|
|
|
|
class AccountsController < ApplicationController
|
|
|
|
|
|
|
|
|
|
#skip_before_action :check_account, :only => [:logout]
|
|
|
|
|
|
|
|
|
|
def index
|
|
|
|
|
render json: session
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# 用户注册
|
|
|
|
|
# 注意:用户注册需要兼顾本地版,本地版是不需要验证码及激活码以及使用授权的,注册完成即可使用
|
|
|
|
|
# params[:login] 邮箱或者手机号
|
|
|
|
|
# params[:code] 验证码
|
|
|
|
|
# code_type 1:注册手机验证码 8:邮箱注册验证码
|
|
|
|
|
def register
|
|
|
|
|
begin
|
|
|
|
|
# 查询验证码是否正确;type只可能是1或者8
|
|
|
|
|
type = phone_mail_type(params[:login].strip)
|
|
|
|
|
code = params[:code].strip
|
|
|
|
|
|
|
|
|
|
if type == 1
|
|
|
|
|
uid_logger("start register by phone: type is #{type}")
|
|
|
|
|
pre = 'p'
|
|
|
|
|
email = nil
|
|
|
|
|
phone = params[:login]
|
|
|
|
|
verifi_code = VerificationCode.where(phone: phone, code: code, code_type: 1).last
|
|
|
|
|
else
|
|
|
|
|
uid_logger("start register by email: type is #{type}")
|
|
|
|
|
pre = 'm'
|
|
|
|
|
email = params[:login]
|
|
|
|
|
phone = nil
|
|
|
|
|
verifi_code = VerificationCode.where(email: email, code: code, code_type: 8).last
|
|
|
|
|
end
|
|
|
|
|
uid_logger("start register: verifi_code is #{verifi_code}, code is #{code}, time is #{Time.now.to_i - verifi_code.try(:created_at).to_i}")
|
|
|
|
|
# check_code = (verifi_code.try(:code) == code.strip && (Time.now.to_i - verifi_code.created_at.to_i) <= 10*60)
|
|
|
|
|
# todo 上线前请删除万能验证码"513231"
|
|
|
|
|
if code != "513231"
|
|
|
|
|
return normal_status(-2, "验证码不正确") if verifi_code.try(:code) != code.strip
|
|
|
|
|
return normal_status(-2, "验证码已失效") if !verifi_code&.effective?
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
code = generate_identifier User, 8
|
|
|
|
|
login = pre + code
|
|
|
|
|
@user = User.new(admin: false, login: login, mail: email, phone: phone, type: "User")
|
|
|
|
|
@user.password = params[:password]
|
|
|
|
|
# 现在因为是验证码,所以在注册的时候就可以激活
|
|
|
|
|
@user.activate
|
|
|
|
|
# 必须要用save操作,密码的保存是在users中
|
|
|
|
|
if @user.save!
|
|
|
|
|
# todo user_extension
|
|
|
|
|
UserExtension.create!(user_id: @user.id)
|
|
|
|
|
# 注册完成,手机号或邮箱想可以奖励500金币
|
|
|
|
|
RewardGradeService.call(
|
|
|
|
|
@user,
|
|
|
|
|
container_id: @user.id,
|
|
|
|
|
container_type: pre == 'p' ? 'Phone' : 'Mail',
|
|
|
|
|
score: 500
|
|
|
|
|
)
|
|
|
|
|
# 注册时,记录是否是引流用户
|
|
|
|
|
ip = request.remote_ip
|
|
|
|
|
ua = UserAgent.find_by_ip(ip)
|
|
|
|
|
ua.update_column(:agent_type, UserAgent::USER_REGISTER) if ua
|
|
|
|
|
successful_authentication(@user)
|
|
|
|
|
session[:user_id] = @user.id
|
|
|
|
|
normal_status("注册成功")
|
|
|
|
|
end
|
|
|
|
|
rescue Exception => e
|
|
|
|
|
uid_logger_error(e.message)
|
|
|
|
|
tip_exception(-1, e.message)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# 用户登录
|
|
|
|
|
def login
|
|
|
|
|
@user = User.try_to_login(params[:login], params[:password])
|
|
|
|
|
|
|
|
|
|
if @user
|
|
|
|
|
# user is already in local database
|
|
|
|
|
return normal_status(-2, "违反平台使用规范,账号已被锁定") if @user.locked?
|
|
|
|
|
return normal_status(-2, "错误的账号或密码") unless @user.check_password?(params[:password].to_s)
|
|
|
|
|
else
|
|
|
|
|
return normal_status(-2, "错误的账号或密码")
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
@user.update_column(:last_login_on, Time.now)
|
|
|
|
|
|
|
|
|
|
successful_authentication(@user)
|
|
|
|
|
|
|
|
|
|
session[:user_id] = @user.id
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# 忘记密码
|
|
|
|
|
def reset_password
|
|
|
|
|
begin
|
|
|
|
|
code = params[:code]
|
|
|
|
|
login_type = phone_mail_type(params[:login].strip)
|
|
|
|
|
# 获取验证码
|
|
|
|
|
if login_type == 1
|
|
|
|
|
phone = params[:login]
|
|
|
|
|
verifi_code = VerificationCode.where(phone: phone, code: code, code_type: 2).last
|
|
|
|
|
user = User.find_by_phone(phone)
|
|
|
|
|
else
|
|
|
|
|
email = params[:login]
|
|
|
|
|
verifi_code = VerificationCode.where(email: email, code: code, code_type: 3).last
|
|
|
|
|
user = User.find_by_mail(email) #这里有问题,应该是为email,而不是mail 6.13-hs
|
|
|
|
|
end
|
|
|
|
|
return normal_status(-2, "验证码不正确") if verifi_code.try(:code) != code.strip
|
|
|
|
|
return normal_status(-2, "验证码已失效") if !verifi_code&.effective?
|
|
|
|
|
|
|
|
|
|
user.password, user.password_confirmation = params[:new_password], params[:new_password_confirmation]
|
|
|
|
|
if user.save!
|
|
|
|
|
sucess_status
|
|
|
|
|
end
|
|
|
|
|
rescue Exception => e
|
|
|
|
|
uid_logger_error(e.message)
|
|
|
|
|
tip_exception("密码重置失败")
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def successful_authentication(user)
|
|
|
|
|
uid_logger("Successful authentication start: '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}")
|
|
|
|
|
# Valid user
|
|
|
|
|
self.logged_user = user
|
|
|
|
|
# generate a key and set cookie if autologin
|
|
|
|
|
|
|
|
|
|
set_autologin_cookie(user)
|
|
|
|
|
UserAction.create(:action_id => user.try(:id), :action_type => "Login", :user_id => user.try(:id), :ip => request.remote_ip)
|
|
|
|
|
|
|
|
|
|
# 注册完成后有一天的试用申请(先去掉)
|
|
|
|
|
# UserDayCertification.create(user_id: user.id, status: 1)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def set_autologin_cookie(user)
|
|
|
|
|
token = Token.get_or_create_permanent_login_token(user, "autologin")
|
|
|
|
|
cookie_options = {
|
|
|
|
|
:value => token.value,
|
|
|
|
|
:expires => 1.month.from_now,
|
|
|
|
|
:path => '/',
|
|
|
|
|
:secure => false,
|
|
|
|
|
:httponly => true
|
|
|
|
|
}
|
|
|
|
|
if edu_setting('cookie_domain').present?
|
|
|
|
|
cookie_options = cookie_options.merge(domain: edu_setting('cookie_domain'))
|
|
|
|
|
end
|
|
|
|
|
cookies[autologin_cookie_name] = cookie_options
|
|
|
|
|
logger.info("cookies is #{cookies}")
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def logout
|
|
|
|
|
UserAction.create(action_id: User.current.id, action_type: "Logout", user_id: User.current.id, :ip => request.remote_ip)
|
|
|
|
|
session[:user_id] = nil
|
|
|
|
|
logout_user
|
|
|
|
|
render :json => {status: 1, message: "退出成功!"}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# 检验邮箱是否已被注册及邮箱或者手机号是否合法
|
|
|
|
|
# 参数type为事件类型 1:注册;2:忘记密码
|
|
|
|
|
def valid_email_and_phone
|
|
|
|
|
check_mail_and_phone_valid(params[:login], params[:type])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# 发送验证码
|
|
|
|
|
# params[:login] 手机号或者邮箱号
|
|
|
|
|
# params[:type]为事件通知类型 1:用户注册注册 2:忘记密码 3: 绑定手机 4: 绑定邮箱, 5: 验收手机号有效 # 如果有新的继续后面加
|
|
|
|
|
# 发送验证码:send_type 1:注册手机验证码 2:找回密码手机验证码 3:找回密码邮箱验证码 4:绑定手机 5:绑定邮箱
|
|
|
|
|
# 6:手机验证码登录 7:邮箱验证码登录 8:邮箱注册验证码 9: 验收手机号有效
|
|
|
|
|
def get_verification_code
|
|
|
|
|
code = %W(0 1 2 3 4 5 6 7 8 9)
|
|
|
|
|
value = params[:login]
|
|
|
|
|
type = params[:type].strip.to_i
|
|
|
|
|
login_type = phone_mail_type(value)
|
|
|
|
|
send_type = verify_type(login_type, type)
|
|
|
|
|
verification_code = code.sample(6).join
|
|
|
|
|
|
|
|
|
|
logger.info("########get_verification_code: login_type: #{login_type}, send_type:#{send_type}, ")
|
|
|
|
|
|
|
|
|
|
# 记录验证码
|
|
|
|
|
check_verification_code(verification_code, send_type, value)
|
|
|
|
|
sucess_status
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# 1 手机类型;0 邮箱类型
|
|
|
|
|
# 注意新版的login是自动名生成的
|
|
|
|
|
def phone_mail_type value
|
|
|
|
|
value =~ /^1\d{10}$/ ? 1 : 0
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
def autologin_cookie_name
|
|
|
|
|
edu_setting('autologin_cookie_name') || 'autologin'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def logout_user
|
|
|
|
|
if User.current.logged?
|
|
|
|
|
if autologin = cookies.delete(autologin_cookie_name)
|
|
|
|
|
User.current.delete_autologin_token(autologin)
|
|
|
|
|
end
|
|
|
|
|
User.current.delete_session_token(session[:tk])
|
|
|
|
|
self.logged_user = nil
|
|
|
|
|
end
|
|
|
|
|
session[:user_id] = nil
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# type 事件类型 1:用户注册 2:忘记密码 3: 绑定手机 4: 绑定邮箱, 5: 验证手机号是否有效 # 如果有新的继续后面加
|
|
|
|
|
# login_type 1:手机类型 2:邮箱类型
|
|
|
|
|
def verify_type login_type, type
|
|
|
|
|
case type
|
|
|
|
|
when 1
|
|
|
|
|
login_type == 1 ? 1 : 8
|
|
|
|
|
when 2
|
|
|
|
|
login_type == 1 ? 2 : 3
|
|
|
|
|
when 3
|
|
|
|
|
login_type == 1 ? 4 : tip_exception('请填写正确的手机号')
|
|
|
|
|
when 4
|
|
|
|
|
login_type == 1 ? tip_exception('请填写正确的邮箱') : 5
|
|
|
|
|
when 5
|
|
|
|
|
login_type == 1 ? 9 : tip_exception('请填写正确的手机号')
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|