|
|
#coding=utf-8
|
|
|
# Redmine - project management software
|
|
|
# Copyright (C) 2006-2013 Jean-Philippe Lang
|
|
|
#
|
|
|
# This program is free software; you can redistribute it and/or
|
|
|
# modify it under the terms of the GNU General Public License
|
|
|
# as published by the Free Software Foundation; either version 2
|
|
|
# of the License, or (at your option) any later version.
|
|
|
#
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
# GNU General Public License for more details.
|
|
|
#
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
# along with this program; if not, write to the Free Software
|
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
|
|
class AccountController < ApplicationController
|
|
|
helper :custom_fields
|
|
|
include CustomFieldsHelper
|
|
|
|
|
|
# prevents login action to be filtered by check_if_login_required application scope filter
|
|
|
skip_before_filter :check_if_login_required
|
|
|
skip_before_filter :check_authentication, :only => [:login, :logout, :user_join, :avatar, :authentication, :professional_certification, :security_settings, :change_psd, :user_info]
|
|
|
before_filter :auth_login1, :only => [:avatar, :authentication, :professional_certification, :security_settings, :change_psd, :reset_psd, :user_info]
|
|
|
skip_before_filter :verify_authenticity_token, :only =>[:codepedia_login, :login, :register]
|
|
|
before_filter :require_login, only: [:avatar, :authentication, :professional_certification, :security_settings, :change_psd, :user_info, :user_auth, :apply_auth, :apply_pro_certification, :check_student_id,
|
|
|
:bind_email, :change_or_bind]
|
|
|
include ApplicationHelper
|
|
|
include AccountHelper
|
|
|
# Login request and validation
|
|
|
CODES = %W(1 2 3 4 5 6 7 8 9 A B C D E F G H J K L N M O P Q R S T U V W X Y Z)
|
|
|
|
|
|
def login
|
|
|
Rails.logger.info("login: request type is #{request.method}")
|
|
|
if params[:type] == "activated"
|
|
|
@message = l(:notice_account_activated)
|
|
|
elsif params[:type] == "expired"
|
|
|
@message = l(:notice_account_expired)
|
|
|
end
|
|
|
@name = params[:name]
|
|
|
@c_name = params[:c_name]
|
|
|
|
|
|
login = User.current.login
|
|
|
login_error = false
|
|
|
# login 匹配不到字母,或者 含有特殊字符 则login不规范
|
|
|
if (login =~ /(^(?=.*?[a-zA-Z]).*$)/).nil? || !(login =~ /[@#\$%\^&\*]+/).nil?
|
|
|
login_error = true
|
|
|
end
|
|
|
|
|
|
if request.get?
|
|
|
@login = params[:login] || true
|
|
|
if User.current.logged?
|
|
|
# 判断用户基本资料是否完善,不完善讲强制完善基本资料,完善进入主页
|
|
|
user = UserExtensions.where(:user_id => User.current.id).first
|
|
|
Rails.logger.info("#######################login_error: ##{login_error}")
|
|
|
if User.current.lastname.blank? || user.school_id.blank? || user.identity.blank? || login_error
|
|
|
redirect_to user_info_path()
|
|
|
else
|
|
|
redirect_back_or_default user_path(User.current), :referer => true
|
|
|
end
|
|
|
else
|
|
|
render :layout => 'login'
|
|
|
end
|
|
|
else
|
|
|
# ajax请求类型
|
|
|
# REDO:测试的时候注意是否
|
|
|
if request.xhr?
|
|
|
login = params[:username].strip
|
|
|
password = params[:password]
|
|
|
# 验证用户名密码是否正确
|
|
|
@user, last_login_on = User.try_to_login(login, password)
|
|
|
if @user.present?
|
|
|
Rails.logger.info("successful_authentication, user is #{@user.try(:login)}")
|
|
|
# 登录重置session;重新开启session有效时间等
|
|
|
self.logged_user = @user
|
|
|
# generate a key and set cookie if autologin
|
|
|
if params[:autologin] && Setting.autologin?
|
|
|
set_autologin_cookie(@user)
|
|
|
end
|
|
|
# 记录用户登录行为
|
|
|
UserActions.create(:action_id => @user.id, :action_type => "Login", :user_id => @user.id)
|
|
|
end
|
|
|
respond_to do |format|
|
|
|
format.js
|
|
|
end
|
|
|
else
|
|
|
authenticate_user
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def codepedia_login
|
|
|
logger.info("codepedia_login#########################################")
|
|
|
logger.info("#{params}")
|
|
|
user, last_login_on = User.try_to_login(params[:username], params[:password])
|
|
|
logger.info(user)
|
|
|
if user.blank?
|
|
|
render :json => { status: 0 }
|
|
|
else
|
|
|
render :json => { status: 1, user: user}
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def user_join
|
|
|
if params[:type] == "activated"
|
|
|
@message = l(:notice_account_activated)
|
|
|
elsif params[:type] == "expired"
|
|
|
@message = l(:notice_account_expired)
|
|
|
end
|
|
|
|
|
|
if request.get?
|
|
|
@login = params[:login] || true
|
|
|
@name = params[:name]
|
|
|
if User.current.logged?
|
|
|
# 判断用户基本资料是否完善,不完善讲强制完善基本资料,完善进入主页
|
|
|
user = UserExtensions.where(:user_id => User.current.id).first
|
|
|
if user.gender.nil? || user.school_id.nil? || User.current.lastname.nil?
|
|
|
redirect_to my_account_path(:tip => 1)
|
|
|
elsif user.identity == 3 && user.school_id.nil?
|
|
|
redirect_to my_account_path(:tip => 1)
|
|
|
else
|
|
|
redirect_to user_path(User.current)
|
|
|
end
|
|
|
else
|
|
|
render :layout =>'login'
|
|
|
end
|
|
|
else
|
|
|
authenticate_user
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def help
|
|
|
@index = params[:index].to_i == 0 ? 1 : params[:index].to_i
|
|
|
if @index == 6 && !User.current.logged?
|
|
|
redirect_to signin_path
|
|
|
return
|
|
|
end
|
|
|
code = CODES.sample(8).join
|
|
|
@resubmit = "#{code}"
|
|
|
@agreement = Help.first
|
|
|
@cooperation = Cooperation.all
|
|
|
@url = params[:url]
|
|
|
|
|
|
@com_coop_img = CooImg.where(:img_type => 'com_coop').order("position asc")
|
|
|
@edu_coop_img = CooImg.where(:img_type => 'edu_coop').order("position asc")
|
|
|
render :layout => 'base_edu'
|
|
|
|
|
|
end
|
|
|
|
|
|
def update_help
|
|
|
@edu_coop = "edu_coop"
|
|
|
@com_coop = "com_coop"
|
|
|
end
|
|
|
|
|
|
def update_agreement
|
|
|
if User.current.admin?
|
|
|
help = Help.first
|
|
|
unless params[:tabs]
|
|
|
if help.present?
|
|
|
case params[:tab].to_i
|
|
|
when 1
|
|
|
help.update_attribute(:agreement, params[:description])
|
|
|
redirect_to help_path(:index => 4)
|
|
|
when 2
|
|
|
help.update_attribute(:about_us, params[:description])
|
|
|
redirect_to help_path()
|
|
|
when 3
|
|
|
help.update_attribute(:help_center, params[:description])
|
|
|
redirect_to help_path(:index => 5)
|
|
|
|
|
|
end
|
|
|
else
|
|
|
case params[:tab].to_i
|
|
|
when 1
|
|
|
Help.create(:agreement => params[:description])
|
|
|
redirect_to help_path(:index => 4)
|
|
|
when 2
|
|
|
Help.create(:about_us => params[:description])
|
|
|
redirect_to help_path()
|
|
|
when 3
|
|
|
Help.create(:help_center => params[:description])
|
|
|
redirect_to help_path(:index => 5)
|
|
|
end
|
|
|
end
|
|
|
else
|
|
|
unless help.present?
|
|
|
Help.create(:status =>params[:status])
|
|
|
redirect_to help_path(:index => 2)
|
|
|
|
|
|
else
|
|
|
help.update_attribute(:status,params[:status])
|
|
|
redirect_to help_path(:index => 2)
|
|
|
end
|
|
|
end
|
|
|
else
|
|
|
redirect_to help_path()
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def update_contact_us
|
|
|
if Cooperation.where(:user_type => params[:user_type]).present?
|
|
|
Cooperation.where(:user_type => params[:user_type]).first.update_attributes(:name => params[:name],:qq => params[:qq],:mail =>params[:mail])
|
|
|
else
|
|
|
Cooperation.create(:user_type => params[:user_type],:name =>params[:name],:qq =>params[:qq],:mail =>params[:mail])
|
|
|
end
|
|
|
redirect_to help_path(:index => 2)
|
|
|
end
|
|
|
|
|
|
def insert_suggest
|
|
|
content = "<p>[#{params[:question_kind]}]</p>" + "<p>问题页面网址:#{params[:url]}</p>" + params[:description]
|
|
|
PrivateMessage.create(:user_id => User.current.id, :target_id => 1, :sender_id => User.current.id, :receiver_id => 1, :content => content, :send_time => Time.now, :status => 1)
|
|
|
PrivateMessage.create(:user_id => 1, :target_id => User.current.id, :sender_id => User.current.id, :receiver_id => 1, :content => content, :send_time => Time.now, :status => 0)
|
|
|
redirect_to message_detail_user_path(User.current, :user_id => 1)
|
|
|
end
|
|
|
|
|
|
# 合作伙伴
|
|
|
def cooperative_partner
|
|
|
render :layout =>'base_edu'
|
|
|
end
|
|
|
|
|
|
def update_cooperative_part
|
|
|
diskfile1 = disk_filename(params[:sourse_type], params[:source_id])
|
|
|
diskfile2 = disk_coo_filename(params[:sourse_type], params[:source_id])
|
|
|
|
|
|
diskfile = diskfile1 + 'temp'
|
|
|
begin
|
|
|
FileUtils.mv diskfile, diskfile1, force: true if File.exist? diskfile
|
|
|
ensure
|
|
|
File.delete(diskfile) if File.exist?(diskfile)
|
|
|
end
|
|
|
if File.exist?(diskfile1)
|
|
|
pos = CooImg.order("position asc").last.position
|
|
|
CooImg.create(:src_states =>params[:img_url] ,:url_states => diskfile2,:img_type =>params[:sourse_type], :position => pos)
|
|
|
end
|
|
|
redirect_to help_path(:index => 3)
|
|
|
end
|
|
|
|
|
|
# 改变广告位置
|
|
|
# params: id: 广告的id, position:广告的新位置, type:图片类型
|
|
|
def change_coop_position
|
|
|
logger.info("##############{params[:position]}")
|
|
|
position = params[:position].to_i
|
|
|
type = params[:type]
|
|
|
img = CooImg.find params[:id]
|
|
|
coop_imgs = CooImg.where("img_type = ? and position > ?" , type, params[:position].to_i)
|
|
|
coop_imgs.map{|img| img.increment!(:position)}
|
|
|
img.update_attribute(:position, position + 1)
|
|
|
render :json => {status: 1}
|
|
|
end
|
|
|
|
|
|
def delete_coop
|
|
|
# @coo_img = CooImg.find_by_id(params[:id])
|
|
|
# @coo_img.destroy
|
|
|
# render_404 if @coo_img.nil?
|
|
|
# redirect_to help_path(:index => 3)
|
|
|
# rescue ActiveRecord::RecordNotFound
|
|
|
# render_404
|
|
|
@coo_img = CooImg.find_by_id(params[:id])
|
|
|
@sourse = @coo_img.url_states
|
|
|
diskfile = File.join(Rails.root, "public")
|
|
|
diskfile1 = diskfile + @sourse
|
|
|
unless diskfile1.nil? || diskfile1 == ""
|
|
|
path = File.dirname(diskfile1)
|
|
|
if File.directory?(path)
|
|
|
File.delete(diskfile1)
|
|
|
@coo_img.destroy
|
|
|
end
|
|
|
end
|
|
|
|
|
|
redirect_to help_path(:index => 3)
|
|
|
rescue Exception => e
|
|
|
logger.info e.message
|
|
|
respond_to do |format|
|
|
|
format.js
|
|
|
format.api {
|
|
|
if saved
|
|
|
render :action => 'upload', :status => :created
|
|
|
else
|
|
|
render_validation_errors(@avatar)
|
|
|
end
|
|
|
}
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
# Log out current user and redirect to welcome page
|
|
|
def logout
|
|
|
if User.current.anonymous?
|
|
|
redirect_to home_path
|
|
|
else
|
|
|
UserActions.create(:action_id => User.current.id, :action_type => "Logout", :user_id => User.current.id)
|
|
|
logout_user
|
|
|
# 记录用户登出行为
|
|
|
redirect_to home_path
|
|
|
end
|
|
|
# display the logout form
|
|
|
end
|
|
|
|
|
|
def heartbeat
|
|
|
render :json => session[:user_id]
|
|
|
end
|
|
|
|
|
|
# Lets user choose a new password
|
|
|
def lost_password
|
|
|
(redirect_to(signin_path); return) unless Setting.lost_password?
|
|
|
if params[:token]
|
|
|
@token = Token.find_token("recovery", params[:token].to_s)
|
|
|
if @token.nil? || @token.expired?
|
|
|
redirect_to signin_path
|
|
|
return
|
|
|
end
|
|
|
@user = @token.user
|
|
|
unless @user && @user.active?
|
|
|
redirect_to signin_path
|
|
|
return
|
|
|
end
|
|
|
if request.post?
|
|
|
@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
|
|
|
if @user.save
|
|
|
@token.destroy
|
|
|
flash[:notice] = l(:notice_account_password_updated)
|
|
|
redirect_to signin_url
|
|
|
return
|
|
|
end
|
|
|
end
|
|
|
render :template => "account/password_recovery"
|
|
|
return
|
|
|
else
|
|
|
if request.post?
|
|
|
user = User.find_by_mail(params[:mail].to_s)
|
|
|
# user not found or not active
|
|
|
unless user && user.active?
|
|
|
flash.now[:error] = l(:notice_account_unknown_email)
|
|
|
render :layout => 'static_base'
|
|
|
return
|
|
|
end
|
|
|
# user cannot change its password
|
|
|
unless user.change_password_allowed?
|
|
|
flash.now[:error] = l(:notice_can_t_change_password)
|
|
|
return
|
|
|
end
|
|
|
# create a new token for password recovery
|
|
|
token = Token.new(:user => user, :action => "recovery")
|
|
|
if token.save
|
|
|
Mailer.run.lost_password(token)
|
|
|
flash[:notice] = l(:notice_account_lost_email_sent)
|
|
|
redirect_to lost_password_path
|
|
|
return
|
|
|
end
|
|
|
end
|
|
|
render :layout => 'login'
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# User self-registration
|
|
|
def register
|
|
|
(redirect_to(signin_path); return) unless Setting.self_registration? || session[:auth_source_registration]
|
|
|
if request.get?
|
|
|
session[:auth_source_registration] = nil
|
|
|
@user = User.new(:language => current_language.to_s)
|
|
|
else
|
|
|
user_params = params[:user] || {}
|
|
|
if session[:auth_source_registration]
|
|
|
@user.activate
|
|
|
@user.login = session[:auth_source_registration][:login]
|
|
|
@user.auth_source_id = session[:auth_source_registration][:auth_source_id]
|
|
|
if @user.save
|
|
|
session[:auth_source_registration] = nil
|
|
|
self.logged_user = @user
|
|
|
flash[:notice] = l(:notice_account_activated)
|
|
|
redirect_to my_account_path(:tip => 1)
|
|
|
end
|
|
|
else
|
|
|
us = UsersService.new
|
|
|
@user = us.register user_params.merge(:should_confirmation_password => false)
|
|
|
=begin
|
|
|
case Setting.self_registration
|
|
|
when '1'
|
|
|
#register_by_email_activation(@user)
|
|
|
unless @user.new_record?
|
|
|
# if params[:user][:phone] =~ /^[a-zA-Z0-9]+([._\\]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
|
|
|
# redirect_to account_email_valid_path(:mail => @user.mail, :user_id => @user.id)
|
|
|
# else
|
|
|
self.logged_user = @user
|
|
|
redirect_to user_info_path()
|
|
|
# end
|
|
|
# flash[:notice] = l(:notice_account_register_done)
|
|
|
# render action: 'email_valid', locals: {:mail => @user.mail}
|
|
|
end
|
|
|
when '3'
|
|
|
#register_automatically(@user)
|
|
|
if !@user.new_record?
|
|
|
self.logged_user = @user
|
|
|
flash[:notice] = l(:notice_account_activated)
|
|
|
redirect_to user_info_path()
|
|
|
else
|
|
|
redirect_to signin_path
|
|
|
end
|
|
|
else
|
|
|
#register_manually_by_administrator(@user)
|
|
|
unless @user.new_record?
|
|
|
account_pending
|
|
|
end
|
|
|
end
|
|
|
=end
|
|
|
if !@user.new_record?
|
|
|
self.logged_user = @user
|
|
|
flash[:notice] = l(:notice_account_activated)
|
|
|
redirect_to user_info_path()
|
|
|
else
|
|
|
redirect_to signin_path
|
|
|
end
|
|
|
|
|
|
if params[:user][:phone] =~ /^[a-zA-Z0-9]+([._\\]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
|
|
|
reward_grade(@user, @user.id, 'Mail', 500)
|
|
|
elsif params[:user][:phone] =~ /^1\d{10}$/
|
|
|
reward_grade(@user, @user.id, 'Phone', 500)
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# 注册完后绑定邮箱(可选)
|
|
|
def bind_email
|
|
|
@user = User.current
|
|
|
if request.get?
|
|
|
render :layout =>'login'
|
|
|
else
|
|
|
@user.update_attributes!(:mail => params[:mail])
|
|
|
reward_grade(@user, @user.id, 'Mail', 500)
|
|
|
redirect_to user_info_path()
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# 注册完/绑定邮箱 后完善资料
|
|
|
def user_info
|
|
|
@user = User.current
|
|
|
|
|
|
#是否是Oschina过来的
|
|
|
@is_ecoder_user = @user.ecoder_user_id.to_i>0
|
|
|
|
|
|
#是否没设置过密码
|
|
|
@is_set_password = @user.hashed_password.present?
|
|
|
|
|
|
if request.get?
|
|
|
|
|
|
# 如果是登录的请求进来,则需要判断登录名是否合法
|
|
|
if (@user.login =~ /(^(?=.*?[a-zA-Z]).*$)/).nil? || !(@user.login =~ /[@#\$%\^&\*\.]+/).nil?
|
|
|
@login_error = true
|
|
|
end
|
|
|
render :layout =>'login'
|
|
|
else
|
|
|
lg = @user.login
|
|
|
@pref = @user.pref
|
|
|
@se = @user.extensions
|
|
|
|
|
|
# 已授权的用户修改单位名称,需要重新授权
|
|
|
if @se.school_id != params[:occupation].to_i && @user.certification == 1
|
|
|
@user.certification = 0
|
|
|
apply_user = ApplyAction.where(:user_id => @user.id, :container_type => "TrialAuthorization")
|
|
|
apply_user.update_all(:status => 2) unless apply_user.blank?
|
|
|
end
|
|
|
|
|
|
|
|
|
if @is_ecoder_user && !@is_set_password
|
|
|
@user.password = params[:new_password]
|
|
|
@user.password_confirmation = params[:new_password_confirmation]
|
|
|
|
|
|
if @user.password.size<8
|
|
|
@password_len_error = true
|
|
|
render :user_info and return
|
|
|
end
|
|
|
|
|
|
if @user.password != @user.password_confirmation
|
|
|
@password_match_error = true
|
|
|
render :user_info and return
|
|
|
end
|
|
|
end
|
|
|
|
|
|
@user.lastname = params[:lastname]
|
|
|
@user.firstname = ""
|
|
|
@user.show_realname = params[:hide_realname] ? 0 : 1
|
|
|
@user.nickname = params[:hide_realname] ? params[:nickname] : params[:lastname]
|
|
|
@user.pref.attributes = params[:pref]
|
|
|
@user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
|
|
|
@user.mail = params[:mail] if params[:mail]
|
|
|
Rails.logger.info("###############login: #{params[:login]}")
|
|
|
if params[:login]
|
|
|
if (params[:login] =~ /(^(?=.*?[a-zA-Z]).*$)/).present? && (params[:login] =~ /[@#\$%\^&\*\.]+/).nil?
|
|
|
@user.login = params[:login]
|
|
|
Gitlab.client.edit_user(@user.gid, :username => params[:login]) if @user.gid
|
|
|
end
|
|
|
end
|
|
|
|
|
|
@se.school_id = params[:occupation]
|
|
|
@se.department_id = params[:department_id]
|
|
|
@se.gender = params[:sex]
|
|
|
# @se.location = params[:province] if params[:province]
|
|
|
# @se.location_city = params[:city] if params[:city]
|
|
|
@se.identity = params[:identity].to_i if params[:identity]
|
|
|
if @se.identity == 0
|
|
|
@se.technical_title = params[:te_technical_title] if params[:te_technical_title]
|
|
|
@se.student_id = nil
|
|
|
elsif @se.identity == 1
|
|
|
@se.student_id = params[:no] if params[:no]
|
|
|
@se.technical_title = nil
|
|
|
elsif @se.identity == 2
|
|
|
@se.technical_title = params[:pro_technical_title] if params[:pro_technical_title]
|
|
|
@se.student_id = nil
|
|
|
end
|
|
|
# @se.brief_introduction = params[:brief_introduction]
|
|
|
|
|
|
if @user.save && @se.save
|
|
|
|
|
|
reward_grade(@user, @user.id, 'Account', 500)
|
|
|
|
|
|
if @user.certification != 1
|
|
|
school_ids = School.where(:auto_users_trial => 1).map(&:id)
|
|
|
# 授权单位中的只有学生身份才自动授权,且创建试用授权记录
|
|
|
if !@se.school.nil? && school_ids.include?(@se.school_id) && @se.identity == 1
|
|
|
@user.certification = 1
|
|
|
@user.update_attributes(:certification => 1)
|
|
|
apply_action = ApplyAction.where(:user_id => @user.id, :container_type => "TrialAuthorization", :status => 0).first
|
|
|
if apply_action.present?
|
|
|
apply_action.update_attributes(:status => 1, :noticed => 1)
|
|
|
else
|
|
|
ApplyAction.create(:user_id => @user.id, :container_type => "TrialAuthorization", :ip_addr => request.remote_ip, :status => 1, :noticed => 1)
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# 授权的教师加入示例课堂
|
|
|
join_ex_course(@user) if @se.identity == 0 && @user.certification == 1
|
|
|
|
|
|
@user.pref.save
|
|
|
set_language_if_valid @user.language
|
|
|
flash[:notice] = l(:notice_account_updated)
|
|
|
first_update = Grade.where(:user_id => @user.id, :container_id => @user.id, :container_type => 'Account').first
|
|
|
if @user.certification == 1 || (Time.now.to_i - first_update.created_at.to_i) < 86400
|
|
|
if @user.certification != 1 && !@user.user_day_certifications.first.present? # 更新字段是为了在user页面弹框提示
|
|
|
@user.update_attributes(:certification => 3)
|
|
|
UserDayCertification.create(:user_id => @user.id, :status => 1)
|
|
|
end
|
|
|
redirect_to user_path(@user)
|
|
|
else
|
|
|
redirect_to my_account_url
|
|
|
end
|
|
|
return
|
|
|
else
|
|
|
@user.login = lg
|
|
|
logger.info "save user: #{@user.errors}"
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def check_email
|
|
|
logger.info("###################################")
|
|
|
user_count = User.where(:login => params[:login]).count
|
|
|
status = user_count > 0 ? -1 : 0
|
|
|
render :json => {status: status}
|
|
|
end
|
|
|
|
|
|
#should_confirmation_password是否验证密码
|
|
|
def create_and_save_user login,password,email,password_confirmation,should_confirmation_password
|
|
|
@user = User.new
|
|
|
@user.admin = false
|
|
|
@user.register
|
|
|
@user.login = login
|
|
|
@user.mail = email
|
|
|
if should_confirmation_password && !password.blank? && !password_confirmation.blank?
|
|
|
@user.password,@user.password_confirmation = password,password_confirmation
|
|
|
elsif !should_confirmation_password && !password.blank?
|
|
|
@user.password = password
|
|
|
else
|
|
|
@user.password = ""
|
|
|
end
|
|
|
case Setting.self_registration
|
|
|
when '1'
|
|
|
register_by_email_activation(@user)
|
|
|
when '3'
|
|
|
register_automatically(@user)
|
|
|
else
|
|
|
register_manually_by_administrator(@user)
|
|
|
end
|
|
|
if @user.id != nil
|
|
|
ue = @user.user_extensions ||= UserExtensions.new
|
|
|
ue.user_id = @user.id
|
|
|
ue.save
|
|
|
end
|
|
|
@user
|
|
|
end
|
|
|
|
|
|
# Token based account activation
|
|
|
def activate
|
|
|
(redirect_to(signin_path); return) unless Setting.self_registration? && params[:token].present?
|
|
|
token = Token.find_token('register', params[:token].to_s)
|
|
|
type = l(:notice_account_expired) if (token && token.expired?)
|
|
|
(redirect_to(signin_path(:type => "expired")); return) unless token and !token.expired?
|
|
|
user = token.user
|
|
|
(redirect_to(signin_path); return) unless user.registered?
|
|
|
user.activate
|
|
|
if user.save
|
|
|
token.destroy
|
|
|
flash[:notice] = l(:notice_account_activated)
|
|
|
end
|
|
|
redirect_to signin_url(:type => "activated")
|
|
|
end
|
|
|
|
|
|
def api_register login,password,email
|
|
|
users_service = UsersService.new
|
|
|
users_service.register({login: login, password: password, email: eamil})
|
|
|
end
|
|
|
|
|
|
def valid_ajax
|
|
|
req = Hash.new(false)
|
|
|
req[:message] = ''
|
|
|
|
|
|
valid_attr = params[:valid]
|
|
|
valid_value = params[:value]
|
|
|
|
|
|
faker = User.new
|
|
|
|
|
|
if valid_attr.eql?('')
|
|
|
req[:valid] = User.where("phone = '#{params[:value]}' or mail = '#{params[:value]}' or login = '#{params[:value]}'").blank?
|
|
|
end
|
|
|
|
|
|
if valid_attr.eql?('login')
|
|
|
faker.login = valid_value
|
|
|
faker.valid?
|
|
|
req[:valid] = faker.errors[:login].blank?
|
|
|
req[:message] = faker.errors[:login]
|
|
|
end
|
|
|
|
|
|
if valid_attr.eql?('phone')
|
|
|
faker.phone = valid_value
|
|
|
faker.valid?
|
|
|
req[:valid] = faker.errors[:phone].blank?
|
|
|
req[:message] = ""
|
|
|
end
|
|
|
|
|
|
if valid_attr.eql?('mail')
|
|
|
faker.mail = valid_value
|
|
|
faker.valid?
|
|
|
req[:valid] = faker.errors[:mail].blank?
|
|
|
req[:message] = faker.errors[:mail]
|
|
|
end
|
|
|
|
|
|
req[:message] = l(:modal_valid_passing) if req[:message].blank?
|
|
|
render :json => req
|
|
|
end
|
|
|
|
|
|
# 手机号或邮箱是否已注册
|
|
|
def valid_register_user
|
|
|
req = Hash.new(false)
|
|
|
req[:message] = ''
|
|
|
|
|
|
valid_attr = params[:valid]
|
|
|
valid_value = params[:value]
|
|
|
|
|
|
if valid_attr.eql?('phone')
|
|
|
user = User.where(:phone => valid_value).first
|
|
|
req[:valid] = !user.nil?
|
|
|
req[:message] = user.nil? ? "该手机号未注册" : ""
|
|
|
elsif valid_attr.eql?('mail')
|
|
|
user = User.where(:mail => valid_value).first
|
|
|
req[:valid] = !user.nil?
|
|
|
req[:message] = user.nil? ? "该邮箱未注册" : ""
|
|
|
end
|
|
|
|
|
|
render :json => req
|
|
|
end
|
|
|
|
|
|
# 发送验证码:type 1:注册手机验证码 2:找回密码手机验证码 3:找回密码邮箱验证码 4:绑定手机 5:绑定邮箱 6:手机验证码登录 7:邮箱验证码登录 8:邮箱注册验证码
|
|
|
# 验证码是否有效
|
|
|
def valid_verification_code
|
|
|
req = Hash.new(false)
|
|
|
req[:valid] = false
|
|
|
type = params[:type].to_i
|
|
|
if Redmine::Configuration['gitlab_address'].include?("test") && params[:code] == "134790"
|
|
|
req[:valid] = true
|
|
|
else
|
|
|
if type == 1 || type == 2 || type == 4 || type == 6 || params[:phone] =~ /^1\d{10}$/
|
|
|
code = VerificationCode.where(:phone => params[:phone], :code => params[:code], :code_type => (params[:type].to_i != 1 && params[:type].to_i != 2 && params[:type].to_i != 4) ? 2 : params[:type].to_i ).last
|
|
|
else
|
|
|
code = VerificationCode.where(:email => params[:phone], :code => params[:code], :code_type => params[:type].to_i).last
|
|
|
end
|
|
|
req[:valid] = !code.nil? && (Time.now.to_i - code.created_at.to_i) <= 10*60
|
|
|
end
|
|
|
render :json => req
|
|
|
end
|
|
|
|
|
|
# 发送验证码:type 1:注册手机验证码 2:找回密码手机验证码 3:找回密码邮箱验证码 4:绑定手机 5:绑定邮箱 6:手机验证码登录 7:邮箱验证码登录 8:邮箱注册验证码
|
|
|
def get_verification_code
|
|
|
code = %W(0 1 2 3 4 5 6 7 8 9)
|
|
|
type = params[:type].to_i
|
|
|
req = Hash.new(false)
|
|
|
req[:status] = 0
|
|
|
req[:msg] = ''
|
|
|
if type == 1
|
|
|
if User.where(:phone => params[:value]).count > 0
|
|
|
req[:status] = 2 #已注册
|
|
|
else
|
|
|
begin
|
|
|
verification_code = code.sample(6).join
|
|
|
status = Trustie::Sms.send(mobile: params[:value], code: verification_code)
|
|
|
if status == 0
|
|
|
VerificationCode.create(:phone => params[:value], :status => 1, :code_type => 1, :code => verification_code)
|
|
|
end
|
|
|
req[:msg] = code_msg status
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
req[:status] = 1
|
|
|
end
|
|
|
elsif type == 8
|
|
|
if User.where(:mail => params[:value]).count > 0
|
|
|
req[:status] = 2 #已注册
|
|
|
else
|
|
|
begin
|
|
|
verification_code = code.sample(6).join
|
|
|
user = User.current
|
|
|
token = Token.new(:user => user, :action => "bind")
|
|
|
if token.save
|
|
|
Mailer.run.email_register(token, verification_code, params[:value])
|
|
|
VerificationCode.create(:email => params[:value], :status => 1, :code_type => 8, :code => verification_code)
|
|
|
end
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
req[:status] = 1
|
|
|
req[:msg] = params[:value].split("@")[1]
|
|
|
end
|
|
|
elsif type == 2 || type == 3 || type == 6 || type == 7
|
|
|
if params[:value] =~ /^[a-zA-Z0-9]+([._\\]*[a-zA-Z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
|
|
|
if User.where(:mail => params[:value]).count == 0
|
|
|
req[:status] = 2 #未注册
|
|
|
else
|
|
|
begin
|
|
|
verification_code = code.sample(6).join
|
|
|
user = User.where(:mail => params[:value]).first
|
|
|
if type == 3
|
|
|
token = Token.new(:user => user, :action => "recovery")
|
|
|
if token.save
|
|
|
Mailer.run.lost_password(token, verification_code)
|
|
|
VerificationCode.create(:email => params[:value], :status => 1, :code_type => 3, :code => verification_code)
|
|
|
end
|
|
|
else
|
|
|
token = Token.new(:user => user, :action => "login")
|
|
|
if token.save
|
|
|
Mailer.run.code_login(token, verification_code)
|
|
|
VerificationCode.create(:email => params[:value], :status => 1, :code_type => 7, :code => verification_code)
|
|
|
end
|
|
|
end
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
req[:status] = 3
|
|
|
req[:link] = params[:value].split("@")[1]
|
|
|
end
|
|
|
elsif params[:value] =~ /^1\d{10}$/
|
|
|
if User.where(:phone => params[:value]).count == 0
|
|
|
req[:status] = 2
|
|
|
else
|
|
|
begin
|
|
|
verification_code = code.sample(6).join
|
|
|
status = Trustie::Sms.send(mobile: params[:value], code: verification_code)
|
|
|
if status == 0
|
|
|
VerificationCode.create(:phone => params[:value], :status => 1, :code_type => type, :code => verification_code)
|
|
|
end
|
|
|
req[:msg] = code_msg status
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
req[:status] = 1
|
|
|
end
|
|
|
else
|
|
|
req[:status] = 2
|
|
|
end
|
|
|
else
|
|
|
if params[:value] =~ /^[a-zA-Z0-9]+([._\\]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
|
|
|
if User.where(:mail => params[:value]).count > 0
|
|
|
req[:status] = 2 #已绑定
|
|
|
req[:msg] = '该邮箱已被绑定'
|
|
|
else
|
|
|
begin
|
|
|
verification_code = code.sample(6).join
|
|
|
user = User.current
|
|
|
token = Token.new(:user => user, :action => "bind")
|
|
|
if token.save
|
|
|
Mailer.run.bind_email(token, verification_code, params[:value])
|
|
|
VerificationCode.create(:email => params[:value], :status => 1, :code_type => 5, :code => verification_code)
|
|
|
end
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
req[:status] = 3
|
|
|
req[:msg] = params[:value].split("@")[1]
|
|
|
end
|
|
|
elsif params[:value] =~ /^1\d{10}$/
|
|
|
if User.where(:phone => params[:value]).count > 0
|
|
|
req[:status] = 2
|
|
|
req[:msg] = '该手机号已被绑定'
|
|
|
else
|
|
|
begin
|
|
|
verification_code = code.sample(6).join
|
|
|
status = Trustie::Sms.send(mobile: params[:value], code: verification_code)
|
|
|
if status == 0
|
|
|
VerificationCode.create(:phone => params[:value], :status => 1, :code_type => 4, :code => verification_code)
|
|
|
end
|
|
|
req[:msg] = code_msg status
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
req[:status] = 1
|
|
|
end
|
|
|
else
|
|
|
req[:status] = 2
|
|
|
end
|
|
|
|
|
|
end
|
|
|
Rails.logger.info "#{req[:status]} - #{req[:msg]}"
|
|
|
render :json => req
|
|
|
end
|
|
|
|
|
|
def avatar
|
|
|
@user = params[:user_id].nil? ? User.current : User.find(params[:user_id])
|
|
|
@setting_type = 2
|
|
|
render :layout => 'login'
|
|
|
end
|
|
|
|
|
|
# 实名认证
|
|
|
def authentication
|
|
|
@user = User.current
|
|
|
@apply_user_auth = ApplyUserAuthentication.where(:user_id => @user.id, :auth_type => 1).order("created_at asc").last
|
|
|
@setting_type = 3
|
|
|
render :layout => 'login'
|
|
|
end
|
|
|
|
|
|
# 职业认证
|
|
|
def professional_certification
|
|
|
@user = User.current
|
|
|
@apply_user_auth = ApplyUserAuthentication.where(:user_id => @user.id, :auth_type => 2, :status => [0, 2]).order("created_at asc").last
|
|
|
@setting_type = 4
|
|
|
render :layout => 'login'
|
|
|
end
|
|
|
|
|
|
def apply_auth
|
|
|
@user = User.current
|
|
|
old_name = @user.lastname+@user.firstname
|
|
|
@user.lastname = params[:lastname].strip
|
|
|
@user.firstname = ""
|
|
|
@user.ID_number = params[:ID_number].blank? ? nil : params[:ID_number]
|
|
|
|
|
|
if @user.save
|
|
|
@user.update_attributes(:authentication => 0)
|
|
|
if params[:upload_img] && params[:upload_img].to_i == 1
|
|
|
diskfile1 = disk_auth_filename('UserAuthentication', @user.id, 'ID')
|
|
|
diskfileID = diskfile1 + 'temp'
|
|
|
begin
|
|
|
FileUtils.mv diskfileID, diskfile1, force: true if File.exist? diskfileID
|
|
|
ensure
|
|
|
File.delete(diskfileID) if File.exist?(diskfileID)
|
|
|
end
|
|
|
end
|
|
|
# 提交认证
|
|
|
if params[:save_or_submit] && params[:save_or_submit] == "1"
|
|
|
if ApplyUserAuthentication.where(:user_id => @user.id, :status => 0, :auth_type => 1).count == 0
|
|
|
ApplyUserAuthentication.create(:user_id => @user.id, :status => 0, :auth_type => 1)
|
|
|
begin
|
|
|
status = Trustie::Sms.send(mobile: '18173242757', send_type:'apply_auth' , name: '管理员')
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
# 已授权的用户修改真实姓名,需要重新授权
|
|
|
if @user.certification == 1 && old_name != params[:lastname]
|
|
|
school_ids = School.where(:auto_users_trial => 1).map(&:id)
|
|
|
if !(((@user.user_extensions.identity == 1 && @user.user_extensions.student_id.present?) || @user.user_extensions.identity == 0) && !@user.user_extensions.school.nil? && school_ids.include?(@user.user_extensions.school_id))
|
|
|
@user.update_attributes(:certification => 0)
|
|
|
apply_user = ApplyAction.where(:user_id => @user.id, :container_type => "TrialAuthorization")
|
|
|
apply_user.update_all(:status => 2) unless apply_user.blank?
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
redirect_to my_account_path
|
|
|
end
|
|
|
|
|
|
def apply_pro_certification
|
|
|
@user = User.current
|
|
|
@se = @user.extensions
|
|
|
# 已授权的用户修改单位名称,需要重新授权
|
|
|
if (@se.school_id != params[:occupation].to_i || @se.identity != params[:identity].to_i) && @user.certification == 1
|
|
|
@user.certification = 0
|
|
|
apply_user = ApplyAction.where(:user_id => @user.id, :container_type => "TrialAuthorization")
|
|
|
apply_user.update_all(:status => 2) unless apply_user.blank?
|
|
|
end
|
|
|
@se.school_id = params[:occupation]
|
|
|
@se.department_id = params[:department_id]
|
|
|
@se.identity = params[:identity].to_i if params[:identity]
|
|
|
if @se.identity == 0
|
|
|
@se.technical_title = params[:te_technical_title] if params[:te_technical_title]
|
|
|
@se.student_id = nil
|
|
|
elsif @se.identity == 1
|
|
|
@se.student_id = params[:no] if params[:no]
|
|
|
@se.technical_title = nil
|
|
|
elsif @se.identity == 2
|
|
|
@se.technical_title = params[:pro_technical_title] if params[:pro_technical_title]
|
|
|
@se.student_id = nil
|
|
|
end
|
|
|
if @user.save && @se.save
|
|
|
@user.update_attributes(:professional_certification => 0)
|
|
|
if params[:upload_img] && params[:upload_img].to_i == 1
|
|
|
diskfile2 = disk_auth_filename('UserAuthentication', @user.id, 'PRO')
|
|
|
diskfilePRO = diskfile2 + 'temp'
|
|
|
begin
|
|
|
FileUtils.mv diskfilePRO, diskfile2, force: true if File.exist? diskfilePRO
|
|
|
ensure
|
|
|
File.delete(diskfilePRO) if File.exist?(diskfilePRO)
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# 提交认证
|
|
|
if params[:save_or_submit] && params[:save_or_submit] == "1"
|
|
|
if @se.identity == 1
|
|
|
if ApplyUserAuthentication.where(:user_id => @user.id, :status => 0, :auth_type => 2).count == 0
|
|
|
ApplyUserAuthentication.create(:user_id => @user.id, :status => 0, :auth_type => 2)
|
|
|
begin
|
|
|
status = Trustie::Sms.send(mobile: '18173242757', send_type:'apply_pro_certification' , name: '管理员')
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
end
|
|
|
else
|
|
|
if File.exist?(diskfile2)
|
|
|
ApplyUserAuthentication.create(:user_id => @user.id, :status => 0, :auth_type => 2)
|
|
|
begin
|
|
|
status = Trustie::Sms.send(mobile: '18173242757', send_type:'apply_pro_certification' , name: '管理员')
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# 只对试用授权的用户处理,修改职业信息的时候,如果变成了教师,则判断用户是否已加入示例课堂,没有则将其加入
|
|
|
if @se.identity == 0 && @user.certification == 1
|
|
|
join_ex_course @user
|
|
|
end
|
|
|
|
|
|
if @user.certification != 1 && @se.identity == 1
|
|
|
school_ids = School.where(:auto_users_trial => 1).map(&:id)
|
|
|
# 授权单位中的只有学生身份才自动授权,且创建试用授权记录
|
|
|
if !@se.school.nil? && school_ids.include?(@se.school_id)
|
|
|
@user.update_attributes(:certification => 1)
|
|
|
apply_action = ApplyAction.where(:user_id => @user.id, :container_type => "TrialAuthorization", :status => 0).first
|
|
|
if apply_action.present?
|
|
|
apply_action.update_attributes(:status => 1, :noticed => 1)
|
|
|
else
|
|
|
ApplyAction.create(:user_id => @user.id, :container_type => "TrialAuthorization", :ip_addr => request.remote_ip, :status => 1, :noticed => 1)
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
redirect_to my_account_path
|
|
|
end
|
|
|
|
|
|
# 修改资料时判断学号是否已使用
|
|
|
def check_user_student_id
|
|
|
data = {result:0, account:""}
|
|
|
if params[:student_id] && params[:school_id]
|
|
|
if UserExtensions.where("student_id = '#{params[:student_id]}' and school_id = #{params[:school_id]} and user_id != #{User.current.id}").count > 0
|
|
|
user = User.where(:id => UserExtensions.where("student_id = '#{params[:student_id]}' and school_id = #{params[:school_id]} and user_id != #{User.current.id}").map(&:user_id)).first
|
|
|
data[:account] = user.mail.blank? ? user.user_phone : user.user_mail
|
|
|
else
|
|
|
data[:result] = 1
|
|
|
end
|
|
|
end
|
|
|
render :json => data
|
|
|
end
|
|
|
|
|
|
# 实名认证时判断学号是否已使用
|
|
|
def check_student_id
|
|
|
data = {result:0, account:""}
|
|
|
if params[:student_id] && params[:school_id]
|
|
|
auth_count = User.where(:id => UserExtensions.where(:student_id => params[:student_id], :school_id => params[:school_id]).map(&:user_id)).count
|
|
|
# apply_count = ApplyUserAuthentication.where(:status => 0, :user_id => User.where(:id => UserExtensions.where(:student_id => params[:student_id], :school_id => params[:school_id]).map(&:user_id), :professional_certification => 0).map(&:id)).count
|
|
|
if auth_count == 0
|
|
|
data[:result] = 1
|
|
|
else
|
|
|
user = User.where(:id => UserExtensions.where(:student_id => params[:student_id], :school_id => params[:school_id]).map(&:user_id)).first
|
|
|
if user != User.current
|
|
|
data[:account] = user.mail.blank? ? user.user_phone : user.user_mail
|
|
|
else
|
|
|
data[:result] = 1
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
render :json => data
|
|
|
end
|
|
|
|
|
|
# 实名认证时判断证件号码是否已使用
|
|
|
def check_id_number
|
|
|
data = {result:0, account:""}
|
|
|
if params[:id_number]
|
|
|
id_number = [params[:id_number].downcase, params[:id_number].upcase]
|
|
|
auth_count = User.where(:ID_number => id_number, :authentication => 1).count
|
|
|
apply_count = ApplyUserAuthentication.where(:status => 0, :user_id => User.where(:ID_number => id_number, :authentication => 0).map(&:id)).count
|
|
|
if auth_count == 0 && apply_count == 0
|
|
|
data[:result] = 1
|
|
|
else
|
|
|
user = auth_count != 0 ? User.where(:ID_number => id_number, :authentication => 1).first : ApplyUserAuthentication.where(:status => 0, :user_id => User.where(:ID_number => id_number, :authentication => 0).map(&:id)).first.user
|
|
|
if user != User.current
|
|
|
data[:account] = user.mail.blank? ? user.user_phone : user.user_mail
|
|
|
else
|
|
|
data[:result] = 1
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
render :json => data
|
|
|
end
|
|
|
|
|
|
def cancel_pro_apply
|
|
|
unless params[:auth_type] == "2" && User.current.professional_certification
|
|
|
@apply_user_auth = ApplyUserAuthentication.where(:user_id => User.current.id, :auth_type => params[:auth_type], :status => 0).first
|
|
|
if @apply_user_auth.present?
|
|
|
@apply_user_auth.tidings.destroy_all
|
|
|
@apply_user_auth.update_attribute('status', 3)
|
|
|
diskfile2 = disk_auth_filename('UserAuthentication', User.current.id, params[:auth_type].to_i == 1 ? 'ID' : 'PRO')
|
|
|
diskfilePRO = diskfile2 + 'temp'
|
|
|
FileUtils.rm diskfilePRO, :force => true
|
|
|
FileUtils.rm diskfile2, :force => true
|
|
|
end
|
|
|
end
|
|
|
|
|
|
@user = User.current
|
|
|
respond_to do |format|
|
|
|
format.js
|
|
|
format.html {
|
|
|
if params[:auth_type] == "1"
|
|
|
redirect_to authentication_account_path
|
|
|
else
|
|
|
redirect_to professional_certification_account_path
|
|
|
end
|
|
|
}
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
def apply_trail
|
|
|
apply_action = ApplyAction.where(:user_id => User.current.id, :container_type => "TrialAuthorization", :status => 0).first
|
|
|
school_ids = School.where(:auto_users_trial => 1).map(&:id)
|
|
|
user_ex = User.current.user_extensions
|
|
|
if user_ex.identity == 1 && user_ex.student_id.present? && !user_ex.school.nil? && school_ids.include?(user_ex.school_id)
|
|
|
User.current.update_attributes(:certification => 1)
|
|
|
logger.warn("apply_trail #######{User.current.login} ****#{User.current.user_extensions.school_id}")
|
|
|
@tip = "申请已提交,我们将在1分钟内完成审核"
|
|
|
unless apply_action.present?
|
|
|
ApplyAction.create(:user_id => User.current.id, :status => 1, :ip_addr => request.remote_ip, :container_type => "TrialAuthorization", :apply_reason => params[:apply_reason])
|
|
|
else
|
|
|
apply_action.update_attributes(:status => 1)
|
|
|
end
|
|
|
# begin
|
|
|
# if User.current.phone.present?
|
|
|
# status = Trustie::Sms.send(mobile:User.current.phone.to_s, send_type:'trial_authorization' ,user_name:User.current.show_name,result:'已通过')
|
|
|
# end
|
|
|
# rescue => e
|
|
|
# Rails.logger.error "发送验证码出错: #{e}"
|
|
|
# end
|
|
|
elsif !User.current.user_extensions.school.nil?
|
|
|
@tip = "申请已提交,我们将在5分钟内完成审核"
|
|
|
unless apply_action.present?
|
|
|
ApplyAction.create(:user_id => User.current.id, :status => 0, :ip_addr => request.remote_ip, :container_type => "TrialAuthorization", :apply_reason => params[:apply_reason])
|
|
|
begin
|
|
|
status = Trustie::Sms.send(mobile:18175896138, send_type:'user_apply_auth',name:'管理员' )
|
|
|
rescue => e
|
|
|
Rails.logger.error "发送验证码出错: #{e}"
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
if params[:from_user] && params[:from_user] == '1'
|
|
|
@url = "#{user_path(User.current)}"
|
|
|
else
|
|
|
@url = "#{my_account_path}"
|
|
|
end
|
|
|
respond_to do |format|
|
|
|
format.js
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def user_auth
|
|
|
@user = User.current
|
|
|
diskfile1 = disk_auth_filename('UserAuthentication', @user.id, 'ID')
|
|
|
diskfile2 = disk_auth_filename('UserAuthentication', @user.id, 'PRO')
|
|
|
diskfileID = diskfile1 + 'temp'
|
|
|
diskfilePRO = diskfile2 + 'temp'
|
|
|
begin
|
|
|
FileUtils.mv diskfileID, diskfile1, force: true if File.exist? diskfileID
|
|
|
FileUtils.mv diskfilePRO, diskfile2, force: true if File.exist? diskfilePRO
|
|
|
ensure
|
|
|
File.delete(diskfileID) if File.exist?(diskfileID)
|
|
|
File.delete(diskfilePRO) if File.exist?(diskfilePRO)
|
|
|
end
|
|
|
if File.exist?(diskfile1) && File.exist?(diskfile2)
|
|
|
ApplyUserAuthentication.create(:user_id => @user.id, :status => 0)
|
|
|
end
|
|
|
|
|
|
redirect_to authentication_account_path
|
|
|
end
|
|
|
|
|
|
def security_settings
|
|
|
@user = User.current
|
|
|
@setting_type = 5
|
|
|
render :layout => 'login'
|
|
|
end
|
|
|
|
|
|
def change_psd
|
|
|
@user = User.current
|
|
|
@setting_type = 5
|
|
|
render :layout => 'login'
|
|
|
end
|
|
|
|
|
|
# 修改密码时判断密码是否输入正确
|
|
|
def valid_psd
|
|
|
@user = User.current
|
|
|
req = Hash.new(false)
|
|
|
req[:valid] = false
|
|
|
req[:valid] = @user.check_password?(params[:value])
|
|
|
render :json => req
|
|
|
end
|
|
|
|
|
|
def change_or_bind
|
|
|
@user = User.current
|
|
|
@type = params[:type]
|
|
|
@setting_type = 5
|
|
|
render :layout => 'login'
|
|
|
end
|
|
|
|
|
|
def bind_email_or_phone
|
|
|
@user = User.current
|
|
|
begin
|
|
|
ActiveRecord::Base.transaction do
|
|
|
if params[:type] == "phone"
|
|
|
@user.update_attributes!(:phone => params[:value])
|
|
|
reward_grade(@user, @user.id, 'Phone', 500)
|
|
|
else
|
|
|
@user.update_attributes!(:mail => params[:value])
|
|
|
# Gitlab.client.edit_user_email(@user.gid, :email => @user.mail) if @user.gid
|
|
|
reward_grade(@user, @user.id, 'Mail', 500)
|
|
|
end
|
|
|
end
|
|
|
rescue
|
|
|
raise ActiveRecord::Rollback
|
|
|
end
|
|
|
redirect_to my_account_path
|
|
|
end
|
|
|
|
|
|
def phone_bind
|
|
|
if request.get?
|
|
|
render :layout =>'login'
|
|
|
else
|
|
|
User.current.update_attributes!(:phone => params[:phone])
|
|
|
reward_grade(User.current, User.current.id, 'Phone', 500)
|
|
|
redirect_to user_path(User.current)
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def unbind_phone
|
|
|
if User.current.mail.blank?
|
|
|
User.current.update_attribute('phone', nil)
|
|
|
User.current.lock!
|
|
|
redirect_to signin_path
|
|
|
else
|
|
|
User.current.update_attribute('phone', nil)
|
|
|
redirect_to my_account_path
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def unbind_mail
|
|
|
if User.current.phone.blank?
|
|
|
User.current.update_attribute('mail', nil)
|
|
|
User.current.lock!
|
|
|
redirect_to signin_path
|
|
|
else
|
|
|
User.current.update_attribute('mail', nil)
|
|
|
redirect_to my_account_path
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def wechat_bind
|
|
|
respond_to do |format|
|
|
|
format.html { render :layout => "login_bigdata"}
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def reset_psd
|
|
|
if params[:lost_psd_phone] && params[:lost_psd_phone].strip != ""
|
|
|
@user = User.where("phone = '#{params[:lost_psd_phone].to_s}'").first
|
|
|
code = VerificationCode.where(:phone => params[:lost_psd_phone], :code => params[:code], :code_type => 2).last
|
|
|
|
|
|
elsif params[:lost_psd_email] && params[:lost_psd_email].strip != ""
|
|
|
@user = User.where("mail = '#{params[:lost_psd_email].to_s}'").first
|
|
|
code = VerificationCode.where(:email => params[:lost_psd_email], :code => params[:code], :code_type => 3).last
|
|
|
end
|
|
|
|
|
|
if !code.nil? && (Time.now.to_i - code.created_at.to_i) <= 10*60
|
|
|
if @user.present?
|
|
|
@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
|
|
|
if @user.save
|
|
|
Token.where(:user_id => @user, :action => "recovery").destroy_all
|
|
|
respond_to do |format|
|
|
|
format.js
|
|
|
end
|
|
|
else
|
|
|
redirect_to signin_path
|
|
|
return
|
|
|
end
|
|
|
else
|
|
|
redirect_to signin_path
|
|
|
return
|
|
|
end
|
|
|
else
|
|
|
@status = 0
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def email_valid
|
|
|
begin
|
|
|
@mail_type = params[:mail].split("@")[1]
|
|
|
@user = User.find(params[:user_id])
|
|
|
rescue
|
|
|
return render_404
|
|
|
end
|
|
|
respond_to do |format|
|
|
|
format.html { render :layout => "login_bigdata"}
|
|
|
format.js
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def resendmail
|
|
|
result = {:status=>1, :email=>""}
|
|
|
user = User.find(params[:user]) if params[:user]
|
|
|
result[:email] = user.mail
|
|
|
token = Token.new(:user => user, :action => "register")
|
|
|
if token.save
|
|
|
# Mailer.run.register(token)
|
|
|
Mailer.register(token).deliver
|
|
|
else
|
|
|
yield if block_given?
|
|
|
result[:status] = 0
|
|
|
end
|
|
|
render :json => result
|
|
|
end
|
|
|
|
|
|
def change_email
|
|
|
user = User.find params[:user_id].to_i
|
|
|
user.update_attributes(:mail => params[:value])
|
|
|
token = Token.create(:user => user, :action => "register")
|
|
|
Mailer.run.register(token)
|
|
|
result = {:email => user.mail, :email_link => user.mail.split("@")[1]}
|
|
|
|
|
|
render :json => result
|
|
|
end
|
|
|
|
|
|
def email_activation
|
|
|
|
|
|
end
|
|
|
|
|
|
def gold_record
|
|
|
@user = User.current
|
|
|
# 用户签到情况
|
|
|
attendance = Attendance.where(:user_id => @user).first
|
|
|
@can_attendance = true
|
|
|
@next_attachment_score = 5
|
|
|
if attendance.present?
|
|
|
if time_between_days(Time.now, attendance.created_at) == 0
|
|
|
@can_attendance = false
|
|
|
end
|
|
|
@next_attachment_score = attendance.next_score
|
|
|
end
|
|
|
@type = params[:type] ? params[:type].to_i : 0
|
|
|
@user_grades = @type == 0 ? @user.grades.reorder("created_at desc") : @type == 1 ? @user.grades.where("score > 0").reorder("created_at desc") : @type == 2 ? @user.grades.where("score < 0").reorder("created_at desc") : []
|
|
|
@user_grades = paginateHelper @user_grades, 8
|
|
|
@setting_type = 7
|
|
|
respond_to do |format|
|
|
|
format.js
|
|
|
format.html{render :layout => 'base_edu_user'}
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def experience_record
|
|
|
@user = User.current
|
|
|
# 用户评测情况
|
|
|
@evaluate = Output.where(:game_id => @user.games.map(&:id)).reorder("created_at desc").first
|
|
|
|
|
|
@user_experiences = @user.experiences.reorder("created_at desc")
|
|
|
@user_experiences = paginateHelper @user_experiences, 8
|
|
|
@setting_type = 8
|
|
|
respond_to do |format|
|
|
|
format.js
|
|
|
format.html{render :layout => 'base_edu_account'}
|
|
|
end
|
|
|
end
|
|
|
|
|
|
private
|
|
|
|
|
|
def authenticate_user
|
|
|
Rails.logger.info("authenticate_user start")
|
|
|
if Setting.openid? && using_open_id?
|
|
|
Rails.logger.info("authenticate_user start1")
|
|
|
open_id_authenticate(params[:openid_url])
|
|
|
elsif params[:code]
|
|
|
Rails.logger.info("authenticate_user start2")
|
|
|
code_authentication
|
|
|
else
|
|
|
Rails.logger.info("authenticate_user start3")
|
|
|
password_authentication
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def password_authentication
|
|
|
user, last_login_on = User.try_to_login(params[:username], params[:password])
|
|
|
Rails.logger.info("password_authentication: params[:username] is #{params[:username]}, user is #{user}")
|
|
|
|
|
|
if user.nil?
|
|
|
Rails.logger.info("password_authentication: successful_authentication1")
|
|
|
invalid_credentials
|
|
|
elsif user.status == 2
|
|
|
Rails.logger.info("password_authentication: successful_authentication2")
|
|
|
@user = user
|
|
|
invalid_credentials_new
|
|
|
elsif user.new_record?
|
|
|
Rails.logger.info("password_authentication: successful_authentication3")
|
|
|
onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
|
|
|
else
|
|
|
# Valid user
|
|
|
Rails.logger.info("password_authentication: successful_authentication4")
|
|
|
successful_authentication(user, last_login_on)
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def code_authentication
|
|
|
if params[:username] =~ /^[a-zA-Z0-9]+([._\\]*[a-zA-Z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/
|
|
|
code = VerificationCode.where(:email => params[:username], :code => params[:code], :code_type => 7).last
|
|
|
user = User.where(:mail => params[:username]).first
|
|
|
elsif params[:username] =~ /^1\d{10}$/
|
|
|
code = VerificationCode.where(:phone => params[:username], :code => params[:code], :code_type => 6).last
|
|
|
user = User.where(:phone => params[:username]).first
|
|
|
end
|
|
|
|
|
|
if user && code && (Time.now.to_i - code.created_at.to_i) <= 10*60
|
|
|
user.update_column(:last_login_on, Time.now)
|
|
|
successful_authentication(user, user.last_login_on.nil? ? '' : user.last_login_on.to_s)
|
|
|
else
|
|
|
logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
|
|
|
flash[:error] = l(:notice_account_invalid_code)
|
|
|
redirect_to signin_path(:c_name=>params[:username])
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def open_id_authenticate(openid_url)
|
|
|
back_url = signin_url(:autologin => params[:autologin])
|
|
|
|
|
|
authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => back_url, :method => :post) do |result, identity_url, registration|
|
|
|
if result.successful?
|
|
|
user = User.find_or_initialize_by_identity_url(identity_url)
|
|
|
if user.new_record?
|
|
|
# Self-registration off
|
|
|
(redirect_to(signin_path); return) unless Setting.self_registration?
|
|
|
|
|
|
# Create on the fly
|
|
|
user.login = registration['nickname'] unless registration['nickname'].nil?
|
|
|
user.mail = registration['email'] unless registration['email'].nil?
|
|
|
user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
|
|
|
user.random_password
|
|
|
user.register
|
|
|
|
|
|
case Setting.self_registration
|
|
|
when '1'
|
|
|
register_by_email_activation(user) do
|
|
|
onthefly_creation_failed(user)
|
|
|
end
|
|
|
when '3'
|
|
|
register_automatically(user) do
|
|
|
onthefly_creation_failed(user)
|
|
|
end
|
|
|
else
|
|
|
register_manually_by_administrator(user) do
|
|
|
onthefly_creation_failed(user)
|
|
|
end
|
|
|
end
|
|
|
else
|
|
|
# Existing record
|
|
|
if user.active?
|
|
|
successful_authentication(user)
|
|
|
else
|
|
|
account_pending
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def successful_authentication(user, last_login_on)
|
|
|
logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
|
|
|
# Valid user
|
|
|
self.logged_user = user
|
|
|
# generate a key and set cookie if autologin
|
|
|
if params[:autologin] && Setting.autologin?
|
|
|
set_autologin_cookie(user)
|
|
|
end
|
|
|
call_hook(:controller_account_success_authentication_after, {:user => user })
|
|
|
|
|
|
code = /\d*/
|
|
|
# 记录用户登录行为
|
|
|
|
|
|
UserActions.create(:action_id => User.current.id, :action_type => "Login", :user_id => User.current.id)
|
|
|
=begin
|
|
|
if user.created_on.strftime('%Y-%m-%d %H:%M:%S') > "2018-01-01 00:00:00" && user.phone.blank?
|
|
|
redirect_to change_or_bind_path(:type => 'phone')
|
|
|
return
|
|
|
end
|
|
|
=end
|
|
|
#根据home_url生产正则表达式
|
|
|
eval("code = " + "/^" + home_url.gsub(/\//,"\\\/") + "\\\/*(welcome)?\\\/*(\\\/index\\\/*.*)?\$/")
|
|
|
login_error = false
|
|
|
if (User.current.login =~ /(^(?=.*?[a-zA-Z]).*$)/).nil? || !(User.current.login =~ /[@#\$%\^&\*]+/).nil?
|
|
|
login_error = true
|
|
|
end
|
|
|
|
|
|
if (code=~params[:back_url] || params[:back_url].to_s.include?('lost_password')) && last_login_on != '' && !login_error
|
|
|
# enroll_status_cookie(user)
|
|
|
redirect_to user_path(user,host: Setting.host_user)
|
|
|
else
|
|
|
if last_login_on == ''
|
|
|
redirect_to my_account_url
|
|
|
else
|
|
|
#by young
|
|
|
#redirect_back_or_default my_page_path
|
|
|
# 基本资料不完善的用户,将强制用户完善基本资料。
|
|
|
user = UserExtensions.where(:user_id => User.current.id).first
|
|
|
if User.current.lastname.blank? || user.school_id.blank? || user.identity.blank? || login_error
|
|
|
redirect_to user_info_path()
|
|
|
else
|
|
|
# enroll_status_cookie(User.current)
|
|
|
redirect_back_or_default User.current, params[:back_url]
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def set_autologin_cookie(user)
|
|
|
token = Token.get_or_create_permanent_login_token(user)
|
|
|
cookie_options = {
|
|
|
:value => token.value,
|
|
|
:expires => 1.month.from_now,
|
|
|
:path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
|
|
|
:secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
|
|
|
:httponly => true
|
|
|
}
|
|
|
if Redmine::Configuration['cookie_domain'].present?
|
|
|
cookie_options = cookie_options.merge(domain: Redmine::Configuration['cookie_domain'])
|
|
|
end
|
|
|
cookies[autologin_cookie_name] = cookie_options
|
|
|
end
|
|
|
|
|
|
# Onthefly creation failed, display the registration form to fill/fix attributes
|
|
|
def onthefly_creation_failed(user, auth_source_options = { })
|
|
|
@user = user
|
|
|
session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
|
|
|
render :action => 'register'
|
|
|
end
|
|
|
|
|
|
def invalid_credentials
|
|
|
logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
|
|
|
flash[:error] = l(:notice_account_invalid_creditentials)
|
|
|
# render :layout => 'login'
|
|
|
redirect_to signin_path(:name=>params[:username])
|
|
|
end
|
|
|
|
|
|
def invalid_credentials_new
|
|
|
logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
|
|
|
# flash[:error] = l(:notice_account_invalid_creditentials_new)
|
|
|
# render signin_path(:login=>true)
|
|
|
render :action => 'email_activation',:layout => 'login_bigdata'
|
|
|
end
|
|
|
|
|
|
# Register a user for email activation.
|
|
|
#
|
|
|
# Pass a block for behavior when a user fails to save
|
|
|
def register_by_email_activation(user, &block)
|
|
|
token = Token.new(:user => user, :action => "register")
|
|
|
if user.save and token.save
|
|
|
UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
|
|
|
Mailer.run.register(token)
|
|
|
|
|
|
|
|
|
flash[:notice] = l(:notice_account_register_done)
|
|
|
|
|
|
render action: 'email_valid', locals: {:mail => user.mail}
|
|
|
else
|
|
|
yield if block_given?
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# Automatically register a user
|
|
|
#
|
|
|
# Pass a block for behavior when a user fails to save
|
|
|
def register_automatically(user, &block)
|
|
|
# Automatic activation
|
|
|
user.activate
|
|
|
user.last_login_on = Time.now
|
|
|
if user.save
|
|
|
UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
|
|
|
self.logged_user = user
|
|
|
flash[:notice] = l(:notice_account_activated)
|
|
|
redirect_to my_account_url
|
|
|
else
|
|
|
yield if block_given?
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# Manual activation by the administrator
|
|
|
#
|
|
|
# Pass a block for behavior when a user fails to save
|
|
|
def register_manually_by_administrator(user, &block)
|
|
|
if user.save
|
|
|
UserStatus.create(:user_id => user.id ,:changsets_count => 0, :watchers_count => 0)
|
|
|
# Sends an email to the administrators
|
|
|
Mailer.run.account_activation_request(user)
|
|
|
account_pending
|
|
|
else
|
|
|
yield if block_given?
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def account_pending
|
|
|
flash[:notice] = l(:notice_account_pending)
|
|
|
redirect_to signin_url
|
|
|
end
|
|
|
end
|