From 2959414d563ac5826ae66650b2927c8a75140e69 Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 10:25:58 +0800 Subject: [PATCH 01/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 37 +++++++------- app/views/users/get_user_info.json.jbuilder | 54 ++++++++++----------- 2 files changed, 47 insertions(+), 44 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index a04a16aa9..ef320e7bd 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -8,7 +8,7 @@ class UsersController < ApplicationController before_action :connect_to_ci_db, only: [:get_user_info] before_action :convert_image!, only: [:update, :update_image] skip_before_action :check_sign, only: [:attachment_show] - # before_action :sso_login, only: [:get_user_info] + before_action :sso_login, only: [:get_user_info] def connect_to_ci_db(options={}) if !(current_user && !current_user.is_a?(AnonymousUser) && current_user.devops_certification?) @@ -331,26 +331,29 @@ class UsersController < ApplicationController end def sso_login - if params[:ticket].present? && !current_user.logged? && params[:websiteName].nil? - info = Base64.decode64(params[:ticket]) || Base64.decode64(params[:info].gsub(" ", "+")).force_encoding("utf-8") - # login 邮箱 手机号 姓名 学校/单位 - user_info = info.split("&&") - # Rails.logger.info("user_info====== #{info}") - login = user_info[0] - email = user_info[1] - phone = user_info[2] - real_name = user_info[3] - department_name = user_info[4] + if params[:login].present? && !current_user.logged? && params[:websiteName].nil? + params = { "login" => "#{params[:login]}", "private_token" => "hriEn3UwXfJs3PmyXnSH" } + api_url= "https://pre-data.educoder.net" + client = Faraday.new(url: api_url) + response = client.public_send("get", "/api/sources/get_user_info_by_login", params) + result = JSON.parse(response.body) - # 没有登录时,新建用户并登录 - if current_user.logged? - user = current_user - else - user = User.where("login = ? or phone = ? or mail = ? ", "edu_#{login}", phone, email).first + if result["status"].to_s == "0" + # login 邮箱 手机号 姓名 学校/单位 + user_info = result["data"] + Rails.logger.info("user_info====== #{user_info}") + login = user_info["login"] + email = user_info["mail"] + phone = user_info["phone"] + real_name = user_info["username"] + department_name = user_info["school"] + + # 没有用户时,新建用户并登录 + user = User.where("login = ? or phone = ? or mail = ? ", "#{login}", phone, email).first unless user ActiveRecord::Base.transaction do phone_rand = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9].sample(4).join - user_params = { status: 1, type: 'User', login: "e_#{login}", lastname: "#{real_name}", mail: "#{email}", + user_params = { status: 1, type: 'User', login: "#{login}", lastname: "#{real_name}", mail: "#{email}", nickname: "#{real_name}", professional_certification: 0, certification: 0, grade: 0, password: "12345678", phone: "#{phone_rand}", profile_completed: 1 } user = User.create!(user_params) diff --git a/app/views/users/get_user_info.json.jbuilder b/app/views/users/get_user_info.json.jbuilder index d60f46ade..d4859c376 100644 --- a/app/views/users/get_user_info.json.jbuilder +++ b/app/views/users/get_user_info.json.jbuilder @@ -1,28 +1,28 @@ -json.username @user.full_name -json.real_name @user.real_name -json.nickname @user.nickname -json.gender @user.gender -json.login @user.login -json.user_id @user.id -json.image_url url_to_avatar(@user) -json.admin @user.admin? -json.is_teacher @user.user_extension&.teacher? -json.user_identity @user.identity -json.tidding_count 0 -json.user_phone_binded @user.phone.present? -json.need_edit_info @user.need_edit_info? -# json.phone @user.phone -# json.email @user.mail -json.profile_completed @user.profile_is_completed? -json.professional_certification @user.professional_certification -json.devops_step @user.devops_step -json.ci_certification @user.ci_certification? -json.email @user.mail -json.province @user.province -json.city @user.city -json.custom_department @user.custom_department -json.description @user.description -json.super_description @user.super_description -json.(@user, :show_email, :show_department, :show_location, :show_super_description) -json.message_unread_total @message_unread_total +json.username @user.full_name +json.real_name @user.real_name +json.nickname @user.nickname +json.gender @user.gender +json.login @user.login +json.user_id @user.id +json.image_url url_to_avatar(@user) +json.admin @user.admin? +json.is_teacher @user.user_extension&.teacher? +json.user_identity @user.identity +json.tidding_count 0 +json.user_phone_binded @user.phone.present? +json.need_edit_info @user.need_edit_info? +json.phone @user.phone +# json.email @user.mail +json.profile_completed @user.profile_is_completed? +json.professional_certification @user.professional_certification +json.devops_step @user.devops_step +json.ci_certification @user.ci_certification? +json.email @user.mail +json.province @user.province +json.city @user.city +json.custom_department @user.custom_department +json.description @user.description +json.super_description @user.super_description +json.(@user, :show_email, :show_department, :show_location, :show_super_description) +json.message_unread_total @message_unread_total json.has_trace_user @user.trace_user.present? \ No newline at end of file From 26bfc2c0bf22ffad4fd478a4be8a4ff75fbb7053 Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 10:33:21 +0800 Subject: [PATCH 02/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index ef320e7bd..98da1b880 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -331,7 +331,7 @@ class UsersController < ApplicationController end def sso_login - if params[:login].present? && !current_user.logged? && params[:websiteName].nil? + if params[:login].present? && !current_user.logged? && params[:websiteName].present? params = { "login" => "#{params[:login]}", "private_token" => "hriEn3UwXfJs3PmyXnSH" } api_url= "https://pre-data.educoder.net" client = Faraday.new(url: api_url) From ee3a14fa280cf205bf61a29c813f6ed027f36d52 Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 10:34:31 +0800 Subject: [PATCH 03/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 98da1b880..ad211d42c 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -332,10 +332,10 @@ class UsersController < ApplicationController def sso_login if params[:login].present? && !current_user.logged? && params[:websiteName].present? - params = { "login" => "#{params[:login]}", "private_token" => "hriEn3UwXfJs3PmyXnSH" } - api_url= "https://pre-data.educoder.net" + req_params = { "login" => "#{params[:login]}", "private_token" => "hriEn3UwXfJs3PmyXnSH" } + api_url= "https://data.educoder.net" client = Faraday.new(url: api_url) - response = client.public_send("get", "/api/sources/get_user_info_by_login", params) + response = client.public_send("get", "/api/sources/get_user_info_by_login", req_params) result = JSON.parse(response.body) if result["status"].to_s == "0" From b673909f9edf3e5ad74c8679b56025099d905397 Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 10:47:17 +0800 Subject: [PATCH 04/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95=EF=BC=8C=E6=89=8B=E6=9C=BA=E5=8F=B7?= =?UTF-8?q?=E5=85=88=E8=AE=B0=E5=BD=95=EF=BC=8C=E5=90=8E=E7=BB=AD=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index ad211d42c..72fb40fee 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -350,7 +350,10 @@ class UsersController < ApplicationController # 没有用户时,新建用户并登录 user = User.where("login = ? or phone = ? or mail = ? ", "#{login}", phone, email).first - unless user + if user.present? + # 手机号先记录,后续用 + user.update_column(:phone, "#{phone}") if phone.present? + else ActiveRecord::Base.transaction do phone_rand = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9].sample(4).join user_params = { status: 1, type: 'User', login: "#{login}", lastname: "#{real_name}", mail: "#{email}", From c27cc063e67003e091afedc1b83d1b622281f762 Mon Sep 17 00:00:00 2001 From: yystopf Date: Tue, 24 May 2022 10:59:52 +0800 Subject: [PATCH 05/17] add: new update user info simple and sync gitea --- app/controllers/accounts_controller.rb | 776 ++++++++++---------- app/controllers/concerns/register_helper.rb | 28 + app/forms/gitea/user/update_form.rb | 2 +- config/routes.rb | 1 + 4 files changed, 428 insertions(+), 379 deletions(-) diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index e40630c6b..1af348abd 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -1,378 +1,398 @@ -class AccountsController < ApplicationController - include ApplicationHelper - - #skip_before_action :check_account, :only => [:logout] - - def index - render json: session - end - - # 其他平台同步注册的用户 - def remote_register - Register::RemoteForm.new(remote_register_params).validate! - username = params[:username]&.gsub(/\s+/, "") - tip_exception("无法使用以下关键词:#{username},请重新命名") if ReversedKeyword.check_exists?(username) - email = params[:email]&.gsub(/\s+/, "") - password = params[:password] - platform = (params[:platform] || 'forge')&.gsub(/\s+/, "") - - ActiveRecord::Base.transaction do - result = autologin_register(username, email, password, platform) - if result[:message].blank? - render_ok({user: result[:user]}) - else - render_error(result[:message]) - end - end - rescue Exception => e - uid_logger_error(e.message) - tip_exception(-1, e.message) - end - - # 其他平台修改用户的信息,这边同步修改 - def remote_update - ActiveRecord::Base.transaction do - user_params = params[:user_params] - user_extension_params = params[:user_extension_params] - - u = User.find_by(login: params[:old_user_login]) - user_mail = u.try(:mail) - - if u.present? - ue = u.user_extension - u.login = user_params["login"] if user_params["login"] - u.mail = user_params["mail"] if user_params["mail"] - u.lastname = user_params["lastname"] if user_params["lastname"] - - ue.gender = user_extension_params["gender"] - ue.school_id = user_extension_params["school_id"] - ue.location = user_extension_params["location"] - ue.location_city = user_extension_params["location_city"] - ue.identity = user_extension_params["identity"] - ue.technical_title = user_extension_params["technical_title"] - ue.student_id = user_extension_params["student_id"] - ue.description = user_extension_params["description"] - ue.save! - u.save! - - sync_params = {} - - if (user_params["mail"] && user_params["mail"] != user_mail) - sync_params = sync_params.merge(email: user_params["mail"]) - end - - if sync_params.present? - interactor = Gitea::User::UpdateInteractor.call(u.login, sync_params) - if interactor.success? - render_ok - else - render_error(interactor.error) - end - end - end - end - rescue Exception => e - uid_logger_error(e.message) - tip_exception(-1, e.message) - end - - # 其他平台同步登录 - def remote_login - @user = User.try_to_login(params[:login], params[:password]) - if @user - successful_authentication(@user) - render_ok({user: {id: @user.id, token: @user.gitea_token}}) - else - render_error("用户不存在") - end - end - - #修改密码 - def remote_password - @user = User.find_by(login: params[:login]) - return render_error("未找到相关用户!") if @user.blank? - - sync_params = { - password: params[:password].to_s, - email: @user.mail - } - - interactor = Gitea::User::UpdateInteractor.call(@user.login, sync_params) - if interactor.success? - @user.update_attribute(:password, params[:password]) - render_ok - else - render_error(interactor.error) - end - end - - - - # 用户注册 - # 注意:用户注册需要兼顾本地版,本地版是不需要验证码及激活码以及使用授权的,注册完成即可使用 - # params[:login] 邮箱或者手机号 - # params[:namespace] 登录名 - # params[:code] 验证码 - # code_type 1:注册手机验证码 8:邮箱注册验证码 - # 本地forge注册入口需要重新更改逻辑 - def register - # type只可能是1或者8 - user = nil - begin - Register::Form.new(register_params).validate! - - user = Users::RegisterService.call(register_params) - password = register_params[:password].strip - - # gitea用户注册, email, username, password - interactor = Gitea::RegisterInteractor.call({username: user.login, email: user.mail, password: password}) - if interactor.success? - gitea_user = interactor.result - result = Gitea::User::GenerateTokenService.call(user.login, password) - user.gitea_token = result['sha1'] - user.gitea_uid = gitea_user[:body]['id'] - if user.save! - UserExtension.create!(user_id: user.id) - successful_authentication(user) - render_ok - end - else - tip_exception(-1, interactor.error) - end - rescue Register::BaseForm::EmailError => e - render_error(-2, e.message) - rescue Register::BaseForm::LoginError => e - render_error(-3, e.message) - rescue Register::BaseForm::PhoneError => e - render_error(-4, e.message) - rescue Register::BaseForm::PasswordFormatError => e - render_error(-5, e.message) - rescue Register::BaseForm::VerifiCodeError => e - render_error(-6, e.message) - rescue Exception => e - Gitea::User::DeleteService.call(user.login) unless user.nil? - uid_logger_error(e.message) - tip_exception(-1, e.message) - end - end - - # 用户登录 - def login - Users::LoginForm.new(account_params).validate! - @user = User.try_to_login(params[:login], params[:password]) - - return normal_status(-2, "错误的账号或密码") if @user.blank? - # user is already in local database - return normal_status(-2, "违反平台使用规范,账号已被锁定") if @user.locked? - - login_control = LimitForbidControl::UserLogin.new(@user) - return normal_status(-2, "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires/60}分钟后重新登录或找回密码") if login_control.forbid? - - password_ok = @user.check_password?(params[:password].to_s) - unless password_ok - if login_control.remain_times-1 == 0 - normal_status(-2, "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires/60}分钟后重新登录或找回密码") - else - normal_status(-2, "你已经输错密码#{login_control.error_times+1}次,还剩余#{login_control.remain_times-1}次机会") - end - login_control.increment! - return - end - - successful_authentication(@user) - sync_pwd_to_gitea!(@user, {password: params[:password].to_s}) # TODO用户密码未同步 - - # session[:user_id] = @user.id - end - - def change_password - @user = User.find_by(login: params[:login]) - return render_error("未找到相关用户!") if @user.blank? - return render_error("旧密码不正确") unless @user.check_password?(params[:old_password]) - - sync_params = { - password: params[:password].to_s, - email: @user.mail, - login_name: @user.login, - source_id: 0 - } - - interactor = Gitea::User::UpdateInteractor.call(@user.login, sync_params) - if interactor.success? - @user.update_attribute(:password, params[:password]) - render_ok - else - render_error(interactor.error) - end - end - - # 忘记密码 - def reset_password - begin - code = params[:code] - login_type = phone_mail_type(params[:login].strip) - # 获取验证码 - if login_type == 1 - phone = params[:login] - verifi_code = VerificationCode.where(phone: phone, code: code, code_type: 2).last - user = User.find_by_phone(phone) - else - email = params[:login] - verifi_code = VerificationCode.where(email: email, code: code, code_type: 3).last - user = User.find_by_mail(email) #这里有问题,应该是为email,而不是mail 6.13-hs - end - return normal_status(-2, "验证码不正确") if verifi_code.try(:code) != code.strip - return normal_status(-2, "验证码已失效") if !verifi_code&.effective? - return normal_status(-1, "8~16位密码,支持字母数字和符号") unless params[:new_password] =~ CustomRegexp::PASSWORD - - user.password, user.password_confirmation = params[:new_password], params[:new_password_confirmation] - ActiveRecord::Base.transaction do - user.save! - LimitForbidControl::UserLogin.new(user).clear - end - sucess_status - rescue Exception => e - uid_logger_error(e.message) - tip_exception(e.message) - end - end - - def successful_authentication(user) - uid_logger("Successful authentication start: '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}") - # Valid user - self.logged_user = user - # generate a key and set cookie if autologin - - set_autologin_cookie(user) - UserAction.create(:action_id => user.try(:id), :action_type => "Login", :user_id => user.try(:id), :ip => request.remote_ip) - user.update_column(:last_login_on, Time.now) - session[:"#{default_yun_session}"] = user.id - Rails.logger.info("#########_____session_default_yun_session__________###############{default_yun_session}") - # 注册完成后有一天的试用申请(先去掉) - # UserDayCertification.create(user_id: user.id, status: 1) - end - - def set_autologin_cookie(user) - token = Token.get_or_create_permanent_login_token(user, "autologin") - sync_user_token_to_trustie(user.login, token.value) - - cookie_options = { - :value => token.value, - :expires => 1.month.from_now, - :path => '/', - :secure => false, - :httponly => true - } - if edu_setting('cookie_domain').present? - cookie_options = cookie_options.merge(domain: edu_setting('cookie_domain')) - end - cookies[autologin_cookie_name] = cookie_options - cookies.signed[:user_id] ||= user.id - - logger.info("cookies is #{cookies} ======> #{cookies.signed[:user_id]} =====> #{cookies[autologin_cookie_name]}") - end - - def logout - Rails.logger.info("########___logout_current_user____________########{current_user.try(:id)}") - UserAction.create(action_id: User.current.id, action_type: "Logout", user_id: User.current.id, :ip => request.remote_ip) - logout_user - render :json => {status: 1, message: "退出成功!"} - end - - # 检验邮箱是否已被注册及邮箱或者手机号是否合法 - # 参数type为事件类型 1:注册;2:忘记密码;3:绑定 - def valid_email_and_phone - check_mail_and_phone_valid(params[:login], params[:type]) - end - - # 发送验证码 - # params[:login] 手机号或者邮箱号 - # params[:type]为事件通知类型 1:用户注册 2:忘记密码 3: 绑定手机 4: 绑定邮箱, 5: 验收手机号有效 # 如果有新的继续后面加 - # 发送验证码:send_type 1:注册手机验证码 2:找回密码手机验证码 3:找回密码邮箱验证码 4:绑定手机 5:绑定邮箱 - # 6:手机验证码登录 7:邮箱验证码登录 8:邮箱注册验证码 9: 验收手机号有效 - def get_verification_code - code = %W(0 1 2 3 4 5 6 7 8 9) - value = params[:login] - type = params[:type].strip.to_i - login_type = phone_mail_type(value) - send_type = verify_type(login_type, type) - verification_code = code.sample(6).join - - sign = Digest::MD5.hexdigest("#{OPENKEY}#{value}") - tip_exception(501, "请求不合理") if sign != params[:smscode] - - logger.info "########### 验证码:#{verification_code}" - logger.info("########get_verification_code: login_type: #{login_type}, send_type:#{send_type}, ") - - # 记录验证码 - check_verification_code(verification_code, send_type, value) - render_ok - end - - # check user's login or email or phone is used - # params[:value] 手机号或者邮箱号或者登录名 - # params[:type] 为事件类型 1:登录名(login) 2:email(邮箱) 3:phone(手机号) - def check - Register::CheckColumnsForm.new(check_params).validate! - render_ok - end - - private - - # type 事件类型 1:用户注册 2:忘记密码 3: 绑定手机 4: 绑定邮箱, 5: 验证手机号是否有效 # 如果有新的继续后面加 - # login_type 1:手机类型 2:邮箱类型 - def verify_type login_type, type - case type - when 1 - login_type == 1 ? 1 : 8 - when 2 - login_type == 1 ? 2 : 3 - when 3 - login_type == 1 ? 4 : tip_exception('请填写正确的手机号') - when 4 - login_type == 1 ? tip_exception('请填写正确的邮箱') : 5 - when 5 - login_type == 1 ? 9 : tip_exception('请填写正确的手机号') - end - end - - def generate_login(login) - type = phone_mail_type(login.strip) - - if type == 1 - uid_logger("start register by phone: type is #{type}") - pre = 'p' - email = nil - phone = login - else - uid_logger("start register by email: type is #{type}") - pre = 'm' - email = login - phone = nil - end - code = generate_identifier User, 8, pre - - { login: pre + code, email: email, phone: phone } - end - - def user_params - params.require(:user).permit(:login, :email, :phone) - end - - def account_params - params.require(:account).permit(:login, :password) - end - - def check_params - params.permit(:type, :value) - end - - def register_params - params.permit(:login, :namespace, :password, :code) - end - - def remote_register_params - params.permit(:username, :email, :password, :platform) - end - -end +class AccountsController < ApplicationController + before_action :require_login, only: [:simple_update] + include ApplicationHelper + + #skip_before_action :check_account, :only => [:logout] + + def simple_update + simple_update_params.merge!(username: params[:username]&.gsub(/\s+/, "")) + simple_update_params.merge!(email: params[:email]&.gsub(/\s+/, "")) + simple_update_params.merge!(platform: (params[:platform] || 'forge')&.gsub(/\s+/, "")) + Register::RemoteForm.new(simple_update_params).validate! + + ActiveRecord::Base.transaction do + result = auto_update(current_user, simple_update_params) + if result[:message].blank? + render_ok + else + render_error(result[:message]) + end + end + end + + def index + render json: session + end + + # 其他平台同步注册的用户 + def remote_register + Register::RemoteForm.new(remote_register_params).validate! + username = params[:username]&.gsub(/\s+/, "") + tip_exception("无法使用以下关键词:#{username},请重新命名") if ReversedKeyword.check_exists?(username) + email = params[:email]&.gsub(/\s+/, "") + password = params[:password] + platform = (params[:platform] || 'forge')&.gsub(/\s+/, "") + + ActiveRecord::Base.transaction do + result = autologin_register(username, email, password, platform) + if result[:message].blank? + render_ok({user: result[:user]}) + else + render_error(result[:message]) + end + end + rescue Exception => e + uid_logger_error(e.message) + tip_exception(-1, e.message) + end + + # 其他平台修改用户的信息,这边同步修改 + def remote_update + ActiveRecord::Base.transaction do + user_params = params[:user_params] + user_extension_params = params[:user_extension_params] + + u = User.find_by(login: params[:old_user_login]) + user_mail = u.try(:mail) + + if u.present? + ue = u.user_extension + u.login = user_params["login"] if user_params["login"] + u.mail = user_params["mail"] if user_params["mail"] + u.lastname = user_params["lastname"] if user_params["lastname"] + + ue.gender = user_extension_params["gender"] + ue.school_id = user_extension_params["school_id"] + ue.location = user_extension_params["location"] + ue.location_city = user_extension_params["location_city"] + ue.identity = user_extension_params["identity"] + ue.technical_title = user_extension_params["technical_title"] + ue.student_id = user_extension_params["student_id"] + ue.description = user_extension_params["description"] + ue.save! + u.save! + + sync_params = {} + + if (user_params["mail"] && user_params["mail"] != user_mail) + sync_params = sync_params.merge(email: user_params["mail"]) + end + + if sync_params.present? + interactor = Gitea::User::UpdateInteractor.call(u.login, sync_params) + if interactor.success? + render_ok + else + render_error(interactor.error) + end + end + end + end + rescue Exception => e + uid_logger_error(e.message) + tip_exception(-1, e.message) + end + + # 其他平台同步登录 + def remote_login + @user = User.try_to_login(params[:login], params[:password]) + if @user + successful_authentication(@user) + render_ok({user: {id: @user.id, token: @user.gitea_token}}) + else + render_error("用户不存在") + end + end + + #修改密码 + def remote_password + @user = User.find_by(login: params[:login]) + return render_error("未找到相关用户!") if @user.blank? + + sync_params = { + password: params[:password].to_s, + email: @user.mail + } + + interactor = Gitea::User::UpdateInteractor.call(@user.login, sync_params) + if interactor.success? + @user.update_attribute(:password, params[:password]) + render_ok + else + render_error(interactor.error) + end + end + + + + # 用户注册 + # 注意:用户注册需要兼顾本地版,本地版是不需要验证码及激活码以及使用授权的,注册完成即可使用 + # params[:login] 邮箱或者手机号 + # params[:namespace] 登录名 + # params[:code] 验证码 + # code_type 1:注册手机验证码 8:邮箱注册验证码 + # 本地forge注册入口需要重新更改逻辑 + def register + # type只可能是1或者8 + user = nil + begin + Register::Form.new(register_params).validate! + + user = Users::RegisterService.call(register_params) + password = register_params[:password].strip + + # gitea用户注册, email, username, password + interactor = Gitea::RegisterInteractor.call({username: user.login, email: user.mail, password: password}) + if interactor.success? + gitea_user = interactor.result + result = Gitea::User::GenerateTokenService.call(user.login, password) + user.gitea_token = result['sha1'] + user.gitea_uid = gitea_user[:body]['id'] + if user.save! + UserExtension.create!(user_id: user.id) + successful_authentication(user) + render_ok + end + else + tip_exception(-1, interactor.error) + end + rescue Register::BaseForm::EmailError => e + render_error(-2, e.message) + rescue Register::BaseForm::LoginError => e + render_error(-3, e.message) + rescue Register::BaseForm::PhoneError => e + render_error(-4, e.message) + rescue Register::BaseForm::PasswordFormatError => e + render_error(-5, e.message) + rescue Register::BaseForm::VerifiCodeError => e + render_error(-6, e.message) + rescue Exception => e + Gitea::User::DeleteService.call(user.login) unless user.nil? + uid_logger_error(e.message) + tip_exception(-1, e.message) + end + end + + # 用户登录 + def login + Users::LoginForm.new(account_params).validate! + @user = User.try_to_login(params[:login], params[:password]) + + return normal_status(-2, "错误的账号或密码") if @user.blank? + # user is already in local database + return normal_status(-2, "违反平台使用规范,账号已被锁定") if @user.locked? + + login_control = LimitForbidControl::UserLogin.new(@user) + return normal_status(-2, "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires/60}分钟后重新登录或找回密码") if login_control.forbid? + + password_ok = @user.check_password?(params[:password].to_s) + unless password_ok + if login_control.remain_times-1 == 0 + normal_status(-2, "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires/60}分钟后重新登录或找回密码") + else + normal_status(-2, "你已经输错密码#{login_control.error_times+1}次,还剩余#{login_control.remain_times-1}次机会") + end + login_control.increment! + return + end + + successful_authentication(@user) + sync_pwd_to_gitea!(@user, {password: params[:password].to_s}) # TODO用户密码未同步 + + # session[:user_id] = @user.id + end + + def change_password + @user = User.find_by(login: params[:login]) + return render_error("未找到相关用户!") if @user.blank? + return render_error("旧密码不正确") unless @user.check_password?(params[:old_password]) + + sync_params = { + password: params[:password].to_s, + email: @user.mail, + login_name: @user.login, + source_id: 0 + } + + interactor = Gitea::User::UpdateInteractor.call(@user.login, sync_params) + if interactor.success? + @user.update_attribute(:password, params[:password]) + render_ok + else + render_error(interactor.error) + end + end + + # 忘记密码 + def reset_password + begin + code = params[:code] + login_type = phone_mail_type(params[:login].strip) + # 获取验证码 + if login_type == 1 + phone = params[:login] + verifi_code = VerificationCode.where(phone: phone, code: code, code_type: 2).last + user = User.find_by_phone(phone) + else + email = params[:login] + verifi_code = VerificationCode.where(email: email, code: code, code_type: 3).last + user = User.find_by_mail(email) #这里有问题,应该是为email,而不是mail 6.13-hs + end + return normal_status(-2, "验证码不正确") if verifi_code.try(:code) != code.strip + return normal_status(-2, "验证码已失效") if !verifi_code&.effective? + return normal_status(-1, "8~16位密码,支持字母数字和符号") unless params[:new_password] =~ CustomRegexp::PASSWORD + + user.password, user.password_confirmation = params[:new_password], params[:new_password_confirmation] + ActiveRecord::Base.transaction do + user.save! + LimitForbidControl::UserLogin.new(user).clear + end + sucess_status + rescue Exception => e + uid_logger_error(e.message) + tip_exception(e.message) + end + end + + def successful_authentication(user) + uid_logger("Successful authentication start: '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}") + # Valid user + self.logged_user = user + # generate a key and set cookie if autologin + + set_autologin_cookie(user) + UserAction.create(:action_id => user.try(:id), :action_type => "Login", :user_id => user.try(:id), :ip => request.remote_ip) + user.update_column(:last_login_on, Time.now) + session[:"#{default_yun_session}"] = user.id + Rails.logger.info("#########_____session_default_yun_session__________###############{default_yun_session}") + # 注册完成后有一天的试用申请(先去掉) + # UserDayCertification.create(user_id: user.id, status: 1) + end + + def set_autologin_cookie(user) + token = Token.get_or_create_permanent_login_token(user, "autologin") + sync_user_token_to_trustie(user.login, token.value) + + cookie_options = { + :value => token.value, + :expires => 1.month.from_now, + :path => '/', + :secure => false, + :httponly => true + } + if edu_setting('cookie_domain').present? + cookie_options = cookie_options.merge(domain: edu_setting('cookie_domain')) + end + cookies[autologin_cookie_name] = cookie_options + cookies.signed[:user_id] ||= user.id + + logger.info("cookies is #{cookies} ======> #{cookies.signed[:user_id]} =====> #{cookies[autologin_cookie_name]}") + end + + def logout + Rails.logger.info("########___logout_current_user____________########{current_user.try(:id)}") + UserAction.create(action_id: User.current.id, action_type: "Logout", user_id: User.current.id, :ip => request.remote_ip) + logout_user + render :json => {status: 1, message: "退出成功!"} + end + + # 检验邮箱是否已被注册及邮箱或者手机号是否合法 + # 参数type为事件类型 1:注册;2:忘记密码;3:绑定 + def valid_email_and_phone + check_mail_and_phone_valid(params[:login], params[:type]) + end + + # 发送验证码 + # params[:login] 手机号或者邮箱号 + # params[:type]为事件通知类型 1:用户注册 2:忘记密码 3: 绑定手机 4: 绑定邮箱, 5: 验收手机号有效 # 如果有新的继续后面加 + # 发送验证码:send_type 1:注册手机验证码 2:找回密码手机验证码 3:找回密码邮箱验证码 4:绑定手机 5:绑定邮箱 + # 6:手机验证码登录 7:邮箱验证码登录 8:邮箱注册验证码 9: 验收手机号有效 + def get_verification_code + code = %W(0 1 2 3 4 5 6 7 8 9) + value = params[:login] + type = params[:type].strip.to_i + login_type = phone_mail_type(value) + send_type = verify_type(login_type, type) + verification_code = code.sample(6).join + + sign = Digest::MD5.hexdigest("#{OPENKEY}#{value}") + tip_exception(501, "请求不合理") if sign != params[:smscode] + + logger.info "########### 验证码:#{verification_code}" + logger.info("########get_verification_code: login_type: #{login_type}, send_type:#{send_type}, ") + + # 记录验证码 + check_verification_code(verification_code, send_type, value) + render_ok + end + + # check user's login or email or phone is used + # params[:value] 手机号或者邮箱号或者登录名 + # params[:type] 为事件类型 1:登录名(login) 2:email(邮箱) 3:phone(手机号) + def check + Register::CheckColumnsForm.new(check_params).validate! + render_ok + end + + private + + # type 事件类型 1:用户注册 2:忘记密码 3: 绑定手机 4: 绑定邮箱, 5: 验证手机号是否有效 # 如果有新的继续后面加 + # login_type 1:手机类型 2:邮箱类型 + def verify_type login_type, type + case type + when 1 + login_type == 1 ? 1 : 8 + when 2 + login_type == 1 ? 2 : 3 + when 3 + login_type == 1 ? 4 : tip_exception('请填写正确的手机号') + when 4 + login_type == 1 ? tip_exception('请填写正确的邮箱') : 5 + when 5 + login_type == 1 ? 9 : tip_exception('请填写正确的手机号') + end + end + + def generate_login(login) + type = phone_mail_type(login.strip) + + if type == 1 + uid_logger("start register by phone: type is #{type}") + pre = 'p' + email = nil + phone = login + else + uid_logger("start register by email: type is #{type}") + pre = 'm' + email = login + phone = nil + end + code = generate_identifier User, 8, pre + + { login: pre + code, email: email, phone: phone } + end + + def user_params + params.require(:user).permit(:login, :email, :phone) + end + + def account_params + params.require(:account).permit(:login, :password) + end + + def check_params + params.permit(:type, :value) + end + + def register_params + params.permit(:login, :namespace, :password, :code) + end + + def remote_register_params + params.permit(:username, :email, :password, :platform) + end + + def simple_update_params + params.permit(:username, :email, :password, :platform) + end +end diff --git a/app/controllers/concerns/register_helper.rb b/app/controllers/concerns/register_helper.rb index 3a23a2103..3d5b0fc03 100644 --- a/app/controllers/concerns/register_helper.rb +++ b/app/controllers/concerns/register_helper.rb @@ -27,4 +27,32 @@ module RegisterHelper result end + def auto_update(user, params={}) + return if params.blank? + result = {message: nil, user: nil} + before_login = user.login + user.login = params[:username] + user.password = params[:password] + user.mail = params[:email] + + if user.save! + sync_params = { + password: params[:password].to_s, + email: params[:email], + login_name: params[:username], + new_name: params[:username], + source_id: 0 + } + + interactor = Gitea::User::UpdateInteractor.call(before_login, sync_params) + if interactor.success? + result[:user] = user + else + result[:message] = '用户同步Gitea失败!' + end + else + result[:message] = user.errors.full_messages.join(",") + return + end + end end diff --git a/app/forms/gitea/user/update_form.rb b/app/forms/gitea/user/update_form.rb index 7912d51fa..401282ff1 100644 --- a/app/forms/gitea/user/update_form.rb +++ b/app/forms/gitea/user/update_form.rb @@ -4,7 +4,7 @@ class Gitea::User::UpdateForm attr_accessor :username, :email, :admin, :allow_create_organization, :allow_git_hook, :allow_import_local, :full_name, :location, :login_name, :max_repo_creation, :must_change_password, :password, :prohibit_login, - :source_id, :website + :source_id, :website, :new_name validates :username, presence: true validates :email, presence: true, format: { with: EMAIL_REGEX, multiline: true } diff --git a/config/routes.rb b/config/routes.rb index 01ff4fa3c..eae7cf8eb 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -203,6 +203,7 @@ Rails.application.routes.draw do post :remote_password post :change_password post :check + post :simple_update end end From 1358c23ca6e4bd498855dab49f00937df06dcb40 Mon Sep 17 00:00:00 2001 From: yystopf Date: Tue, 24 May 2022 11:43:47 +0800 Subject: [PATCH 06/17] fix: trasfer project member must remove old permission --- app/services/projects/transfer_service.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/services/projects/transfer_service.rb b/app/services/projects/transfer_service.rb index 7d1214eb8..157263962 100644 --- a/app/services/projects/transfer_service.rb +++ b/app/services/projects/transfer_service.rb @@ -24,7 +24,8 @@ class Projects::TransferService < ApplicationService private def update_owner - project.members.map{|m| m.destroy! if m.user_id == owner.id || (new_owner.is_a?(Organization) && new_owner.is_member?(m.user_id)) } + project.members.map{|m| m.destroy! if m.user_id == owner.id || project.member(new_owner.id) || (new_owner.is_a?(Organization) && new_owner.is_member?(m.user_id)) } + project.set_owner_permission(new_owner) project.update!(user_id: new_owner.id) end From aa18fe0ad42f3715019038c425acc7b7060eb1e1 Mon Sep 17 00:00:00 2001 From: yystopf Date: Tue, 24 May 2022 11:43:47 +0800 Subject: [PATCH 07/17] =?UTF-8?q?=E4=BF=AE=E5=A4=8D:=20=E8=BD=AC=E7=A7=BB?= =?UTF-8?q?=E9=A1=B9=E7=9B=AE=E6=97=B6=E6=96=B0=E6=8E=A5=E5=8F=97=E8=80=85?= =?UTF-8?q?=E9=9C=80=E8=A6=81=E7=A7=BB=E9=99=A4=E5=8E=9F=E6=9D=A5=E7=9A=84?= =?UTF-8?q?=E6=9D=83=E9=99=90=E8=A7=92=E8=89=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/services/projects/transfer_service.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/services/projects/transfer_service.rb b/app/services/projects/transfer_service.rb index 7d1214eb8..157263962 100644 --- a/app/services/projects/transfer_service.rb +++ b/app/services/projects/transfer_service.rb @@ -24,7 +24,8 @@ class Projects::TransferService < ApplicationService private def update_owner - project.members.map{|m| m.destroy! if m.user_id == owner.id || (new_owner.is_a?(Organization) && new_owner.is_member?(m.user_id)) } + project.members.map{|m| m.destroy! if m.user_id == owner.id || project.member(new_owner.id) || (new_owner.is_a?(Organization) && new_owner.is_member?(m.user_id)) } + project.set_owner_permission(new_owner) project.update!(user_id: new_owner.id) end From 643a99fdf12d010e46ba313e8c114459384a53eb Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 11:48:56 +0800 Subject: [PATCH 08/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95=EF=BC=8Cgitea=E6=B3=A8=E5=86=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 78 +++++++++++++++++------------ 1 file changed, 47 insertions(+), 31 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 72fb40fee..5f6dcf37d 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -332,40 +332,56 @@ class UsersController < ApplicationController def sso_login if params[:login].present? && !current_user.logged? && params[:websiteName].present? - req_params = { "login" => "#{params[:login]}", "private_token" => "hriEn3UwXfJs3PmyXnSH" } - api_url= "https://data.educoder.net" - client = Faraday.new(url: api_url) - response = client.public_send("get", "/api/sources/get_user_info_by_login", req_params) - result = JSON.parse(response.body) - - if result["status"].to_s == "0" - # login 邮箱 手机号 姓名 学校/单位 - user_info = result["data"] - Rails.logger.info("user_info====== #{user_info}") - login = user_info["login"] - email = user_info["mail"] - phone = user_info["phone"] - real_name = user_info["username"] - department_name = user_info["school"] - - # 没有用户时,新建用户并登录 - user = User.where("login = ? or phone = ? or mail = ? ", "#{login}", phone, email).first - if user.present? - # 手机号先记录,后续用 - user.update_column(:phone, "#{phone}") if phone.present? - else - ActiveRecord::Base.transaction do - phone_rand = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9].sample(4).join - user_params = { status: 1, type: 'User', login: "#{login}", lastname: "#{real_name}", mail: "#{email}", - nickname: "#{real_name}", professional_certification: 0, certification: 0, grade: 0, - password: "12345678", phone: "#{phone_rand}", profile_completed: 1 } - user = User.create!(user_params) - UserExtension.create!(user_id: user.id, gender: 1, custom_department: "#{department_name}") - end - end + user = User.where("login = ?", "#{params[:login].presence}").first + # 已同步注册,直接登录 + if user.present? successful_authentication(user) + else + autologin_register_by_educoder(params[:login].presence) end end end + # 通过login参数查询头歌账号信息,注册并登录 + def autologin_register_by_educoder(edu_login) + req_params = { "login" => "#{edu_login}", "private_token" => "hriEn3UwXfJs3PmyXnSH" } + api_url= "https://data.educoder.net" + client = Faraday.new(url: api_url) + response = client.public_send("get", "/api/sources/get_user_info_by_login", req_params) + result = JSON.parse(response.body) + #查询 + return nil if result["status"].to_s != "0" + + # login 邮箱 手机号 姓名 学校/单位 + user_info = result["data"] + Rails.logger.info("user_info====== #{user_info}") + login = user_info["login"] + email = user_info["mail"] + phone = user_info["phone"] + real_name = user_info["username"] + department_name = user_info["school"] + + # 没有用户时,新建用户并登录 + user = User.where("login = ? or phone = ? or mail = ? ", "#{login}", phone, email).first + if user.present? + # 手机号先记录,后续用 + user.update_column(:phone, "#{phone}") if phone.present? + else + ActiveRecord::Base.transaction do + email = "#{login}@gitlink.org.cn" if email.blank? + user_params = { status: 1, type: 'User', login: "#{login}", lastname: "#{real_name}", mail: "#{email}", + nickname: "#{real_name}", professional_certification: 0, certification: 0, grade: 0, + password: "12345678", phone: "#{phone}", profile_completed: 1 } + user = User.create!(user_params) + UserExtension.create!(user_id: user.id, gender: 1, custom_department: "#{department_name}") + interactor = Gitea::RegisterInteractor.call({username: login, email: email, password: "12345678"}) + if interactor.success? + else + Rails.logger.info("Gitea::RegisterInteractor.call error====== #{interactor.error}") + end + end + end + successful_authentication(user) if user.present? + end + end \ No newline at end of file From b45ee1123997721093c49a2387b9a3450fff1161 Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 13:46:58 +0800 Subject: [PATCH 09/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95=EF=BC=8Cgitea=E6=B3=A8=E5=86=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 5f6dcf37d..3587b71d9 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -376,6 +376,11 @@ class UsersController < ApplicationController UserExtension.create!(user_id: user.id, gender: 1, custom_department: "#{department_name}") interactor = Gitea::RegisterInteractor.call({username: login, email: email, password: "12345678"}) if interactor.success? + gitea_user = interactor.result + result = Gitea::User::GenerateTokenService.call(username, password) + user.gitea_token = result['sha1'] + user.gitea_uid = gitea_user[:body]['id'] + user.save! else Rails.logger.info("Gitea::RegisterInteractor.call error====== #{interactor.error}") end From 93f8b659a1ebab31f04f97e93ae1e59d9dc4de5f Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 14:00:15 +0800 Subject: [PATCH 10/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95=EF=BC=8Cgitea=E6=B3=A8=E5=86=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/views/users/get_user_info.json.jbuilder | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/app/views/users/get_user_info.json.jbuilder b/app/views/users/get_user_info.json.jbuilder index d4859c376..250c5cc4a 100644 --- a/app/views/users/get_user_info.json.jbuilder +++ b/app/views/users/get_user_info.json.jbuilder @@ -11,7 +11,7 @@ json.user_identity @user.identity json.tidding_count 0 json.user_phone_binded @user.phone.present? json.need_edit_info @user.need_edit_info? -json.phone @user.phone +# json.phone @user.phone # json.email @user.mail json.profile_completed @user.profile_is_completed? json.professional_certification @user.professional_certification @@ -25,4 +25,5 @@ json.description @user.description json.super_description @user.super_description json.(@user, :show_email, :show_department, :show_location, :show_super_description) json.message_unread_total @message_unread_total -json.has_trace_user @user.trace_user.present? \ No newline at end of file +json.has_trace_user @user.trace_user.present? +json.is_new params[:login].to_s.include?("#{@user.login}") \ No newline at end of file From 75cef14605d2a19058ccf83dd27556f1e0238ee2 Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 14:08:33 +0800 Subject: [PATCH 11/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95=EF=BC=8Cgitea=E6=B3=A8=E5=86=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 3587b71d9..69b92ceff 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -360,6 +360,7 @@ class UsersController < ApplicationController phone = user_info["phone"] real_name = user_info["username"] department_name = user_info["school"] + password = "12345678" # 没有用户时,新建用户并登录 user = User.where("login = ? or phone = ? or mail = ? ", "#{login}", phone, email).first @@ -371,13 +372,13 @@ class UsersController < ApplicationController email = "#{login}@gitlink.org.cn" if email.blank? user_params = { status: 1, type: 'User', login: "#{login}", lastname: "#{real_name}", mail: "#{email}", nickname: "#{real_name}", professional_certification: 0, certification: 0, grade: 0, - password: "12345678", phone: "#{phone}", profile_completed: 1 } + password: "#{password}", phone: "#{phone}", profile_completed: 1 } user = User.create!(user_params) UserExtension.create!(user_id: user.id, gender: 1, custom_department: "#{department_name}") - interactor = Gitea::RegisterInteractor.call({username: login, email: email, password: "12345678"}) + interactor = Gitea::RegisterInteractor.call({username: login, email: email, password: password}) if interactor.success? gitea_user = interactor.result - result = Gitea::User::GenerateTokenService.call(username, password) + result = Gitea::User::GenerateTokenService.call(login, password) user.gitea_token = result['sha1'] user.gitea_uid = gitea_user[:body]['id'] user.save! From 85a36ca2e7e346cf7a93d2fdd87b669969f1a1b8 Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 14:14:57 +0800 Subject: [PATCH 12/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95=EF=BC=8Cgitea=E6=B3=A8=E5=86=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 69b92ceff..80b0e6173 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -378,6 +378,7 @@ class UsersController < ApplicationController interactor = Gitea::RegisterInteractor.call({username: login, email: email, password: password}) if interactor.success? gitea_user = interactor.result + Rails.logger.info("Gitea::RegisterInteractor.call result====== #{gitea_user}") result = Gitea::User::GenerateTokenService.call(login, password) user.gitea_token = result['sha1'] user.gitea_uid = gitea_user[:body]['id'] From ebe5fad7dd0a4bff0b9f09af5faa59c17e59989b Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 14:33:23 +0800 Subject: [PATCH 13/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95=EF=BC=8Cgitea=E6=B3=A8=E5=86=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/interactors/gitea/register_interactor.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/interactors/gitea/register_interactor.rb b/app/interactors/gitea/register_interactor.rb index d8dbc6cad..e188809ac 100644 --- a/app/interactors/gitea/register_interactor.rb +++ b/app/interactors/gitea/register_interactor.rb @@ -13,7 +13,7 @@ module Gitea end def success? - @error.nil? + @error.nil? && @result[:status].to_s == "success" end def result From 94166a363c64f1c1ddb2a81e66eb8b4df64740e3 Mon Sep 17 00:00:00 2001 From: xiaoxiaoqiong Date: Tue, 24 May 2022 15:24:15 +0800 Subject: [PATCH 14/17] =?UTF-8?q?fixed=20=E5=A2=9E=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=99=BB=E5=BD=95=EF=BC=8Cgitea=E6=B3=A8=E5=86=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/views/users/get_user_info.json.jbuilder | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/users/get_user_info.json.jbuilder b/app/views/users/get_user_info.json.jbuilder index 250c5cc4a..0e8cda5e3 100644 --- a/app/views/users/get_user_info.json.jbuilder +++ b/app/views/users/get_user_info.json.jbuilder @@ -26,4 +26,4 @@ json.super_description @user.super_description json.(@user, :show_email, :show_department, :show_location, :show_super_description) json.message_unread_total @message_unread_total json.has_trace_user @user.trace_user.present? -json.is_new params[:login].to_s.include?("#{@user.login}") \ No newline at end of file +json.is_new @user.login.present? && params[:login].to_s.include?("#{@user.login}") \ No newline at end of file From 8e8ec821f24cb2a38a1af45d043b415518511d3e Mon Sep 17 00:00:00 2001 From: yystopf Date: Tue, 24 May 2022 17:26:10 +0800 Subject: [PATCH 15/17] =?UTF-8?q?=E6=96=B0=E5=A2=9E:=20=E6=A0=B9=E6=8D=AE?= =?UTF-8?q?=E9=82=AE=E7=AE=B1=E6=9D=A5=E8=8E=B7=E5=8F=96=E7=94=A8=E6=88=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/concerns/render_helper.rb | 2 +- app/controllers/users_controller.rb | 6 ++++++ app/views/users/email_search.json.jbuilder | 1 + config/routes.rb | 1 + 4 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 app/views/users/email_search.json.jbuilder diff --git a/app/controllers/concerns/render_helper.rb b/app/controllers/concerns/render_helper.rb index 81e85d1ce..4b289cd0c 100644 --- a/app/controllers/concerns/render_helper.rb +++ b/app/controllers/concerns/render_helper.rb @@ -3,7 +3,7 @@ module RenderHelper render json: { status: 0, message: 'success' }.merge(data) end - def render_error(status = -1, message = '') + def render_error(message = '', status=-1) render json: { status: status, message: message } end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 532f29ba1..4b2871c76 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -301,6 +301,12 @@ class UsersController < ApplicationController end end + def email_search + return render_error('请输入email') if params[:email].blank? + @user = User.find_by(mail: params[:email]) + return render_not_found unless @user.present? + end + private def load_user @user = User.find_by_login(params[:id]) || User.find_by(id: params[:id]) diff --git a/app/views/users/email_search.json.jbuilder b/app/views/users/email_search.json.jbuilder new file mode 100644 index 000000000..2b31e1826 --- /dev/null +++ b/app/views/users/email_search.json.jbuilder @@ -0,0 +1 @@ +json.partial! 'users/user', locals: { user: @user } diff --git a/config/routes.rb b/config/routes.rb index eae7cf8eb..393dceb36 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -237,6 +237,7 @@ Rails.application.routes.draw do get :trustie_projects get :trustie_related_projects post :sync_user_info + get :email_search scope '/ci', module: :ci do scope do From e36c7a4b6aa1cb19f3872f21214fe50388275186 Mon Sep 17 00:00:00 2001 From: yystopf Date: Tue, 24 May 2022 18:09:36 +0800 Subject: [PATCH 16/17] =?UTF-8?q?=E4=BF=AE=E5=A4=8D:=20=E9=82=AE=E7=AE=B1?= =?UTF-8?q?=E6=90=9C=E7=B4=A2=E4=B8=8D=E9=9C=80=E8=A6=81return=20404?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 1 - app/views/users/email_search.json.jbuilder | 6 +++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 4b2871c76..98a48c6ec 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -304,7 +304,6 @@ class UsersController < ApplicationController def email_search return render_error('请输入email') if params[:email].blank? @user = User.find_by(mail: params[:email]) - return render_not_found unless @user.present? end private diff --git a/app/views/users/email_search.json.jbuilder b/app/views/users/email_search.json.jbuilder index 2b31e1826..c077c3fad 100644 --- a/app/views/users/email_search.json.jbuilder +++ b/app/views/users/email_search.json.jbuilder @@ -1 +1,5 @@ -json.partial! 'users/user', locals: { user: @user } +if @user.present? + json.partial! 'users/user', locals: { user: @user } +else + json.null +end From 2ea78b4f208e578ccaf5dc8869d63f820ddc8904 Mon Sep 17 00:00:00 2001 From: yystopf Date: Wed, 25 May 2022 11:47:35 +0800 Subject: [PATCH 17/17] =?UTF-8?q?=E5=A2=9E=E5=8A=A0:=20=E5=B7=B2=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E7=94=A8=E6=88=B7=E5=AF=B9=E7=94=A8=E6=88=B7=E5=90=8D?= =?UTF-8?q?=E3=80=81=E9=82=AE=E7=AE=B1=E3=80=81=E7=94=B5=E8=AF=9D=E8=BF=9B?= =?UTF-8?q?=E8=A1=8C=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/accounts_controller.rb | 7 +++++- app/forms/register/base_form.rb | 24 ++++++++++++++----- .../register/login_check_columns_form.rb | 19 +++++++++++++++ config/routes.rb | 1 + 4 files changed, 44 insertions(+), 7 deletions(-) create mode 100644 app/forms/register/login_check_columns_form.rb diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index 1af348abd..531095b4b 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -1,5 +1,5 @@ class AccountsController < ApplicationController - before_action :require_login, only: [:simple_update] + before_action :require_login, only: [:login_check, :simple_update] include ApplicationHelper #skip_before_action :check_account, :only => [:logout] @@ -333,6 +333,11 @@ class AccountsController < ApplicationController Register::CheckColumnsForm.new(check_params).validate! render_ok end + + def login_check + Register::LoginCheckColumnsForm.new(check_params.merge(user: current_user)).validate! + render_ok + end private diff --git a/app/forms/register/base_form.rb b/app/forms/register/base_form.rb index df5abd871..26382b7e3 100644 --- a/app/forms/register/base_form.rb +++ b/app/forms/register/base_form.rb @@ -10,28 +10,40 @@ module Register VerifiCodeError = Class.new(Error) private - def check_login(login) + def check_login(login, user=nil) login = strip(login) raise LoginError, "登录名格式有误" unless login =~ CustomRegexp::LOGIN login_exist = Owner.exists?(login: login) || ReversedKeyword.check_exists?(login) - raise LoginError, '登录名已被使用' if login_exist + if user.present? + raise LoginError, '登录名已被使用' if login_exist && login != user&.login + else + raise LoginError, '登录名已被使用' if login_exist + end end - def check_mail(mail) + def check_mail(mail, user=nil) mail = strip(mail) raise EmailError, "邮件格式有误" unless mail =~ CustomRegexp::EMAIL mail_exist = Owner.exists?(mail: mail) - raise EmailError, '邮箱已被使用' if mail_exist + if user.present? + raise EmailError, '邮箱已被使用' if mail_exist && mail != user&.mail + else + raise EmailError, '邮箱已被使用' if mail_exist + end end - def check_phone(phone) + def check_phone(phone, user=nil) phone = strip(phone) raise PhoneError, "手机号格式有误" unless phone =~ CustomRegexp::PHONE phone_exist = Owner.exists?(phone: phone) - raise PhoneError, '手机号已被使用' if phone_exist + if user.present? + raise PhoneError, '手机号已被使用' if phone_exist && phone != user&.phone + else + raise PhoneError, '手机号已被使用' if phone_exist + end end def check_password(password) diff --git a/app/forms/register/login_check_columns_form.rb b/app/forms/register/login_check_columns_form.rb new file mode 100644 index 000000000..0c6a93af3 --- /dev/null +++ b/app/forms/register/login_check_columns_form.rb @@ -0,0 +1,19 @@ +module Register + class LoginCheckColumnsForm < Register::BaseForm + attr_accessor :type, :value, :user + + validates :type, presence: true, numericality: true + validates :value, presence: true + validate :check! + + def check! + # params[:type] 为事件类型 1:登录名(login) 2:email(邮箱) 3:phone(手机号) + case strip(type).to_i + when 1 then check_login(strip(value), user) + when 2 then check_mail(strip(value), user) + when 3 then check_phone(strip(value), user) + else raise("type值无效") + end + end + end +end diff --git a/config/routes.rb b/config/routes.rb index 393dceb36..4d1e3adeb 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -203,6 +203,7 @@ Rails.application.routes.draw do post :remote_password post :change_password post :check + post :login_check post :simple_update end end