diff --git a/Gemfile b/Gemfile index 0c3fdc880..f3b06c2d4 100644 --- a/Gemfile +++ b/Gemfile @@ -45,11 +45,11 @@ gem 'elasticsearch-rails' ### profile #gem 'oneapm_rpm' -#gem "query_reviewer", group: :development group :development do gem 'grape-swagger' gem 'better_errors', '~> 1.1.0' + # gem "query_reviewer" # gem 'rack-mini-profiler', '~> 0.9.3' if RUBY_PLATFORM =~ /w32/ gem 'win32console' diff --git a/app/controllers/ssos_controller.rb b/app/controllers/ssos_controller.rb new file mode 100644 index 000000000..1e1bd932b --- /dev/null +++ b/app/controllers/ssos_controller.rb @@ -0,0 +1,71 @@ +#coding=utf-8 + +require 'base64' +require 'json' +require 'openssl' + +## 单点登录 <=> 北斗 +class SsosController < ApplicationController + + skip_before_filter :check_if_login_required + layout false + + def show + begin + # suRh2nFEJd0Ai_TFbqZ-1yQXnGfIB-YD_f4KTA3O4dQGSBMiXfOMt-0mzizgXekWTjHKfn62nJ60iHM3_eY_KS0Qn8SF8vANfa46GhzZRt4T0iC5ZOSs4cWeK43OU0RoekQLZZAo5OyOVibxabmiPGzEFCnVVtdmRk9d7X_B0Is= + @auth = params[:auth] + @options = parse(params[:auth]) + + if params[:login].present? + @options["name"] = params[:login] + end + + logger.debug @options + ## 认证 + sso = login(@options) + + ## 加入组织 + @organization = Organization.find(82) + unless @organization.org_members.exists?(user_id: sso.user_id) + member = OrgMember.new(:user_id => sso.user_id) + @organization.org_members << member + end + + ## 选择性跳转 + redirect_to @organization + rescue => e + logger.error e + if e.message == "exist user" + render 'ssos/show', :layout => false + else + raise e + end + end + end + + ## 改用户名 + def create + show and return + end + + private + def base64_safe(content) + content = content.gsub('-', '+') + content.gsub('_', '/') + end + + def parse(auth) + crypted_str = Base64.decode64(base64_safe(auth)) + pkey = OpenSSL::PKey::RSA.new(File.new(File.join(Rails.root,"config/private.key"))) + content = pkey.private_decrypt(crypted_str,OpenSSL::PKey::RSA::PKCS1_PADDING) + # content = pkey.private_decrypt(crypted_str) + ActiveSupport::JSON.decode(content) + end + + def login(opt) + sso = Sso.sync_user(opt) + start_user_session(sso.user) + sso + end + +end diff --git a/app/models/sso.rb b/app/models/sso.rb new file mode 100644 index 000000000..c6b57cd2d --- /dev/null +++ b/app/models/sso.rb @@ -0,0 +1,56 @@ +class Sso < ActiveRecord::Base + belongs_to :user + attr_accessible :email, :name, :openid, :password, :school, :sex, :user, :user_id + + validates :user_id, :user, :email, :openid, :presence => true + + def self.sync_user(opt) + sso = Sso.where(openid: opt["openid"]).first + return sso if sso + + sso = Sso.new + sso.name = opt["name"] + sso.openid = opt["openid"] + sso.email = opt["email"] + sso.password = opt["password"] + sso.school = opt["school"] + sso.sex = opt["sex"] + + + # 查邮箱 + user = User.where(mail: opt["email"]).first + + unless user + # 查用户名 + + user = User.where(login: opt["name"]).first + if user + # 跳到修改用户名 + raise "exist user" + end + + password = opt["password"] + if password.size < 8 + password = random_pwd + end + us = UsersService.new + user = us.register(login: opt["name"], mail: opt["email"], + password: password, + :should_confirmation_password => false) + if user.new_record? + raise user.errors.full_messages.first + end + end + + sso.user = user + sso.save! + return sso + end + + + private + def self.random_pwd + ('a'..'z').to_a.shuffle[0..7].join + end + +end diff --git a/app/models/user.rb b/app/models/user.rb index dc7a3e741..9b8cb2b8d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -181,6 +181,8 @@ class User < Principal has_one :user_wechat + has_one :sso + # add by zjc has_one :level, :class_name => 'UserLevels', :dependent => :destroy has_many :memos , :foreign_key => 'author_id' diff --git a/app/views/ssos/show.html.erb b/app/views/ssos/show.html.erb new file mode 100644 index 000000000..456cbe154 --- /dev/null +++ b/app/views/ssos/show.html.erb @@ -0,0 +1,64 @@ + + + + + 跳转页面 + + + + +
+<%= form_tag('/sso') do -%> +
+

请修改您的资料,以确保Trustie为您提供更便捷的服务

+ + + + + + + + + + + + + + + + + +
用户名: + " name="login"/> +
已存在相同用户名,请选择更合适的用户名
邮箱: + " disabled="disabled" /> +
+
+ +<%= hidden_field_tag 'auth', @auth %> +<% end -%> + + + diff --git a/config/private.key b/config/private.key new file mode 100644 index 000000000..3c3adf666 --- /dev/null +++ b/config/private.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQC3//sR2tXw0wrC2DySx8vNGlqt3Y7ldU9+LBLI6e1KS5lfc5jl +TGF7KBTSkCHBM3ouEHWqp1ZJ85iJe59aF5gIB2klBd6h4wrbbHA2XE1sq21ykja/ +Gqx7/IRia3zQfxGv/qEkyGOx+XALVoOlZqDwh76o2n1vP1D+tD3amHsK7QIDAQAB +AoGBAKH14bMitESqD4PYwODWmy7rrrvyFPEnJJTECLjvKB7IkrVxVDkp1XiJnGKH +2h5syHQ5qslPSGYJ1M/XkDnGINwaLVHVD3BoKKgKg1bZn7ao5pXT+herqxaVwWs6 +ga63yVSIC8jcODxiuvxJnUMQRLaqoF6aUb/2VWc2T5MDmxLhAkEA3pwGpvXgLiWL +3h7QLYZLrLrbFRuRN4CYl4UYaAKokkAvZly04Glle8ycgOc2DzL4eiL4l/+x/gaq +deJU/cHLRQJBANOZY0mEoVkwhU4bScSdnfM6usQowYBEwHYYh/OTv1a3SqcCE1f+ +qbAclCqeNiHajCcDmgYJ53LfIgyv0wCS54kCQAXaPkaHclRkQlAdqUV5IWYyJ25f +oiq+Y8SgCCs73qixrU1YpJy9yKA/meG9smsl4Oh9IOIGI+zUygh9YdSmEq0CQQC2 +4G3IP2G3lNDRdZIm5NZ7PfnmyRabxk/UgVUWdk47IwTZHFkdhxKfC8QepUhBsAHL +QjifGXY4eJKUBm3FpDGJAkAFwUxYssiJjvrHwnHFbg0rFkvvY63OSmnRxiL4X6EY +yI9lblCsyfpl25l7l5zmJrAHn45zAiOoBrWqpM5edu7c +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index 580638c70..351e3ecc2 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1223,6 +1223,8 @@ RedmineApp::Application.routes.draw do end end + resource :sso, only: [:show, :create] + get '/:sub_dir_name', :to => 'org_subfields#show', :as => 'show_subfield_without_id' Dir.glob File.expand_path("plugins/*", Rails.root) do |plugin_dir| diff --git a/db/migrate/20160504060751_create_ssos.rb b/db/migrate/20160504060751_create_ssos.rb new file mode 100644 index 000000000..a01a7fe35 --- /dev/null +++ b/db/migrate/20160504060751_create_ssos.rb @@ -0,0 +1,16 @@ +class CreateSsos < ActiveRecord::Migration + def change + create_table :ssos do |t| + t.references :user + t.string :openid + t.string :name + t.string :password + t.string :email + t.integer :sex + t.string :school + + t.timestamps + end + add_index :ssos, :user_id + end +end diff --git a/db/schema.rb b/db/schema.rb index 3d3a54105..677b030df 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20160429030819) do +ActiveRecord::Schema.define(:version => 20160504060751) do create_table "activities", :force => true do |t| t.integer "act_id", :null => false @@ -1673,15 +1673,6 @@ ActiveRecord::Schema.define(:version => 20160429030819) do t.datetime "updated_at", :null => false end - create_table "shield_wechats", :force => true do |t| - t.string "container_type" - t.integer "container_id" - t.string "shield_type" - t.integer "shield_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - create_table "softapplications", :force => true do |t| t.string "name" t.text "description" @@ -1700,6 +1691,20 @@ ActiveRecord::Schema.define(:version => 20160429030819) do t.integer "project_id" end + create_table "ssos", :force => true do |t| + t.integer "user_id" + t.string "openid" + t.string "name" + t.string "password" + t.string "email" + t.integer "sex" + t.string "school" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + end + + add_index "ssos", ["user_id"], :name => "index_ssos_on_user_id" + create_table "student_work_projects", :force => true do |t| t.integer "homework_common_id" t.integer "student_work_id"