From e4653426d29534c7ba1ef54b883fced0f8894c8f Mon Sep 17 00:00:00 2001 From: guange <8863824@gmail.com> Date: Thu, 26 May 2016 12:59:15 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E5=B0=86openid=E5=AD=98=E5=88=B0session?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/wechats_controller.rb | 163 +++++++++++++++----------- app/views/wechats/create.html.erb | 0 app/views/wechats/login.html.erb | 6 +- 3 files changed, 94 insertions(+), 75 deletions(-) delete mode 100644 app/views/wechats/create.html.erb diff --git a/app/controllers/wechats_controller.rb b/app/controllers/wechats_controller.rb index 7ee0552fb..c1d235d75 100644 --- a/app/controllers/wechats_controller.rb +++ b/app/controllers/wechats_controller.rb @@ -150,87 +150,108 @@ class WechatsController < ActionController::Base end - def get_open_id - begin - raise "非法操作, code不存在" unless params[:code] - openid = get_openid_from_code(params[:code]) - raise "无法获取到openid" unless openid - render :json => {status:0, openid: openid} - rescue Exception=>e - render :json => {status: -1, msg: e.message} + + + ### controller method + include Controllers + + module Controllers + def get_open_id + begin + + code = params[:code] || session[:wechat_code] + openid = get_openid_from_code(code) + + + raise "无法获取到微信openid" unless openid + render :json => {status:0, openid: openid} + rescue Exception=>e + render :json => {status: -1, msg: e.message} + end end - end - def bind - begin - raise "非法操作, code不存在" unless params[:code] - openid = get_openid_from_code(params[:code]) - raise "无法获取到openid" unless openid - raise "此微信号已绑定用户, 不能重复绑定" if user_binded?(openid) + def bind + begin - user, last_login_on = User.try_to_login(params[:username], params[:password]) - raise "用户名或密码错误,请重新登录" unless user - #补全用户信息 + code = params[:code] || session[:wechat_code] + openid = get_openid_from_code(code) - raise "此用户已经绑定了公众号" if user.user_wechat + raise "无法获取到openid" unless openid + raise "此微信号已绑定用户, 不能重复绑定" if user_binded?(openid) - UserWechat.create!( - openid: openid, - user: user - ) - render :json => {status:0, msg: "绑定成功"} - rescue Exception=>e - render :json => {status: -1, msg: e.message} + user, last_login_on = User.try_to_login(params[:username], params[:password]) + raise "用户名或密码错误,请重新登录" unless user + #补全用户信息 + + raise "此用户已经绑定过公众号, 请换一个帐户试试" if user.user_wechat + + UserWechat.create!( + openid: openid, + user: user + ) + render :json => {status:0, msg: "绑定成功"} + rescue Exception=>e + render :json => {status: -1, msg: e.message} + end end - end - def login - @code = params[:code] #TODO 安全性 - render 'wechats/login', layout: 'base_wechat' - end + def login + session[:wechat_code] = params[:code] if params[:code] + render 'wechats/login', layout: 'base_wechat' + end - private - def get_openid_from_code(code) - url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=#{Wechat.config.appid}&secret=#{Wechat.config.secret}&code=#{code}&grant_type=authorization_code" - logger.debug url - body = URI.parse(url).read - logger.debug body - JSON.parse(body)["openid"] - end + private + def get_openid_from_code(code) + openid = session[:wechat_openid] - def user_binded?(openid) - uw = UserWechat.where(openid: openid).first - end - - def user_activity(user) - @user = user - shield_project_ids = ShieldActivity.where("container_type='User' and container_id=#{@user.id} and shield_type='Project'").map(&:shield_id) - shield_course_ids = ShieldActivity.where("container_type='User' and container_id=#{@user.id} and shield_type='Course'").map(&:shield_id) - @page = params[:page] ? params[:page].to_i + 1 : 0 - user_project_ids = (@user.projects.visible.map{|project| project.id}-shield_project_ids).empty? ? "(-1)" : "(" + (@user.projects.visible.map{|project| project.id}-shield_project_ids).join(",") + ")" - user_course_ids = (@user.courses.visible.map{|course| course.id}-shield_course_ids).empty? ? "(-1)" : "(" + (@user.courses.visible.map{|course| course.id}-shield_course_ids).join(",") + ")" - course_types = "('Message','News','HomeworkCommon','Poll','Course')" - project_types = "('Message','Issue','Project')" - principal_types = "JournalsForMessage" - - blog_ids = "("+@user.blog.id.to_s+","+((User.watched_by(@user.id).count == 0 )? '0' :User.watched_by(@user.id).map{|u| u.blog.id}.join(','))+")" - @user_activities = UserActivity.where("(container_type = 'Project' and container_id in #{user_project_ids} and act_type in #{project_types})" + - "or (container_type = 'Course' and container_id in #{user_course_ids} and act_type in #{course_types}) "+ - "or (container_type = 'Principal' and act_type= '#{principal_types}' and container_id = #{@user.id}) " + - "or (container_type = 'Blog' and act_type= 'BlogComment' and container_id in #{blog_ids})").order('updated_at desc').limit(10).offset(@page * 10) - - - end - - def process_activity(user_activity) - act= user_activity.act - case user_activity.container_type.to_s - when 'Course' - when 'Project' - case user_activity.act_type.to_s - when 'Issue' - [act.project.name.to_s+" | 项目问题", act.subject.to_s, url_to_avatar(act.author),"http://wechat.trustie.net/app.html#/issue/#{act.id}"] + unless openid + if code + openid = wechat.web_access_token(code)["openid"] end + end + + if openid + session[:wechat_openid] = openid + end + + return openid + end + + def user_binded?(openid) + uw = UserWechat.where(openid: openid).first + end + + def user_activity(user) + @user = user + shield_project_ids = ShieldActivity.where("container_type='User' and container_id=#{@user.id} and shield_type='Project'").map(&:shield_id) + shield_course_ids = ShieldActivity.where("container_type='User' and container_id=#{@user.id} and shield_type='Course'").map(&:shield_id) + @page = params[:page] ? params[:page].to_i + 1 : 0 + user_project_ids = (@user.projects.visible.map{|project| project.id}-shield_project_ids).empty? ? "(-1)" : "(" + (@user.projects.visible.map{|project| project.id}-shield_project_ids).join(",") + ")" + user_course_ids = (@user.courses.visible.map{|course| course.id}-shield_course_ids).empty? ? "(-1)" : "(" + (@user.courses.visible.map{|course| course.id}-shield_course_ids).join(",") + ")" + course_types = "('Message','News','HomeworkCommon','Poll','Course')" + project_types = "('Message','Issue','Project')" + principal_types = "JournalsForMessage" + + blog_ids = "("+@user.blog.id.to_s+","+((User.watched_by(@user.id).count == 0 )? '0' :User.watched_by(@user.id).map{|u| u.blog.id}.join(','))+")" + @user_activities = UserActivity.where("(container_type = 'Project' and container_id in #{user_project_ids} and act_type in #{project_types})" + + "or (container_type = 'Course' and container_id in #{user_course_ids} and act_type in #{course_types}) "+ + "or (container_type = 'Principal' and act_type= '#{principal_types}' and container_id = #{@user.id}) " + + "or (container_type = 'Blog' and act_type= 'BlogComment' and container_id in #{blog_ids})").order('updated_at desc').limit(10).offset(@page * 10) + + + end + + def process_activity(user_activity) + act= user_activity.act + case user_activity.container_type.to_s + when 'Course' + when 'Project' + case user_activity.act_type.to_s + when 'Issue' + [act.project.name.to_s+" | 项目问题", act.subject.to_s, url_to_avatar(act.author),"http://wechat.trustie.net/app.html#/issue/#{act.id}"] + end + end end end + end diff --git a/app/views/wechats/create.html.erb b/app/views/wechats/create.html.erb deleted file mode 100644 index e69de29bb..000000000 diff --git a/app/views/wechats/login.html.erb b/app/views/wechats/login.html.erb index 0e6fd8695..dc39b9f23 100644 --- a/app/views/wechats/login.html.erb +++ b/app/views/wechats/login.html.erb @@ -12,19 +12,17 @@