-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathapplication_controller.rb
executable file
·132 lines (108 loc) · 4.01 KB
/
application_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
# frozen_string_literal: true
class ApplicationController < ActionController::Base
before_action :display_banner?, :sinai_authn_check, :add_legacy_views, :cors_preflight_check, :set_default_sort
after_action :cors_set_access_control_headers
def add_legacy_views
prepend_view_path "app/views_legacy"
prepend_view_path "app/views" # already there, but needs to be in front of views_legacy
end
def cors_set_access_control_headers
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Request-Method'] = '*'
headers['Access-Control-Allow-Headers'] = '*'
headers['Access-Control-Max-Age'] = "1728000"
end
def cors_preflight_check
return unless request.method == :options
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = '*'
headers['Access-Control-Max-Age'] = '1728000'
render text: '', content_type: 'text/plain'
end
def display_banner?
if banner_cookie?
@beta_banner_display_option = "none"
else
@beta_banner_display_option = "block"
set_banner_cookie
end
end
def sinai_authn_check
return true if [version_path].include?(request.path) || sinai_authenticated_3day?
if ENV['SINAI_ID_BYPASS'] # skip auth in development
cookies[:sinai_authenticated_3day] = 'true'
return true
end
# check_document_paths
return unless ucla_token?
set_auth_cookies
redirect_to cookies[:requested_path]
end
# def check_document_paths
# redirect_to redirect_target if params[:id] && [solr_document_path(params[:id])].include?(request.path) # check if someone bookmarked the show page
# end
def banner_cookie?
cookies[:banner_display_option]
end
def set_banner_cookie
cookies[:banner_display_option] = "banner_off"
end
def set_default_sort
# set sort to be relevance if keyword search is not empty
params[:sort] ||= 'score desc' unless params[:q].to_s.empty?
end
def sinai_authenticated_3day?
cookies[:sinai_authenticated_3day]
end
def ucla_token?
# does the request have a querystring containing a param named token and, if so, was it previously written to the database?
return true if params[:token].present? && SinaiToken.find_by(sinai_token: params[:token])
# does the request have a querystring containing the character "?token=" and, if so, extract the token
return false unless request.fullpath.include?("?token=")
returned_token_array = request.fullpath.split(/\?token=/)
returned_token = returned_token_array[1]
# is the extracted token in the database and did the user pass through the login page?
return true if SinaiToken.find_by(sinai_token: returned_token) && cookies[:requested_path]
false
end
def set_auth_cookies
cookies[:sinai_authenticated_3day] = {
value: create_encrypted_string.unpack('H*')[0].upcase,
expires: Time.zone.now + 3.days,
domain: ENV['DOMAIN']
}
cookies[:initialization_vector] = {
value: cipher_iv.unpack('H*')[0].upcase,
expires: Time.zone.now + 3.days,
domain: ENV['DOMAIN']
}
end
def create_encrypted_string
cipher.encrypt
cipher.key = ENV['CIPHER_KEY']
cipher.iv = cipher_iv
cipher.update("Authenticated #{Time.zone.today}") + cipher.final
end
helper Openseadragon::OpenseadragonHelper
# Adds a few additional behaviors into the application controller
include Blacklight::Controller
layout 'blacklight'
protect_from_forgery with: :exception
rescue_from Blacklight::AccessControls::AccessDenied, with: :render_404
def render_404
render file: Rails.root.join('public', '404.html'), status: :not_found, layout: false
end
private
def cipher
@cipher ||= OpenSSL::Cipher::AES256.new :CBC
end
def cipher_iv
@iv ||= cipher.random_iv
end
# def redirect_target
# cookies[:request_original_url] = request.original_url
# "/"
# end
end