reivilibre/TaskBoard
Archived
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 2 Wiki Activity

Various changes WIP

Browse Source
This commit is contained in:
kiswa 2016-05-22 11:07:16 +00:00
parent 464f664edd
commit 37690ee5af
7 changed files with 103 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/api/composer.json
View File

@ -19,5 +19,6 @@
], ],
"autoload": { "autoload": {
"classmap": [ "controllers", "models" ] "classmap": [ "controllers", "models" ]
} },
"minimum-stability": "stable"
} }

20
src/api/controllers/Auth.php
View File

@ -3,17 +3,18 @@ use RedBeanPHP\R;
use Firebase\JWT; use Firebase\JWT;
class Auth extends BaseController { class Auth extends BaseController {
public function authenticate($request, $response, $args) {
if (!$request->hasHeader('Authorization') {
$apiJson = new ApiJson();
public function authenticate($request, $response, $args) {
if (!$request->hasHeader('Authorization')) {
return $response->withStatus(400); // Bad Request return $response->withStatus(400); // Bad Request
} }
$jwt = $response->getHeader('Authorization'); $jwt = $request->getHeader('Authorization');
// Validate token // Validate token
// Issue new token with extended expiration // Issue new token with extended expiration
return $response->withJson(json_encode($jwt));
} }
public function login($request, $response, $args) { public function login($request, $response, $args) {
@ -26,7 +27,7 @@ class Auth extends BaseController {
return $this->jsonResponse($response); return $this->jsonResponse($response);
} }
if ($user->password !== $this->hashPassword($data->password, $user->salt) { if (!password_verify($data->password, $user->password_hash)) {
$this->apiJson->addAlert('error', 'Invalid username or password.'); $this->apiJson->addAlert('error', 'Invalid username or password.');
return $this->jsonResponse($response); return $this->jsonResponse($response);
@ -43,16 +44,15 @@ class Auth extends BaseController {
$key = R::load('jwt', 1); $key = R::load('jwt', 1);
if ($key->id === 0) { if ($key->id === 0) {
// Generate a JWT key by hashing the current time.
// This should make (effectively) every instance of TaskBoard
// have a unique secret key for JWTs.
$key->token = password_hash(strval(time()), PASSWORD_BCRYPT); $key->token = password_hash(strval(time()), PASSWORD_BCRYPT);
R::store($key); R::store($key);
} }
return $key->token; return $key->token;
} }
private function hashPassword($password, $salt) {
return password_hash($data->password, PASSWORD_BCRYPT,
array('salt' => $salt));
}
} }

3
src/api/models/User.php
View File

@ -11,7 +11,6 @@ class User extends BaseModel {
public $id = 0; public $id = 0;
public $security_level; public $security_level;
public $username = ''; public $username = '';
public $salt = '';
public $password_hash = ''; public $password_hash = '';
public $email = ''; public $email = '';
public $default_board_id = 0; public $default_board_id = 0;
@ -32,7 +31,6 @@ class User extends BaseModel {
$bean->id = $this->id; $bean->id = $this->id;
$bean->security_level = $this->security_level->getValue(); $bean->security_level = $this->security_level->getValue();
$bean->username = $this->username; $bean->username = $this->username;
$bean->salt = $this->salt;
$bean->password_hash = $this->password_hash; $bean->password_hash = $this->password_hash;
$bean->email = $this->email; $bean->email = $this->email;
$bean->default_board_id = $this->default_board_id; $bean->default_board_id = $this->default_board_id;
@ -73,7 +71,6 @@ class User extends BaseModel {
$this->id = (int) $obj->id; $this->id = (int) $obj->id;
$this->security_level = new SecurityLevel((int) $obj->security_level); $this->security_level = new SecurityLevel((int) $obj->security_level);
$this->username = $obj->username; $this->username = $obj->username;
$this->salt = $obj->salt;
$this->password_hash = $obj->password_hash; $this->password_hash = $obj->password_hash;
$this->email = $obj->email; $this->email = $obj->email;
$this->default_board_id = (int) $obj->default_board_id; $this->default_board_id = (int) $obj->default_board_id;

94
src/app/settings/settings.template.html
View File

@ -18,12 +18,13 @@
<button>Change Password</button> <button>Change Password</button>
<button class="flat">Reset</button> <button class="flat">Reset</button>
<h3 class="tall">Select Default Board</h3> <h3 class="tall">All Boards Options</h3>
<select> <label>
<option>None</option> Select default board:
</select> <select class="autosize">
<option>None</option>
<h3>All Boards Options</h3> </select>
</label>
<label> <label>
New tasks appear at column New tasks appear at column
<select class="autosize"> <select class="autosize">
@ -95,8 +96,8 @@
<td>User</td> <td>User</td>
<td>None</td> <td>None</td>
<td> <td>
<a href="">Edit</a> <a href=""><i class="icon icon-edit"></i></a>
<a href="">Remove</a> <a href=""><i class="icon icon-trash-empty"></i></a>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -105,8 +106,8 @@
<td>Board Administrator</td> <td>Board Administrator</td>
<td>None</td> <td>None</td>
<td> <td>
<a href="">Edit</a> <a href=""><i class="icon icon-edit"></i></a>
<a href="">Remove</a> <a href=""><i class="icon icon-trash-empty"></i></a>
</td> </td>
</tr> </tr>
</tbody> </tbody>
@ -124,28 +125,30 @@
<div class="row"> <div class="row">
<h3>Current Boards</h3> <h3>Current Boards</h3>
<label class="inline"> <div class="small right">
Sort By: <label class="inline">
<select class="autosize"> Sort By:
<option>Board Name</option> <select class="autosize">
<option>Creation Date</option> <option>Board Name</option>
</select> <option>Creation Date</option>
</label> </select>
<label class="inline"> </label>
Filter By: <label class="inline">
<select class="autosize"> Filter By:
<option>All Boards</option> <select class="autosize">
<option>Active</option> <option>All Boards</option>
<option>Inactive</option> <option>Active</option>
</select> <option>Inactive</option>
</label> </select>
<label class="inline"> </label>
Show By User: <label class="inline">
<select class="autosize"> Show By User:
<option>Any User</option> <select class="autosize">
<option>admin</option> <option>Any User</option>
</select> <option>admin</option>
</label> </select>
</label>
</div>
<table class="alternating"> <table class="alternating">
<thead> <thead>
@ -169,25 +172,30 @@
</td> </td>
<td> <td>
<ul> <ul>
<li>Cat1</li> <li>Cat1<span class="badge" title="Default Color" style="background-color:#debee8">&nbsp;</span></li>
<li>Cat2</li> <li>Cat2<span class="badge" title="Default Color" style="background-color:#bee7f4">&nbsp;</span></li>
<li>Cat3</li> <li>Cat3<span class="badge" title="Default Color" style="background-color:#ffffe0">&nbsp;</span></li>
</ul> </ul>
</td> </td>
<td> <td>
<ul> <ul>
<li>admin</li> <li>admin</li>
<li>other_guy</li>
</ul> </ul>
</td> </td>
<td> <td>
<a href="">Edit</a> <a href=""><i class="icon icon-edit"></i></a>
<a href="">Remove</a> <a href=""><i class="icon icon-trash-empty"></i></a>
<label><input type="checkbox" checked> Active</label> <label><input type="checkbox" checked> Active</label>
</td> </td>
</tr> </tr>
<tr> <tr>
<td><a href="boards/2">Other Board</a></td> <td><a href="boards/2">Other Board</a></td>
<td></td> <td>
<ul>
<li>One<span class="badge">0</span></li>
</ul>
</td>
<td></td> <td></td>
<td> <td>
<ul> <ul>
@ -195,8 +203,8 @@
</ul> </ul>
</td> </td>
<td> <td>
<a href="">Edit</a> <a href=""><i class="icon icon-edit"></i></a>
<a href="">Remove</a> <a href=""><i class="icon icon-trash-empty"></i></a>
<label><input type="checkbox" checked> Active</label> <label><input type="checkbox" checked> Active</label>
</td> </td>
</tr> </tr>
@ -218,7 +226,7 @@
<tr> <tr>
<th>Board</th> <th>Board</th>
<th>Trigger</th> <th>Trigger</th>
<th>Actions</th> <th>Action</th>
<th>Remove</th> <th>Remove</th>
</tr> </tr>
</thead> </thead>
@ -227,13 +235,13 @@
<td>Example Board</td> <td>Example Board</td>
<td>Item assigned to user: admin</td> <td>Item assigned to user: admin</td>
<td>Set item color: #debee8</td> <td>Set item color: #debee8</td>
<td><a href="#">Remove</a></td> <td><a href="#"><i class="icon icon-trash-empty"></i></a></td>
</tr> </tr>
<tr> <tr>
<td>Example Board</td> <td>Example Board</td>
<td>Item moved to column: Col3</td> <td>Item moved to column: Col3</td>
<td>Set item color: #debee8</td> <td>Set item color: #debee8</td>
<td><a href="#">Remove</a></td> <td><a href="#"><i class="icon icon-trash-empty"></i></a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>

10
test/api/Mocks.php
View File

@ -58,7 +58,6 @@ class DataMock {
$user->id = 1; $user->id = 1;
$user->security_level = SecurityLevel::BoardAdmin; $user->security_level = SecurityLevel::BoardAdmin;
$user->username = 'tester'; $user->username = 'tester';
$user->salt = 'salty1234';
$user->password_hash = 'hashpass1234'; $user->password_hash = 'hashpass1234';
$user->email = 'user@example.com'; $user->email = 'user@example.com';
$user->default_board_id = 1; $user->default_board_id = 1;
@ -162,6 +161,7 @@ class ContainerMock {
class RequestMock { class RequestMock {
public $invalidPayload = false; public $invalidPayload = false;
public $payload = null; public $payload = null;
public $hasHeader = true;
public function getBody() { public function getBody() {
if ($this->invalidPayload) { if ($this->invalidPayload) {
@ -174,6 +174,10 @@ class RequestMock {
return json_encode(DataMock::getBoard()); return json_encode(DataMock::getBoard());
} }
public function hasHeader() {
return $this->hasHeader;
}
} }
class ResponseMock { class ResponseMock {
@ -182,5 +186,9 @@ class ResponseMock {
return $apiJson; return $apiJson;
} }
public function withStatus($status) {
return $status;
}
} }

31
test/api/controllers/AuthTest.php Normal file
View File

@ -0,0 +1,31 @@
<?php
class AuthTest extends PHPUnit_Framework_TestCase {
private $auth;
public static function setupBeforeClass() {
try {
RedBeanPHP\R::setup('sqlite:tests.db');
} catch (Exception $ex) { }
}
public function setUp() {
RedBeanPHP\R::nuke();
$this->auth = new Auth(new ContainerMock());
}
/**
* @group single
*/
public function testAuthenticate() {
$request = new RequestMock();
$request->hasHeader = false;
$actual = $this->auth->authenticate($request,
new ResponseMock(), null);
$this->assertTrue($actual === 400);
}
}

3
test/api/models/UserTest.php
View File

@ -62,7 +62,6 @@ class UserTest extends PHPUnit_Framework_TestCase {
$this->assertTrue($bean->security_level === $this->assertTrue($bean->security_level ===
$user->security_level->getValue()); $user->security_level->getValue());
$this->assertTrue($bean->username === $user->username); $this->assertTrue($bean->username === $user->username);
$this->assertTrue($bean->salt === $user->salt);
$this->assertTrue($bean->password_hash === $user->password_hash); $this->assertTrue($bean->password_hash === $user->password_hash);
$this->assertTrue($bean->email === $user->email); $this->assertTrue($bean->email === $user->email);
$this->assertTrue($bean->default_board_id === $user->default_board_id); $this->assertTrue($bean->default_board_id === $user->default_board_id);
@ -74,7 +73,6 @@ class UserTest extends PHPUnit_Framework_TestCase {
$this->assertTrue($user->security_level->getValue() === $this->assertTrue($user->security_level->getValue() ===
SecurityLevel::User); SecurityLevel::User);
$this->assertTrue($user->username === ''); $this->assertTrue($user->username === '');
$this->assertTrue($user->salt === '');
$this->assertTrue($user->password_hash === ''); $this->assertTrue($user->password_hash === '');
$this->assertTrue($user->email === ''); $this->assertTrue($user->email === '');
$this->assertTrue($user->default_board_id === 0); $this->assertTrue($user->default_board_id === 0);
@ -86,7 +84,6 @@ class UserTest extends PHPUnit_Framework_TestCase {
$this->assertTrue($user->security_level->getValue() === $this->assertTrue($user->security_level->getValue() ===
SecurityLevel::BoardAdmin); SecurityLevel::BoardAdmin);
$this->assertTrue($user->username === 'tester'); $this->assertTrue($user->username === 'tester');
$this->assertTrue($user->salt === 'salty1234');
$this->assertTrue($user->password_hash === 'hashpass1234'); $this->assertTrue($user->password_hash === 'hashpass1234');
$this->assertTrue($user->email === 'user@example.com'); $this->assertTrue($user->email === 'user@example.com');
$this->assertTrue($user->default_board_id === 1); $this->assertTrue($user->default_board_id === 1);