From 6191ddd2335fcb2c8501b1bf74ae9047eab3fbfd Mon Sep 17 00:00:00 2001 From: yystopf Date: Mon, 28 Nov 2022 10:57:05 +0800 Subject: [PATCH 01/18] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E9=80=9A?= =?UTF-8?q?=E7=94=A8=E5=88=86=E6=94=AF=E7=A7=BB=E9=99=A4=E5=A3=B0=E6=98=8E?= =?UTF-8?q?=E8=A1=A8=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- db/migrate/20221123023450_update_user_nick_name.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/migrate/20221123023450_update_user_nick_name.rb b/db/migrate/20221123023450_update_user_nick_name.rb index 0759f9291..98af499ac 100644 --- a/db/migrate/20221123023450_update_user_nick_name.rb +++ b/db/migrate/20221123023450_update_user_nick_name.rb @@ -13,7 +13,7 @@ class UpdateUserNickName < ActiveRecord::Migration[5.2] execute("ALTER TABLE `journal_details` MODIFY `old_value` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") execute("ALTER TABLE `journal_details` MODIFY `value` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") - execute("ALTER TABLE `claims` MODIFY `note` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") + # execute("ALTER TABLE `claims` MODIFY `note` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") execute("ALTER TABLE `commit_logs` MODIFY `message` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") From 70ba78a9b5f18fcbc14b72ddef0e1bb5c80366d8 Mon Sep 17 00:00:00 2001 From: xxq250 Date: Mon, 28 Nov 2022 11:19:56 +0800 Subject: [PATCH 02/18] =?UTF-8?q?fixed=20=E7=BB=84=E7=BB=87=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E4=B8=8D=E5=AD=98=E5=9C=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/views/organizations/organization_users/index.json.jbuilder | 1 + 1 file changed, 1 insertion(+) diff --git a/app/views/organizations/organization_users/index.json.jbuilder b/app/views/organizations/organization_users/index.json.jbuilder index 361c3f242..9f1f278bc 100644 --- a/app/views/organizations/organization_users/index.json.jbuilder +++ b/app/views/organizations/organization_users/index.json.jbuilder @@ -1,4 +1,5 @@ json.total_count @organization_users.total_count json.organization_users @organization_users do |org_user| + next if org_user.user.blank? json.partial! "detail", org_user: org_user, organization: @organization end From 66a1be944a57b8e44bb53a25b13d891a043808fa Mon Sep 17 00:00:00 2001 From: xxq250 Date: Mon, 28 Nov 2022 11:20:44 +0800 Subject: [PATCH 03/18] =?UTF-8?q?fixed=20=E7=BB=84=E7=BB=87=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E4=B8=8D=E5=AD=98=E5=9C=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/views/organizations/organization_users/index.json.jbuilder | 1 + 1 file changed, 1 insertion(+) diff --git a/app/views/organizations/organization_users/index.json.jbuilder b/app/views/organizations/organization_users/index.json.jbuilder index 361c3f242..9f1f278bc 100644 --- a/app/views/organizations/organization_users/index.json.jbuilder +++ b/app/views/organizations/organization_users/index.json.jbuilder @@ -1,4 +1,5 @@ json.total_count @organization_users.total_count json.organization_users @organization_users do |org_user| + next if org_user.user.blank? json.partial! "detail", org_user: org_user, organization: @organization end From f7ca03db81aea0962fa4119630cb0335ad83e216 Mon Sep 17 00:00:00 2001 From: yystopf Date: Mon, 28 Nov 2022 11:41:36 +0800 Subject: [PATCH 04/18] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E9=80=9A?= =?UTF-8?q?=E7=94=A8=E5=88=86=E6=94=AF=E7=A7=BB=E9=99=A4projects=5Factivit?= =?UTF-8?q?y=E8=A1=A8=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- db/migrate/20221124111351_update_pull_request_utf_name.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/migrate/20221124111351_update_pull_request_utf_name.rb b/db/migrate/20221124111351_update_pull_request_utf_name.rb index 6d0fd2fec..d0c0ec9fc 100644 --- a/db/migrate/20221124111351_update_pull_request_utf_name.rb +++ b/db/migrate/20221124111351_update_pull_request_utf_name.rb @@ -11,6 +11,6 @@ class UpdatePullRequestUtfName < ActiveRecord::Migration[5.2] execute("ALTER TABLE `versions` MODIFY `description` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") execute("ALTER TABLE `issue_tags` MODIFY `name` varchar(190) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") execute("ALTER TABLE `issue_tags` MODIFY `description` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") - execute("ALTER TABLE `projects_activity` MODIFY `project_name` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") + # execute("ALTER TABLE `projects_activity` MODIFY `project_name` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") end end From 520ed80224f120acab883a6b8df5dd4547c7e383 Mon Sep 17 00:00:00 2001 From: yystopf Date: Mon, 28 Nov 2022 11:43:37 +0800 Subject: [PATCH 05/18] =?UTF-8?q?=E6=9B=B4=E6=94=B9=EF=BC=9Agitlink?= =?UTF-8?q?=E7=89=B9=E6=AE=8A=E8=A1=A8=E6=9B=B4=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- db/migrate/20221123023450_update_user_nick_name.rb | 2 +- db/migrate/20221124111351_update_pull_request_utf_name.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/db/migrate/20221123023450_update_user_nick_name.rb b/db/migrate/20221123023450_update_user_nick_name.rb index 98af499ac..0759f9291 100644 --- a/db/migrate/20221123023450_update_user_nick_name.rb +++ b/db/migrate/20221123023450_update_user_nick_name.rb @@ -13,7 +13,7 @@ class UpdateUserNickName < ActiveRecord::Migration[5.2] execute("ALTER TABLE `journal_details` MODIFY `old_value` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") execute("ALTER TABLE `journal_details` MODIFY `value` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") - # execute("ALTER TABLE `claims` MODIFY `note` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") + execute("ALTER TABLE `claims` MODIFY `note` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") execute("ALTER TABLE `commit_logs` MODIFY `message` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") diff --git a/db/migrate/20221124111351_update_pull_request_utf_name.rb b/db/migrate/20221124111351_update_pull_request_utf_name.rb index d0c0ec9fc..6d0fd2fec 100644 --- a/db/migrate/20221124111351_update_pull_request_utf_name.rb +++ b/db/migrate/20221124111351_update_pull_request_utf_name.rb @@ -11,6 +11,6 @@ class UpdatePullRequestUtfName < ActiveRecord::Migration[5.2] execute("ALTER TABLE `versions` MODIFY `description` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") execute("ALTER TABLE `issue_tags` MODIFY `name` varchar(190) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") execute("ALTER TABLE `issue_tags` MODIFY `description` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") - # execute("ALTER TABLE `projects_activity` MODIFY `project_name` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") + execute("ALTER TABLE `projects_activity` MODIFY `project_name` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;") end end From f818a3ac91caf6de3e9def5a295dc36cd8d2db69 Mon Sep 17 00:00:00 2001 From: xxq250 Date: Mon, 28 Nov 2022 16:56:46 +0800 Subject: [PATCH 06/18] =?UTF-8?q?fixed=20=E7=94=A8=E6=88=B7=E5=90=8D?= =?UTF-8?q?=E7=A7=B0=E7=BB=9F=E4=B8=80=E7=94=A8=E6=98=B5=E7=A7=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/models/user.rb | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 1f46ac674..41e932a03 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -560,17 +560,19 @@ class User < Owner def full_name return '游客' unless logged? - name = show_realname? ? lastname + firstname : nickname - name.blank? ? (nickname.blank? ? login : nickname) : name + # name = show_realname? ? lastname + firstname : nickname + # name.blank? ? (nickname.blank? ? login : nickname) : name + nickname.blank? ? login : nickname end # 用户的真实姓名(不考虑用户是否隐藏了真实姓名,课堂模块都用真实姓名) def real_name return '游客' unless logged? - name = lastname + firstname - name = name.blank? ? (nickname.blank? ? login : nickname) : name + # name = lastname + firstname + # name = name.blank? ? (nickname.blank? ? login : nickname) : name # name.gsub(/\s+/, '').strip #6.11 -hs - name.strip + # name.strip + nickname.blank? ? login : nickname end def only_real_name From f5cdb6f02d4d6de935d4c4e6fa84f6820437c989 Mon Sep 17 00:00:00 2001 From: yystopf Date: Tue, 29 Nov 2022 14:31:14 +0800 Subject: [PATCH 07/18] =?UTF-8?q?=E6=96=B0=E5=A2=9E=EF=BC=9A=E6=97=A7?= =?UTF-8?q?=E7=BB=9F=E8=AE=A1=E6=8E=A5=E5=8F=A3=E7=A7=BB=E9=99=A4=E5=A4=84?= =?UTF-8?q?=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/statistic_controller.rb | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/app/controllers/statistic_controller.rb b/app/controllers/statistic_controller.rb index 6eaa5bc99..40540e5e5 100644 --- a/app/controllers/statistic_controller.rb +++ b/app/controllers/statistic_controller.rb @@ -2,24 +2,24 @@ class StatisticController < ApplicationController # 平台概况 def platform_profile - @platform_user_query = Statistic::PlatformUserQuery.new(params).call - @platform_project_query = Statistic::PlatformProjectQuery.new(params).call - @platform_course_query = Statistic::PlatformCourseQuery.new(params).call + @platform_user_query = Statistic::PlatformUserQuery.new(params).call rescue [0, 0, 0] + @platform_project_query = Statistic::PlatformProjectQuery.new(params).call rescue [0, 0, 0] + @platform_course_query = Statistic::PlatformCourseQuery.new(params).call rescue [0, 0, 0] end # 平台代码提交数据 def platform_code - @platform_pull_request_query = Statistic::PlatformPullRequestQuery.new(params).call - @platform_commit_query = Statistic::PlatformCommitQuery.new(params,current_user).call + @platform_pull_request_query = Statistic::PlatformPullRequestQuery.new(params).call rescue [0, 0] + @platform_commit_query = Statistic::PlatformCommitQuery.new(params,current_user).call rescue [0, 0] end # 项目案例活跃度排行榜 def active_project_rank - @active_project_rank_query = Statistic::ActiveProjectRankQuery.new(params, current_user).call + @active_project_rank_query = Statistic::ActiveProjectRankQuery.new(params, current_user).call rescue [] end # 开发者活跃度排行榜 def active_developer_rank - @active_developer_rank_query = Statistic::ActiveDeveloperRankQuery.new(params, current_user).call + @active_developer_rank_query = Statistic::ActiveDeveloperRankQuery.new(params, current_user).call rescue [] end end \ No newline at end of file From c6e77ac7eeb2026e9a852d2fea2c69db760c2c82 Mon Sep 17 00:00:00 2001 From: yystopf Date: Tue, 29 Nov 2022 17:02:10 +0800 Subject: [PATCH 08/18] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E6=8F=90?= =?UTF-8?q?=E4=BA=A4=E6=96=87=E4=BB=B6=E6=9C=AA=E5=88=9B=E5=BB=BA=E6=96=B0?= =?UTF-8?q?=E5=88=86=E6=94=AF=E6=97=B6=E4=B8=BA=E7=A9=BA=E5=88=A4=E6=96=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/services/gitea/repository/entries/create_service.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/services/gitea/repository/entries/create_service.rb b/app/services/gitea/repository/entries/create_service.rb index 1bdc7246d..14b373335 100644 --- a/app/services/gitea/repository/entries/create_service.rb +++ b/app/services/gitea/repository/entries/create_service.rb @@ -56,7 +56,7 @@ class Gitea::Repository::Entries::CreateService < Gitea::ClientService when 403 then error("你没有权限操作!") when 404 then error("你操作的链接不存在!") when 422 - if @body[:new_branch].include?('/') || @body[:new_branch].include?('\'') || @body[:new_branch].include?('^') || @body[:new_branch].include?('*') + if @body[:new_branch].present? && (@body[:new_branch].include?('/') || @body[:new_branch].include?('\'') || @body[:new_branch].include?('^') || @body[:new_branch].include?('*')) error("不合法的分支名称!") else error("#{filepath}文件已存在,不能重复创建!") From 9b39446dfb418e60aa7ccd97126321e00a0558a0 Mon Sep 17 00:00:00 2001 From: yystopf Date: Tue, 29 Nov 2022 17:08:26 +0800 Subject: [PATCH 09/18] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E6=8F=90?= =?UTF-8?q?=E4=BA=A4=E6=96=87=E4=BB=B6=E5=86=85=E5=AE=B9=E6=A0=BC=E5=BC=8F?= =?UTF-8?q?=E7=94=B1=E5=89=8D=E7=AB=AF=E5=86=B3=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/interactors/gitea/create_file_interactor.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/interactors/gitea/create_file_interactor.rb b/app/interactors/gitea/create_file_interactor.rb index 389813520..cf753767c 100644 --- a/app/interactors/gitea/create_file_interactor.rb +++ b/app/interactors/gitea/create_file_interactor.rb @@ -62,7 +62,7 @@ module Gitea file_params = {} file_params = file_params.merge(branch: @params[:branch]) unless @params[:branch].blank? file_params = file_params.merge(new_branch: @params[:new_branch]) unless @params[:new_branch].blank? - file_params = file_params.merge(content: Base64.encode64(@params[:content] || "")) + file_params = file_params.merge(content: @params[:content] || "") file_params = file_params.merge(message: @params[:message]) unless @params[:message].blank? file_params = file_params.merge(committer: @params[:committer]) file_params From 763d7b499eb436f985a604662dc62077f2775156 Mon Sep 17 00:00:00 2001 From: xxq250 Date: Thu, 1 Dec 2022 17:22:22 +0800 Subject: [PATCH 10/18] =?UTF-8?q?fixed=20=E7=AC=AC=E4=B8=89=E6=96=B9?= =?UTF-8?q?=E6=8E=88=E6=9D=83=E7=99=BB=E5=BD=95(github,gitee,qq,wechat)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Gemfile | 4 ++ app/controllers/concerns/login_helper.rb | 2 +- app/controllers/concerns/register_helper.rb | 13 ++-- app/controllers/oauth/base_controller.rb | 3 +- app/controllers/oauth/callbacks_controller.rb | 65 +++++++++++++++++++ app/models/open_users/gitee.rb | 27 ++++++++ app/models/open_users/github.rb | 27 ++++++++ app/models/user.rb | 11 +++- config/initializers/omniauth.rb | 34 ++++++---- config/initializers/per_form_csrf_tokens.rb | 7 ++ config/routes.rb | 1 + 11 files changed, 172 insertions(+), 22 deletions(-) create mode 100644 app/controllers/oauth/callbacks_controller.rb create mode 100644 app/models/open_users/gitee.rb create mode 100644 app/models/open_users/github.rb create mode 100644 config/initializers/per_form_csrf_tokens.rb diff --git a/Gemfile b/Gemfile index c5f4f2ab6..c01570e41 100644 --- a/Gemfile +++ b/Gemfile @@ -118,6 +118,10 @@ gem 'deep_cloneable', '~> 3.0.0' # oauth2 gem 'omniauth', '~> 1.9.0' gem 'omniauth-oauth2', '~> 1.6.0' +gem "omniauth-github" +gem "omniauth-rails_csrf_protection" +gem 'omniauth-gitee', '~> 1.0.0' +gem "omniauth-wechat-oauth2" # global var gem 'request_store' diff --git a/app/controllers/concerns/login_helper.rb b/app/controllers/concerns/login_helper.rb index 86ab175ef..c0e8d01c0 100644 --- a/app/controllers/concerns/login_helper.rb +++ b/app/controllers/concerns/login_helper.rb @@ -11,7 +11,7 @@ module LoginHelper def set_autologin_cookie(user) token = Token.get_or_create_permanent_login_token(user, "autologin") - sync_user_token_to_trustie(user.login, token.value) + # sync_user_token_to_trustie(user.login, token.value) Rails.logger.info "###### def set_autologin_cookie and get_or_create_permanent_login_token result: #{token&.value}" cookie_options = { diff --git a/app/controllers/concerns/register_helper.rb b/app/controllers/concerns/register_helper.rb index 069c0944f..6ca5f3777 100644 --- a/app/controllers/concerns/register_helper.rb +++ b/app/controllers/concerns/register_helper.rb @@ -1,14 +1,17 @@ module RegisterHelper extend ActiveSupport::Concern - def autologin_register(username, email, password, platform= 'forge') + def autologin_register(username, email, password, platform = 'forge', phone = nil, nickname =nil) result = {message: nil, user: nil} + email = email.blank? ? "#{username}@example.org" : email user = User.new(admin: false, login: username, mail: email, type: "User") user.password = password user.platform = platform + user.phone = phone if phone.present? + user.nickname = nickname if nickname.present? user.activate - + return unless user.valid? interactor = Gitea::RegisterInteractor.call({username: username, email: email, password: password}) @@ -36,7 +39,7 @@ module RegisterHelper user.password = params[:password] user.mail = params[:email] - if user.save! + if user.save! sync_params = { password: params[:password].to_s, email: params[:email], @@ -44,9 +47,9 @@ module RegisterHelper new_name: params[:username], source_id: 0 } - + interactor = Gitea::User::UpdateInteractor.call(before_login, sync_params) - if interactor.success? + if interactor.success? result[:user] = user else result[:message] = '用户同步Gitea失败!' diff --git a/app/controllers/oauth/base_controller.rb b/app/controllers/oauth/base_controller.rb index 3fe349bb5..1e8f6c655 100644 --- a/app/controllers/oauth/base_controller.rb +++ b/app/controllers/oauth/base_controller.rb @@ -2,6 +2,7 @@ class Oauth::BaseController < ActionController::Base include RenderHelper include LoginHelper include ControllerRescueHandler + include RegisterHelper # include LaboratoryHelper skip_before_action :verify_authenticity_token @@ -22,7 +23,7 @@ class Oauth::BaseController < ActionController::Base end def auth_hash - Rails.logger.info("[OAuth2] omniauth.auth -> #{request.env['omniauth.auth'].inspect}") + # Rails.logger.info("[OAuth2] omniauth.auth -> #{request.env['omniauth.auth'].inspect}") request.env['omniauth.auth'] end diff --git a/app/controllers/oauth/callbacks_controller.rb b/app/controllers/oauth/callbacks_controller.rb new file mode 100644 index 000000000..513563d23 --- /dev/null +++ b/app/controllers/oauth/callbacks_controller.rb @@ -0,0 +1,65 @@ +class Oauth::CallbacksController < Oauth::BaseController + def create + process_callback + rescue Exception => e + tip_exception("授权失败") + end + + private + + def config_providers + config = Rails.application.config_for(:configuration) + config.dig("oauth").keys + end + + # QQ: {"ret":0,"msg":"","is_lost":0,"nickname":"颜值不算太高","gender":"男","gender_type":1,"province":"","city":"","year":"2013","constellation":"","figureurl":"http://qzapp.qlogo.cn/qzapp/101508858/0F860F4B329768F47B22341C5FD9089C/30","figureurl_1":"http://qzapp.qlogo.cn/qzapp/101508858/0F860F4B329768F47B22341C5FD9089C/50","figureurl_2":"http://qzapp.qlogo.cn/qzapp/101508858/0F860F4B329768F47B22341C5FD9089C/100","figureurl_qq_1":"http://thirdqq.qlogo.cn/g?b=oidb\u0026k=My3segFVHFqVmauibJQUltw\u0026s=40\u0026t=1568887757","figureurl_qq_2":"http://thirdqq.qlogo.cn/g?b=oidb\u0026k=My3segFVHFqVmauibJQUltw\u0026s=100\u0026t=1568887757","figureurl_qq":"http://thirdqq.qlogo.cn/g?b=oidb\u0026k=My3segFVHFqVmauibJQUltw\u0026s=140\u0026t=1568887757","figureurl_type":"1","is_yellow_vip":"0","vip":"0","yellow_vip_level":"0","level":"0","is_yellow_year_vip":"0"} + def process_callback + Rails.logger.info("[OAuth2] omniauth.auth -> #{request.env['omniauth.auth'].inspect}") + if auth_hash.blank? + redirect_to("/login") && return + end + + new_user = false + platform = auth_hash[:provider] + uid = auth_hash[:uid] + mail = auth_hash.info.email || nil + nickname = ["gitee", "github"].include?(platform) ? auth_hash.info.name : auth_hash.info.nickname + + open_user = "OpenUsers::#{platform.to_s.capitalize}".constantize.find_by(uid: uid) + if open_user.present? && open_user.user.present? + successful_authentication(open_user.user) + else + if current_user.blank? || !current_user.logged? + has_user = User.find_by(mail: mail) + if has_user.present? + "OpenUsers::#{platform.to_s.capitalize}".constantize.create!(user_id: has_user.id, uid: uid, extra: auth_hash.extra) + successful_authentication(has_user) + else + new_user = true + login = build_login_name(platform, auth_hash.info.nickname) + mail = "#{login}@example.org" if mail.blank? + reg_result = autologin_register(login, mail, "Ec#{login}2022#", platform, nil, nickname) + Rails.logger.info("[OAuth2] omniauth.auth [reg_result] #{reg_result} ") + if reg_result[:message].blank? + open_user = "OpenUsers::#{platform.to_s.capitalize}".constantize.create!(user_id: reg_result[:user][:id], uid: uid, extra: auth_hash.extra) + successful_authentication(open_user.user) + else + tip_exception(reg_result.present? ? reg_result[:message] : "授权失败") + end + end + else + "OpenUsers::#{platform.to_s.capitalize}".constantize.create!(user: current_user, uid: login, extra: auth_hash.extra) + end + end + redirect_to root_path(new_user: new_user) + end + + # gitee,github nickname=login,如果系统未占用保留原用户名 + def build_login_name(provider, nickname) + if ["gitee", "github"].include?(provider) && User.find_by(login: nickname).blank? + nickname + else + User.generate_user_login('p') + end + end +end \ No newline at end of file diff --git a/app/models/open_users/gitee.rb b/app/models/open_users/gitee.rb new file mode 100644 index 000000000..a743eb72c --- /dev/null +++ b/app/models/open_users/gitee.rb @@ -0,0 +1,27 @@ +# == Schema Information +# +# Table name: open_users +# +# id :integer not null, primary key +# user_id :integer +# type :string(255) +# uid :string(255) +# created_at :datetime not null +# updated_at :datetime not null +# extra :text(65535) +# +# Indexes +# +# index_open_users_on_type_and_uid (type,uid) UNIQUE +# index_open_users_on_user_id (user_id) +# + +class OpenUsers::Gitee < OpenUser + def nickname + extra&.[]('nickname') + end + + def en_type + 'gitee' + end +end diff --git a/app/models/open_users/github.rb b/app/models/open_users/github.rb new file mode 100644 index 000000000..03c79ba58 --- /dev/null +++ b/app/models/open_users/github.rb @@ -0,0 +1,27 @@ +# == Schema Information +# +# Table name: open_users +# +# id :integer not null, primary key +# user_id :integer +# type :string(255) +# uid :string(255) +# created_at :datetime not null +# updated_at :datetime not null +# extra :text(65535) +# +# Indexes +# +# index_open_users_on_type_and_uid (type,uid) UNIQUE +# index_open_users_on_user_id (user_id) +# + +class OpenUsers::Github < OpenUser + def nickname + extra&.[]('name') + end + + def en_type + 'github' + end +end diff --git a/app/models/user.rb b/app/models/user.rb index fc0911d03..04b5e9c3a 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -113,7 +113,7 @@ class User < Owner # trustie: 来自Trustie平台 # forge: 平台本身注册的用户 # military: 军科的用户 - enumerize :platform, in: [:forge, :educoder, :trustie, :military], default: :forge, scope: :shallow + enumerize :platform, in: [:forge, :educoder, :trustie, :military, :github, :gitee, :qq, :wechat], default: :forge, scope: :shallow belongs_to :laboratory, optional: true has_one :user_extension, dependent: :destroy @@ -774,6 +774,15 @@ class User < Owner login end + # 生成数字账号 + CODES = %W(0 1 2 3 4 5 6 7 8 9) + def self.generate_user_login type + code = CODES.sample(8).join + code = type + code.to_s + return User.generate_user_login(type) if User.where(login: code).present? + code + end + def bind_open_user?(type) case type when 'wechat' then wechat_open_user.present? diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index 3eed48c20..543b2249f 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -1,21 +1,27 @@ -OmniAuth.config.add_camelization 'qq', 'QQ' +config = Rails.application.config_for(:configuration) + +OmniAuth.config.add_camelization 'qq', 'QQ' if config.dig("oauth", "qq") +OmniAuth.config.add_camelization 'github', 'GitHub' if config.dig("oauth", "github") +OmniAuth.config.add_camelization 'gitee', 'Gitee' if config.dig("oauth", "gitee") +OmniAuth.config.add_camelization 'wechat', 'Wechat' if config.dig("oauth", "wechat") OmniAuth.config.logger = Rails.logger +OmniAuth.config.before_request_phase = nil +OmniAuth.config.before_callback_phase = nil OmniAuth.config.on_failure = Proc.new { |env| OmniAuth::FailureEndpoint.new(env).redirect_to_failure } -oauth_config = {} -begin - config = Rails.application.config_for(:configuration) - oauth_config = config.dig('oauth', 'qq') - raise 'oauth qq config missing' if oauth_config.blank? -rescue => ex - raise ex if Rails.env.production? - - puts %Q{\033[33m [warning] qq oauth config or configuration.yml missing, - please add it or execute 'cp config/configuration.yml.example config/configuration.yml' \033[0m} -end - Rails.application.config.middleware.use OmniAuth::Builder do - provider :qq, oauth_config['appid'], oauth_config['secret'], { provider_ignores_state: true } + if config.dig("oauth", "qq") + provider :qq, config.dig("oauth", "qq", "appid"), config.dig("oauth", "github", "secret"), { provider_ignores_state: true } + end + if config.dig("oauth", "github").present? + provider :github, config.dig("oauth", "github", "appid"), config.dig("oauth", "github", "secret"), { provider_ignores_state: true, scope: "user:email" } + end + if config.dig("oauth", "gitee").present? + provider :gitee, config.dig("oauth", "gitee", "appid"), config.dig("oauth", "gitee", "secret"), { provider_ignores_state: true, scope: "user_info emails" } + end + if config.dig("oauth", "wechat").present? + provider :gitee, config.dig("oauth", "wechat", "appid"), config.dig("oauth", "wechat", "secret"), { provider_ignores_state: true, scope: "snsapi_login" } + end end diff --git a/config/initializers/per_form_csrf_tokens.rb b/config/initializers/per_form_csrf_tokens.rb new file mode 100644 index 000000000..5afb75e59 --- /dev/null +++ b/config/initializers/per_form_csrf_tokens.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +# Be sure to restart your server when you modify this file. + +# Enable per-form CSRF tokens. +# Rails.application.config.action_controller.per_form_csrf_tokens = true +# Rails.application.config.action_controller.forgery_protection_origin_check = true \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index cf3bfd1eb..bfeb6ef8b 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -23,6 +23,7 @@ Rails.application.routes.draw do get 'auth/qq/callback', to: 'oauth/qq#create' get 'auth/failure', to: 'oauth/base#auth_failure' get 'auth/cas/callback', to: 'oauth/cas#create' + get 'auth/:provider/callback', to: 'oauth/callbacks#create' get 'oauth/bind', to: 'oauth/educoder#bind' get 'oauth/register', to: 'oauth#register' From 6b846b10bb519b6ae8d968b47f9d474a7148073d Mon Sep 17 00:00:00 2001 From: xxq250 Date: Thu, 1 Dec 2022 17:51:54 +0800 Subject: [PATCH 11/18] =?UTF-8?q?fixed=20=E7=AC=AC=E4=B8=89=E6=96=B9?= =?UTF-8?q?=E6=8E=88=E6=9D=83=E7=99=BB=E5=BD=95(github,gitee,qq,wechat)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/concerns/register_helper.rb | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/app/controllers/concerns/register_helper.rb b/app/controllers/concerns/register_helper.rb index 6ca5f3777..ee314108a 100644 --- a/app/controllers/concerns/register_helper.rb +++ b/app/controllers/concerns/register_helper.rb @@ -1,7 +1,7 @@ module RegisterHelper extend ActiveSupport::Concern - def autologin_register(username, email, password, platform = 'forge', phone = nil, nickname =nil) + def autologin_register(username, email, password, platform = 'forge', phone = nil, nickname =nil, need_edit_info = false) result = {message: nil, user: nil} email = email.blank? ? "#{username}@example.org" : email @@ -10,7 +10,11 @@ module RegisterHelper user.platform = platform user.phone = phone if phone.present? user.nickname = nickname if nickname.present? - user.activate + if need_edit_info + user.need_edit_info + else + user.activate + end return unless user.valid? From cbe10b4b890d09ded69744354b59938053da5a0f Mon Sep 17 00:00:00 2001 From: xxq250 Date: Thu, 1 Dec 2022 18:03:06 +0800 Subject: [PATCH 12/18] =?UTF-8?q?fixed=20=E7=AC=AC=E4=B8=89=E6=96=B9?= =?UTF-8?q?=E6=8E=88=E6=9D=83=E7=99=BB=E5=BD=95(github,gitee,qq,wechat)?= =?UTF-8?q?=EF=BC=8C=E8=BE=93=E5=87=BAURL=E5=88=B0=E5=89=8D=E7=AB=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/settings_controller.rb | 18 ++++++++++++++++++ app/views/settings/show.json.jbuilder | 1 + 2 files changed, 19 insertions(+) diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb index f3eedd0a1..e365c3e29 100644 --- a/app/controllers/settings_controller.rb +++ b/app/controllers/settings_controller.rb @@ -7,6 +7,7 @@ class SettingsController < ApplicationController get_sub_competitions get_personal_menu get_third_party + get_third_party_new get_top_system_notification end @@ -67,6 +68,23 @@ class SettingsController < ApplicationController url: EducoderOauth.oauth_url } end + + def get_third_party_new + @third_party_new = [] + @third_party_new << { + name: 'educoder', + url: EducoderOauth.oauth_url, + method: 'get' + } + config = Rails.application.config_for(:configuration) + (config.dig("oauth").keys - ["educoder"]).each do |provider| + @third_party_new << { + name: provider, + url: "/auth/#{provider}", + method: 'post' + } + end + end def get_top_system_notification @top_system_notification = SystemNotification.is_top.first diff --git a/app/views/settings/show.json.jbuilder b/app/views/settings/show.json.jbuilder index abe8207eb..be79dc594 100644 --- a/app/views/settings/show.json.jbuilder +++ b/app/views/settings/show.json.jbuilder @@ -61,6 +61,7 @@ json.setting do json.common @common json.third_party @third_party + json.third_party_new @third_party_new if @top_system_notification.present? json.system_notification do From 0747fc6849c35c51d383dac4f34ad27fef6f105b Mon Sep 17 00:00:00 2001 From: xxq250 Date: Fri, 2 Dec 2022 11:16:13 +0800 Subject: [PATCH 13/18] =?UTF-8?q?fixed=20=E7=94=A8=E6=88=B7=E5=90=8D?= =?UTF-8?q?=E7=A7=B0=E7=BB=9F=E4=B8=80nickname?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/models/user.rb | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 9fa8e331b..b37ebc039 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -705,12 +705,13 @@ class User < Owner end def show_real_name - name = lastname + firstname - if name.blank? - nickname.blank? ? login : nickname - else - name - end + # name = lastname + firstname + # if name.blank? + # nickname.blank? ? login : nickname + # else + # name + # end + nickname.blank? ? login : nickname end def update_hashed_password From 025a6a53e9334b0fc58cd6c2b1c7c75d3b08b288 Mon Sep 17 00:00:00 2001 From: yystopf Date: Fri, 2 Dec 2022 12:11:24 +0800 Subject: [PATCH 14/18] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E5=9B=BE?= =?UTF-8?q?=E7=89=87=E6=97=A0=E6=B3=95=E4=B8=8B=E8=BD=BD=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/attachments_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb index 4409f04a9..63427aa45 100644 --- a/app/controllers/attachments_controller.rb +++ b/app/controllers/attachments_controller.rb @@ -32,7 +32,7 @@ class AttachmentsController < ApplicationController def get_file normal_status(-1, "参数缺失") if params[:download_url].blank? url = base_url.starts_with?("https:") ? URI.encode(params[:download_url].to_s.gsub("http:", "https:")) : URI.encode(params[:download_url].to_s) - if url.starts_with?(base_url) + if url.starts_with?(base_url) && !url.starts_with?("#{base_url}/repo") domain = GiteaService.gitea_config[:domain] api_url = GiteaService.gitea_config[:base_url] url = ("/repos"+url.split(base_url + "/api")[1]).gsub('?filepath=', '/').gsub('&', '?') From 4b1f1c697e62a3117270df9c1c33f49706f5003c Mon Sep 17 00:00:00 2001 From: yystopf Date: Fri, 2 Dec 2022 13:59:41 +0800 Subject: [PATCH 15/18] =?UTF-8?q?=E6=9B=B4=E6=94=B9=EF=BC=9A=E4=B8=8B?= =?UTF-8?q?=E8=BD=BDexcel=E6=96=87=E4=BB=B6=E4=B8=8D=E8=B5=B0=E8=B7=B3?= =?UTF-8?q?=E8=BD=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/helpers/repositories_helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/helpers/repositories_helper.rb b/app/helpers/repositories_helper.rb index 27ed6d12b..b7bb568a8 100644 --- a/app/helpers/repositories_helper.rb +++ b/app/helpers/repositories_helper.rb @@ -10,7 +10,7 @@ module RepositoriesHelper end def download_type(str) - default_type = %w(xlsx xls ppt pptx pdf zip 7z rar exe pdb obj idb RData rdata doc docx mpp vsdx dot otf eot ttf woff woff2 mp4 mov wmv flv mpeg avi avchd webm mkv apk) + default_type = %w(ppt pptx pdf zip 7z rar exe pdb obj idb RData rdata doc docx mpp vsdx dot otf eot ttf woff woff2 mp4 mov wmv flv mpeg avi avchd webm mkv apk) default_type.include?(str&.downcase) || str.blank? end From 1fc79535ad7bc29fa88593f1e051bdd98995aff2 Mon Sep 17 00:00:00 2001 From: xxq250 Date: Fri, 2 Dec 2022 15:17:57 +0800 Subject: [PATCH 16/18] =?UTF-8?q?fixed=20=E9=94=99=E8=AF=AF=E5=AF=B9?= =?UTF-8?q?=E8=B1=A1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/oauth/base_controller.rb | 4 ++-- app/libs/educoder_oauth/service.rb | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/oauth/base_controller.rb b/app/controllers/oauth/base_controller.rb index 6e651d5d7..25cfa97db 100644 --- a/app/controllers/oauth/base_controller.rb +++ b/app/controllers/oauth/base_controller.rb @@ -14,11 +14,11 @@ class Oauth::BaseController < ActionController::Base private def tip_exception(status = -1, message) - raise Educoder::TipException.new(status, message) + raise Gitlink::TipException.new(status, message) end def tip_show_exception(status = -2, message) - raise Educoder::TipException.new(status, message) + raise Gitlink::TipException.new(status, message) end def tip_show(exception) diff --git a/app/libs/educoder_oauth/service.rb b/app/libs/educoder_oauth/service.rb index 9d93d314d..1dcb2cfdd 100644 --- a/app/libs/educoder_oauth/service.rb +++ b/app/libs/educoder_oauth/service.rb @@ -15,7 +15,7 @@ module EducoderOauth::Service result rescue Exception => e - raise Educoder::TipException.new(e.message) + raise Gitlink::TipException.new(e.message) end end @@ -27,7 +27,7 @@ module EducoderOauth::Service result = client.auth_code.get_token(code, redirect_uri: EducoderOauth.redirect_uri).to_hash return result rescue Exception => e - raise Educoder::TipException.new(e.message) + raise Gitlink::TipException.new(e.message) end end From 77087345c813befbaf3029888d4c14009aad7f68 Mon Sep 17 00:00:00 2001 From: xxq250 Date: Fri, 2 Dec 2022 15:30:43 +0800 Subject: [PATCH 17/18] =?UTF-8?q?fixed=20=E5=BC=82=E5=B8=B8=E6=97=A5?= =?UTF-8?q?=E5=BF=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/oauth/callbacks_controller.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/app/controllers/oauth/callbacks_controller.rb b/app/controllers/oauth/callbacks_controller.rb index 513563d23..ccfd35418 100644 --- a/app/controllers/oauth/callbacks_controller.rb +++ b/app/controllers/oauth/callbacks_controller.rb @@ -2,6 +2,7 @@ class Oauth::CallbacksController < Oauth::BaseController def create process_callback rescue Exception => e + Rails.logger.info "授权失败:#{e}" tip_exception("授权失败") end From ea187a59a0cb0aecbe4fa9edf26a7e805b304557 Mon Sep 17 00:00:00 2001 From: xxq250 Date: Fri, 2 Dec 2022 15:38:56 +0800 Subject: [PATCH 18/18] =?UTF-8?q?fixed=20=E9=9A=8F=E6=9C=BA=E5=AF=86?= =?UTF-8?q?=E7=A0=81=E9=98=B2=E6=AD=A2=E6=BA=A2=E5=87=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/oauth/callbacks_controller.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/controllers/oauth/callbacks_controller.rb b/app/controllers/oauth/callbacks_controller.rb index ccfd35418..b97fdc023 100644 --- a/app/controllers/oauth/callbacks_controller.rb +++ b/app/controllers/oauth/callbacks_controller.rb @@ -39,7 +39,9 @@ class Oauth::CallbacksController < Oauth::BaseController new_user = true login = build_login_name(platform, auth_hash.info.nickname) mail = "#{login}@example.org" if mail.blank? - reg_result = autologin_register(login, mail, "Ec#{login}2022#", platform, nil, nickname) + code = %W(0 1 2 3 4 5 6 7 8 9) + rand_password = code.sample(10).join + reg_result = autologin_register(login, mail, rand_password, platform, nil, nickname) Rails.logger.info("[OAuth2] omniauth.auth [reg_result] #{reg_result} ") if reg_result[:message].blank? open_user = "OpenUsers::#{platform.to_s.capitalize}".constantize.create!(user_id: reg_result[:user][:id], uid: uid, extra: auth_hash.extra)