增加云登录初始化仓库密码操作

2021-06-22 10:15:49 +08:00 · 2021-06-22 10:15:49 +08:00 · e79defb5e4
parent 4845423eab
commit e79defb5e4
3 changed files with 75 additions and 16 deletions
--- a/app/controllers/oauth/base_controller.rb
+++ b/app/controllers/oauth/base_controller.rb
@ -1,4 +1,4 @@
-class Oauth::BaseController < ActionController::Base
+class Oauth::BaseController < ApplicationController
  include RenderHelper
  include LoginHelper
  include ControllerRescueHandler
@ -22,9 +22,9 @@ class Oauth::BaseController < ActionController::Base
    session[:"#{default_yun_session}"]
  end

-  def current_user
-    @_current_user ||= User.find_by(id: session_user_id)
-  end
+  # def current_user
+  #   @_current_user ||= User.find_by(id: session_user_id)
+  # end

  def auth_hash
    Rails.logger.info("[OAuth2] omniauth.auth -> #{request.env['omniauth.auth'].inspect}")
--- a/app/controllers/oauth/ccyun_controller.rb
+++ b/app/controllers/oauth/ccyun_controller.rb
@ -43,10 +43,12 @@ class Oauth::CcyunController < Oauth::BaseController

      Rails.logger.info "信创登录 ==============》#{code}"

-      new_user = false
+      need_update_pass = false
      result = CcyunOauth::Service.access_token(code)
      result = CcyunOauth::Service.user_info(result[:access_token])
      uid = result["personalId"]
+      login = result["mobile"]
+      default_pass = "1qaz@WSX"

      # 存在该用户
      open_user = OpenUsers::Ccyun.find_by(uid: uid)
@ -54,29 +56,84 @@ class Oauth::CcyunController < Oauth::BaseController
      if open_user.present? && open_user.user.present?
        ## 同步用户信息
        finalUser = syncRemoteServerUser(open_user.user, result)
+        salt = finalUser[:salt]
+        old_pass = finalUser[:hashed_password]
+        hashed_password = User.hash_password("#{salt}#{User.hash_password default_pass}")
+        Rails.logger.info("old_pass #{old_pass} <========> ccyun_pass:#{hashed_password}")
+        if old_pass == hashed_password
+          need_update_pass = true
+        end
+
        successful_authentication(finalUser)
-
-
      else
-        new_user = true
-        # 使用XC提供的身份ID进行注册
-        # login = result['personalId'].to_s
-        login = User.generate_login('E')
-
+        need_update_pass = true
        # 自动注册到平台
-        reg_result = ccyun_autologin_register(login,"#{login}@forge.com", "Ec#{login}2021#", 'ccyun', result)
+        reg_result = ccyun_autologin_register(login,"#{login}@ccyunchina.com", default_pass, 'ccyun', result)

        if reg_result[:message].blank?
          open_user = OpenUsers::Ccyun.create!(user_id: reg_result[:user][:id], uid: uid, extra: result)
-           # autosync_register_trustie(login, "Ec#{login}2021#", "#{login}@forge.com")
          successful_authentication(open_user.user)
        else
          render_error(reg_result[:message])
        end
      end

-      #redirect_to root_path(new_user: new_user)
-      render_ok({})
+      data = {}
+      if need_update_pass
+        data = {status:10001}
+      end
+
+      render_ok(data)
+
+    rescue Exception => ex
+      render_error(ex.message)
+    end
+  end
+
+  def changePassword
+    begin
+
+      ## 1. 简单有效性校验
+      pass = params['pass'].to_s.strip
+      repass = params['repass'].to_s.strip
+      status = 0
+      message = ""
+      if pass == nil || pass == ""
+        status = -1
+        message = "密码不能为空"
+      elsif repass == nil || repass == ""
+        status = -1
+        message = "二次密码不能为空"
+      elsif pass.length < 8 || pass.length > 16
+        status = -1
+        message = "密码长度不能少于8位和大于16位"
+      elsif pass != repass
+        status = -1
+        message = "俩次密码不一致"
+      end
+
+      if status != 0
+        return render_ok({status:status, message:message})
+      end
+
+      ## 2. 执行更新代码操作使用事务方式
+      ActiveRecord::Base.transaction do
+        ## 2.1. 拿到盐值 使用盐加密新密码 更新用户密码
+        @user = current_user
+        salt = @user[:salt]
+        hashed_password = User.hash_password("#{salt}#{User.hash_password pass}")
+        @user.update!(hashed_password: hashed_password)
+
+
+        ## 2.2. 更新Gitea用户信息
+        sync_param = {password: pass, email:"#{@user.login}@ccyunchina.com"}
+        interactor = Gitea::User::UpdateInteractor.call(@user.login, sync_param)
+        if interactor.success?
+          render_ok
+        else
+          render_error(interactor.error)
+        end
+      end
    rescue Exception => ex
      render_error(ex.message)
    end
@ -86,4 +143,5 @@ class Oauth::CcyunController < Oauth::BaseController
    def syncRemoteServerUser(user, options)
      User.update(user.id, {:nickname=> options["nickname"], :phone=> options["mobile"], :lastname=> options["name"]})
    end
+
 end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -316,6 +316,7 @@ Rails.application.routes.draw do
    get '/auth/wechat/callback', to: 'oauth/wechat#create'
    get '/auth/ccyun/callback', to: 'oauth/ccyun#create'

+    post '/auth/ccyun/init', to: 'oauth/ccyun#changePassword'
    resource :bind_user, only: [:create]

    resources :hot_keywords, only: [:index]