jdb/timestamper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implemented cookie-based authentication to the API.

Browse Source 
Created timestamper module to start the application.
Added cookie-based authentication to ts_api.
Added utility methods to ts_api:
    * make_json_400/1 and make_json_400/1
    * make_json_401/1 and make_json_401/2
    * parse_json_body/1 reads a JSON object from a HTTP request body.
Implemented ts_api_session module to manage api user sessions.
Fixed ts_entry:list* methods to be 0-indexed.
Removed the ts_json:ejson_to_record/1 implementation for ts_user records.
    Decided that ts_user records are never trusted from the client,
    manipulation of fields such as pwd, username will be restricted to
    app pages.
Changed the password hashing algorithm. Now uses SHA1(pwd + 256bit salt).
    Want to use bcrypt, investingating cross-platform bcrypt implementation.
Fixed yaws.conf config file.
This commit is contained in:
Jonathan Bernard
2011-02-07 08:56:07 -06:00
parent 5809ed3959
commit 0642c18a6e
12 changed files with 277 additions and 134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/ts_json.erl
View File

@ -43,39 +43,19 @@ encode_datetime({{Year, Month, Day}, {Hour, Minute, Second}}) ->
lists:flatten(io_lib:format("~4.10.0B-~2.10.0B-~2.10.0BT~2.10.0B:~2.10.0B:~2.10.0BZ",
[Year, Month, Day, Hour, Minute, Second])).
ejson_to_record(_Empty=#ts_user{}, EJSON) ->
{struct, Fields} = EJSON,
Pwd = case lists:keyfind(password, 1, Fields) of
false -> uninit; Field -> element(2, Field) end,
#ts_user{
username = element(2, lists:keyfind(username, 1, Fields)),
pwd = Pwd,
pwd_salt = uninit,
name = element(2, lists:keyfind(name, 1, Fields)),
email = element(2, lists:keyfind(email, 1, Fields)),
join_date = decode_datetime(
element(2, lists:keyfind(join_date, 1, Fields)))};
ejson_to_record(_Empty=#ts_timeline{}, EJSON) ->
{struct, Fields} = EJSON,
Username = element(2, lists:keyfind(username, 1, Fields)),
TimelineId = element(2, lists:keyfind(timeline_id, 1, Fields)),
#ts_timeline{
ref = {Username, TimelineId},
ref = {undef, undef},
created = decode_datetime(element(2, lists:keyfind(created, 1, Fields))),
desc = element(2, lists:keyfind(description, 1, Fields))};
ejson_to_record(_Empty=#ts_entry{}, EJSON) ->
{struct, Fields} = EJSON,
Username = element(2, lists:keyfind(username, 1, Fields)),
TimelineId = element(2, lists:keyfind(timeline_id, 1, Fields)),
EntryId = element(2, lists:keyfind(entry_id, 1, Fields)),
#ts_entry{
ref = {Username, TimelineId, EntryId},
ref = {undef, undef, undef},
timestamp = calendar:datetime_to_gregorian_seconds(decode_datetime(
element(2, lists:keyfind(timestamp, 1, Fields)))),
mark = element(2, lists:keyfind(mark, 1, Fields)),