pq6nyhfb4
/
edu
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
edu/app/controllers/accounts_controller.rb

139 lines
4.4 KiB
Raw Permalink Blame History

# frozen_string_literal: true
class AccountsController < ApplicationController
include LoginHelper
def login
user_try_to_login = User.try_to_login(params[:login])
return info(-1, "用户账号不存在") if user_try_to_login.blank?
return info(-1, "用户账号未激活,请联系管理员") if user_try_to_login.invalid?
return info(-1, "用户账号已经被锁定") if user_try_to_login.locked?
login_control = LimitForbidControl::UserLogin.new(user_try_to_login)
return info(-3, "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires / 60}分钟后重新登录或找回密码") if login_control.forbid?
check_password = user_try_to_login.check_password?(params[:password])
unless check_password
if login_control.remain_times - 1 == 0
info(-3, "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires / 60}分钟后重新登录或找回密码")
else
info(-3, "您已经输错密码#{login_control.error_times + 1}次,还剩余#{login_control.remain_times - 1}次机会")
end
login_control.increment!
return
end
successful_authentication(user_try_to_login)
# self.logged_user = user_try_to_login
login_control.clear
info(0, "登录成功")
end
def register
begin
ActiveRecord::Base.transaction do
user_new = User.new(email: params[:email],
password: params[:password],
nickname: params[:nickname],
phone: params[:phone])
if user_new.valid?
user_new.login = generate_code(8)
user_new.save!
UserMailer.register_email(user_new).deliver_now
info(0, "保存成功")
else
info(-1, "注册错误", user_new.errors)
end
end
rescue Exception => e
logger_error(e.message)
info(-1, "注册错误", e.message)
end
end
def logout
UserAction.create(action_id: User.current.id, action_type: "Logout", user_id: User.current.id, :ip => request.remote_ip)
# 将tokens里面的session记录设置为失效状态
session_id = cookies[User::SESSION_ACTION]
token = Token.find_by(action:User::SESSION_ACTION,user_id:User.current.id,status:[Token::STATUS_EX_LOGIN,Token::STATUS_LOGIN],value:session_id)
if token.present?
token.status = Token::STATUS_LOGOUT
token.save!
end
logout_user
render :json => { status: 1, message: "退出成功!" }
end
def logout_user
if User.current.logged?
if autologin = cookies.delete(autologin_cookie_name)
User.current.delete_autologin_token(autologin)
end
UserOnline.logout(User.current.id)
#Token.where(user_id: User.current.id).delete_all # 退出登录清空当前用户所有的token
User.current.delete_session_token(session[:tk])
User.current.delete_session_token(session[:user_id])
User.current.delete_session_token(session[:request_user_id])
self.logged_user = nil
end
session[:user_id] = nil
session[:request_user_id] = nil
end
def activation
ActiveRecord::Base.transaction do
id = params[:id]
user_find_by_login = User.find_by_login(id)
if user_find_by_login.present?
user_find_by_login.update!(status: 1)
info(0, "激活成功")
else
info(-1, "账号不存在")
end
end
end
def successful_authentication(user)
ActiveRecord::Base.transaction do
self.logged_user = user
set_token_session user
set_autologin_cookie(user)
UserAction.create(action_id: user.try(:id),
action_type: "Login",
user_id: user.try(:id),
ip: request.remote_ip)
user.update_column(:last_login_on, Time.now)
session[:user_id] = user.id
response.header['cs'] = "#{session&.id&.to_s}"
response.header['Access-Control-Expose-Headers'] = "Cs,Set-Cookie"
end
end
def logged_user=(user)
# session_id = session.id.to_s || session[:session_id]
reset_session
if user && user.is_a?(User)
User.current = user
start_user_session(user)
else
User.current = User.anonymous
end
end
def start_user_session(user)
UserOnline.login(user.id)
session[:request_user_id] = user.id
session[:user_id] = user.id
session[:ctime] = Time.now.utc.to_i
session[:atime] = Time.now.utc.to_i
end
end
Reference in new issue View Git Blame Copy Permalink