Simple auth (VERY VERY UGLY)

config.yml-dist

@@ -14,3 +14,7 @@ rseed:
 t411:
 #  t411_username: "login"                         # T411.me username
 #  t411_password: "password"                      # T411.me password
+
+auth:
+  user: "user"
+  pass: "password"

lib/rSeed/server.rb

@@ -41,15 +41,19 @@ module RSeed
       end
 
       def auth!
-        throw(:halt, [401, "Aweurglaweurglglglwargl !\n"]) if not auth?
+        if not auth?
+          redirect '/signin'
+        else
+          true
+        end
       end
 
       def auth?
         @user = request.cookies["user"]
-        @token = request.cookies["token"]
-        check = Session.valid?(@user, @token)
+        @session = request.cookies["session"]
+        check = Session.valid?(@user, @session)
         if !check
-          puts "I think we have a problem with this session : #{@user.inspect}, #{@token.inspect}"
+          puts "I think we have a problem with this session : #{@user.inspect}, #{@session.inspect}"
         end
         check
       end
@@ -75,17 +79,19 @@ module RSeed
     end
 
     post '/signin' do
-      token = Session.signin(params[:username], params[:password])
+      user, session = Session.signin(params[:username], params[:password])
       response.set_cookie("user", :value => params[:username], :path => '/', :expires => Time.now + 60*60*24*90)
-      response.set_cookie("token", :value => token, :path => '/', :expires => Time.now + 60*60*24*90)
+      response.set_cookie("session", :value => session, :path => '/', :expires => Time.now + 60*60*24*90)
       redirect '/'
     end
 
     # Index
     # ----- 
     get '/' do
-      tlist = @rtorrent.getAll
-      haml :index, :locals => { :tlist => tlist }
+      if auth!
+        tlist = @rtorrent.getAll
+        haml :index, :locals => { :tlist => tlist }
+      end
     end
 
     # DDL
@@ -116,13 +122,15 @@ module RSeed
     # Public link generator
     # ---------------------
     post '/share' do
-      fullhash = @rtorrent.getHash(params[:hash]).downcase
-      if not publicLink(fullhash)
-        File.open(@config.get('public_link_file_path'), 'a+') do |fd|
-          fd.puts fullhash
+      if auth!
+        fullhash = @rtorrent.getHash(params[:hash]).downcase
+        if not publicLink(fullhash)
+          File.open(@config.get('public_link_file_path'), 'a+') do |fd|
+            fd.puts fullhash
+          end
         end
+        return { "url" => url("/d/#{fullhash}"), "name" => @rtorrent.getName(fullhash) }.to_json
       end
-      return { "url" => url("/d/#{fullhash}"), "name" => @rtorrent.getName(fullhash) }.to_json
     end
 
     # Add Torrent File
@@ -134,10 +142,10 @@ module RSeed
     post '/add/:type' do
       case params[:type]
       when 'file'
-        File.open(@config.get("data_path") + "/" + params['torrentFile'][:filename], "w") do |f|
+        File.open(@config.get("data_path") + "/" + params[:torrentFile][:filename], "w") do |f|
           f.write(params['torrentFile'][:tempfile].read)
         end
-        return "OK" if @rtorrent.add(params['torrentFile'][:filename])
+        return "Torrent added !" if @rtorrent.add(params[:torrentFile][:filename])
       when 'link'
         return "Torrent added !" if @rtorrent.add(params[:link])
       when 't411'

lib/rSeed/session.rb

@@ -2,22 +2,30 @@ module RSeed
     module Session
         extend self
 
-        def filename(user)
-            file = File.join(Config.data_path, user)
+        def filename(user, session)
+            file = File.join(Config.data_path, user, session)
             FileUtils.mkdir_p File.dirname(file) if not File.directory? File.dirname(file)
             file
         end
 
-        def valid?(user, token)
+        def valid?(user, session)
             begin
-                File.exists? filename(user)
+                File.exists? filename(user, session)
             rescue
                 false
             end
         end
 
         def signin(user, password)
-            # TODO
+          if Config.get("user") == user
+            if Config.get("pass") == password
+              session = Digest::SHA1.hexdigest("#{user}#{Time.now}#{rand}")
+              File.open(filename(user, session), 'w') do |fd|
+                fd.write Time.now.to_s
+              end
+            end
+          end
+          [user, session]
         end
 
     end

views/signin.haml

@@ -1,9 +1,12 @@
 -# coding: utf-8
-.row
-  .col-md-4{:class => "col-md-offset-4"}
-    %form{:role => "form", :method => "post", :action => "signin"}
-      %h2.text-center Sign in
-      .form-group
-        %input{:type => "text", :name => "username", :class => "form-control", :placeholder => "Username", :style => "border-radius: 4px 4px 0 0;"}
-        %input{:type => "password", :name => "password", :class => "form-control", :placeholder => "Password", :style => "border-radius: 0 0 4px 4px; margin-top: -1px;"}
-      %button{:type => "submit", :class => "btn btn-primary btn-lg btn-block"} Sign in
+%h1.text-center rSeed
+%form{action: "/signin", method: "POST"}
+  .row
+    .large-4.columns.large-offset-4
+      %input{type: "text", name: "username", placeholder: "Username"}
+  .row
+    .large-4.columns.large-offset-4
+      %input{type: "password", name: "password", placeholder: "Password"}
+  .row
+    .large-4.columns.large-offset-4
+      %input.button.radius.large-12{type: "submit", value: "Login"}