pgfqe6ch8/app/controllers/account_controller.rb

#coding=utf-8
# Redmine - project management software
# Copyright (C) 2006-2013  Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

class AccountController < ApplicationController
  helper :custom_fields
  include CustomFieldsHelper

  # prevents login action to be filtered by check_if_login_required application scope filter
  skip_before_filter :check_if_login_required
  skip_before_filter :check_authentication, :only => [:login, :logout, :user_join, :avatar, :authentication, :professional_certification, :security_settings, :change_psd, :user_info]
  before_filter :auth_login1, :only => [:avatar, :authentication, :professional_certification, :security_settings, :change_psd, :reset_psd, :user_info]
  skip_before_filter :verify_authenticity_token, :only =>[:codepedia_login, :login, :register]
  before_filter :require_login, only: [:avatar, :authentication, :professional_certification, :security_settings, :change_psd, :user_info, :user_auth, :apply_auth, :apply_pro_certification, :check_student_id,
                                        :bind_email, :change_or_bind]
  include ApplicationHelper
  include AccountHelper
  # Login request and validation
  CODES = %W(1 2 3 4 5 6 7 8 9 A B C D E F G H J K L N M O P Q R S T U V W X Y Z)

  def login
    Rails.logger.info("login: request type is #{request.method}")
    if params[:type] == "activated"
      @message = l(:notice_account_activated)
    elsif params[:type] == "expired"
      @message = l(:notice_account_expired)
    end
    @name = params[:name]
    @c_name = params[:c_name]

    login = User.current.login
    login_error = false
    # login 匹配不到字母，或者 含有特殊字符 则login不规范
    if (login =~ /(^(?=.*?[a-zA-Z]).*$)/).nil? || !(login =~ /[@#\$%\^&\*]+/).nil?
      login_error = true
    end

    if request.get?
      @login = params[:login] || true
      if User.current.logged?
        # 判断用户基本资料是否完善，不完善讲强制完善基本资料，完善进入主页
        user = UserExtensions.where(:user_id => User.current.id).first
        Rails.logger.info("#######################login_error: ##{login_error}")
        if User.current.lastname.blank? || user.school_id.blank? || user.identity.blank? || login_error
          redirect_to user_info_path()
        else
          redirect_back_or_default user_path(User.current), :referer => true
        end
      else
        render :layout => 'login'
      end
    else
      # ajax请求类型
      # REDO：测试的时候注意是否
      if request.xhr?
        login = params[:username].strip
        password = params[:password]
        # 验证用户名密码是否正确
        @user, last_login_on = User.try_to_login(login, password)
        if @user.present?
          Rails.logger.info("successful_authentication, user is #{@user.try(:login)}")
          # 登录重置session；重新开启session有效时间等
          self.logged_user = @user
          # generate a key and set cookie if autologin
          if params[:autologin] && Setting.autologin?
            set_autologin_cookie(@user)
          end
          # 记录用户登录行为
          UserActions.create(:action_id => @user.id, :action_type => "Login", :user_id => @user.id)
        end
        respond_to do |format|
          format.js
        end
      else
        authenticate_user
      end
    end
  end

  def codepedia_login
    logger.info("codepedia_login#########################################")
    logger.info("#{params}")
    user, last_login_on = User.try_to_login(params[:username], params[:password])
    logger.info(user)
    if user.blank?
      render :json => { status: 0 }
    else
      render :json => { status: 1, user: user}
    end
  end

  def user_join
    if params[:type] == "activated"
      @message = l(:notice_account_activated)
    elsif params[:type] == "expired"
      @message = l(:notice_account_expired)
    end

    if request.get?
      @login = params[:login] || true
      @name = params[:name]
      if User.current.logged?
        # 判断用户基本资料是否完善，不完善讲强制完善基本资料，完善进入主页
        user = UserExtensions.where(:user_id => User.current.id).first
        if user.gender.nil? || user.school_id.nil? || User.current.lastname.nil?
          redirect_to my_account_path(:tip => 1)
        elsif user.identity == 3 && user.school_id.nil?
          redirect_to my_account_path(:tip => 1)
        else
          redirect_to user_path(User.current)
        end
      else
        render :layout =>'login'
      end
    else
      authenticate_user
    end
  end

  def help
    @index  = params[:index].to_i == 0 ? 1 : params[:index].to_i
    if @index == 6 && !User.current.logged?
      redirect_to signin_path
      return
    end
    code = CODES.sample(8).join
    @resubmit = "#{code}"
    @agreement = Help.first
    @cooperation = Cooperation.all

    @com_coop_img = CooImg.where(:img_type => 'com_coop').order("position asc")
    @edu_coop_img = CooImg.where(:img_type => 'edu_coop').order("position asc")
    render :layout => 'base_edu'

  end

  def update_help
    @edu_coop = "edu_coop"
    @com_coop = "com_coop"
  end

  def update_agreement
    if User.current.admin?
      help = Help.first
      unless params[:tabs]
        if help.present?
          case params[:tab].to_i
            when 1
              help.update_attribute(:agreement, params[:description])
              redirect_to help_path(:index => 4)
            when 2
              help.update_attribute(:about_us, params[:description])
              redirect_to help_path()
            when 3
              help.update_attribute(:help_center, params[:description])
              redirect_to help_path(:index => 5)

          end
        else
          case params[:tab].to_i
            when  1
              Help.create(:agreement => params[:description])
              redirect_to help_path(:index => 4)
            when 2
              Help.create(:about_us => params[:description])
              redirect_to help_path()
            when 3
              Help.create(:help_center => params[:description])
              redirect_to help_path(:index => 5)
          end
        end
      else
        unless help.present?
          Help.create(:status =>params[:status])
          redirect_to help_path(:index => 2)

        else
          help.update_attribute(:status,params[:status])
          redirect_to help_path(:index => 2)
        end
      end
    else
      redirect_to help_path()
    end
  end

  def update_contact_us
    if Cooperation.where(:user_type => params[:user_type]).present?
      Cooperation.where(:user_type => params[:user_type]).first.update_attributes(:name => params[:name],:qq => params[:qq],:mail =>params[:mail])
    else
      Cooperation.create(:user_type => params[:user_type],:name =>params[:name],:qq =>params[:qq],:mail =>params[:mail])
    end
    redirect_to help_path(:index => 2)
  end

  def insert_suggest
    content = "<p>[#{params[:question_kind]}]</p>" + params[:description]
    PrivateMessage.create(:user_id => User.current.id, :target_id => 1, :sender_id => User.current.id, :receiver_id => 1, :content => content, :send_time => Time.now, :status => 1)
    PrivateMessage.create(:user_id => 1, :target_id => User.current.id, :sender_id => User.current.id, :receiver_id => 1, :content => content, :send_time => Time.now, :status => 0)
    redirect_to message_detail_user_path(User.current, :user_id => 1)
  end

  # 合作伙伴
  def cooperative_partner
    render :layout =>'base_edu'
  end

  def update_cooperative_part
    diskfile1 = disk_filename(params[:sourse_type], params[:source_id])
    diskfile2 = disk_coo_filename(params[:sourse_type], params[:source_id])

    diskfile = diskfile1 + 'temp'
    begin
      FileUtils.mv diskfile, diskfile1, force: true if File.exist? diskfile
    ensure
      File.delete(diskfile) if File.exist?(diskfile)
    end
    if File.exist?(diskfile1)
      pos = CooImg.order("position asc").last.position
      CooImg.create(:src_states =>params[:img_url] ,:url_states => diskfile2,:img_type =>params[:sourse_type], :position => pos)
    end
    redirect_to help_path(:index => 3)
  end

  # 改变广告位置
  # params： id: 广告的id， position：广告的新位置, type：图片类型
  def change_coop_position
    logger.info("##############{params[:position]}")
    position = params[:position].to_i
    type = params[:type]
    img = CooImg.find params[:id]
    coop_imgs = CooImg.where("img_type = ? and position > ?" , type, params[:position].to_i)
    coop_imgs.map{|img| img.increment!(:position)}
    img.update_attribute(:position, position + 1)
    render :json => {status: 1}
  end

  def delete_coop
    # @coo_img = CooImg.find_by_id(params[:id])
    # @coo_img.destroy
    # render_404 if @coo_img.nil?
    # redirect_to help_path(:index => 3)
    # rescue ActiveRecord::RecordNotFound
    # render_404
    @coo_img = CooImg.find_by_id(params[:id])
    @sourse = @coo_img.url_states
    diskfile =  File.join(Rails.root, "public")
    diskfile1 = diskfile + @sourse
    unless diskfile1.nil? || diskfile1 == ""
      path = File.dirname(diskfile1)
      if File.directory?(path)
        File.delete(diskfile1)
        @coo_img.destroy
      end
    end

    redirect_to help_path(:index => 3)
  rescue  Exception => e
    logger.info e.message
    respond_to do |format|
      format.js
      format.api {
        if saved
          render :action => 'upload', :status => :created
        else
          render_validation_errors(@avatar)
        end
      }
    end

  end

  # Log out current user and redirect to welcome page
  def logout
    if User.current.anonymous?
      redirect_to home_path
    else
      UserActions.create(:action_id => User.current.id, :action_type => "Logout", :user_id => User.current.id)
      logout_user
      # 记录用户登出行为
      redirect_to home_path
    end
    # display the logout form
  end

  def heartbeat
    render :json => session[:user_id]
  end

  # Lets user choose a new password
  def lost_password
    (redirect_to(signin_path); return) unless Setting.lost_password?
    if params[:token]
      @token = Token.find_token("recovery", params[:token].to_s)
      if @token.nil? || @token.expired?
        redirect_to signin_path
        return
      end
      @user = @token.user
      unless @user && @user.active?
        redirect_to signin_path
        return
      end
      if request.post?
        @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
        if @user.save
          @token.destroy
          flash[:notice] = l(:notice_account_password_updated)
          redirect_to signin_url
          return
        end
      end
      render  :template => "account/password_recovery"
      return
    else
      if request.post?
        user = User.find_by_mail(params[:mail].to_s)
        # user not found or not active
        unless user && user.active?
          flash.now[:error] = l(:notice_account_unknown_email)
          render :layout => 'static_base'
          return
        end
        # user cannot change its password
        unless user.change_password_allowed?
          flash.now[:error] = l(:notice_can_t_change_password)
          return
        end
        # create a new token for password recovery
        token = Token.new(:user => user, :action => "recovery")
        if token.save
            Mailer.run.lost_password(token)
            flash[:notice] = l(:notice_account_lost_email_sent)
            redirect_to  lost_password_path
          return                      
        end
      end
      render :layout => 'login'
    end
  end

  # User self-registration
  def register
    (redirect_to(signin_path); return) unless Setting.self_registration? || session[:auth_source_registration]
    if request.get?
      session[:auth_source_registration] = nil
      @user = User.new(:language => current_language.to_s)
    else
      user_params = params[:user] || {}
      if session[:auth_source_registration]
        @user.activate
        @user.login = session[:auth_source_registration][:login]
        @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
        if @user.save
          session[:auth_source_registration] = nil
          self.logged_user = @user
          flash[:notice] = l(:notice_account_activated)
          redirect_to my_account_path(:tip => 1)
        end
      else
        us = UsersService.new
        @user = us.register user_params.merge(:should_confirmation_password => false)
=begin
        case Setting.self_registration
        when '1'
          #register_by_email_activation(@user)
          unless @user.new_record?
            # if params[:user][:phone] =~ /^[a-zA-Z0-9]+([._\\]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
            #   redirect_to account_email_valid_path(:mail => @user.mail, :user_id => @user.id)
            # else
              self.logged_user = @user
              redirect_to user_info_path()
            # end
            # flash[:notice] = l(:notice_account_register_done)
            # render action: 'email_valid', locals: {:mail => @user.mail}
          end
        when '3'
          #register_automatically(@user)
          if !@user.new_record?
            self.logged_user = @user
            flash[:notice] = l(:notice_account_activated)
            redirect_to user_info_path()
          else
            redirect_to signin_path
          end
        else
          #register_manually_by_administrator(@user)
          unless @user.new_record?
            account_pending
          end
        end
=end
        if !@user.new_record?
          self.logged_user = @user
          flash[:notice] = l(:notice_account_activated)
          redirect_to user_info_path()
        else
          redirect_to signin_path
        end

        if params[:user][:phone] =~ /^[a-zA-Z0-9]+([._\\]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
          reward_grade(@user, @user.id, 'Mail', 500)
        elsif params[:user][:phone] =~ /^1\d{10}$/
          reward_grade(@user, @user.id, 'Phone', 500)
        end
      end
    end
  end

  # 注册完后绑定邮箱（可选）
  def bind_email
    @user = User.current
    if request.get?
      render :layout =>'login'
    else
      @user.update_attributes!(:mail => params[:mail])
      reward_grade(@user, @user.id, 'Mail', 500)
      redirect_to user_info_path()
    end
  end

  # 注册完/绑定邮箱 后完善资料
  def user_info
    @user = User.current

    #是否是Oschina过来的
    @is_ecoder_user = @user.ecoder_user_id.to_i>0

    #是否没设置过密码
    @is_set_password = @user.hashed_password.present?

    if request.get?

      # 如果是登录的请求进来，则需要判断登录名是否合法
      if (@user.login =~ /(^(?=.*?[a-zA-Z]).*$)/).nil? || !(@user.login =~ /[@#\$%\^&\*\.]+/).nil?
        @login_error = true
      end
      render :layout =>'login'
    else
      lg = @user.login
      @pref = @user.pref
      @se = @user.extensions

      # 已授权的用户修改单位名称，需要重新授权
      if @se.school_id != params[:occupation].to_i && @user.certification == 1
        @user.certification = 0
        apply_user = ApplyAction.where(:user_id => @user.id, :container_type => "TrialAuthorization")
        apply_user.update_all(:status => 2) unless apply_user.blank?
      end


      if @is_ecoder_user && !@is_set_password
        @user.password = params[:new_password]
        @user.password_confirmation = params[:new_password_confirmation]

        if @user.password.size<8
          @password_len_error = true
          render :user_info and return
        end

        if @user.password != @user.password_confirmation
          @password_match_error = true
          render :user_info and return
        end
      end

      @user.lastname = params[:lastname]
      @user.firstname = ""
      @user.show_realname = params[:hide_realname] ? 0 : 1
      @user.nickname = params[:hide_realname] ? params[:nickname] : params[:lastname]
      @user.pref.attributes = params[:pref]
      @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
      @user.mail = params[:mail] if params[:mail]
      Rails.logger.info("###############login: #{params[:login]}")
      if params[:login]
        if (params[:login] =~ /(^(?=.*?[a-zA-Z]).*$)/).present? && (params[:login] =~ /[@#\$%\^&\*\.]+/).nil?
          @user.login = params[:login]
          Gitlab.client.edit_user(@user.gid, :username => params[:login]) if @user.gid
        end
      end

      @se.school_id = params[:occupation]
      @se.department_id = params[:department_id]
      @se.gender = params[:sex]
      # @se.location = params[:province] if params[:province]
      # @se.location_city = params[:city] if params[:city]
      @se.identity = params[:identity].to_i if params[:identity]
      if @se.identity == 0
        @se.technical_title = params[:te_technical_title] if params[:te_technical_title]
        @se.student_id = nil
      elsif @se.identity == 1
        @se.student_id = params[:no] if params[:no]
        @se.technical_title = nil
      elsif @se.identity == 2
        @se.technical_title = params[:pro_technical_title] if params[:pro_technical_title]
        @se.student_id = nil
      end
      # @se.brief_introduction = params[:brief_introduction]

      if @user.save && @se.save

        reward_grade(@user, @user.id, 'Account', 500)

        if @user.certification != 1
          school_ids = School.where(:auto_users_trial => 1).map(&:id)
          # 授权单位中的只有学生身份才自动授权，且创建试用授权记录
          if !@se.school.nil? && school_ids.include?(@se.school_id) && @se.identity == 1
            @user.certification = 1
            @user.update_attributes(:certification => 1)
            apply_action = ApplyAction.where(:user_id => @user.id,  :container_type => "TrialAuthorization", :status => 0).first
            if apply_action.present?
              apply_action.update_attributes(:status => 1, :noticed => 1)
            else
              ApplyAction.create(:user_id => @user.id, :container_type => "TrialAuthorization", :ip_addr => request.remote_ip, :status => 1, :noticed => 1)
            end
          end
        end

        # 授权的教师加入示例课堂
        join_ex_course(@user) if @se.identity == 0 && @user.certification == 1

        @user.pref.save
        set_language_if_valid @user.language
        flash[:notice] = l(:notice_account_updated)
        first_update = Grade.where(:user_id => @user.id, :container_id => @user.id, :container_type => 'Account').first
        if @user.certification == 1 || (Time.now.to_i - first_update.created_at.to_i) < 86400
          if @user.certification != 1 && !@user.user_day_certifications.first.present? # 更新字段是为了在user页面弹框提示
            @user.update_attributes(:certification => 3)
            UserDayCertification.create(:user_id => @user.id, :status => 1)
          end
          redirect_to user_path(@user)
        else
          redirect_to my_account_url
        end
        return
      else
        @user.login = lg
        logger.info "save user: #{@user.errors}"
      end
    end
  end

  def check_email
    logger.info("###################################")
    user_count = User.where(:login => params[:login]).count
    status = user_count > 0 ? -1 : 0
    render :json => {status: status}
  end

  #should_confirmation_password是否验证密码
  def create_and_save_user login,password,email,password_confirmation,should_confirmation_password
    @user = User.new
    @user.admin = false
    @user.register
    @user.login = login
    @user.mail = email
    if should_confirmation_password && !password.blank? && !password_confirmation.blank?
      @user.password,@user.password_confirmation = password,password_confirmation
    elsif !should_confirmation_password &&  !password.blank?
      @user.password = password
    else
      @user.password = ""
    end
    case Setting.self_registration
      when '1'
        register_by_email_activation(@user)
      when '3'
        register_automatically(@user)
      else
        register_manually_by_administrator(@user)
    end
    if @user.id != nil
      ue = @user.user_extensions ||= UserExtensions.new
      ue.user_id = @user.id
      ue.save
    end
    @user
  end

  # Token based account activation
  def activate
    (redirect_to(signin_path); return) unless Setting.self_registration? && params[:token].present?
    token = Token.find_token('register', params[:token].to_s)
    type = l(:notice_account_expired) if (token && token.expired?)
    (redirect_to(signin_path(:type => "expired")); return) unless token and !token.expired?
    user = token.user
    (redirect_to(signin_path); return) unless user.registered?
    user.activate
    if user.save
      token.destroy
      flash[:notice] = l(:notice_account_activated)
    end
    redirect_to signin_url(:type => "activated")
  end

  def api_register login,password,email
    users_service = UsersService.new
    users_service.register({login: login, password: password, email: eamil})
  end

  def valid_ajax
    req = Hash.new(false)
    req[:message] = ''

    valid_attr = params[:valid]
    valid_value = params[:value]

    faker = User.new

    if valid_attr.eql?('')
      req[:valid] = User.where("phone = '#{params[:value]}' or mail = '#{params[:value]}' or login = '#{params[:value]}'").blank?
    end

    if valid_attr.eql?('login')
      faker.login = valid_value
      faker.valid?
      req[:valid] = faker.errors[:login].blank?
      req[:message] = faker.errors[:login]
    end

    if valid_attr.eql?('phone')
      faker.phone = valid_value
      faker.valid?
      req[:valid] = faker.errors[:phone].blank?
      req[:message] = ""
    end

    if valid_attr.eql?('mail')
      faker.mail = valid_value
      faker.valid?
      req[:valid] = faker.errors[:mail].blank?
      req[:message] = faker.errors[:mail]
    end

    req[:message] = l(:modal_valid_passing) if req[:message].blank?
    render :json => req
  end

  # 手机号或邮箱是否已注册
  def valid_register_user
    req = Hash.new(false)
    req[:message] = ''

    valid_attr = params[:valid]
    valid_value = params[:value]

    if valid_attr.eql?('phone')
      user = User.where(:phone => valid_value).first
      req[:valid] = !user.nil?
      req[:message] = user.nil? ? "该手机号未注册" : ""
    elsif valid_attr.eql?('mail')
      user = User.where(:mail => valid_value).first
      req[:valid] = !user.nil?
      req[:message] = user.nil? ? "该邮箱未注册" : ""
    end

    render :json => req
  end

  # 发送验证码：type 1：注册手机验证码 2：找回密码手机验证码 3：找回密码邮箱验证码 4：绑定手机 5：绑定邮箱 6：手机验证码登录 7：邮箱验证码登录 8：邮箱注册验证码
  # 验证码是否有效
  def valid_verification_code
    req = Hash.new(false)
    req[:valid] = false
    type = params[:type].to_i
    if Redmine::Configuration['gitlab_address'].include?("test") && params[:code] == "134790"
      req[:valid] = true
    else
      if type == 1 || type == 2 || type == 4 || type == 6 || params[:phone] =~ /^1\d{10}$/
        code = VerificationCode.where(:phone => params[:phone], :code => params[:code], :code_type => (params[:type].to_i != 1 && params[:type].to_i != 2 && params[:type].to_i != 4) ? 2 : params[:type].to_i ).last
      else
        code = VerificationCode.where(:email => params[:phone], :code => params[:code], :code_type => params[:type].to_i).last
      end
      req[:valid] = !code.nil? && (Time.now.to_i - code.created_at.to_i) <= 10*60
    end
    render :json => req
  end

  # 发送验证码：type 1：注册手机验证码 2：找回密码手机验证码 3：找回密码邮箱验证码 4：绑定手机 5：绑定邮箱 6：手机验证码登录 7：邮箱验证码登录 8：邮箱注册验证码
  def get_verification_code
    code = %W(0 1 2 3 4 5 6 7 8 9)
    type = params[:type].to_i
    req = Hash.new(false)
    req[:status] = 0
    req[:msg] = ''
    if type == 1
      if User.where(:phone => params[:value]).count > 0
        req[:status] = 2  #已注册
      else
        begin
          verification_code = code.sample(6).join
          status = Trustie::Sms.send(mobile: params[:value], code: verification_code)
          if status == 0
            VerificationCode.create(:phone => params[:value], :status => 1, :code_type => 1, :code => verification_code)
          end
          req[:msg] = code_msg status
        rescue => e
          Rails.logger.error "发送验证码出错: #{e}"
        end
        req[:status] = 1
      end
    elsif type == 8
      if User.where(:mail => params[:value]).count > 0
        req[:status] = 2  #已注册
      else
        begin
          verification_code = code.sample(6).join
          user = User.current
          token = Token.new(:user => user, :action => "bind")
          if token.save
            Mailer.run.email_register(token, verification_code, params[:value])
            VerificationCode.create(:email => params[:value], :status => 1, :code_type => 8, :code => verification_code)
          end
        rescue => e
          Rails.logger.error "发送验证码出错: #{e}"
        end
        req[:status] = 1
        req[:msg] = params[:value].split("@")[1]
      end
    elsif type == 2 || type == 3 || type == 6 || type == 7
      if params[:value] =~ /^[a-zA-Z0-9]+([._\\]*[a-zA-Z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
        if User.where(:mail => params[:value]).count == 0
          req[:status] = 2   #未注册
        else
          begin
            verification_code = code.sample(6).join
            user = User.where(:mail => params[:value]).first
            if type == 3
              token = Token.new(:user => user, :action => "recovery")
              if token.save
                Mailer.run.lost_password(token, verification_code)
                VerificationCode.create(:email => params[:value], :status => 1, :code_type => 3, :code => verification_code)
              end
            else
              token = Token.new(:user => user, :action => "login")
              if token.save
                Mailer.run.code_login(token, verification_code)
                VerificationCode.create(:email => params[:value], :status => 1, :code_type => 7, :code => verification_code)
              end
            end
          rescue => e
            Rails.logger.error "发送验证码出错: #{e}"
          end
          req[:status] = 3
          req[:link] = params[:value].split("@")[1]
        end
      elsif params[:value] =~ /^1\d{10}$/
        if User.where(:phone => params[:value]).count == 0
          req[:status] = 2
        else
          begin
            verification_code = code.sample(6).join
            status = Trustie::Sms.send(mobile: params[:value], code: verification_code)
            if status == 0
              VerificationCode.create(:phone => params[:value], :status => 1, :code_type => type, :code => verification_code)
            end
            req[:msg] = code_msg status
          rescue => e
            Rails.logger.error "发送验证码出错: #{e}"
          end
          req[:status] = 1
        end
      else
        req[:status] = 2
      end
    else
      if params[:value] =~ /^[a-zA-Z0-9]+([._\\]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
        if User.where(:mail => params[:value]).count > 0
          req[:status] = 2  #已绑定
          req[:msg] = '该邮箱已被绑定'
        else
          begin
            verification_code = code.sample(6).join
            user = User.current
            token = Token.new(:user => user, :action => "bind")
            if token.save
              Mailer.run.bind_email(token, verification_code, params[:value])
              VerificationCode.create(:email => params[:value], :status => 1, :code_type => 5, :code => verification_code)
            end
          rescue => e
            Rails.logger.error "发送验证码出错: #{e}"
          end
          req[:status] = 3
          req[:msg] = params[:value].split("@")[1]
        end
      elsif params[:value] =~ /^1\d{10}$/
        if User.where(:phone => params[:value]).count > 0
          req[:status] = 2
          req[:msg] = '该手机号已被绑定'
        else
          begin
            verification_code = code.sample(6).join
            status = Trustie::Sms.send(mobile: params[:value], code: verification_code)
            if status == 0
              VerificationCode.create(:phone => params[:value], :status => 1, :code_type => 4, :code => verification_code)
            end
            req[:msg] = code_msg status
          rescue => e
            Rails.logger.error "发送验证码出错: #{e}"
          end
          req[:status] = 1
        end
      else
        req[:status] = 2
      end

    end
    Rails.logger.info "#{req[:status]} - #{req[:msg]}"
    render :json => req
  end

  def avatar
    @user = params[:user_id].nil? ? User.current : User.find(params[:user_id])
    @setting_type = 2
    render :layout => 'login'
  end

  # 实名认证
  def authentication
    @user = User.current
    @apply_user_auth = ApplyUserAuthentication.where(:user_id => @user.id, :auth_type => 1).order("created_at asc").last
    @setting_type = 3
    render :layout => 'login'
  end

  # 职业认证
  def professional_certification
    @user = User.current
    @apply_user_auth = ApplyUserAuthentication.where(:user_id => @user.id, :auth_type => 2, :status => [0, 2]).order("created_at asc").last
    @setting_type = 4
    render :layout => 'login'
  end

  def apply_auth
    @user = User.current
    old_name = @user.lastname+@user.firstname
    @user.lastname = params[:lastname].strip
    @user.firstname = ""
    @user.ID_number = params[:ID_number].blank? ? nil : params[:ID_number]

    if @user.save
      @user.update_attributes(:authentication => 0)
      if params[:upload_img] && params[:upload_img].to_i == 1
        diskfile1 = disk_auth_filename('UserAuthentication', @user.id, 'ID')
        diskfileID = diskfile1 + 'temp'
        begin
          FileUtils.mv diskfileID, diskfile1, force: true if File.exist? diskfileID
        ensure
          File.delete(diskfileID) if File.exist?(diskfileID)
        end
      end
      # 提交认证
      if params[:save_or_submit] && params[:save_or_submit] == "1"
        if ApplyUserAuthentication.where(:user_id => @user.id, :status => 0, :auth_type => 1).count == 0
          ApplyUserAuthentication.create(:user_id => @user.id, :status => 0, :auth_type => 1)
          begin
            status = Trustie::Sms.send(mobile: '18173242757', send_type:'apply_auth' , name: '管理员')
          rescue => e
            Rails.logger.error "发送验证码出错: #{e}"
          end
        end
      end
      # 已授权的用户修改真实姓名，需要重新授权
      if @user.certification == 1 && old_name != params[:lastname]
        school_ids = School.where(:auto_users_trial => 1).map(&:id)
        if !(((@user.user_extensions.identity == 1 && @user.user_extensions.student_id.present?) || @user.user_extensions.identity == 0) && !@user.user_extensions.school.nil? && school_ids.include?(@user.user_extensions.school_id))
          @user.update_attributes(:certification => 0)
          apply_user = ApplyAction.where(:user_id => @user.id, :container_type => "TrialAuthorization")
          apply_user.update_all(:status => 2) unless apply_user.blank?
        end
      end
    end
    redirect_to my_account_path
  end

  def apply_pro_certification
    @user = User.current
    @se = @user.extensions
    # 已授权的用户修改单位名称，需要重新授权
    if @se.school_id != params[:occupation].to_i && @user.certification == 1
      @user.certification = 0
      apply_user = ApplyAction.where(:user_id => @user.id, :container_type => "TrialAuthorization")
      apply_user.update_all(:status => 2) unless apply_user.blank?
    end
    @se.school_id = params[:occupation]
    @se.department_id = params[:department_id]
    @se.identity = params[:identity].to_i if params[:identity]
    if @se.identity == 0
      @se.technical_title = params[:te_technical_title] if params[:te_technical_title]
      @se.student_id = nil
    elsif @se.identity == 1
      @se.student_id = params[:no] if params[:no]
      @se.technical_title = nil
    elsif @se.identity == 2
      @se.technical_title = params[:pro_technical_title] if params[:pro_technical_title]
      @se.student_id = nil
    end
    if @user.save && @se.save
      @user.update_attributes(:professional_certification => 0)
      if params[:upload_img] && params[:upload_img].to_i == 1
        diskfile2 = disk_auth_filename('UserAuthentication', @user.id, 'PRO')
        diskfilePRO = diskfile2 + 'temp'
        begin
          FileUtils.mv diskfilePRO, diskfile2, force: true if File.exist? diskfilePRO
        ensure
          File.delete(diskfilePRO) if File.exist?(diskfilePRO)
        end
      end

      # 提交认证
      if params[:save_or_submit] && params[:save_or_submit] == "1"
        if @se.identity == 1
          if ApplyUserAuthentication.where(:user_id => @user.id, :status => 0, :auth_type => 2).count == 0
            ApplyUserAuthentication.create(:user_id => @user.id, :status => 0, :auth_type => 2)
            begin
              status = Trustie::Sms.send(mobile: '18173242757', send_type:'apply_pro_certification' , name: '管理员')
            rescue => e
              Rails.logger.error "发送验证码出错: #{e}"
            end
          end
        else
          if File.exist?(diskfile2)
            ApplyUserAuthentication.create(:user_id => @user.id, :status => 0, :auth_type => 2)
            begin
              status = Trustie::Sms.send(mobile: '18173242757', send_type:'apply_pro_certification' , name: '管理员')
            rescue => e
              Rails.logger.error "发送验证码出错: #{e}"
            end
          end
        end
      end

      # 只对试用授权的用户处理，修改职业信息的时候，如果变成了教师，则判断用户是否已加入示例课堂，没有则将其加入
      if @se.identity == 0 && @user.certification == 1
        join_ex_course @user
      end
    end
    redirect_to my_account_path
  end

  # 修改资料时判断学号是否已使用
  def check_user_student_id
    data = {result:0, account:""}
    if params[:student_id] && params[:school_id]
      if UserExtensions.where("student_id = '#{params[:student_id]}' and school_id = #{params[:school_id]} and user_id != #{User.current.id}").count > 0
        user = User.where(:id => UserExtensions.where("student_id = '#{params[:student_id]}' and school_id = #{params[:school_id]} and user_id != #{User.current.id}").map(&:user_id)).first
        data[:account] = user.mail.blank? ? user.user_phone : user.user_mail
      else
        data[:result] = 1
      end
    end
    render :json => data
  end

  # 实名认证时判断学号是否已使用
  def check_student_id
    data = {result:0, account:""}
    if params[:student_id] && params[:school_id]
      auth_count = User.where(:id => UserExtensions.where(:student_id => params[:student_id], :school_id => params[:school_id]).map(&:user_id)).count
      # apply_count = ApplyUserAuthentication.where(:status => 0, :user_id => User.where(:id => UserExtensions.where(:student_id => params[:student_id], :school_id => params[:school_id]).map(&:user_id), :professional_certification => 0).map(&:id)).count
      if auth_count == 0
        data[:result] = 1
      else
        user = User.where(:id => UserExtensions.where(:student_id => params[:student_id], :school_id => params[:school_id]).map(&:user_id)).first
        if user != User.current
          data[:account] = user.mail.blank? ? user.user_phone : user.user_mail
        else
          data[:result] = 1
        end
      end
    end
    render :json => data
  end

  # 实名认证时判断证件号码是否已使用
  def check_id_number
    data = {result:0, account:""}
    if params[:id_number]
      id_number = [params[:id_number].downcase, params[:id_number].upcase]
      auth_count = User.where(:ID_number => id_number, :authentication => 1).count
      apply_count = ApplyUserAuthentication.where(:status => 0, :user_id => User.where(:ID_number => id_number, :authentication => 0).map(&:id)).count
      if auth_count == 0 && apply_count == 0
        data[:result] = 1
      else
        user = auth_count != 0 ? User.where(:ID_number => id_number, :authentication => 1).first : ApplyUserAuthentication.where(:status => 0, :user_id => User.where(:ID_number => id_number, :authentication => 0).map(&:id)).first.user
        if user != User.current
          data[:account] = user.mail.blank? ? user.user_phone : user.user_mail
        else
          data[:result] = 1
        end
      end
    end
    render :json => data
  end

  def cancel_pro_apply
    unless params[:auth_type] == "2" && User.current.professional_certification
      @apply_user_auth = ApplyUserAuthentication.where(:user_id => User.current.id, :auth_type => params[:auth_type], :status => 0).first
      if @apply_user_auth.present?
        @apply_user_auth.tidings.destroy_all
        @apply_user_auth.update_attribute('status', 3)
        diskfile2 = disk_auth_filename('UserAuthentication', User.current.id, params[:auth_type].to_i == 1 ? 'ID' : 'PRO')
        diskfilePRO = diskfile2 + 'temp'
        FileUtils.rm diskfilePRO, :force => true
        FileUtils.rm diskfile2, :force => true
      end
    end

    @user = User.current
    respond_to do |format|
      format.js
      format.html {
        if params[:auth_type] == "1"
          redirect_to authentication_account_path
        else
          redirect_to professional_certification_account_path
        end
      }
    end

  end

  def apply_trail
    apply_action = ApplyAction.where(:user_id => User.current.id, :container_type => "TrialAuthorization", :status => 0).first
    school_ids = School.where(:auto_users_trial => 1).map(&:id)
    user_ex = User.current.user_extensions
    if user_ex.identity == 1 && user_ex.student_id.present? && !user_ex.school.nil? && school_ids.include?(user_ex.school_id)
      User.current.update_attributes(:certification => 1)
      logger.warn("apply_trail #######{User.current.login} ****#{User.current.user_extensions.school_id}")
      @tip = "申请已提交，我们将在1分钟内完成审核"
      unless apply_action.present?
        ApplyAction.create(:user_id => User.current.id, :status => 1, :ip_addr => request.remote_ip, :container_type => "TrialAuthorization", :apply_reason => params[:apply_reason])
      else
        apply_action.update_attributes(:status => 1)
      end
      # begin
      #   if User.current.phone.present?
      #     status = Trustie::Sms.send(mobile:User.current.phone.to_s, send_type:'trial_authorization' ,user_name:User.current.show_name,result:'已通过')
      #   end
      # rescue => e
      #   Rails.logger.error "发送验证码出错: #{e}"
      # end
    elsif !User.current.user_extensions.school.nil?
      @tip = "申请已提交，我们将在5分钟内完成审核"
      unless apply_action.present?
        ApplyAction.create(:user_id => User.current.id, :status => 0, :ip_addr => request.remote_ip, :container_type => "TrialAuthorization", :apply_reason => params[:apply_reason])
        begin
          status = Trustie::Sms.send(mobile:18175896138, send_type:'user_apply_auth',name:'管理员' )
        rescue => e
          Rails.logger.error "发送验证码出错: #{e}"
        end
      end
    end
    if params[:from_user] && params[:from_user] == '1'
      @url = "#{user_path(User.current)}"
    else
      @url = "#{my_account_path}"
    end
    respond_to do |format|
      format.js
    end
  end

  def user_auth
    @user = User.current
    diskfile1 = disk_auth_filename('UserAuthentication', @user.id, 'ID')
    diskfile2 = disk_auth_filename('UserAuthentication', @user.id, 'PRO')
    diskfileID = diskfile1 + 'temp'
    diskfilePRO = diskfile2 + 'temp'
    begin
      FileUtils.mv diskfileID, diskfile1, force: true if File.exist? diskfileID
      FileUtils.mv diskfilePRO, diskfile2, force: true if File.exist? diskfilePRO
    ensure
      File.delete(diskfileID) if File.exist?(diskfileID)
      File.delete(diskfilePRO) if File.exist?(diskfilePRO)
    end
    if File.exist?(diskfile1) && File.exist?(diskfile2)
      ApplyUserAuthentication.create(:user_id => @user.id, :status => 0)
    end

    redirect_to authentication_account_path
  end

  def security_settings
    @user = User.current
    @setting_type = 5
    render :layout => 'login'
  end

  def change_psd
    @user = User.current
    @setting_type = 5
    render :layout => 'login'
  end

  # 修改密码时判断密码是否输入正确
  def valid_psd
    @user = User.current
    req = Hash.new(false)
    req[:valid] = false
    req[:valid] = @user.check_password?(params[:value])
    render :json => req
  end

  def change_or_bind
    @user = User.current
    @type = params[:type]
    @setting_type = 5
    render :layout => 'login'
  end

  def bind_email_or_phone
    @user = User.current
    begin
      ActiveRecord::Base.transaction do
        if params[:type] == "phone"
          @user.update_attributes!(:phone => params[:value])
          reward_grade(@user, @user.id, 'Phone', 500)
        else
          @user.update_attributes!(:mail => params[:value])
          Gitlab.client.edit_user_email(@user.gid, :email => @user.mail) if @user.gid
          reward_grade(@user, @user.id, 'Mail', 500)
        end
      end
    rescue
      raise ActiveRecord::Rollback
    end
    redirect_to my_account_path
  end

  def phone_bind
    if request.get?
      render :layout =>'login'
    else
      User.current.update_attributes!(:phone => params[:phone])
      reward_grade(User.current, User.current.id, 'Phone', 500)
      redirect_to user_path(User.current)
    end
  end

  def unbind_phone
    if User.current.mail.blank?
      User.current.update_attribute('phone', nil)
      User.current.lock!
      redirect_to signin_path
    else
      User.current.update_attribute('phone', nil)
      redirect_to my_account_path
    end
  end

  def unbind_mail
    if User.current.phone.blank?
      User.current.update_attribute('mail', nil)
      User.current.lock!
      redirect_to signin_path
    else
      User.current.update_attribute('mail', nil)
      redirect_to my_account_path
    end
  end

  def wechat_bind
    respond_to do |format|
      format.html { render :layout => "login_bigdata"}
    end
  end

  def reset_psd
    if params[:lost_psd_phone] && params[:lost_psd_phone].strip != ""
      @user = User.where("phone = '#{params[:lost_psd_phone].to_s}'").first
    elsif params[:lost_psd_email] && params[:lost_psd_email].strip != ""
      @user = User.where("mail = '#{params[:lost_psd_email].to_s}'").first
    end

    if @user.present?
      @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
      if @user.save
        Token.where(:user_id => @user, :action => "recovery").destroy_all
        respond_to do |format|
          format.js
        end
      else
        redirect_to signin_path
        return
      end
    else
      redirect_to signin_path
      return
    end
  end

  def email_valid
    begin
      @mail_type = params[:mail].split("@")[1]
      @user = User.find(params[:user_id])
    rescue
      return render_404
    end
    respond_to do |format|
      format.html { render :layout => "login_bigdata"}
      format.js
    end
  end

  def resendmail
    result = {:status=>1, :email=>""}
    user = User.find(params[:user]) if params[:user]
    result[:email] = user.mail
    token = Token.new(:user => user, :action => "register")
    if token.save
      # Mailer.run.register(token)
      Mailer.register(token).deliver
    else
      yield if block_given?
      result[:status] = 0
    end
    render :json => result
  end

  def change_email
    user = User.find params[:user_id].to_i
    user.update_attributes(:mail => params[:value])
    token = Token.create(:user => user, :action => "register")
    Mailer.run.register(token)
    result = {:email => user.mail, :email_link => user.mail.split("@")[1]}

    render :json => result
  end

  def email_activation

  end

  def gold_record
    @user = User.current
    # 用户签到情况
    attendance = Attendance.where(:user_id => @user).first
    @can_attendance = true
    @next_attachment_score = 5
    if attendance.present?
      if time_between_days(Time.now, attendance.created_at) == 0
        @can_attendance = false
      end
      @next_attachment_score = attendance.next_score
    end
    @type = params[:type] ? params[:type].to_i : 0
    @user_grades = @type == 0 ? @user.grades.reorder("created_at desc") : @type == 1 ? @user.grades.where("score > 0").reorder("created_at desc") : @type == 2 ?  @user.grades.where("score < 0").reorder("created_at desc") : []
    @user_grades = paginateHelper @user_grades, 8
    @setting_type = 7
    respond_to do |format|
      format.js
      format.html{render :layout => 'base_edu_user'}
    end
  end

  def experience_record
    @user = User.current
    # 用户评测情况
    @evaluate = Output.where(:game_id => @user.games.map(&:id)).reorder("created_at desc").first

    @user_experiences = @user.experiences.reorder("created_at desc")
    @user_experiences = paginateHelper @user_experiences, 8
    @setting_type = 8
    respond_to do |format|
      format.js
      format.html{render :layout => 'base_edu_account'}
    end
  end

  private

  def authenticate_user
    Rails.logger.info("authenticate_user start")
    if Setting.openid? && using_open_id?
      Rails.logger.info("authenticate_user start1")
      open_id_authenticate(params[:openid_url])
    elsif params[:code]
      Rails.logger.info("authenticate_user start2")
      code_authentication
    else
      Rails.logger.info("authenticate_user start3")
      password_authentication
    end
  end

  def password_authentication
    user, last_login_on = User.try_to_login(params[:username], params[:password])
    Rails.logger.info("password_authentication: params[:username] is #{params[:username]}, user is #{user}")

    if user.nil?
      Rails.logger.info("password_authentication: successful_authentication1")
      invalid_credentials
    elsif user.status == 2
      Rails.logger.info("password_authentication: successful_authentication2")
      @user = user
      invalid_credentials_new
    elsif user.new_record?
      Rails.logger.info("password_authentication: successful_authentication3")
      onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
    else
      # Valid user
      Rails.logger.info("password_authentication: successful_authentication4")
      successful_authentication(user, last_login_on)
    end
  end

  def code_authentication
    if params[:username] =~ /^[a-zA-Z0-9]+([._\\]*[a-zA-Z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
      code = VerificationCode.where(:email => params[:username], :code => params[:code], :code_type => 7).last
      user = User.where(:mail => params[:username]).first
    elsif params[:username] =~ /^1\d{10}$/
      code = VerificationCode.where(:phone => params[:username], :code => params[:code], :code_type => 6).last
      user = User.where(:phone => params[:username]).first
    end

    if user && code && (Time.now.to_i - code.created_at.to_i) <= 10*60
      user.update_column(:last_login_on, Time.now)
      successful_authentication(user, user.last_login_on.nil? ? '' : user.last_login_on.to_s)
    else
      logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
      flash[:error] = l(:notice_account_invalid_code)
      redirect_to signin_path(:c_name=>params[:username])
    end
  end

  def open_id_authenticate(openid_url)
    back_url = signin_url(:autologin => params[:autologin])

    authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => back_url, :method => :post) do |result, identity_url, registration|
      if result.successful?
        user = User.find_or_initialize_by_identity_url(identity_url)
        if user.new_record?
          # Self-registration off
          (redirect_to(signin_path); return) unless Setting.self_registration?

          # Create on the fly
          user.login = registration['nickname'] unless registration['nickname'].nil?
          user.mail = registration['email'] unless registration['email'].nil?
          user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
          user.random_password
          user.register

          case Setting.self_registration
          when '1'
            register_by_email_activation(user) do
              onthefly_creation_failed(user)
            end
          when '3'
            register_automatically(user) do
              onthefly_creation_failed(user)
            end
          else
            register_manually_by_administrator(user) do
              onthefly_creation_failed(user)
            end
          end
        else
          # Existing record
          if user.active?
            successful_authentication(user)
          else
            account_pending
          end
        end
      end
    end
  end

  def successful_authentication(user, last_login_on)
    logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
    # Valid user
    self.logged_user = user
    # generate a key and set cookie if autologin
    if params[:autologin] && Setting.autologin?
      set_autologin_cookie(user)
    end
    call_hook(:controller_account_success_authentication_after, {:user => user })

    code = /\d*/
    # 记录用户登录行为

    UserActions.create(:action_id => User.current.id, :action_type => "Login", :user_id => User.current.id)
=begin
    if user.created_on.strftime('%Y-%m-%d %H:%M:%S') > "2018-01-01 00:00:00" && user.phone.blank?
      redirect_to change_or_bind_path(:type => 'phone')
      return
    end
=end
    #根据home_url生产正则表达式
    eval("code = " + "/^" + home_url.gsub(/\//,"\\\/") + "\\\/*(welcome)?\\\/*(\\\/index\\\/*.*)?\$/")
    login_error = false
    if (User.current.login =~ /(^(?=.*?[a-zA-Z]).*$)/).nil? || !(User.current.login =~ /[@#\$%\^&\*]+/).nil?
      login_error = true
    end

    if (code=~params[:back_url] || params[:back_url].to_s.include?('lost_password')) && last_login_on != '' && !login_error
      # enroll_status_cookie(user)
      redirect_to user_path(user,host: Setting.host_user)
    else
      if last_login_on == ''
        redirect_to my_account_url
      else
      #by young
      #redirect_back_or_default my_page_path
      # 基本资料不完善的用户，将强制用户完善基本资料。
       user = UserExtensions.where(:user_id => User.current.id).first
       if User.current.lastname.blank? || user.school_id.blank? || user.identity.blank? || login_error
         redirect_to user_info_path()
       else
         # enroll_status_cookie(User.current)
         redirect_back_or_default User.current, params[:back_url]
       end
      end
    end
  end

  def set_autologin_cookie(user)
    token = Token.get_or_create_permanent_login_token(user)
    cookie_options = {
      :value => token.value,
      :expires => 1.month.from_now,
      :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
      :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
      :httponly => true
    }
    if Redmine::Configuration['cookie_domain'].present?
      cookie_options = cookie_options.merge(domain: Redmine::Configuration['cookie_domain'])
    end
    cookies[autologin_cookie_name] = cookie_options
  end

  # Onthefly creation failed, display the registration form to fill/fix attributes
  def onthefly_creation_failed(user, auth_source_options = { })
    @user = user
    session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
    render :action => 'register'
  end

  def invalid_credentials
    logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
    flash[:error] = l(:notice_account_invalid_creditentials)
    # render :layout => 'login'
    redirect_to signin_path(:name=>params[:username])
  end
  
  def invalid_credentials_new
    logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
    # flash[:error] = l(:notice_account_invalid_creditentials_new)
    # render signin_path(:login=>true)
    render :action => 'email_activation',:layout => 'login_bigdata'
  end

  # Register a user for email activation.
  #
  # Pass a block for behavior when a user fails to save
  def register_by_email_activation(user, &block)
    token = Token.new(:user => user, :action => "register")
    if user.save and token.save
      UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
      Mailer.run.register(token)


      flash[:notice] = l(:notice_account_register_done)

      render action: 'email_valid', locals: {:mail => user.mail}
    else
      yield if block_given?
    end
  end

  # Automatically register a user
  #
  # Pass a block for behavior when a user fails to save
  def register_automatically(user, &block)
    # Automatic activation
    user.activate
    user.last_login_on = Time.now
    if user.save
      UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
      self.logged_user = user
      flash[:notice] = l(:notice_account_activated)
      redirect_to my_account_url
    else
      yield if block_given?
    end
  end

  # Manual activation by the administrator
  #
  # Pass a block for behavior when a user fails to save
  def register_manually_by_administrator(user, &block)
    if user.save
      UserStatus.create(:user_id => user.id ,:changsets_count => 0, :watchers_count => 0)
      # Sends an email to the administrators
      Mailer.run.account_activation_request(user)
      account_pending
    else
      yield if block_given?
    end
  end

  def account_pending
    flash[:notice] = l(:notice_account_pending)
    redirect_to signin_url
  end
end