#coding=utf-8 # status值 # 0:成功;-1:500错误;403:无权限;404:页面不存在 module Mobile # require_relative 'middleware/error_handler' # require_relative 'apis/auth' # require_relative 'apis/users' # require_relative 'apis/courses' # require_relative 'apis/watches' # require_relative 'apis/upgrade' # require_relative 'apis/homeworks' # require_relative 'apis/comments' # require_relative 'apis/issues' # require_relative 'apis/activities' # require_relative 'apis/whomeworks' # require_relative 'apis/newss' # require_relative 'apis/journal_for_messages' # require_relative 'apis/messages' # require_relative 'apis/blog_comments' # require_relative 'apis/new_comment' # require_relative 'apis/praise' # require_relative 'apis/resources' # require_relative 'apis/syllabuses' # require_relative 'apis/projects' # require_relative 'apis/games' # require_relative 'apis/shixuns' # require_relative 'apis/discusses' # require_relative 'apis/memos' # require_relative 'apis/sources' # require_relative 'apis/careers' class API < Grape::API version 'v1', using: :path format :json content_type :json, "application/json;charset=UTF-8" use ActionDispatch::Session::CookieStore, :expire_after => 8.hours, :key => '_educoder_session', :domain => :all require 'digest' use Mobile::Middleware::ErrorHandler helpers do def logger Rails.logger end def authenticate! error!('401 Unauthorized', 401) unless current_user end def private_auth Rails.logger.info("#########{params[:private_token]}") error!('401 Unauthorized', 401) if params[:private_token] != "hriEn3UwXfJs3PmyXnSG" end def cnmooc_access_key! ## 签名 accessKeyId = 'LTAISM4HFWpQHh3g'.freeze accessKeySecret = '9NMU8ushmFu8SN1EKHOhvo9jmv1qp0'.freeze str = [] params.each do |key, value| if key != "sign" str << "#{key}=#{value}" end end sign_str = "#{str.join("&")}&sk=#{accessKeySecret}" Rails.logger.info("#####sign_str: #{sign_str}") sign = Digest::MD5.hexdigest("#{sign_str}").upcase Rails.logger.info("#####sign: #{sign}") Rails.logger.info("#####params[:sign]: #{params[:sign]}") #if params[:sign] != sign # error!('401 Unauthorized', 401) #end end # 有一些接口没登录也能查看数据 def career_authenticate! pass = request.path.include?("introduction") || request.path.include?("get_published_careers")|| request.path.include?("get_current_user") unless pass error!('401 Unauthorized', 401) unless current_user end end def memo_authenticate! Rails.logger.info("#######current_user: ###{current_user}") Rails.logger.info("#######session: ###{session[:user_id]}") pass = (request.path.match(/memos\/\d+/).present? && !request.path.include?("reply")) || request.path.include?("get_memos_list") || request.path.include?("memos?page=") || request.path.match(/memos$/).present? unless pass error!('401 Unauthorized', 401) unless current_user end end def discusses_authenticate! Rails.logger.info("#######current_user: ###{current_user}") Rails.logger.info("#######session: ###{session[:user_id]}") pass = request.path.match(/discusses$/).present? || request.path.include?("discusses?page=") unless pass error!('401 Unauthorized', 401) unless current_user end end # def manager_of_game # myshixun_id = Game.where(:identifier => params[:identifier]).pluck(:myshixun_id).first # myshixun = Myshixun.find(myshixun_id) # unless (current_user.admin? || myshixun.user_id == current_user.id) # return {} # end # end # def session env['rack.session'] end def current_user openid = session[:wechat_openid] if openid uw = UserWechat.find_by_openid(openid) return uw.user if uw end # third_party_user_id = session[:third_party_user_id] # Rails.logger.info("#########third_party_user_id: #{third_party_user_id}") # if third_party_user_id # c_user = UserSource.find_by_id(session[:third_party_user_id]) # return c_user.user if c_user # end token = ApiKey.where(access_token: params[:token]).first if token && !token.expired? return User.find(token.user_id) end # Rails.logger.info("########### host is #{request.host}") if (Rails.env.development? && session[:user_id].blank?) || (session[:user_id].blank? && request.host.include?("testbdweb")) || params[:action] == "privateGit" session[:user_id] = 12 #116 end Rails.logger.info("####### session user_id is #{session[:user_id]}") if session[:user_id] user = (User.active.find(session[:user_id]) rescue nil) else autologin_cookie = Redmine::Configuration['autologin_cookie_name'].presence || 'autologin' if cookies[autologin_cookie] && Setting.autologin? user = User.try_to_autologin(cookies[autologin_cookie]) if user # reset_session # start_user_session(user) session[:user_id] = user.id session[:ctime] = Time.now.utc.to_i session[:atime] = Time.now.utc.to_i end user end end return user if user nil end end mount Apis::Auth mount Apis::Users mount Apis::Courses mount Apis::Watches mount Apis::Upgrade mount Apis::Homeworks mount Apis::Comments mount Apis::Issues mount Apis::Activities mount Apis::Whomeworks mount Apis::Newss mount Apis::JournalForMessages mount Apis::Messages mount Apis::BlogComments mount Apis::NewComment mount Apis::Praise mount Apis::Resources mount Apis::Syllabuses mount Apis::Projects mount Apis::Games mount Apis::Shixuns mount Apis::Discusses mount Apis::Memos mount Apis::Sources mount Apis::Careers mount Apis::Assets mount Apis::Ecloud mount Apis::Cnmooc # add_swagger_documentation ({host: 'educoder.0bug.info', api_version: 'v1', base_path: '/api'}) if Rails.env.development? add_swagger_documentation ({api_version: 'v1', base_path: '/api'}) if Rails.env.development? end end