Class: Carpool::Driver

Inherits:
Object
  • Object
show all
Includes:
Mixins::Core
Defined in:
lib/carpool/driver.rb

Class Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Mixins::Core

included

Constructor Details

#initialize(app) {|Carpool::Driver| ... } ⇒ Driver

Returns a new instance of Driver.

Yields:



31
32
33
34
35
36
 
# File 'lib/carpool/driver.rb', line 31

def initialize(app)
  @app = app
  Carpool.acts_as = :driver
  yield Carpool::Driver if block_given?
  self
end

Class Attribute Details

.revoke_uriObject

Returns the value of attribute revoke_uri.



13
14
15
 
# File 'lib/carpool/driver.rb', line 13

def revoke_uri
  @revoke_uri
end

.site_keyObject

Returns the value of attribute site_key.



11
12
13
 
# File 'lib/carpool/driver.rb', line 11

def site_key
  @site_key
end

.unauthorized_uriObject

Returns the value of attribute unauthorized_uri.



12
13
14
 
# File 'lib/carpool/driver.rb', line 12

def unauthorized_uri
  @unauthorized_uri
end

Class Method Details

.passenger(url, options = {}) ⇒ Object 



19
20
21
22
23
 
# File 'lib/carpool/driver.rb', line 19

def passenger(url, options = {})
  options[:site_key] ||= Carpool.generate_site_key(url)
  options[:secret]   ||= Carpool.generate_site_key(url.reverse)
  passengers << { url => options }
end

.passengersObject 



15
16
17
 
# File 'lib/carpool/driver.rb', line 15

def passengers
  @passengers ||= []
end

Instance Method Details

#call(env) ⇒ Object 



38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
# File 'lib/carpool/driver.rb', line 38

def call(env)
  
  @env = env
  cookies[:scope]    = "driver"

  # Unless we are trying to authenticate a passenger, just continue through the stack.
  return @app.call(env) unless valid_request? && valid_referrer? 

  # Parse the referring site
  referrer = URI.parse(@env['HTTP_REFERER'])
  
  # Unless this domain is listed as a potential passenger, issue a 500.
  current_passenger = Carpool::Driver.passengers.reject{ |p| !p.keys.first.downcase.include?(referrer.host) }
  if current_passenger.nil? or current_passenger.empty?
    return [500, {}, 'Unauthorized request.']
  end
  
  if is_revoking?
    response = [302, {'Location' => Carpool::Driver.revoke_uri}, 'Redirecting logged out session...']
    return response
  end
  
  cookies[:current_passenger] = current_passenger.first[referrer.host.to_s]
  
  # Attempt to find an existing driver session.
  # If one is found, redirect back to the passenger site and include our seatbelt
  # The seatbelt includes two parts:
  #   1) The referring uri, so that Carpool::Passenger on the other end can send the user back to their location one authenticated
  #   2) The session payload. This is an AES encrypted hash of whatever attributes you've made available. The encrypted hash is
  #      keyed with the site_key and secret of the referring site for extra security.
  #
  unless cookies[:passenger_token]
    
    puts "Carpool::Driver: Redirecting to authentication path.."
    Carpool.auth_attempt = true
    cookies[:redirect_to] = referrer        
    response = [302, {'Location' => Carpool::Driver.unauthorized_uri}, 'Redirecting unauthorized user...']        
    
  else
    
    puts "Carpool::Driver: Redirecting to passenger site.."
    cookies[:redirect_to] = referrer
    seatbelt = SeatBelt.new(env).create_payload!

    response = [302, {'Location' => seatbelt}, 'Approved!']
    Carpool.auth_attempt  = false
    cookies[:redirect_to] = false
    cookies[:current_passenger] = nil
            
  end
  
  response
  
end