cadey
/
panel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use token model for freeswitch

This commit is contained in:
Sam Dodrill 2015-01-07 14:35:38 -08:00
parent 521dd08c70
commit 0bdc0a6e3d
4 changed files with 36 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
controllers/freeswitch.moon
View File

@ -2,6 +2,7 @@ lapis = require "lapis"
import respond_to from require "lapis.application" import respond_to from require "lapis.application"
require "models.token"
require "models.user" require "models.user"
class Freeswitch extends lapis.Application class Freeswitch extends lapis.Application
@ -9,8 +10,13 @@ class Freeswitch extends lapis.Application
POST: => POST: =>
uid = @params["user"] or @params["sip_auth_username"] uid = @params["user"] or @params["sip_auth_username"]
@user = Users\find extension: uid @user = Users\find extension: uid
@tokens = Tokens\select "where user_id = ?", uid
if #@tokens == 0
return status: 404, layout: false, "no auth tokens for " .. uid
if not @user if not @user
return status: 404, "no such user" return status: 404, layout: false, "no such user " .. uid
render: true, layout: false render: true, layout: false
} }

28
controllers/users.moon
View File

@ -10,6 +10,12 @@ require "models.user"
class User extends lapis.Application class User extends lapis.Application
[list: "/list"]: => [list: "/list"]: =>
if @session.user
if not Users\find id: @session.user
@write redirect_to: @url_for "login"
else
@write redirect_to: @url_for "login"
user = Users\find id: @session.user user = Users\find id: @session.user
@list = Users\select! @list = Users\select!
render: true render: true
@ -28,11 +34,10 @@ class User extends lapis.Application
{ "name", exists: true, min_length: 3} { "name", exists: true, min_length: 3}
} }
@params.password = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password) @params.password = encoding.encode_base64 encoding.hmac_sha1(@params.email, @params.password)
@params.password_again = nil @params.password_again = nil
@params.csrf_token = nil @params.csrf_token = nil
@params.extension = "#{1000}" @params.extension = "#{1000}"
@params.registrar_password = encoding.encode_base64 encoding.hmac_sha1(@params.email, os.time!)
if Users\find email: @params.email if Users\find email: @params.email
@title = "Failure" @title = "Failure"
@ -40,8 +45,14 @@ class User extends lapis.Application
user = Users\create @params user = Users\create @params
user\write_session @ user\write_session @
user.extension = "#{1000 + user.id}" user.extension = "#{1000 + user.id}"
Users\update user assert Users\update user
token = Tokens\create {
user_id: user.extension
token: encoding.encode_base64 encoding.hmac_sha1(@params.email, os.time!)
}
@title = "Success" @title = "Success"
@ -52,8 +63,8 @@ class User extends lapis.Application
p -> p ->
text "Your extension is " .. user.extension text "Your extension is " .. user.extension
p -> p ->
text "Your sip password is " text "Your one-time sip token is "
code user.registrar_password code token.token
p "This will not be shown again so please be sure to write this down." p "This will not be shown again so please be sure to write this down."
@ -73,11 +84,16 @@ class User extends lapis.Application
user = Users\find email: @params.email user = Users\find email: @params.email
cmppass = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password) cmppass = encoding.encode_base64 encoding.hmac_sha1(@params.email, @params.password)
if user.password == cmppass if user.password == cmppass
user\write_session @ user\write_session @
token = Tokens\create {
user_id: user.extension
token: encoding.encode_base64 encoding.hmac_sha1(@params.email, os.time!)
}
@title = "Login successful" @title = "Login successful"
return "Hi " .. user.name return "Hi " .. user.name

1
models/user.moon
View File

@ -6,4 +6,3 @@ export class Users extends Model
write_session: (r) => write_session: (r) =>
r.session.user = @id r.session.user = @id
r.session.sippw = @registrar_password

13
views/freeswitch.moon
View File

@ -10,9 +10,10 @@ class Freeswitch extends Widget
groups -> groups ->
group name: "default", -> group name: "default", ->
users -> users ->
user id: "#{@user.extension}", -> for _, token in pairs @tokens
params -> user id: "#{@user.extension}", ->
param name: "password", value: "#{@user.registrar_password}" params ->
variables -> param name: "password", value: "#{token.token}"
variable name: "accountcode", value: "#{@user.extension}" variables ->
variable name: "user_context", value: "default" variable name: "accountcode", value: "#{@user.extension}"
variable name: "user_context", value: "default"