-
Notifications
You must be signed in to change notification settings - Fork 1
/
helpers.rb
182 lines (145 loc) · 4.31 KB
/
helpers.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
#encoding: utf-8
module AppHelper
UNAUTHORIZED = {
"/snippet/new" => { message: "You must log in before posting a snippet.", redirect: "/login" },
%r{/snippet/\d+/comment/new} => { message: "You must log in before posting a comment.", redirect: "/login" },
"/login" => { message: "The username or password is incorrect.", redirect: "/login" }
}
def css(*stylesheets)
css_link_tags = stylesheets.map do |stylesheet|
"<link href=\"/#{stylesheet}.css\" media=\"screen, projection\" rel=\"stylesheet\" />"
end
css_link_tags.join
end
def check_current(path="/")
(request.path == path || request.path == path + "/") ? "current" : nil
end
def set_title
@title ||= "Snippet"
end
def new_user(params)
new_user = User.new username: params["username"],
password: params["password"],
email: params["email"]
new_user.password_confirmation = params["confirm_password"]
new_user
end
def warden
env["warden"]
end
def current_user
warden.user
end
def renew_session_id
env["rack.session.options"][:renew] = true
end
def format_errors(user_errors, *additional_messages)
messages = user_errors.full_messages.map { |message| "<li>#{message}</li>" }
additional = additional_messages.map { |message| "<li>#{message}</li>" }
"<ul>\n" + messages.join("\n") + additional.join("\n") + "</ul>"
end
def get_formatter(type)
Module.const_get(type.capitalize + "Formatter").new
rescue NameError => e
raise ArgumentError, "There is no formatter for type '#{type}' OR the formatter is broken"
end
def plain_text_url(snippet)
"/snippet/#{snippet.id}/plain"
end
def snippet_types
{
"plain" => "Plain text",
"ruby" => "Ruby",
"java" => "Java"
}
end
def unauthorized_redirect_for(path)
unauthorized = unauthorized_for(path)
unauthorized && unauthorized[:redirect]
end
def unauthorized_message_for(path)
unauthorized = unauthorized_for(path)
unauthorized && unauthorized[:message]
end
def unauthorized_for(path)
# Get string literal match
unauthorized = UNAUTHORIZED[path]
# If not string literal match, check if path matches a regex key
unless unauthorized
key = UNAUTHORIZED.keys.find { |key| key.is_a?(Regexp) && key =~ path }
unauthorized = UNAUTHORIZED[key]
end
# Return unauthorized or nil
unauthorized
end
def logged_in?
not current_user.nil?
end
# Because a hash cannot be saved in the flash (marshalled)
# save each entry separately.
def save_registration_params(params)
session[:fail_username] = params[:username]
session[:fail_email] = params[:email]
session[:fail_phone] = params[:phone]
end
def delete_registration_params
session[:fail_username] = nil
session[:fail_email] = nil
session[:fail_phone] = nil
end
end
module LoginHelper
MAX_LOGIN_ATTEMPTS = 5
LOGIN_LOCKOUT_MINUTES = 20
def login_attempts
@login_attempts ||= LoginAttempts.get(env["REMOTE_ADDR"]) ||
LoginAttempts.create(ip_address: env["REMOTE_ADDR"])
end
def login_locked?
if lock_set?
not lock_expired?
else
check_login_lockout
false
end
end
def lock_expired?
if Time.now.to_i >= login_lock_expire_time
reset_login_state
true
else
false
end
end
def check_login_lockout
increment_login_attempts
assign_lock if no_more_attempts?
end
def lock_set?
not login_attempts.lock.nil?
end
def assign_lock
login_attempts.update(lock: Time.now.to_i)
end
def no_more_attempts?
login_attempts.attempts >= MAX_LOGIN_ATTEMPTS
end
def increment_login_attempts
login_attempts.update(attempts: login_attempts.attempts + 1)
end
def reset_login_state
login_attempts.destroy
@login_attempts = nil
end
def login_locked_message
"You have failed to login too many times in a row. " +
"You must wait #{login_lock_time_remaining} before attempting to log in again."
end
def login_lock_time_remaining
seconds = login_lock_expire_time - Time.now.to_i
"#{seconds / 60} minutes, #{seconds % 60} seconds"
end
def login_lock_expire_time
login_attempts.lock + (60 * LOGIN_LOCKOUT_MINUTES)
end
end