I'm trying to add some basic file-download functionality to my Rails application and have the password_hash and password_salt fields for my file model. I also have a function in which a download link to the file is generated, however I'm not totally sure (as I'm sort of reasonably new to Ruby and Rails) how I'd go about actually prompting the user for a password and checking this before proceeding with the file download.
Any help would be appreciated.
You should target you link to a controller and send the file like this:
before_filter :login_required
def download
send_file '/home/railsway/downloads/huge.zip', :type=>"application/zip"
end
this way you can check the password in you before filter using HTTP Basic Auth for example.
more info: http://www.therailsway.com/2009/2/22/file-downloads-done-right
Related
I need to add some api for moobile to my existing project in rails. I am using devise gem for authentication. The first api needed are user registration, login, profile update , some posting feature etc.I am following https://github.com/lynndylanhurley/devise_token_auth this to create api, but it creates user.rb and migration as well as a duplicate routes. Am I doing something wrong. Please help me to solve the issue . Thanks in advance
I have added devise token authentication for api. Also created a seperate application controller for api's. All the api controller extends this application controller. The api routes starts with /api/
Documentation says:
A model will be created in the app/models directory. If the model already exists, a concern will be included at the top of the file.
And
A migration file will be created in the db/migrate directory. Inspect the migrations file, add additional columns if necessary, and then run the migration:
So
Can I use this gem alongside standard Devise?
Yes! But you will need to enable the support of separate routes for standard Devise.
https://github.com/lynndylanhurley/devise_token_auth#can-i-use-this-gem-alongside-standard-devise
Personally, I wouldn't use Devise for your authentication but would create a custom one next to Devise just for your API. Devise can become a bit buggy later on in the process when using it for API-authentication. Then for your authorization you could use Pundit. You might want to use Regulator next to it for controller namespaced authorization polices(it's not under development anymore, but it does the job).
There's a nice tutorial about this process:
API Tutorial
Here you can find Pundit:
Pundit Gem
And here's the Regulator gem:
Regulator Gem
I'm looking for a way to regenerate the user.confirmation_token. In my app, I allow users to deactivate their account with user.deleted_at. If a deactivate user tries to re-activate their account, I want to see a confirmation_instructions mail but need a confirmation token set. Is there a way with devise to re-generate the user.confirmation_token inside the RegistrationsController?
Theres the generate_confirmation_token method in the Confirmable module which is applied to other classes via ActiveSupport::Concern. Like you see here:
https://github.com/plataformatec/devise/blob/master/lib/devise/models/confirmable.rb
Reapllying this method on your User object should do the Trick.
// The generate_confirmation_token method is protected so it cant be called from outside the class. You can run send_confirmation_instructions which generates the token and delivers a registration mail.
// Watching at the source if the confirmable module of the gem let it look like the method does. If it isnt possible by default you need to costumize the gem. You can get the gemsets path by the following command in the bash
rvm gemset path
then in the gems directory you will find the version of devise installed. In the lib/devise/models/confirmable.rb file you can add a not protected method that calls the generate_confirmation_token method. You can only call it from that module because its protected.
I need to get the username of the currently logged windows user. Could it be done easily?
The username of the account running the script can be accessed via something like:
puts ENV['USERNAME']
Beware that if you're running it as a system service the username will probably come back as "SYSTEM"
If that isn't enough to suite your needs there is an alternative method outlined here: https://stackoverflow.com/a/3544741/648695
You can use the Ruby etc module
require 'etc'
Etc.getlogin
The doc is avaiable here: http://ruby-doc.org/stdlib-2.0.0/libdoc/etc/rdoc/Etc.html#method-c-getlogin
Returns the short user name of the currently logged in user.
As far as I know, unless you're using active directory that would require a microsoft framework website, I don't think you'll find a way in rails.
There are a few discussion points here that may help: Can you get a Windows (AD) username in PHP?
Same question here: is there a way to read a clients windows login name using ruby on rails
Anyways, just copying my own answer below...
This is what worked for me but there are some limitations:
won't work in Chrome: undefined method 'encode' for nil:NilClass
won't validate user credentials
If you don't care about these issues, go ahead:
In your rails application, add Rekado's gem to your Gemfile: gem 'ntlm-sso', '=0.0.1'
Create an initialiser config/initializers/ntlm-sso.rb with:
require 'rack'
require 'rack/auth/ntlm-sso'
class NTLMAuthentication
def initialize(app)
#app = app
end
def call(env)
auth = Rack::Auth::NTLMSSO.new(#app)
return auth.call(env)
end
end
On your application.rb file, add the line: config.middleware.use "NTLMAuthentication"
Call request.env["REMOTE_USER"] on your view or controller to get current username.
PS: Let me know if you find anyway to make it work on Chrome or to validate user credentials.
I'm using rails 2.3.5 and devise 1.0.6.
I'm having users confirm account's with email.
However, when a new user sign's up the flash notice says "The user was successfully created" which it was but it doesn't tell the user that they need to confirm their their email unless they try to log in and devise's flash notice still doesn't explain that they have to confirm through email.
Where is this flash notice located in the gem and how can I change it? Or what is a better way to fix this problem.
Just enable i18n in your project and edit the default locale (en.devise.yml) or download new ones from
https://github.com/plataformatec/devise/wiki/i18n
Flash messages for the devise gem can be altered in the locales directory (YourRailsApp/config/locales/devise.en.yml).
Just change the devise.en.yml to your liking, it doesn't really take any programming knowledge.
If you are new to rails the locales directory is for I18n translations which is rails way of translating words albeit statically but it works well for simple projects.
I've built a very basic CRM system for my rails app that allows me to send weekly user activity digests with custom text and create multi-part marketing messages which I can configure and send through a basic admin interface. I'm happy with what I've put together on the send-side of things (minus the fact that I haven't tried to volume test its capabilities), but I'm concerned about how to handle bounce-backs.
I came across this plugin with associated scripts: http://github.com/kovyrin/bounces-handler
I'm using Google Apps to handle my mail and really don't know enough about Perl to want to mess with the above plugin - I have enough headaches.
I'm looking for a simple solution for processing bounce-backs in Rails. All my email will go out from an address like this which will be managed in Google Apps: "news#mydomain.com."
What's the best workflow for this? Can anyone post an example solution they're using keeping in mind the fact that I'm using Google Apps for the mail?
Any guidance, links, or basic workflow best-practices to handle this would be greatly appreciated.
Thanks!
-A
Ok, this has proven to be easier then I thought using the Fetcher plugin which you can find on Github. For those interested in an approach that appears to work, here's what I've done:
1) Install the Fetcher plugin like so: script/plugin install git://github.com/look/fetcher.git
2) The instructions suggest you run a generator to create a daemon like so: script/generate fetcher_daemon MailerDaemon. I suggest doing this since it will generate a YML file in config/ which you can modify with your mail server info (in my case Gmail).
It also generates a daemon to run Fetcher. I tried using this but consistently got the following error: Mysql::Error: MySQL server has gone away: SHOW FIELDS FROM email_blacklists. This was the result of the daemon process disappearing before the MySQL could store the record so I abandoned using the daemon and setup a cron instead.
3) configure the .yml file in config which i renamed to mail.yml with your mail settings. For gmail pop, they look something lik this:
development:
type: pop
server: pop.gmail.com
port: 995
ssl: true
username: myemailaddress#gmail.com
password: mypassword
Here's the code you'll need to process:
models/mail_processor.rb
class MailProcessor < ActionMailer::Base
def receive(email)
email = EmailBlacklist.find_or_create_by_email(email.to.first)
end
def self.grab_bounces
config = YAML.load_file("#{RAILS_ROOT}/config/mail.yml")
config = config[RAILS_ENV].to_options
fetcher = Fetcher.create({:receiver => MailProcessor}.merge(config))
fetcher.fetch
end
end
lib/tasks/mail.rake
namespace :email do
desc "sends various types of marketing and automated emails and processes bouncebacks"
task(:process_bounces => :environment) do
MailProcessor.grab_bounces
end
end
You can then toss the auto-generated mailer_daemon_fetcher.rb file in your scripts/ directory.
Hope this helps someone else. If you want to test then, from the console simply call MailProcessor.grab_bounces. Make sure you have some email in the inbox that you're configured to access.