pgfqe6ch8/app/api/mobile/api.rb

#coding=utf-8
# status值
# 0：成功；-1：500错误；403：无权限；404：页面不存在

module Mobile
  # require_relative 'middleware/error_handler'
  # require_relative 'apis/auth'
  # require_relative 'apis/users'
  # require_relative 'apis/courses'
  # require_relative 'apis/watches'
  # require_relative 'apis/upgrade'
  # require_relative 'apis/homeworks'
  # require_relative 'apis/comments'
  # require_relative 'apis/issues'
  # require_relative 'apis/activities'
  # require_relative 'apis/whomeworks'
  # require_relative 'apis/newss'
  # require_relative 'apis/journal_for_messages'
  # require_relative 'apis/messages'
  # require_relative 'apis/blog_comments'
  # require_relative 'apis/new_comment'
  # require_relative 'apis/praise'
  # require_relative 'apis/resources'
  # require_relative 'apis/syllabuses'
  # require_relative 'apis/projects'
  # require_relative 'apis/games'
  # require_relative 'apis/shixuns'
  # require_relative 'apis/discusses'
  # require_relative 'apis/memos'
  # require_relative 'apis/sources'
  # require_relative 'apis/careers'

  class API < Grape::API
    version 'v1', using: :path
    format :json
    content_type :json, "application/json;charset=UTF-8"
    #use ActionDispatch::Session::CookieStore,  :expire_after => 8.hours, :key => '_educoder_session', :domain => :all

    require 'digest'
    use Mobile::Middleware::ErrorHandler

    helpers do
      def logger
        Rails.logger
      end

      def authenticate!
        error!('401 Unauthorized', 401) unless current_user
      end

      def private_auth
        Rails.logger.info("#########{params[:private_token]}")
        error!('401 Unauthorized', 401) if params[:private_token] != "hriEn3UwXfJs3PmyXnSG"
      end

      def cnmooc_access_key!
        ## 签名
        accessKeyId = 'LTAISM4HFWpQHh3g'.freeze
        accessKeySecret = '9NMU8ushmFu8SN1EKHOhvo9jmv1qp0'.freeze
        str = []
        params.each do |key, value|
          if key != "sign"
            str << "#{key}=#{value}"
          end
        end
        sign_str = "#{str.join("&")}&sk=#{accessKeySecret}"
        Rails.logger.info("#####sign_str: #{sign_str}")
        sign = Digest::MD5.hexdigest("#{sign_str}").upcase
        Rails.logger.info("#####sign: #{sign}")
        Rails.logger.info("#####params[:sign]: #{params[:sign]}")

        if params[:sign] != sign
          error!('401 Unauthorized', 401)
        end
      end

      # 有一些接口没登录也能查看数据
      def career_authenticate!
        pass = request.path.include?("introduction") || request.path.include?("get_published_careers")|| request.path.include?("get_current_user")
        unless pass
          error!('401 Unauthorized', 401) unless current_user
        end
      end

      def memo_authenticate!
        Rails.logger.info("#######current_user: ###{current_user}")
        Rails.logger.info("#######session: ###{session[:user_id]}")

        pass = (request.path.match(/memos\/\d+/).present? && !request.path.include?("reply")) ||
            request.path.include?("get_memos_list") ||
            request.path.include?("memos?page=") || request.path.match(/memos$/).present?

        unless pass
          error!('401 Unauthorized', 401) unless current_user
        end

      end

      def discusses_authenticate!
        Rails.logger.info("#######current_user: ###{current_user}")
        Rails.logger.info("#######session: ###{session[:user_id]}")
        pass = request.path.match(/discusses$/).present? || request.path.include?("discusses?page=")
        unless pass
          error!('401 Unauthorized', 401) unless current_user
        end
      end


      # def manager_of_game
      #   myshixun_id = Game.where(:identifier => params[:identifier]).pluck(:myshixun_id).first
      #   myshixun = Myshixun.find(myshixun_id)
      #   unless (current_user.admin? || myshixun.user_id == current_user.id)
      #     return {}
      #   end
      # end
      #
      def session
        env['rack.session']
      end

      def current_user
        openid = session[:wechat_openid]
        if openid
          uw = UserWechat.find_by_openid(openid)
          return uw.user if uw
        end

        # third_party_user_id = session[:third_party_user_id]
        # Rails.logger.info("#########third_party_user_id: #{third_party_user_id}")
        # if third_party_user_id
        #   c_user = UserSource.find_by_id(session[:third_party_user_id])
        #   return c_user.user if c_user
        # end

        token = ApiKey.where(access_token: params[:token]).first
        if token && !token.expired?
          return User.find(token.user_id)
        end

        #
        Rails.logger.info("########### host is #{request.host}")
        if (Rails.env.development? && session[:user_id].blank?) ||
            params[:action] == "privateGit"
          session[:user_id] = 12 #116
        end


        Rails.logger.info("####### session user_id is #{session[:user_id]}")
        if session[:user_id]
          user = (User.active.find(session[:user_id]) rescue nil)
        else
          autologin_cookie = Redmine::Configuration['autologin_cookie_name'].presence || 'autologin'
          if cookies[autologin_cookie] && Setting.autologin?
            user = User.try_to_autologin(cookies[autologin_cookie])
            if user
              # reset_session
              # start_user_session(user)
              session[:user_id] = user.id
              session[:ctime] = Time.now.utc.to_i
              session[:atime] = Time.now.utc.to_i
            end
            user
          end
        end
        return user if user
        nil
      end

      def paginate(objs)
        page     = params[:page].to_i <= 0 ? 1 : params[:page].to_i
        per_page = params[:per_page].to_i > 0 ? params[:per_page].to_i : 20

        Kaminari.paginate_array(objs).page(page).per(per_page)
      end

      def render_ok(data = {})
        { status: 0, message: 'success' }.merge(data)
      end

      def render_error(message)
        { status: -1, message: message }
      end
    end

    mount Apis::Auth
    mount Apis::Users
    mount Apis::Courses
    mount Apis::Watches
    mount Apis::Upgrade
    mount Apis::Homeworks
    mount Apis::Comments
    mount Apis::Issues
    mount Apis::Activities
    mount Apis::Whomeworks
    mount Apis::Newss
    mount Apis::JournalForMessages
    mount Apis::Messages
    mount Apis::BlogComments
    mount Apis::NewComment
    mount Apis::Praise
    mount Apis::Resources
    mount Apis::Syllabuses
    mount Apis::Projects
    mount Apis::Games
    mount Apis::Shixuns
    mount Apis::Discusses
    mount Apis::Memos
    mount Apis::Sources
    mount Apis::Careers
    mount Apis::Assets
    mount Apis::Ecloud
    mount Apis::Cnmooc

    mount Apis::ProjectPackages
    mount Apis::ProjectPackageCategories

    # add_swagger_documentation ({host: 'educoder.0bug.info', api_version: 'v1', base_path: '/api'})  if Rails.env.development?
    add_swagger_documentation ({api_version: 'v1', base_path: '/api'})  if Rails.env.development?

  end
end