From 37ff82ae5d2cbb46ae02deac9937cf8f2258b697 Mon Sep 17 00:00:00 2001 From: Zin Moe Date: Tue, 14 Jan 2020 15:34:02 +0630 Subject: [PATCH 1/3] modify generate auth token method --- app/models/employee.rb | 2 ++ config/initializers/action_controller.rb | 44 ++++++++++++------------ 2 files changed, 24 insertions(+), 22 deletions(-) diff --git a/app/models/employee.rb b/app/models/employee.rb index 69b41fd2..907aa9ad 100755 --- a/app/models/employee.rb +++ b/app/models/employee.rb @@ -100,5 +100,7 @@ class Employee < ApplicationRecord def generate_auth_token return if self.role != 'app' self.auth_token = SecureRandom.hex(10) + rescue ActiveRecord::RecordNotUnique + retry end end diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index b0bed108..091abd33 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -4,28 +4,28 @@ class ActionController::Base private def lookup_domain - # if request.subdomains.last && request.subdomains.last != "www" && ENV["SERVER_CODE"] = "cloud" - # from = request.host - # @license = cache_license(ENV["SX_PROVISION_URL"], from) # request.subdomain.downcase - # if (!@license.nil?) - # logger.info "Location - " + @license.dbschema - # ActiveRecord::Base.establish_connection(website_connection(@license)) - # # authenticate_session_token - # # logger.info "Connecting to - " + @license.subdomain + " - "+ @license.dbhost + "@" + @license.dbschema - # else - # # reconnect_default_db - # logger.info 'License is nil' - # # redirect_to root_url(:host => request.domain) + "store_error" - # render :json => [{ status: false, message: 'Invalid Access!'}] - # end - # else - # # check for license file - # if check_license - # current_license(ENV["SX_PROVISION_URL"]) - # else - # redirect_to activate_path - # end - # end + if request.subdomains.last && request.subdomains.last != "www" && ENV["SERVER_CODE"] = "cloud" + from = request.host + @license = cache_license(ENV["SX_PROVISION_URL"], from) # request.subdomain.downcase + if (!@license.nil?) + logger.info "Location - " + @license.dbschema + ActiveRecord::Base.establish_connection(website_connection(@license)) + # authenticate_session_token + # logger.info "Connecting to - " + @license.subdomain + " - "+ @license.dbhost + "@" + @license.dbschema + else + # reconnect_default_db + logger.info 'License is nil' + # redirect_to root_url(:host => request.domain) + "store_error" + render :json => [{ status: false, message: 'Invalid Access!'}] + end + else + # check for license file + if check_license + current_license(ENV["SX_PROVISION_URL"]) + else + redirect_to activate_path + end + end end From 406a18d1d6b67b7b066502580dd7e660e695f686 Mon Sep 17 00:00:00 2001 From: Zin Moe Date: Tue, 14 Jan 2020 15:47:27 +0630 Subject: [PATCH 2/3] . --- app/controllers/settings/employees_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/settings/employees_controller.rb b/app/controllers/settings/employees_controller.rb index 172ccd5e..fd5fd796 100755 --- a/app/controllers/settings/employees_controller.rb +++ b/app/controllers/settings/employees_controller.rb @@ -41,7 +41,7 @@ class Settings::EmployeesController < ApplicationController end def change_auth_token - @employee.auth_token = SecureRandom.hex(10) + @employee.auth_token = @employee.generate_auth_token #SecureRandom.hex(10) @employee.save flash[:notice] = 'Auth Token was successfully updated.' redirect_to settings_employee_url(@employee) From 93928aedd509f9b6f328c1886bcf0f7cb4fd66a0 Mon Sep 17 00:00:00 2001 From: Zin Moe Date: Tue, 14 Jan 2020 17:23:52 +0630 Subject: [PATCH 3/3] change cloumn auth_token to app_token in employees --- app/controllers/settings/employees_controller.rb | 6 +++--- app/models/employee.rb | 12 +++++++----- app/views/settings/employees/show.html.erb | 10 +++++----- config/locales/en.yml | 4 ++-- config/routes.rb | 2 +- ...14103715_change_column_auth_token_to_app_token.rb | 5 +++++ 6 files changed, 23 insertions(+), 16 deletions(-) create mode 100644 db/migrate/20200114103715_change_column_auth_token_to_app_token.rb diff --git a/app/controllers/settings/employees_controller.rb b/app/controllers/settings/employees_controller.rb index fd5fd796..bcbec6ff 100755 --- a/app/controllers/settings/employees_controller.rb +++ b/app/controllers/settings/employees_controller.rb @@ -40,8 +40,8 @@ class Settings::EmployeesController < ApplicationController end end - def change_auth_token - @employee.auth_token = @employee.generate_auth_token #SecureRandom.hex(10) + def change_app_token + @employee.app_token = @employee.generate_app_token #SecureRandom.hex(10) @employee.save flash[:notice] = 'Auth Token was successfully updated.' redirect_to settings_employee_url(@employee) @@ -78,6 +78,6 @@ class Settings::EmployeesController < ApplicationController # Never trust parameters from the scary internet, only allow the white list through. def employee_params - params.require(:employee).permit(:name, :role, :is_active, :emp_id, :password,:order_queue_station_id, :image_path, :app_id, :auth_token) + params.require(:employee).permit(:name, :role, :is_active, :emp_id, :password,:order_queue_station_id, :image_path, :app_id, :app_token) end end diff --git a/app/models/employee.rb b/app/models/employee.rb index 907aa9ad..9d18c6c6 100755 --- a/app/models/employee.rb +++ b/app/models/employee.rb @@ -12,7 +12,7 @@ class Employee < ApplicationRecord validates :emp_id, uniqueness: true, numericality: true, length: {in: 1..4}, allow_blank: true validates :password, numericality: true, length: {in: 3..9}, allow_blank: true - before_create :generate_app_id, :generate_auth_token #, if: Proc.new { self.role == "app" } + before_create :generate_app_id, :generate_app_token , if: Proc.new { self.role == "application" } # Employee Image Uploader mount_uploader :image_path, EmployeeImageUploader @@ -93,13 +93,15 @@ class Employee < ApplicationRecord end def generate_app_id - return if self.role != 'app' + # return if self.role != 'application' self.app_id = SecureRandom.urlsafe_base64(nil, false) + rescue ActiveRecord::RecordNotUnique + retry end - def generate_auth_token - return if self.role != 'app' - self.auth_token = SecureRandom.hex(10) + def generate_app_token + # return if self.role != 'application' + self.app_token = SecureRandom.hex(10) rescue ActiveRecord::RecordNotUnique retry end diff --git a/app/views/settings/employees/show.html.erb b/app/views/settings/employees/show.html.erb index b5508f1b..807dc54a 100755 --- a/app/views/settings/employees/show.html.erb +++ b/app/views/settings/employees/show.html.erb @@ -54,22 +54,22 @@ <%= t("views.right_panel.detail.employee_photo") %> <%= image_tag @employee.image_path, :size => '200x200'%> - <% if @employee.role == 'app' %> + <% if @employee.role == 'application' %> <%= t("views.right_panel.detail.employee_app_id") %> <%= @employee.app_id %> - <%= t("views.right_panel.detail.employee_auth_token") %> - <%= @employee.auth_token %> + <%= t("views.right_panel.detail.employee_app_token") %> + <%= @employee.app_token %> <% end %> <%= link_to t("views.btn.edit"), edit_settings_employee_path(@employee),:class => 'btn btn-primary btn-lg waves-effect' %> - <% if @employee.role == 'app' %> - <%= link_to t("views.btn.change_auth_token"), settings_change_auth_token_url(id: @employee.id), class: 'btn btn-primary btn-lg waves-effect' %> + <% if @employee.role == 'application' %> + <%= link_to t("views.btn.change_app_token"), settings_change_app_token_url(id: @employee.id), class: 'btn btn-primary btn-lg waves-effect' %> <% end %> <%if @employee.role != "administrator"%>