diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index c0905e89c..634209570 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base protect_from_forgery prepend: true, unless: -> { request.format.json? } + before_action :check_sign before_action :user_setup #before_action :check_account @@ -20,6 +21,21 @@ class ApplicationController < ActionController::Base helper_method :current_user + # 所有请求必须合法签名 + def check_sign + Rails.logger.info("66666 #{params}") + if params[:client_key].present? + Rails.logger.info("111111 #{params[:client_key]}") + Rails.logger.info("00000 #{params[:timestamp]}") + timestamp = params[:timestamp] + sign = Digest::MD5.hexdigest("#{OPENKEY}#{timestamp}") + Rails.logger.info("2222 #{sign}") + tip_exception(501, "请求不合理") if sign != params[:client_key] + else + tip_exception(501, "请求不合理") + end + end + # 全局配置参数 # 返回name对应的value def edu_setting(name) diff --git a/app/controllers/cooperative/base_controller.rb b/app/controllers/cooperative/base_controller.rb index 51af05ed2..dfc99b7b8 100644 --- a/app/controllers/cooperative/base_controller.rb +++ b/app/controllers/cooperative/base_controller.rb @@ -16,7 +16,7 @@ class Cooperative::BaseController < ApplicationController private def current_laboratory - @_current_laboratory ||= Laboratory.find_by_subdomain(request.subdomain) + @_current_laboratory ||= (Laboratory.find_by_subdomain(request.subdomain) || Laboratory.first) # @_current_laboratory ||= Laboratory.find 1 end diff --git a/app/controllers/hack_user_lastest_codes_controller.rb b/app/controllers/hack_user_lastest_codes_controller.rb index 641dcae2d..38238fea7 100644 --- a/app/controllers/hack_user_lastest_codes_controller.rb +++ b/app/controllers/hack_user_lastest_codes_controller.rb @@ -153,7 +153,7 @@ class HackUserLastestCodesController < ApplicationController when 'Java' content.scan(/.java.\d+/).map{|s| s.match(/\d+/)[0].to_i}.min when 'C', 'C++' - content.scan(/\d:\d+:/).map{|s| s.match(/\d+/)[0]}.min + content.scan(/\d:\d+:/).map{|s| s.match(/\d+/)[0].to_i}.min when 'Python' content.scan(/line \d+/).map{|s| s.match(/\d+/)[0].to_i}.min end diff --git a/app/controllers/main_controller.rb b/app/controllers/main_controller.rb index 0e2628c3e..395e536f4 100644 --- a/app/controllers/main_controller.rb +++ b/app/controllers/main_controller.rb @@ -1,4 +1,6 @@ class MainController < ApplicationController + skip_before_action :check_sign + def index render file: 'public/react/build/index.html', :layout => false end diff --git a/app/controllers/myshixuns_controller.rb b/app/controllers/myshixuns_controller.rb index 255c0f42e..67bec877b 100644 --- a/app/controllers/myshixuns_controller.rb +++ b/app/controllers/myshixuns_controller.rb @@ -3,6 +3,7 @@ class MyshixunsController < ApplicationController before_action :find_myshixun, :except => [:training_task_status, :code_runinng_message] before_action :find_repo_name, :except => [:training_task_status, :code_runinng_message] skip_before_action :verify_authenticity_token, :only => [:html_content] + skip_before_action :check_sign, only: [:training_task_status, :code_runinng_message] ## TPI关卡列表 def challenges diff --git a/public/react/src/App.js b/public/react/src/App.js index be6f6a5d6..3df7e8112 100644 --- a/public/react/src/App.js +++ b/public/react/src/App.js @@ -460,6 +460,9 @@ class App extends Component { this.setState({ mygetHelmetapi:response.data.setting }); + //存储配置到游览器 + localStorage.setItem('chromesetting',JSON.stringify(response.data.setting)); + localStorage.setItem('chromesettingresponse',JSON.stringify(response)); try { if (response.data.setting.tab_logo_url) { this.gettablogourldata(response); diff --git a/public/react/src/AppConfig.js b/public/react/src/AppConfig.js index c75389419..29b857475 100644 --- a/public/react/src/AppConfig.js +++ b/public/react/src/AppConfig.js @@ -1,10 +1,14 @@ import React from "react"; import axios from 'axios'; +import md5 from 'md5'; import { requestProxy } from "./indexEduplus2RequestProxy"; import { broadcastChannelOnmessage ,SetAppModel, isDev, queryString } from 'educoder'; import { notification } from 'antd'; -import './index.css' +import './index.css'; +const opens ="79e33abd4b6588941ab7622aed1e67e8"; +let timestamp = Date.parse(new Date()); +const newopens=md5(opens+timestamp) broadcastChannelOnmessage('refreshPage', () => { window.location.reload() }) @@ -91,20 +95,20 @@ export function initAxiosInterceptors(props) { } if(`${config[0]}`!=`true`){ if (window.location.port === "3007") { - // if (url.indexOf('.json') == -1) { - // - // alert('开发提示:请给接口加.json:' + url) - // - // } config.url = `${proxy}${url}`; if (config.url.indexOf('?') == -1) { - config.url = `${config.url}?debug=${debugType}`; + config.url = `${config.url}?debug=${debugType}&openkey=${newopens}`; } else { - config.url = `${config.url}&debug=${debugType}`; + config.url = `${config.url}&debug=${debugType}&openkey=${newopens}`; } } else { // 加api前缀 - config.url = url; + config.url = url; + if (config.url.indexOf('?') == -1) { + config.url = `${config.url}?openkey=${newopens}`; + } else { + config.url = `${config.url}&openkey=${newopens}`; + } } } // @@ -191,6 +195,11 @@ export function initAxiosInterceptors(props) { locationurl('/500'); } + if (response.data.status === 501) { + notification.warning({ + description:response.data.message || '访问异常,请求不合理', + }) + } // if (response.data.status === 402) { diff --git a/public/react/src/modules/courses/gradinforms/Bullsubdirectory.js b/public/react/src/modules/courses/gradinforms/Bullsubdirectory.js index d1859e135..8c5561b02 100644 --- a/public/react/src/modules/courses/gradinforms/Bullsubdirectory.js +++ b/public/react/src/modules/courses/gradinforms/Bullsubdirectory.js @@ -285,10 +285,10 @@ class Bullsubdirectory extends Component{ const {getFieldDecorator} = this.props.form; // console.log("Bullsubdirectory"); // console.log(this.props.isAdmin()); - console.log(this.props); - console.log(whethertoeditysl); - console.log(this.state.eduintits); - console.log(this.state.description); + // console.log(this.props); + // console.log(whethertoeditysl); + // console.log(this.state.eduintits); + // console.log(this.state.description); return( diff --git a/public/react/src/modules/tpm/NewHeader.js b/public/react/src/modules/tpm/NewHeader.js index ac5213ec1..95813c28c 100644 --- a/public/react/src/modules/tpm/NewHeader.js +++ b/public/react/src/modules/tpm/NewHeader.js @@ -706,6 +706,28 @@ submittojoinclass=(value)=>{ } getAppdata=()=>{ + try { + var chromesettingArray = JSON.parse(localStorage.getItem('chromesetting')); + var chromesettingresponseArray = JSON.parse(localStorage.getItem('chromesettingresponse')); + // console.log("NewHeaderNewHeaderNewHeader"); + // console.log(chromesettingArray); + // console.log(chromesettingresponseArray); + + this.setState({ + mygetHelmetapi2:chromesettingArray + }); + if (chromesettingArray.tab_logo_url) { + this.gettablogourldata(chromesettingresponseArray); + } else { + this.gettablogourlnull(); + } + }catch (e) { + console.log("head获取游览器配置失败 重新请求开始读取配置"); + this.geturlsdata(); + } + }; + + geturlsdata=()=>{ let url = "/setting.json"; axios.get(url).then((response) => { // console.log("app.js开始请求/setting.json"); @@ -715,6 +737,8 @@ submittojoinclass=(value)=>{ this.setState({ mygetHelmetapi2:response.data.setting }); + localStorage.setItem('chromesetting',JSON.stringify(response.data.setting)); + localStorage.setItem('chromesettingresponse',JSON.stringify(response)); try { if (response.data.setting.tab_logo_url) { this.gettablogourldata(response); @@ -741,7 +765,7 @@ submittojoinclass=(value)=>{ this.gettablogourlnull(); }); - }; + } matchpaths=(url)=>{ diff --git a/public/react/src/modules/tpm/TPMIndexHOC.js b/public/react/src/modules/tpm/TPMIndexHOC.js index 01d617c78..e1080d679 100644 --- a/public/react/src/modules/tpm/TPMIndexHOC.js +++ b/public/react/src/modules/tpm/TPMIndexHOC.js @@ -315,6 +315,27 @@ export function TPMIndexHOC(WrappedComponent) { } //获取当前定制信息 getAppdata = () => { + try { + var chromesettingArray = JSON.parse(localStorage.getItem('chromesetting')); + var chromesettingresponseArray = JSON.parse(localStorage.getItem('chromesettingresponse')); + // console.log("TPMLNdexHOC"); + // console.log(chromesettingArray); + // console.log(chromesettingresponseArray); + this.setState({ + mygetHelmetapi:chromesettingArray + }); + if (chromesettingArray.tab_logo_url) { + this.gettablogourldata(chromesettingresponseArray); + } else { + this.gettablogourlnull(); + } + }catch (e) { + console.log("hoc获取游览器配置失败 重新请求开始读取配置"); + this.getAppdatausr(); + } + + }; + getAppdatausr=()=>{ let url = "/setting.json"; axios.get(url).then((response) => { // console.log("app.js开始请求/setting.json"); @@ -324,6 +345,8 @@ export function TPMIndexHOC(WrappedComponent) { this.setState({ mygetHelmetapi: response.data.setting }); + localStorage.setItem('chromesetting',JSON.stringify(response.data.setting)); + localStorage.setItem('chromesettingresponse',JSON.stringify(response)); try { if (response.data.setting.tab_logo_url) { this.gettablogourldata(response); @@ -350,7 +373,8 @@ export function TPMIndexHOC(WrappedComponent) { this.gettablogourlnull(); }); - }; + + } /** 课堂权限相关方法,暂时写这里了 ----------------------------------------END */