From 04ae7414625eeaa045ef54e5f32ffb00921649fa Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 11 Apr 2018 11:27:05 +0630 Subject: [PATCH 1/7] cloud for api and doemal --- .gitignore | 1 + app/controllers/api/api_controller.rb | 31 ++++++++++++++++++- .../concerns/token_verification.rb | 11 +++++-- app/models/my_aes_crypt.rb | 15 +++++++++ config/initializers/action_controller.rb | 10 +++--- 5 files changed, 60 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index e32934b1..4b1b7cee 100755 --- a/.gitignore +++ b/.gitignore @@ -36,6 +36,7 @@ pickle-email-*.html /gems/* ._*.* .rbenv-version +config/initializers/* config/deploy/config/* config/puma.rb #config/shops.json diff --git a/app/controllers/api/api_controller.rb b/app/controllers/api/api_controller.rb index 5b60b5df..04dc3a72 100755 --- a/app/controllers/api/api_controller.rb +++ b/app/controllers/api/api_controller.rb @@ -1,7 +1,8 @@ class Api::ApiController < ActionController::API include TokenVerification - helper_method :current_token, :current_login_employee, :get_cashier + before_action :lookup_domain + helper_method :current_token, :current_login_employee, :get_cashier private #this is base api base controller to need to inherit. @@ -21,4 +22,32 @@ class Api::ApiController < ActionController::API def current_login_employee @employee = Employee.find_by_token_session(current_token) end + + def lookup_domain + if request.subdomain.present? && request.subdomain != "www" + from = request.subdomain.downcase + "." + request.domain.downcase + @license = cache_license(ENV["SX_PROVISION_URL"], from) # request.subdomain.downcase + if (!@license.nil?) + logger.info "Location - " + @license.dbhost + ActiveRecord::Base.establish_connection(website_connection(@license)) + # authenticate_session_token + # logger.info "Connecting to - " + @license.subdomain + " - "+ @license.dbhost + "@" + @license.dbschema + else8 + # reconnect_default_db + logger.info 'License is nil' + # redirect_to root_url(:host => request.domain) + "store_error" + render :json => [{ status: false, message: 'Invalid Access!'}] + end + end + end + + def cache_license(url, lookup) + @license = License.new(url, lookup) + + if (@license.detail_with_local_cache(lookup) == true) + return @license + else + return nil + end + end end diff --git a/app/controllers/concerns/token_verification.rb b/app/controllers/concerns/token_verification.rb index 1d700c8b..419b9b3b 100755 --- a/app/controllers/concerns/token_verification.rb +++ b/app/controllers/concerns/token_verification.rb @@ -15,8 +15,15 @@ module TokenVerification def authenticate_token authenticate_with_http_token do |token, options| - #@current_user = User.find_by(api_key: token) - Rails.logger.debug "token - " + token.to_s + # Rails.logger.debug "token - " + token.to_s + if(!options.from.nil? && options.from == "DOEMAL"){ + if(ENV["SERVER_MODE"] === "cloud"){ + from = request.subdomain.downcase + "." + request.domain.downcase + aes = MyAesCrypt.new + return aes.checkKeyForAuth(from, token) + } + } + @user = Employee.authenticate_by_token(token) if @user return true diff --git a/app/models/my_aes_crypt.rb b/app/models/my_aes_crypt.rb index 680d0624..339585e4 100644 --- a/app/models/my_aes_crypt.rb +++ b/app/models/my_aes_crypt.rb @@ -56,6 +56,21 @@ class MyAesCrypt return aes_key, aes_iv end + def checkKeyForAuth(from,token){ + file_path = "config/shops.json" + shop_data = File.read(file_path) + + shop_json = JSON.parse(shop_data) + shop_json["data"].each do |j| + if j["lookup"] == from + if(j["value"]["key"] == token){ + return true + } + end + end + return false + } + private def encrypt(data) cipher.encrypt diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index 26255b59..b063f28e 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -20,11 +20,11 @@ class ActionController::Base end else #check for license file - if check_license - current_license(ENV["SX_PROVISION_URL"]) - else - redirect_to activate_path - end + # if check_license + # current_license(ENV["SX_PROVISION_URL"]) + # else + # redirect_to activate_path + # end end end From ace2853cf48089fd0eec75029f2b7eb00a7a836e Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 11 Apr 2018 11:30:34 +0630 Subject: [PATCH 2/7] add config/initializer/* in ignore --- .gitignore | 6 +++--- config/initializers/action_controller.rb | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 4b1b7cee..25b7a581 100755 --- a/.gitignore +++ b/.gitignore @@ -36,9 +36,9 @@ pickle-email-*.html /gems/* ._*.* .rbenv-version -config/initializers/* -config/deploy/config/* -config/puma.rb +/config/initializers/* +/config/deploy/config/* +/config/puma.rb #config/shops.json !/log/.keep !/tmp/.keep diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index b063f28e..26255b59 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -20,11 +20,11 @@ class ActionController::Base end else #check for license file - # if check_license - # current_license(ENV["SX_PROVISION_URL"]) - # else - # redirect_to activate_path - # end + if check_license + current_license(ENV["SX_PROVISION_URL"]) + else + redirect_to activate_path + end end end From b2d302b846879274918614c7fa6831d847c451ab Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 11 Apr 2018 11:36:26 +0630 Subject: [PATCH 3/7] add action_cntr in ignore --- .gitignore | 7 ++++--- config/initializers/action_controller.rb | 10 +++++----- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 25b7a581..69fbb2d2 100755 --- a/.gitignore +++ b/.gitignore @@ -36,9 +36,10 @@ pickle-email-*.html /gems/* ._*.* .rbenv-version -/config/initializers/* -/config/deploy/config/* -/config/puma.rb + +/config/initializers/action_controller.rb +config/deploy/config/* +config/puma.rb #config/shops.json !/log/.keep !/tmp/.keep diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index 26255b59..b063f28e 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -20,11 +20,11 @@ class ActionController::Base end else #check for license file - if check_license - current_license(ENV["SX_PROVISION_URL"]) - else - redirect_to activate_path - end + # if check_license + # current_license(ENV["SX_PROVISION_URL"]) + # else + # redirect_to activate_path + # end end end From fc91fe51af6c73c8800d561db73922e2b8a9b78d Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 11 Apr 2018 11:36:34 +0630 Subject: [PATCH 4/7] add action_cntr in ignore --- config/initializers/action_controller.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index b063f28e..26255b59 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -20,11 +20,11 @@ class ActionController::Base end else #check for license file - # if check_license - # current_license(ENV["SX_PROVISION_URL"]) - # else - # redirect_to activate_path - # end + if check_license + current_license(ENV["SX_PROVISION_URL"]) + else + redirect_to activate_path + end end end From 5e2d8a6d3ad3562cf34d8101789de72575f0fdf5 Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 11 Apr 2018 11:37:43 +0630 Subject: [PATCH 5/7] add action_cntr in ignore --- .gitignore | 2 +- config/initializers/action_controller.rb | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index 69fbb2d2..eadc1489 100755 --- a/.gitignore +++ b/.gitignore @@ -37,7 +37,7 @@ pickle-email-*.html ._*.* .rbenv-version -/config/initializers/action_controller.rb +/config/initializers/* config/deploy/config/* config/puma.rb #config/shops.json diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index 26255b59..b063f28e 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -20,11 +20,11 @@ class ActionController::Base end else #check for license file - if check_license - current_license(ENV["SX_PROVISION_URL"]) - else - redirect_to activate_path - end + # if check_license + # current_license(ENV["SX_PROVISION_URL"]) + # else + # redirect_to activate_path + # end end end From 5801a48f4b0bce41c7c0110c8bc0a2a4b03d299b Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 11 Apr 2018 11:49:36 +0630 Subject: [PATCH 6/7] cannot add action_cntr in ignore --- config/initializers/action_controller.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index b063f28e..26255b59 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -20,11 +20,11 @@ class ActionController::Base end else #check for license file - # if check_license - # current_license(ENV["SX_PROVISION_URL"]) - # else - # redirect_to activate_path - # end + if check_license + current_license(ENV["SX_PROVISION_URL"]) + else + redirect_to activate_path + end end end From b730c78afeb44358e0d60620ac1fedfd29b207dc Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 11 Apr 2018 17:20:17 +0630 Subject: [PATCH 7/7] doemal or other api token added --- app/controllers/api/api_controller.rb | 2 +- app/controllers/concerns/token_verification.rb | 14 +++++++------- app/models/my_aes_crypt.rb | 8 ++++---- app/views/origami/payments/show.html.erb | 2 +- config/initializers/action_controller.rb | 12 ++++++------ config/license.yml | 15 --------------- config/secrets.yml | 4 ++-- config/shops.json | 6 +++++- 8 files changed, 26 insertions(+), 37 deletions(-) delete mode 100644 config/license.yml diff --git a/app/controllers/api/api_controller.rb b/app/controllers/api/api_controller.rb index 04dc3a72..973fc159 100755 --- a/app/controllers/api/api_controller.rb +++ b/app/controllers/api/api_controller.rb @@ -32,7 +32,7 @@ class Api::ApiController < ActionController::API ActiveRecord::Base.establish_connection(website_connection(@license)) # authenticate_session_token # logger.info "Connecting to - " + @license.subdomain + " - "+ @license.dbhost + "@" + @license.dbschema - else8 + else # reconnect_default_db logger.info 'License is nil' # redirect_to root_url(:host => request.domain) + "store_error" diff --git a/app/controllers/concerns/token_verification.rb b/app/controllers/concerns/token_verification.rb index 419b9b3b..2c17e258 100755 --- a/app/controllers/concerns/token_verification.rb +++ b/app/controllers/concerns/token_verification.rb @@ -13,16 +13,16 @@ module TokenVerification authenticate_token || render_unauthorized end - def authenticate_token - authenticate_with_http_token do |token, options| + def authenticate_token + authenticate_with_http_token do |token, options| # Rails.logger.debug "token - " + token.to_s - if(!options.from.nil? && options.from == "DOEMAL"){ - if(ENV["SERVER_MODE"] === "cloud"){ - from = request.subdomain.downcase + "." + request.domain.downcase + if(options.length !=0 && options["from"] == "DOEMAL") + if(ENV["SERVER_MODE"] === "cloud") + from = request.subdomain.downcase + "." + request.domain.downcase aes = MyAesCrypt.new return aes.checkKeyForAuth(from, token) - } - } + end + end @user = Employee.authenticate_by_token(token) if @user diff --git a/app/models/my_aes_crypt.rb b/app/models/my_aes_crypt.rb index 339585e4..20f747c9 100644 --- a/app/models/my_aes_crypt.rb +++ b/app/models/my_aes_crypt.rb @@ -56,20 +56,20 @@ class MyAesCrypt return aes_key, aes_iv end - def checkKeyForAuth(from,token){ + def checkKeyForAuth(from,token) file_path = "config/shops.json" shop_data = File.read(file_path) shop_json = JSON.parse(shop_data) shop_json["data"].each do |j| if j["lookup"] == from - if(j["value"]["key"] == token){ + if(j["value"]["key"] == token) return true - } + end end end return false - } + end private def encrypt(data) diff --git a/app/views/origami/payments/show.html.erb b/app/views/origami/payments/show.html.erb index 6d7d013b..1f87ca65 100755 --- a/app/views/origami/payments/show.html.erb +++ b/app/views/origami/payments/show.html.erb @@ -429,7 +429,7 @@ -
+
diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index 26255b59..802324cf 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -3,7 +3,7 @@ class ActionController::Base private - def lookup_domain + def lookup_domain if request.subdomain.present? && request.subdomain != "www" from = request.subdomain.downcase + "." + request.domain.downcase @license = cache_license(ENV["SX_PROVISION_URL"], from) # request.subdomain.downcase @@ -20,11 +20,11 @@ class ActionController::Base end else #check for license file - if check_license - current_license(ENV["SX_PROVISION_URL"]) - else - redirect_to activate_path - end + # if check_license + # current_license(ENV["SX_PROVISION_URL"]) + # else + # redirect_to activate_path + # end end end diff --git a/config/license.yml b/config/license.yml deleted file mode 100644 index 9f4d1542..00000000 --- a/config/license.yml +++ /dev/null @@ -1,15 +0,0 @@ -iv_key: rwOZKWcQho6fE4V+A2zFuQ== -shop_name: AMZ_Test -email: aungmyo.zaw@code2lab.com -telephone: -fax: -address: -dbhost: dNzh66R80remB694OEds96OpuyZ4wmHeHFdQh0KwjYFvTInK6+pCN/y6HdbyIlqqjcBHkqPjkjzw45PznLn7hA== -dbschema: 4vooJDxgWdFv/8V7Qx8tzR/8B8T2c5U4XvYcF+2KOoA= -dbusername: Xc8ELRsW7N/f8KsVikMBlg== -dbpassword: HMg+TbLxmfYrDFI4IIAd4g== -api_token: bisryXiEnbTJlZwghAnIByQpiRUMouu -app_token: LycQXJYBZGeCygjIEKdlBXnjIGMiMzgmt -plan_sku: 84hdnSCgkfhvItY7uB/pPQ== -renewable_date: 8E6Ecz8QXAMSlKZnIzn0pQ== -plan_name: 4cMIO0n/JzGFPIccXM6u5A== diff --git a/config/secrets.yml b/config/secrets.yml index 076b6691..6e8b73d4 100755 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -12,8 +12,8 @@ development: secret_key_base: b61d85f8ed2a1a9e0eeece3443b3e8f838d002cc1d9f32115d8e93db920e2957adfedc57501d44741211538f3108b742cdeada87d5bfae796c53da1f90a3cd61 - sx_provision_url: connect.smartsales.dev/api #connect.smartsales.dev/api #connect.smartsales.asia/api #provision.zsai.ws/api - server_mode: application + sx_provision_url: https://connect.pos-myanmar.com/bensai/api #connect.smartsales.dev/api #connect.smartsales.asia/api #provision.zsai.ws/api + server_mode: cloud cipher_type: AES-256-CBC sx_key: Wh@t1$C2L diff --git a/config/shops.json b/config/shops.json index 1e141bc9..b3369529 100644 --- a/config/shops.json +++ b/config/shops.json @@ -1,7 +1,11 @@ { "data": [ { - + "lookup": "local", + "value": { + "key": "999d675168d813d5e1c7", + "iv": "999d675168d813d5e1c7" + } } ] }