/controllers/concerns/token_verification.rb
@@ -1,5 +1,6 @@
 module TokenVerification
  extend ActiveSupport::Concern
+  include ActionController::HttpAuthentication::Token::ControllerMethods

  included do
    before_action :authenticate
@@ -15,14 +16,9 @@ module TokenVerification
  def authenticate_token
    authenticate_with_http_token do |token, options|
      #@current_user = User.find_by(api_key: token)
-      @device_access = DeviceAccess.find_by_token(token)
-      if @device_access
-        @log = DeviceAccessLog.new
-        @log.device_access = @device_access
-        @log.api_route = request.env['PATH_INFO']
-        @log.remote_ip = request.remote_ip
-        # @log.client_info =
-        @log.save
+      @user = Employee.authenticate_token(token)
+      if @user
+        #Maybe log - login?
      end

    end
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -6,15 +6,15 @@ Rails.application.routes.draw do
  post 'install' =>  'install#create'

  #--------- Login/Authentication ------------#
-  post 'authenticate' => 'home#create'
-  delete 'authenticate' => 'home/destroy'
+  post 'login' => 'home#create'
+  delete 'logout' => 'home#destroy'


  #--------- API Routes ------------#
  namespace :api,  :defaults => { :format => 'json' } do
    #Session Login and Logout
-    post   'authenticate' => "autheticate#create"
-    delete 'authenticate' => "autheticate#destroy"
+    post   'authenticate' => "authenticate#create"
+    delete 'authenticate' => "authenticate#destroy"

    namespace :restaurant do
      get 'zones' => "zones#index"