pyc-website

main website for pyc inc.

git clone https://9o.is/git/pyc-website.git

commit 7530b49fb6db9ac3eea7702862e465f4a45d8648
parent 70a0c1798e624eacc5d5dabd062e68bfa4f597d0
Author: Jul <jul@9o.is>
Date:   Mon,  1 Sep 2014 11:58:33 -0400

fixed user model indexing for phone and bitcoin addresses. Added reset function to one-time password. Chimera can now get user info with bitcoin address or user email and one-time password.

Diffstat:

Msrc/main/scala/inc/pyc/model/User.scala | 18++++++++++++------


Msrc/main/scala/inc/pyc/rest/AtmRest.scala | 33+++++++++++++++++++++++----------


Msrc/main/scala/inc/pyc/snippet/UserSnip.scala | 2+-


3 files changed, 36 insertions(+), 17 deletions(-)

diff --git a/src/main/scala/inc/pyc/model/User.scala b/src/main/scala/inc/pyc/model/User.scala
@@ -74,7 +74,13 @@ class User private () extends ProtoAuthUser[User] with ObjectIdPk[User] with USA
    * User's one-time password.
    */
   object verifypass extends StringField(this, 15) {
-    override def defaultValue = StringUtils.randomString(15)
+    
+    def reset = {
+      set(StringUtils.randomString(7))
+      owner
+    }
+    
+    override def defaultValue = StringUtils.randomString(7)
   }
 
   /**
@@ -100,12 +106,14 @@ object User extends User with ProtoAuthUserMeta[User] with RogueMetaRecord[User]
 
   override def collectionName = "user.users"
 
-  ensureIndex((email.name -> 1), true)
-  ensureIndex((phone.name -> 1), true)
-  ensureIndex((addresses.name -> 1), true)
+  ensureIndex((email.name -> 1), ("unique" -> true))
+  ensureIndex((phone.name -> 1), ("unique" -> true) ~ ("sparse" -> true))
+  ensureIndex((addresses.name -> 1), ("unique" -> true) ~ ("sparse" -> true))
 
   def findByEmail(in: String): Box[User] = find(email.name, in)
   
+  def findByAddress(in: String): Box[User] = find(addresses.name, in)
+  
   def findByPhone(in: String): Box[User] = {
     val digits = in.toCharArray.filter(_.isDigit)
     find(phone.name, digits)
@@ -115,8 +123,6 @@ object User extends User with ProtoAuthUserMeta[User] with RogueMetaRecord[User]
     if (ObjectId.isValid(id)) find(new ObjectId(id))
     else Empty
     
-  def hasAddress(in: String): Boolean = addresses.exists(in)
-
   override def onLogIn: List[User => Unit] = List(user => User.loginCredentials.remove())
   override def onLogOut: List[Box[User] => Unit] = List(
     x => logger.debug("User.onLogOut called."),
diff --git a/src/main/scala/inc/pyc/rest/AtmRest.scala b/src/main/scala/inc/pyc/rest/AtmRest.scala
@@ -22,15 +22,18 @@ object AtmRest extends RestHelper {
    * API for uploading files to server.
    */
   serve("api" / "atm" prefix {
-    
-    // /api/atm/{atm_id}/{atm_password}/user/{user_email}/{user_one-time_password}/purchase_limit
-    case id :: pw :: "user" :: email :: verifyPass :: "purchase_limit" :: Nil JsonGet _ => 
-      authenticate(id, pw, {
-        authenticateUser(email, verifyPass, {
-          user => 
-            success("purchase_limit" -> user.userLimitAsInt)
-        })
-      })
+      
+      
+    // /api/atm/{atm_id}/{atm_password}/user/{user_email}/{user_one-time_password}/login
+    case id :: pw :: "user" :: email :: verifyPass :: "login" :: Nil JsonGet _ => 
+      authenticate(id, pw, authenticateUser(email, verifyPass, sendUserInfo))
+      
+      
+    // /api/atm/{atm_id}/{atm_password}/address/{bitcoin_address}/login
+    case id :: pw :: "address" :: bitcoinAddress :: "login" :: Nil JsonGet _ => 
+      authenticate(id, pw, User findByAddress (bitcoinAddress) map sendUserInfo openOr failure("User not found"))
+      
+      
   })
 
   def authenticate(id: String, passwd: String, f: JValue) =
@@ -43,8 +46,18 @@ object AtmRest extends RestHelper {
     (for {
       user <- User.findByEmail(email) 
       if user.verifypass.get == verifyPass
-    } yield f(user)) openOr failure("Invalid Verification Credentials")
+    } yield {
+      user.verifypass.reset.update
+      f(user)
+    }) openOr failure("Invalid Verification Credentials")
     
+  def sendUserInfo(user: User): JValue = {
+    success(
+        ("fname" -> user.fname.get) ~ 
+        ("lname" -> user.lname.get) ~
+        ("email" -> user.email.get) ~
+        ("purchaseLimit" -> user.userLimitAsInt))
+  }
   
   def success(data: JValue) = response(true, data = data)
   def failure(reason: String) = response(false, reason = reason)
diff --git a/src/main/scala/inc/pyc/snippet/UserSnip.scala b/src/main/scala/inc/pyc/snippet/UserSnip.scala
@@ -309,7 +309,7 @@ class UserVerifyPassword extends AngularCurrentUser with UserSnippet {
       
   def init(ignore: JValue): JValue = serve {
     user: User =>
-      user.verifypass(StringUtils.randomString(7)).update // set a new password
+      user.verifypass.reset.update // set a new password
       
       ("password" -> user.verifypass.get) ~
       ("limit" -> user.userLimitAsString): JValue