Implementing authentication.

2025-11-09 23:15:49 +01:00 · 2013-06-03 00:36:51 +09:00
parent d3a985d65a
commit 1ab58d0363
8 changed files with 83 additions and 45 deletions
--- a/src/main/scala/app/ControllerBase.scala
+++ b/src/main/scala/app/ControllerBase.scala
@@ -1,9 +1,9 @@
 package app

+import model.Account
 import org.scalatra._
 import org.scalatra.json._
 import org.json4s._
-import org.json4s.jackson._
 import jp.sf.amateras.scalatra.forms._

 /**
@@ -13,11 +13,35 @@ abstract class ControllerBase extends ScalatraFilter with ClientSideValidationFo
  
  implicit val jsonFormats = DefaultFormats
  
-  implicit def context: Context = Context(servletContext.getContextPath, LoginUser)
-  
-  // TODO get from session
-  private val LoginUser = "admin" //System.getProperty("user.name")
+  implicit def context: Context = Context(servletContext.getContextPath, LoginAccount)
  
+  private def LoginAccount: Option[Account] = {
+    session.get("LOGIN_ACCOUNT") match {
+      case Some(x: Account) => Some(x)
+      case _ => None
+    }
+  }
+
+  protected def usersOnly(action: => Any) = {
+    {
+      context.loginAccount match {
+        case Some(x) => action
+        case None    => redirect("/signin")
+      }
+    }
+  }
+
+  protected def usersOnly[T](action: T => Any) = {
+    (form: T) => {
+      context.loginAccount match {
+        case Some(x) => action(form)
+        case None    => redirect("/signin")
+      }
+    }
+  }
+
+//  protected def adminOnly()
+
 }

-case class Context(path: String, loginUser: String)
+case class Context(path: String, loginAccount: Option[Account])
--- a/src/main/scala/app/CreateRepositoryController.scala
+++ b/src/main/scala/app/CreateRepositoryController.scala
@@ -8,12 +8,13 @@ import org.eclipse.jgit.lib._
 import org.apache.commons.io._
 import jp.sf.amateras.scalatra.forms._

-class CreateRepositoryController extends CreateRepositoryControllerBase with ProjectService with AccountService
+class CreateRepositoryController extends CreateRepositoryControllerBase
+  with ProjectService with AccountService with WikiService

 /**
 * Creates new repository.
 */
-trait CreateRepositoryControllerBase extends ControllerBase { self: ProjectService =>
+trait CreateRepositoryControllerBase extends ControllerBase { self: ProjectService with WikiService =>

  case class RepositoryCreationForm(name: String, description: String) // TODO Option

@@ -25,19 +26,21 @@ trait CreateRepositoryControllerBase extends ControllerBase { self: ProjectServi
  /**
   * Show the new repository form.
   */
-  get("/new") {
+  get("/new")(usersOnly {
    html.newrepo()
-  }
+  })
  
  /**
   * Create new repository.
   */
-  post("/new", form) { form =>
+  post("/new", form)(usersOnly { form =>
+    val loginUserName = context.loginAccount.get.userName
+
    // Insert to the database at first
-    createProject(form.name, context.loginUser, Some(form.description))
+    createProject(form.name, loginUserName, Some(form.description))

    // Create the actual repository
-    val gitdir = getRepositoryDir(context.loginUser, form.name)
+    val gitdir = getRepositoryDir(loginUserName, form.name)
    val repository = new RepositoryBuilder().setGitDir(gitdir).setBare.build

    repository.create
@@ -46,7 +49,7 @@ trait CreateRepositoryControllerBase extends ControllerBase { self: ProjectServi
    config.setBoolean("http", null, "receivepack", true)
    config.save

-    val tmpdir = getInitRepositoryDir(context.loginUser, form.name)
+    val tmpdir = getInitRepositoryDir(loginUserName, form.name)
    try {
      // Clone the repository
      Git.cloneRepository.setURI(gitdir.toURI.toString).setDirectory(tmpdir).call
@@ -67,9 +70,12 @@ trait CreateRepositoryControllerBase extends ControllerBase { self: ProjectServi
      FileUtils.deleteDirectory(tmpdir)
    }

+    // Create Wiki repository
+    createWikiRepository(context.loginAccount.get, form.name)
+
    // redirect to the repository
-    redirect("/%s/%s".format(context.loginUser, form.name))
-  }
+    redirect("/%s/%s".format(loginUserName, form.name))
+  })
  
  /**
   * Constraint for the repository name.
@@ -78,7 +84,7 @@ trait CreateRepositoryControllerBase extends ControllerBase { self: ProjectServi
    def validate(name: String, value: String): Option[String] = {
      if(!value.matches("^[a-zA-Z0-9\\-_]+$")){
        Some("Repository name contains invalid character.")
-      } else if(getRepositories(context.loginUser, servletContext).contains(value)){
+      } else if(getRepositories(context.loginAccount.get.userName, servletContext).contains(value)){
        Some("Repository already exists.")
      } else {
        None
--- a/src/main/scala/app/SignInController.scala
+++ b/src/main/scala/app/SignInController.scala
@@ -1,8 +1,11 @@
 package app

+import service._
 import jp.sf.amateras.scalatra.forms._

-class SignInController extends ControllerBase {
+class SignInController extends SignInControllerBase with AccountService
+
+trait SignInControllerBase extends ControllerBase { self: AccountService =>
  
  case class SignInForm(email: String, password: String)
  
@@ -16,7 +19,18 @@ class SignInController extends ControllerBase {
  }

  post("/signin", form){ form =>
-    // TODO check email and password
-    redirect("/%s".format(context.loginUser))
+    val account = getAccountByUserName(form.email)
+    if(account.isEmpty || account.get.password != form.password){
+      redirect("/signin")
+    } else {
+      session.setAttribute("LOGIN_ACCOUNT", account.get)
+      redirect("/%s".format(account.get.userName))
+    }
  }
+
+  get("/signout"){
+    session.invalidate
+    redirect("/signin")
+  }
+
 }
--- a/src/main/scala/app/WikiController.scala
+++ b/src/main/scala/app/WikiController.scala
@@ -94,7 +94,7 @@ trait WikiControllerBase extends ControllerBase { self: WikiService with Project
    val repository = params("repository")
    
    saveWikiPage(owner, repository, form.currentPageName, form.pageName, 
-        form.content, context.loginUser, form.message.getOrElse(""))
+        form.content, context.loginAccount.get, form.message.getOrElse(""))
    
    redirect("%s/%s/wiki/%s".format(owner, repository, form.pageName))
  }
@@ -111,7 +111,7 @@ trait WikiControllerBase extends ControllerBase { self: WikiService with Project
    val repository = params("repository")
    
    saveWikiPage(owner, repository, form.currentPageName, form.pageName, 
-        form.content, context.loginUser, form.message.getOrElse(""))
+        form.content, context.loginAccount.get, form.message.getOrElse(""))
    
    redirect("%s/%s/wiki/%s".format(owner, repository, form.pageName))
  }
@@ -121,7 +121,7 @@ trait WikiControllerBase extends ControllerBase { self: WikiService with Project
    val repository = params("repository")
    val page       = params("page")
    
-    deleteWikiPage(owner, repository, page, context.loginUser, "Delete %s".format(page))
+    deleteWikiPage(owner, repository, page, context.loginAccount.get.userName, "Delete %s".format(page))
    
    redirect("%s/%s/wiki".format(owner, repository))
  }