stoa: add independent authentication server

To install: $ sudo ln -s $NOOSFERO/plugins/stoa/script/stoa-auth-server /etc/init.d/ $ sudo update-rc.d stoa-auth-server defaults $ sudo service stoa-auth-server start Of course, the stoa plugin must be enabled and properly configure foo any of this to work. It will run on port 4000, and requests must be made to /, e.g. $ curl -d 'login=USER&password=PASSWORD' http://server:4000/

stoa: add independent authentication server
To install: $ sudo ln -s $NOOSFERO/plugins/stoa/script/stoa-auth-server /etc/init.d/ $ sudo update-rc.d stoa-auth-server defaults $ sudo service stoa-auth-server start Of course, the stoa plugin must be enabled and properly configure foo any of this to work. It will run on port 4000, and requests must be made to /, e.g. $ curl -d 'login=USER&password=PASSWORD' http://server:4000/
Antonio Terceiro
1 parent efe67a46
Showing 4 changed files with 165 additions and 0 deletions Show diff stats
plugins/stoa/Gemfile
plugins/stoa/config.ru
plugins/stoa/lib/stoa_plugin/auth.rb
plugins/stoa/script/stoa-auth-server
@@ -0,0 +1 @@
+gem 'sinatra'
@@ -0,0 +1,5 @@
+require ::File.expand_path('../../../config/environment',  __FILE__)
+require 'stoa_plugin'
+require 'stoa_plugin/auth'
+
+run StoaPlugin::Auth
@@ -0,0 +1,36 @@
+require 'sinatra'
+require 'stoa_plugin/person_fields'
+
+class StoaPlugin::Auth < Sinatra::Base
+
+  include StoaPlugin::PersonFields
+
+  post '/' do
+    headers['Content-Type'] = 'application/json'
+    if params[:login].blank?
+      person = Person.find_by_usp_id(params[:usp_id])
+      login = person ? person.user.login : nil
+    else
+      login = params[:login]
+    end
+
+    domain = Domain.find_by_name(request.host)
+    environment = domain && domain.environment
+    environment ||= Environment.default
+
+    user = User.authenticate(login, params[:password], environment)
+    if user
+      result = StoaPlugin::PersonApi.new(user.person, self).fields(selected_fields(params[:fields], user))
+      result.merge!(:ok => true)
+    else
+      result = { :error => _('Incorrect user/password pair.'), :ok => false }
+    end
+    result.to_json
+  end
+
+  get '/' do
+    headers['Content-Type'] = 'application/json'
+    { :error => _('Conection requires post method.'), :ok => false }.to_json
+  end
+
+end
@@ -0,0 +1,123 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          noosfero
+# Required-Start:    $remote_fs
+# Required-Stop:     $remote_fs
+# Should-Start:      postgresql
+# Should-Stop:       postgresql
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Stoa authentication daemon
+# Description:       This file should be symlinked or copied into /etc/init.d.
+### END INIT INFO
+
+# Sample init.d script for noosfero.
+#
+# This script was based on the skeleton init.d script present in a Debian
+# GNU/Linux system (sid), on Sat Feb 16 11:12:03 BRT 2008. It must be placed
+# in /etc/init.d/ (or whatever place your system uses for startup scripts),
+# and you must create a file /etc/default/noosfero defining the variable
+#
+# Author: Antonio Terceiro <terceiro@colivre.coop.br>
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="Stoa authentication deamon"
+NAME=stoa-auth-daemon
+SCRIPTNAME=/etc/init.d/$NAME
+
+# default values
+NOOSFERO_DIR=/var/lib/noosfero/current
+NOOSFERO_USER=noosfero
+
+# Read configuration variable file if it is present
+if [ -r /etc/default/$NAME ]; then
+  . /etc/default/$NAME
+else
+  # for running from development setup, or from git with the script symlinked
+  script=$(readlink -f $0)
+  NOOSFERO_DIR=$(readlink -f $(dirname $script)/../../..)
+  NOOSFERO_USER=$(stat --format %U $NOOSFERO_DIR/tmp/pids)
+fi
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+if [ -z "$NOOSFERO_DIR" ] || [ -z "$NOOSFERO_USER" ]; then
+  echo "NOOSFERO_DIR or NOOSFERO_USER not defined, noosfero not being started."
+  echo "Both variables must be defined in /etc/default/noosfero"
+  exit 0
+fi
+
+if test -x /usr/sbin/noosfero-check-dbconfig ; then
+  if ! /usr/sbin/noosfero-check-dbconfig; then
+    echo "Noosfero database access not configured, service disabled."
+    exit 0
+  fi
+fi
+
+######################
+
+THIN_PID_FILE='--pid tmp/pids/stoa-auth-server.pid'
+THIN_START_OPTIONS="--port 4000 --environment production --chdir $NOOSFERO_DIR --rackup plugins/stoa/config.ru --log log/stoa-auth-server.log --daemonize"
+
+as_noosfero_user() {
+  cmd="$@"
+  if [ "$NOOSFERO_USER" != "$USER" ]; then
+    su $NOOSFERO_USER -l -c "cd $NOOSFERO_DIR && $cmd"
+  else
+    cd $NOOSFERO_DIR
+    $cmd
+  fi
+}
+
+run_thin() {
+  action="$1"
+  shift
+  log_daemon_msg "$action $DESC" "$NAME"
+  if as_noosfero_user thin $THIN_PID_FILE $@; then
+    log_success_msg
+  else
+    log_failure_msg
+  fi
+}
+
+running() {
+  kill -0 $(cat $NOOSFERO_DIR/tmp/pids/stoa-auth-server.pid 2>/dev/null || true) 2>/dev/null
+}
+
+do_start() {
+  if ! running; then
+    run_thin "Starting" $THIN_START_OPTIONS start
+  fi
+}
+
+do_stop() {
+  if running; then
+    run_thin "Stopping" stop
+  fi
+}
+
+do_restart() {
+  if running; then
+    do_stop
+  fi
+  do_start
+}
+
+case "$1" in
+  start|stop|restart)
+    do_$1
+    ;;
+  force-reload)
+    do_restart
+    ;;
+  *)
+    echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|setup}" >&2
+    exit 3
+    ;;
+esac
...	...	@@ -0,0 +1,5 @@
	1	+require ::File.expand_path('../../../config/environment', __FILE__)
	2	+require 'stoa_plugin'
	3	+require 'stoa_plugin/auth'
	4	+
	5	+run StoaPlugin::Auth
...	...
...	...	@@ -0,0 +1,36 @@
	1	+require 'sinatra'
	2	+require 'stoa_plugin/person_fields'
	3	+
	4	+class StoaPlugin::Auth < Sinatra::Base
	5	+
	6	+ include StoaPlugin::PersonFields
	7	+
	8	+ post '/' do
	9	+ headers['Content-Type'] = 'application/json'
	10	+ if params[:login].blank?
	11	+ person = Person.find_by_usp_id(params[:usp_id])
	12	+ login = person ? person.user.login : nil
	13	+ else
	14	+ login = params[:login]
	15	+ end
	16	+
	17	+ domain = Domain.find_by_name(request.host)
	18	+ environment = domain && domain.environment
	19	+ environment \|\|= Environment.default
	20	+
	21	+ user = User.authenticate(login, params[:password], environment)
	22	+ if user
	23	+ result = StoaPlugin::PersonApi.new(user.person, self).fields(selected_fields(params[:fields], user))
	24	+ result.merge!(:ok => true)
	25	+ else
	26	+ result = { :error => _('Incorrect user/password pair.'), :ok => false }
	27	+ end
	28	+ result.to_json
	29	+ end
	30	+
	31	+ get '/' do
	32	+ headers['Content-Type'] = 'application/json'
	33	+ { :error => _('Conection requires post method.'), :ok => false }.to_json
	34	+ end
	35	+
	36	+end
...	...
...	...	@@ -0,0 +1,123 @@
	1	+#! /bin/sh
	2	+### BEGIN INIT INFO
	3	+# Provides: noosfero
	4	+# Required-Start: $remote_fs
	5	+# Required-Stop: $remote_fs
	6	+# Should-Start: postgresql
	7	+# Should-Stop: postgresql
	8	+# Default-Start: 2 3 4 5
	9	+# Default-Stop: 0 1 6
	10	+# Short-Description: Stoa authentication daemon
	11	+# Description: This file should be symlinked or copied into /etc/init.d.
	12	+### END INIT INFO
	13	+
	14	+# Sample init.d script for noosfero.
	15	+#
	16	+# This script was based on the skeleton init.d script present in a Debian
	17	+# GNU/Linux system (sid), on Sat Feb 16 11:12:03 BRT 2008. It must be placed
	18	+# in /etc/init.d/ (or whatever place your system uses for startup scripts),
	19	+# and you must create a file /etc/default/noosfero defining the variable
	20	+#
	21	+# Author: Antonio Terceiro <terceiro@colivre.coop.br>
	22	+
	23	+# Do NOT "set -e"
	24	+
	25	+# PATH should only include /usr/* if it runs after the mountnfs.sh script
	26	+PATH=/sbin:/usr/sbin:/bin:/usr/bin
	27	+DESC="Stoa authentication deamon"
	28	+NAME=stoa-auth-daemon
	29	+SCRIPTNAME=/etc/init.d/$NAME
	30	+
	31	+# default values
	32	+NOOSFERO_DIR=/var/lib/noosfero/current
	33	+NOOSFERO_USER=noosfero
	34	+
	35	+# Read configuration variable file if it is present
	36	+if [ -r /etc/default/$NAME ]; then
	37	+ . /etc/default/$NAME
	38	+else
	39	+ # for running from development setup, or from git with the script symlinked
	40	+ script=$(readlink -f $0)
	41	+ NOOSFERO_DIR=$(readlink -f $(dirname $script)/../../..)
	42	+ NOOSFERO_USER=$(stat --format %U $NOOSFERO_DIR/tmp/pids)
	43	+fi
	44	+
	45	+# Load the VERBOSE setting and other rcS variables
	46	+. /lib/init/vars.sh
	47	+
	48	+. /lib/lsb/init-functions
	49	+
	50	+if [ -z "$NOOSFERO_DIR" ] \|\| [ -z "$NOOSFERO_USER" ]; then
	51	+ echo "NOOSFERO_DIR or NOOSFERO_USER not defined, noosfero not being started."
	52	+ echo "Both variables must be defined in /etc/default/noosfero"
	53	+ exit 0
	54	+fi
	55	+
	56	+if test -x /usr/sbin/noosfero-check-dbconfig ; then
	57	+ if ! /usr/sbin/noosfero-check-dbconfig; then
	58	+ echo "Noosfero database access not configured, service disabled."
	59	+ exit 0
	60	+ fi
	61	+fi
	62	+
	63	+######################
	64	+
	65	+THIN_PID_FILE='--pid tmp/pids/stoa-auth-server.pid'
	66	+THIN_START_OPTIONS="--port 4000 --environment production --chdir $NOOSFERO_DIR --rackup plugins/stoa/config.ru --log log/stoa-auth-server.log --daemonize"
	67	+
	68	+as_noosfero_user() {
	69	+ cmd="$@"
	70	+ if [ "$NOOSFERO_USER" != "$USER" ]; then
	71	+ su $NOOSFERO_USER -l -c "cd $NOOSFERO_DIR && $cmd"
	72	+ else
	73	+ cd $NOOSFERO_DIR
	74	+ $cmd
	75	+ fi
	76	+}
	77	+
	78	+run_thin() {
	79	+ action="$1"
	80	+ shift
	81	+ log_daemon_msg "$action $DESC" "$NAME"
	82	+ if as_noosfero_user thin $THIN_PID_FILE $@; then
	83	+ log_success_msg
	84	+ else
	85	+ log_failure_msg
	86	+ fi
	87	+}
	88	+
	89	+running() {
	90	+ kill -0 $(cat $NOOSFERO_DIR/tmp/pids/stoa-auth-server.pid 2>/dev/null \|\| true) 2>/dev/null
	91	+}
	92	+
	93	+do_start() {
	94	+ if ! running; then
	95	+ run_thin "Starting" $THIN_START_OPTIONS start
	96	+ fi
	97	+}
	98	+
	99	+do_stop() {
	100	+ if running; then
	101	+ run_thin "Stopping" stop
	102	+ fi
	103	+}
	104	+
	105	+do_restart() {
	106	+ if running; then
	107	+ do_stop
	108	+ fi
	109	+ do_start
	110	+}
	111	+
	112	+case "$1" in
	113	+ start\|stop\|restart)
	114	+ do_$1
	115	+ ;;
	116	+ force-reload)
	117	+ do_restart
	118	+ ;;
	119	+ *)
	120	+ echo "Usage: $SCRIPTNAME {start\|stop\|restart\|force-reload\|setup}" >&2
	121	+ exit 3
	122	+ ;;
	123	+esac
...	...