diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/test/models/.keep b/test/models/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/models/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/test/models/.keep b/test/models/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/models/.keep
diff --git a/test/models/autority_test.rb b/test/models/autority_test.rb
new file mode 100644
index 0000000..ed2c149
--- /dev/null
+++ b/test/models/autority_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class AutorityTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/test/models/.keep b/test/models/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/models/.keep
diff --git a/test/models/autority_test.rb b/test/models/autority_test.rb
new file mode 100644
index 0000000..ed2c149
--- /dev/null
+++ b/test/models/autority_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class AutorityTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
new file mode 100644
index 0000000..5c07f49
--- /dev/null
+++ b/test/models/user_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class UserTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/test/models/.keep b/test/models/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/models/.keep
diff --git a/test/models/autority_test.rb b/test/models/autority_test.rb
new file mode 100644
index 0000000..ed2c149
--- /dev/null
+++ b/test/models/autority_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class AutorityTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
new file mode 100644
index 0000000..5c07f49
--- /dev/null
+++ b/test/models/user_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class UserTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/test_helper.rb b/test/test_helper.rb
new file mode 100644
index 0000000..004f5a6
--- /dev/null
+++ b/test/test_helper.rb
@@ -0,0 +1,8 @@
+ENV["RAILS_ENV"] ||= "test"
+require_relative "../config/environment"
+require "rails/test_help"
+
+class ActiveSupport::TestCase
+ parallelize(workers: :number_of_processors)
+ fixtures :all
+end
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/test/models/.keep b/test/models/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/models/.keep
diff --git a/test/models/autority_test.rb b/test/models/autority_test.rb
new file mode 100644
index 0000000..ed2c149
--- /dev/null
+++ b/test/models/autority_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class AutorityTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
new file mode 100644
index 0000000..5c07f49
--- /dev/null
+++ b/test/models/user_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class UserTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/test_helper.rb b/test/test_helper.rb
new file mode 100644
index 0000000..004f5a6
--- /dev/null
+++ b/test/test_helper.rb
@@ -0,0 +1,8 @@
+ENV["RAILS_ENV"] ||= "test"
+require_relative "../config/environment"
+require "rails/test_help"
+
+class ActiveSupport::TestCase
+ parallelize(workers: :number_of_processors)
+ fixtures :all
+end
diff --git a/tmp/.keep b/tmp/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/test/models/.keep b/test/models/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/models/.keep
diff --git a/test/models/autority_test.rb b/test/models/autority_test.rb
new file mode 100644
index 0000000..ed2c149
--- /dev/null
+++ b/test/models/autority_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class AutorityTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
new file mode 100644
index 0000000..5c07f49
--- /dev/null
+++ b/test/models/user_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class UserTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/test_helper.rb b/test/test_helper.rb
new file mode 100644
index 0000000..004f5a6
--- /dev/null
+++ b/test/test_helper.rb
@@ -0,0 +1,8 @@
+ENV["RAILS_ENV"] ||= "test"
+require_relative "../config/environment"
+require "rails/test_help"
+
+class ActiveSupport::TestCase
+ parallelize(workers: :number_of_processors)
+ fixtures :all
+end
diff --git a/tmp/.keep b/tmp/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/.keep
diff --git a/tmp/pids/.keep b/tmp/pids/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/pids/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/test/models/.keep b/test/models/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/models/.keep
diff --git a/test/models/autority_test.rb b/test/models/autority_test.rb
new file mode 100644
index 0000000..ed2c149
--- /dev/null
+++ b/test/models/autority_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class AutorityTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
new file mode 100644
index 0000000..5c07f49
--- /dev/null
+++ b/test/models/user_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class UserTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/test_helper.rb b/test/test_helper.rb
new file mode 100644
index 0000000..004f5a6
--- /dev/null
+++ b/test/test_helper.rb
@@ -0,0 +1,8 @@
+ENV["RAILS_ENV"] ||= "test"
+require_relative "../config/environment"
+require "rails/test_help"
+
+class ActiveSupport::TestCase
+ parallelize(workers: :number_of_processors)
+ fixtures :all
+end
diff --git a/tmp/.keep b/tmp/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/.keep
diff --git a/tmp/pids/.keep b/tmp/pids/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/pids/.keep
diff --git a/tmp/storage/.keep b/tmp/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/storage/.keep
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..31eeee0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,7 @@
+# See https://git-scm.com/docs/gitattributes for more about git attribute files.
+
+# Mark the database schema as having been generated.
+db/schema.rb linguist-generated
+
+# Mark any vendored files as having been vendored.
+vendor/* linguist-vendored
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..12439e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-*
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore pidfiles, but keep the directory.
+/tmp/pids/*
+!/tmp/pids/
+!/tmp/pids/.keep
+
+# Ignore uploaded files in development.
+/storage/*
+!/storage/.keep
+/tmp/storage/*
+!/tmp/storage/
+!/tmp/storage/.keep
+
+# Ignore master key for decrypting credentials and more.
+/config/master.key
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000..2eb2fe9
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.7.2
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..ea05a23
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ruby "2.7.2"
+
+gem "rails", "~> 7.0.2", ">= 7.0.2.3"
+gem "sqlite3", "~> 1.4"
+gem "puma", "~> 5.0"
+gem "rack-cors", :require => 'rack/cors'
+# gem "jbuilder"
+# gem "redis", "~> 4.0"
+# gem "kredis"
+# gem "bcrypt", "~> 3.1.7"
+gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
+gem "bootsnap", require: false
+# gem "image_processing", "~> 1.2"
+group :development, :test do
+ gem "debug", platforms: %i[ mri mingw x64_mingw ]
+end
+
+group :development do
+ # gem "spring"
+end
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..6090e83
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ actioncable (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ nio4r (~> 2.0)
+ websocket-driver (>= 0.6.1)
+ actionmailbox (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (>= 2.7.1)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
+ rails-dom-testing (~> 2.0)
+ actionpack (7.0.2.3)
+ actionview (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ rack (~> 2.0, >= 2.2.0)
+ rack-test (>= 0.6.3)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
+ actiontext (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.6.0)
+ nokogiri (>= 1.8.5)
+ actionview (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ builder (~> 3.1)
+ erubi (~> 1.4)
+ rails-dom-testing (~> 2.0)
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
+ activejob (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ globalid (>= 0.3.6)
+ activemodel (7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activerecord (7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ activestorage (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ marcel (~> 1.0)
+ mini_mime (>= 1.1.0)
+ activesupport (7.0.2.3)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ bootsnap (1.11.1)
+ msgpack (~> 1.2)
+ builder (3.2.4)
+ concurrent-ruby (1.1.10)
+ crass (1.0.6)
+ debug (1.5.0)
+ irb (>= 1.3.6)
+ reline (>= 0.2.7)
+ digest (3.1.0)
+ erubi (1.10.0)
+ globalid (1.0.0)
+ activesupport (>= 5.0)
+ i18n (1.10.0)
+ concurrent-ruby (~> 1.0)
+ io-console (0.5.11)
+ irb (1.4.1)
+ reline (>= 0.3.0)
+ loofah (2.16.0)
+ crass (~> 1.0.2)
+ nokogiri (>= 1.5.9)
+ mail (2.7.1)
+ mini_mime (>= 0.1.1)
+ marcel (1.0.2)
+ method_source (1.0.0)
+ mini_mime (1.1.2)
+ minitest (5.15.0)
+ msgpack (1.4.5)
+ net-imap (0.2.3)
+ digest
+ net-protocol
+ strscan
+ net-pop (0.1.1)
+ digest
+ net-protocol
+ timeout
+ net-protocol (0.1.3)
+ timeout
+ net-smtp (0.3.1)
+ digest
+ net-protocol
+ timeout
+ nio4r (2.5.8)
+ nokogiri (1.13.3-x86_64-linux)
+ racc (~> 1.4)
+ puma (5.6.4)
+ nio4r (~> 2.0)
+ racc (1.6.0)
+ rack (2.2.3)
+ rack-cors (1.1.1)
+ rack (>= 2.0.0)
+ rack-test (1.1.0)
+ rack (>= 1.0, < 3)
+ rails (7.0.2.3)
+ actioncable (= 7.0.2.3)
+ actionmailbox (= 7.0.2.3)
+ actionmailer (= 7.0.2.3)
+ actionpack (= 7.0.2.3)
+ actiontext (= 7.0.2.3)
+ actionview (= 7.0.2.3)
+ activejob (= 7.0.2.3)
+ activemodel (= 7.0.2.3)
+ activerecord (= 7.0.2.3)
+ activestorage (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ bundler (>= 1.15.0)
+ railties (= 7.0.2.3)
+ rails-dom-testing (2.0.3)
+ activesupport (>= 4.2.0)
+ nokogiri (>= 1.6)
+ rails-html-sanitizer (1.4.2)
+ loofah (~> 2.3)
+ railties (7.0.2.3)
+ actionpack (= 7.0.2.3)
+ activesupport (= 7.0.2.3)
+ method_source
+ rake (>= 12.2)
+ thor (~> 1.0)
+ zeitwerk (~> 2.5)
+ rake (13.0.6)
+ reline (0.3.1)
+ io-console (~> 0.5)
+ sqlite3 (1.4.2)
+ strscan (3.0.1)
+ thor (1.2.1)
+ timeout (0.2.0)
+ tzinfo (2.0.4)
+ concurrent-ruby (~> 1.0)
+ websocket-driver (0.7.5)
+ websocket-extensions (>= 0.1.0)
+ websocket-extensions (0.1.5)
+ zeitwerk (2.5.4)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ bootsnap
+ debug
+ puma (~> 5.0)
+ rack-cors
+ rails (~> 7.0.2, >= 7.0.2.3)
+ sqlite3 (~> 1.4)
+ tzinfo-data
+
+RUBY VERSION
+ ruby 2.7.2p137
+
+BUNDLED WITH
+ 2.2.5
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7db80e4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,24 @@
+# README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..d1baef0
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,3 @@
+require_relative "config/application"
+
+Rails.application.load_tasks
diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb
new file mode 100644
index 0000000..d672697
--- /dev/null
+++ b/app/channels/application_cable/channel.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Channel < ActionCable::Channel::Base
+ end
+end
diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
new file mode 100644
index 0000000..0ff5442
--- /dev/null
+++ b/app/channels/application_cable/connection.rb
@@ -0,0 +1,4 @@
+module ApplicationCable
+ class Connection < ActionCable::Connection::Base
+ end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
new file mode 100644
index 0000000..ac36b70
--- /dev/null
+++ b/app/controllers/api/users_controller.rb
@@ -0,0 +1,72 @@
+class Api::UsersController < ActionController::API
+ def renderError
+ render :json => { "success" => false }
+ end
+
+ def digParameter(name)
+ @data = params.dig(name)
+ renderError if !@data
+ return @data
+ end
+
+ def getUsername
+ return digParameter('username')
+ end
+
+ def getPasswordHash
+ return digParameter('passwordHash')
+ end
+
+ def getUser
+ return nil if !@username = getUsername
+ @user = User.where(["username = ?", params[:username]]).first
+ renderError if !@user
+ return @user
+ end
+
+ def isUserPasswordCorrect(user)
+ return if !@passwordHash = getPasswordHash
+ @correct = user.passwordHash == Digest::SHA256.hexdigest(@passwordHash + @user.secretSalt)
+ renderError if !@correct
+ return @correct
+ end
+
+ def generateUserToken(user)
+ @token = UserToken.new(user)
+ return @token.toString
+ end
+
+ def authenticate
+ return if !@user = getUser
+ return if !isUserPasswordCorrect(@user)
+ @result = { "success" => true, "token" => generateUserToken(@user) }
+ render :json => @result
+ end
+
+ def presalt
+ return if !@user = getUser
+ @result = { "success" => true, "presalt" => @user.publicSalt }
+ render :json => @result
+ end
+
+ def getToken
+ return digParameter('token')
+ end
+
+ def checkToken
+ return if !@token = getToken
+ @jwt = JWT.new(@token)
+ @data = @token[0..@token.rindex('.')-1]
+ p @data
+ p @jwt.signature
+ Authority.all.each do |authority|
+ if @jwt.data['iss'] == authority.name &&
+ @jwt.signature == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ authority.signature, @data).tr('=', '')
+ render :json => { 'success' => true, 'valid' => true }
+ return
+ end
+ end
+ render :json => { 'success' => true, 'valid' => false }
+ end
+end
diff --git a/app/controllers/concerns/.keep b/app/controllers/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/controllers/concerns/.keep
diff --git a/app/jobs/application_job.rb b/app/jobs/application_job.rb
new file mode 100644
index 0000000..a009ace
--- /dev/null
+++ b/app/jobs/application_job.rb
@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
new file mode 100644
index 0000000..3c34c81
--- /dev/null
+++ b/app/mailers/application_mailer.rb
@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+ default from: "from@example.com"
+ layout "mailer"
+end
diff --git a/app/models/application_record.rb b/app/models/application_record.rb
new file mode 100644
index 0000000..b63caeb
--- /dev/null
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+ primary_abstract_class
+end
diff --git a/app/models/authority.rb b/app/models/authority.rb
new file mode 100644
index 0000000..90a52b5
--- /dev/null
+++ b/app/models/authority.rb
@@ -0,0 +1,2 @@
+class Authority < ApplicationRecord
+end
diff --git a/app/models/concerns/.keep b/app/models/concerns/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/models/concerns/.keep
diff --git a/app/models/user.rb b/app/models/user.rb
new file mode 100644
index 0000000..379658a
--- /dev/null
+++ b/app/models/user.rb
@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end
diff --git a/app/views/layouts/mailer.html.erb b/app/views/layouts/mailer.html.erb
new file mode 100644
index 0000000..cbd34d2
--- /dev/null
+++ b/app/views/layouts/mailer.html.erb
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+ <%= yield %>
+
+
diff --git a/app/views/layouts/mailer.text.erb b/app/views/layouts/mailer.text.erb
new file mode 100644
index 0000000..37f0bdd
--- /dev/null
+++ b/app/views/layouts/mailer.text.erb
@@ -0,0 +1 @@
+<%= yield %>
diff --git a/bin/rails b/bin/rails
new file mode 100755
index 0000000..efc0377
--- /dev/null
+++ b/bin/rails
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path("../config/application", __dir__)
+require_relative "../config/boot"
+require "rails/commands"
diff --git a/bin/rake b/bin/rake
new file mode 100755
index 0000000..4fbf10b
--- /dev/null
+++ b/bin/rake
@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../config/boot"
+require "rake"
+Rake.application.run
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ec47b79
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path("..", __dir__)
+
+def system!(*args)
+ system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+ # This script is a way to set up or update your development environment automatically.
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+ # Add necessary setup steps to this file.
+
+ puts "== Installing dependencies =="
+ system! "gem install bundler --conservative"
+ system("bundle check") || system!("bundle install")
+
+ # puts "\n== Copying sample files =="
+ # unless File.exist?("config/database.yml")
+ # FileUtils.cp "config/database.yml.sample", "config/database.yml"
+ # end
+
+ puts "\n== Preparing database =="
+ system! "bin/rails db:prepare"
+
+ puts "\n== Removing old logs and tempfiles =="
+ system! "bin/rails log:clear tmp:clear"
+
+ puts "\n== Restarting application server =="
+ system! "bin/rails restart"
+end
diff --git a/config.ru b/config.ru
new file mode 100644
index 0000000..5c59c6f
--- /dev/null
+++ b/config.ru
@@ -0,0 +1,4 @@
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server
diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 0000000..5243f4a
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,14 @@
+require_relative "boot"
+require "rails/all"
+
+Bundler.require(*Rails.groups)
+
+module WebsiteBackend
+ class Application < Rails::Application
+ config.load_defaults 7.0
+ # config.time_zone = "Central Time (US & Canada)"
+ # config.eager_load_paths << Rails.root.join("extras")
+ config.api_only = true
+ config.autoload_paths << "#{Rails.root}/lib"
+ end
+end
diff --git a/config/boot.rb b/config/boot.rb
new file mode 100644
index 0000000..dd44191
--- /dev/null
+++ b/config/boot.rb
@@ -0,0 +1,4 @@
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+require "bundler/setup"
+require "bootsnap/setup"
\ No newline at end of file
diff --git a/config/cable.yml b/config/cable.yml
new file mode 100644
index 0000000..68a94ce
--- /dev/null
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+ adapter: async
+
+test:
+ adapter: test
+
+production:
+ adapter: redis
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+ channel_prefix: website_backend_production
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
new file mode 100644
index 0000000..145ff81
--- /dev/null
+++ b/config/credentials.yml.enc
@@ -0,0 +1 @@
+amvkLidWhIjst4LXj1FYVS0Mc5ExMpwJ9K8hjM+uzcZQS7cEOwKl4qzlMJrCjUDjozr8m4Fu5yk/b4aIWK8Fcex+MGiKVrQQTjhRBhMa8QKZALRvll5EqqpwYH7CMKp2gdftTYW3R0bqYTsjrx3cQZOawnrlZ2CHjwTPf/Bh2aWTJ7HiJ85+WxqR5Ruvx58qTEGbtb/SU89sfU1Nr055+IYNVx8oZU8Xt7K/RE4ztQargfRG3m4ocvbdDFhxPzCGwRO4fO+PivTyZVUmy6YnO7+cltwrmrii38GhlaYM+oExuhXPG3Vwpgcihr4HuP0+5WsAQpi1meervf+gF7jpbY0ry8emz0IiTjgX8ciDKqdocK8MTBVmV/IWheGe/Kjmu3kI1rFgYifEAg33B6vXKikxeRwyzCZounxh--HFs/irQ30nlBTrUW--S24D1htKeLCJpw8ElRIG5Q==
\ No newline at end of file
diff --git a/config/database.yml b/config/database.yml
new file mode 100644
index 0000000..c52c94d
--- /dev/null
+++ b/config/database.yml
@@ -0,0 +1,16 @@
+default: &default
+ adapter: sqlite3
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+ timeout: 5000
+
+development:
+ <<: *default
+ database: db/development.sqlite3
+
+test:
+ <<: *default
+ database: db/test.sqlite3
+
+production:
+ <<: *default
+ database: db/production.sqlite3
diff --git a/config/environment.rb b/config/environment.rb
new file mode 100644
index 0000000..73a3979
--- /dev/null
+++ b/config/environment.rb
@@ -0,0 +1,3 @@
+require_relative "application"
+
+Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
new file mode 100644
index 0000000..f5275d6
--- /dev/null
+++ b/config/environments/development.rb
@@ -0,0 +1,29 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ config.cache_classes = false
+ config.eager_load = false
+ config.consider_all_requests_local = true
+ config.server_timing = true
+
+ # Enable/disable caching. By default caching is disabled.
+ # Run rails dev:cache to toggle caching.
+ if Rails.root.join("tmp/caching-dev.txt").exist?
+ config.cache_store = :memory_store
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{2.days.to_i}"
+ }
+ else
+ config.action_controller.perform_caching = false
+
+ config.cache_store = :null_store
+ end
+ config.active_storage.service = :local
+ config.action_mailer.raise_delivery_errors = false
+ config.action_mailer.perform_caching = false
+ config.active_support.deprecation = :log
+ config.active_support.disallowed_deprecation = :raise
+ config.active_support.disallowed_deprecation_warnings = []
+ config.active_record.migration_error = :page_load
+ config.active_record.verbose_query_logs = true
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
new file mode 100644
index 0000000..e562ae0
--- /dev/null
+++ b/config/environments/production.rb
@@ -0,0 +1,86 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Code is not reloaded between requests.
+ config.cache_classes = true
+
+ # Eager load code on boot. This eager loads most of Rails and
+ # your application in memory, allowing both threaded web servers
+ # and those relying on copy on write to perform better.
+ # Rake tasks automatically ignore this option for performance.
+ config.eager_load = true
+
+ # Full error reports are disabled and caching is turned on.
+ config.consider_all_requests_local = false
+
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+ # config.require_master_key = true
+
+ # Disable serving static files from the `/public` folder by default since
+ # Apache or NGINX already handles this.
+ config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
+ # Specifies the header that your server uses for sending files.
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
+
+ # Store uploaded files on the local file system (see config/storage.yml for options).
+ config.active_storage.service = :local
+
+ # Mount Action Cable outside main process or domain.
+ # config.action_cable.mount_path = nil
+ # config.action_cable.url = "wss://example.com/cable"
+ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
+ config.log_level = :info
+
+ # Prepend all log lines with the following tags.
+ config.log_tags = [ :request_id ]
+
+ # Use a different cache store in production.
+ # config.cache_store = :mem_cache_store
+
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "website_backend_production"
+
+ config.action_mailer.perform_caching = false
+
+ # Ignore bad email addresses and do not raise email delivery errors.
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation cannot be found).
+ config.i18n.fallbacks = true
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
+
+ # Use default logging formatter so that PID and timestamp are not suppressed.
+ config.log_formatter = ::Logger::Formatter.new
+
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
+ logger = ActiveSupport::Logger.new(STDOUT)
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
+ # Do not dump schema after migrations.
+ config.active_record.dump_schema_after_migration = false
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
new file mode 100644
index 0000000..6ea4d1e
--- /dev/null
+++ b/config/environments/test.rb
@@ -0,0 +1,60 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
+Rails.application.configure do
+ # Settings specified here will take precedence over those in config/application.rb.
+
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
+ config.cache_classes = true
+
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV["CI"].present?
+
+ # Configure public file server for tests with Cache-Control for performance.
+ config.public_file_server.enabled = true
+ config.public_file_server.headers = {
+ "Cache-Control" => "public, max-age=#{1.hour.to_i}"
+ }
+
+ # Show full error reports and disable caching.
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+ config.cache_store = :null_store
+
+ # Raise exceptions instead of rendering exception templates.
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment.
+ config.action_controller.allow_forgery_protection = false
+
+ # Store uploaded files on the local file system in a temporary directory.
+ config.active_storage.service = :test
+
+ config.action_mailer.perform_caching = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Print deprecation notices to the stderr.
+ config.active_support.deprecation = :stderr
+
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
+end
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 0000000..fb3a22c
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,6 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+ allow do
+ origins 'localhost'
+ resource '*', headers: :any, methods: [:post]
+ end
+end
\ No newline at end of file
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb
new file mode 100644
index 0000000..adc6568
--- /dev/null
+++ b/config/initializers/filter_parameter_logging.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 0000000..3860f65
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.plural /^(ox)$/i, "\\1en"
+# inflect.singular /^(ox)en/i, "\\1"
+# inflect.irregular "person", "people"
+# inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+# inflect.acronym "RESTful"
+# end
diff --git a/config/locales/en.yml b/config/locales/en.yml
new file mode 100644
index 0000000..8ca56fc
--- /dev/null
+++ b/config/locales/en.yml
@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+# I18n.t "hello"
+#
+# In views, this is aliased to just `t`:
+#
+# <%= t("hello") %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+# I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+# "true": "foo"
+#
+# To learn more, please read the Rails Internationalization guide
+# available at https://guides.rubyonrails.org/i18n.html.
+
+en:
+ hello: "Hello world"
diff --git a/config/puma.rb b/config/puma.rb
new file mode 100644
index 0000000..87d925f
--- /dev/null
+++ b/config/puma.rb
@@ -0,0 +1,15 @@
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+
+port ENV.fetch("PORT") { 3000 }
+
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+# preload_app!
+plugin :tmp_restart
diff --git a/config/routes.rb b/config/routes.rb
new file mode 100644
index 0000000..3fea316
--- /dev/null
+++ b/config/routes.rb
@@ -0,0 +1,6 @@
+Rails.application.routes.draw do
+ @root = 'api/'
+ post @root+'users/authenticate'
+ post @root+'users/presalt'
+ post @root+'users/checkToken'
+end
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000..4942ab6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+ service: Disk
+ root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+ service: Disk
+ root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+# service: S3
+# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+# region: us-east-1
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+# service: GCS
+# project: your_project
+# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+# bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+# service: AzureStorage
+# storage_account_name: your_account_name
+# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+# container: your_container_name-<%= Rails.env %>
+
+# mirror:
+# service: Mirror
+# primary: local
+# mirrors: [ amazon, google, microsoft ]
diff --git a/db/migrate/20220403081640_create_users.rb b/db/migrate/20220403081640_create_users.rb
new file mode 100644
index 0000000..babbc0b
--- /dev/null
+++ b/db/migrate/20220403081640_create_users.rb
@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration[7.0]
+ def change
+ create_table :users do |t|
+ t.string :uuid
+ t.string :username
+ t.string :publicSalt
+ t.string :secretSalt
+ t.string :passwordHash
+ end
+ end
+end
diff --git a/db/migrate/20220403124644_create_authorities.rb b/db/migrate/20220403124644_create_authorities.rb
new file mode 100644
index 0000000..9f20e15
--- /dev/null
+++ b/db/migrate/20220403124644_create_authorities.rb
@@ -0,0 +1,8 @@
+class CreateAuthorities < ActiveRecord::Migration[7.0]
+ def change
+ create_table :authorities do |t|
+ t.string :name
+ t.string :signature
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
new file mode 100644
index 0000000..b4ff532
--- /dev/null
+++ b/db/schema.rb
@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[7.0].define(version: 2022_04_03_124644) do
+ create_table "authorities", force: :cascade do |t|
+ t.string "name"
+ t.string "signature"
+ end
+
+ create_table "users", force: :cascade do |t|
+ t.string "uuid"
+ t.string "username"
+ t.string "publicSalt"
+ t.string "secretSalt"
+ t.string "passwordHash"
+ end
+
+end
diff --git a/db/seeds.rb b/db/seeds.rb
new file mode 100644
index 0000000..a6f9a95
--- /dev/null
+++ b/db/seeds.rb
@@ -0,0 +1,18 @@
+def getHash(password, publicSalt, privateSalt)
+ return Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(password + publicSalt) + privateSalt)
+end
+
+def createUser(username, password)
+ @publicSalt = SecureRandom.hex(64)
+ @secretSalt = SecureRandom.hex(64)
+ User.create(uuid: SecureRandom.uuid,
+ username: username,
+ publicSalt: @publicSalt,
+ secretSalt: @secretSalt,
+ passwordHash: getHash(password, @publicSalt, @secretSalt))
+end
+
+createUser('admin', 'changeme')
+createUser('lukas', 'test')
+Authority.create(name:`hostname`.tr("\n", ''), signature: Rails.application.credentials.secret_key_base)
+Authority.create(name: 'thirdParty', signature: 'thirdPartyKKey')
diff --git a/lib/JWT.rb b/lib/JWT.rb
new file mode 100644
index 0000000..86b41ef
--- /dev/null
+++ b/lib/JWT.rb
@@ -0,0 +1,31 @@
+class JWT
+ attr_reader :data, :signature
+
+ def initialize(data)
+ if data.class == String
+ @parts = data.split('.')
+ @header = JSON.parse Base64.urlsafe_decode64(@parts[0])
+ @data = JSON.parse Base64.urlsafe_decode64(@parts[1])
+ @signature = @parts[2]
+ p @signature
+ else
+ @header = defaultHeader
+ @data = data
+ end
+ end
+
+ def defaultHeader
+ return {
+ 'alg' => 'HS256',
+ 'typ' => 'jwt'
+ }
+ end
+
+ def toString
+ @string = Base64.urlsafe_encode64(@header.to_json).tr('=', '') + '.' +
+ Base64.urlsafe_encode64(@data.to_json) .tr('=', '')
+ @string = @string + '.' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
+ Rails.application.credentials.secret_key_base, @string).tr('=', '')
+ return @string
+ end
+end
\ No newline at end of file
diff --git a/lib/UserToken.rb b/lib/UserToken.rb
new file mode 100644
index 0000000..0acb021
--- /dev/null
+++ b/lib/UserToken.rb
@@ -0,0 +1,10 @@
+class UserToken < JWT
+ def initialize(user)
+ super({
+ 'iss': `hostname`.tr("\n", ''),
+ 'dat': Time.now.getutc,
+ 'typ': 'usr',
+ 'usr': user.username}
+ )
+ end
+end
\ No newline at end of file
diff --git a/lib/tasks/.keep b/lib/tasks/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/tasks/.keep
diff --git a/log/.keep b/log/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/log/.keep
diff --git a/public/robots.txt b/public/robots.txt
new file mode 100644
index 0000000..c19f78a
--- /dev/null
+++ b/public/robots.txt
@@ -0,0 +1 @@
+# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
diff --git a/storage/.keep b/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/storage/.keep
diff --git a/test/channels/application_cable/connection_test.rb b/test/channels/application_cable/connection_test.rb
new file mode 100644
index 0000000..800405f
--- /dev/null
+++ b/test/channels/application_cable/connection_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class ApplicationCable::ConnectionTest < ActionCable::Connection::TestCase
+ # test "connects with cookies" do
+ # cookies.signed[:user_id] = 42
+ #
+ # connect
+ #
+ # assert_equal connection.user_id, "42"
+ # end
+end
diff --git a/test/controllers/.keep b/test/controllers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/controllers/.keep
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 0000000..1e7cf7b
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,13 @@
+require "test_helper"
+
+class UsersControllerTest < ActionDispatch::IntegrationTest
+ test "should get authenticate" do
+ get users_authenticate_url
+ assert_response :success
+ end
+
+ test "should get presalt" do
+ get users_presalt_url
+ assert_response :success
+ end
+end
diff --git a/test/fixtures/autorities.yml b/test/fixtures/autorities.yml
new file mode 100644
index 0000000..4d3ba82
--- /dev/null
+++ b/test/fixtures/autorities.yml
@@ -0,0 +1,9 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ name: MyString
+ signature: MyString
+
+two:
+ name: MyString
+ signature: MyString
diff --git a/test/fixtures/files/.keep b/test/fixtures/files/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/fixtures/files/.keep
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
new file mode 100644
index 0000000..7793bdb
--- /dev/null
+++ b/test/fixtures/users.yml
@@ -0,0 +1,15 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
+
+two:
+ uuid: MyString
+ username: MyString
+ publicSalt: MyString
+ secretSalt: MyString
+ passwordHash: MyString
diff --git a/test/integration/.keep b/test/integration/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/integration/.keep
diff --git a/test/mailers/.keep b/test/mailers/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/mailers/.keep
diff --git a/test/models/.keep b/test/models/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/models/.keep
diff --git a/test/models/autority_test.rb b/test/models/autority_test.rb
new file mode 100644
index 0000000..ed2c149
--- /dev/null
+++ b/test/models/autority_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class AutorityTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
new file mode 100644
index 0000000..5c07f49
--- /dev/null
+++ b/test/models/user_test.rb
@@ -0,0 +1,7 @@
+require "test_helper"
+
+class UserTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/test_helper.rb b/test/test_helper.rb
new file mode 100644
index 0000000..004f5a6
--- /dev/null
+++ b/test/test_helper.rb
@@ -0,0 +1,8 @@
+ENV["RAILS_ENV"] ||= "test"
+require_relative "../config/environment"
+require "rails/test_help"
+
+class ActiveSupport::TestCase
+ parallelize(workers: :number_of_processors)
+ fixtures :all
+end
diff --git a/tmp/.keep b/tmp/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/.keep
diff --git a/tmp/pids/.keep b/tmp/pids/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/pids/.keep
diff --git a/tmp/storage/.keep b/tmp/storage/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tmp/storage/.keep
diff --git a/vendor/.keep b/vendor/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/vendor/.keep