sso同步登录功能完成
This commit is contained in:
parent
df41f7328f
commit
dfdd301f2f
2
Gemfile
2
Gemfile
|
|
@ -49,7 +49,7 @@ gem 'elasticsearch-rails'
|
|||
group :development do
|
||||
gem 'grape-swagger'
|
||||
gem 'better_errors', '~> 1.1.0'
|
||||
gem "query_reviewer"
|
||||
# gem "query_reviewer"
|
||||
# gem 'rack-mini-profiler', '~> 0.9.3'
|
||||
if RUBY_PLATFORM =~ /w32/
|
||||
gem 'win32console'
|
||||
|
|
|
|||
|
|
@ -1,45 +0,0 @@
|
|||
#coding=utf-8
|
||||
|
||||
require 'base64'
|
||||
require 'json'
|
||||
require 'openssl'
|
||||
|
||||
## 单点登录 <=> 北斗
|
||||
class SsoController < ApplicationController
|
||||
|
||||
skip_before_filter :check_if_login_required
|
||||
|
||||
def index
|
||||
options = parse(params[:auth])
|
||||
|
||||
logger.debug options
|
||||
|
||||
## 认证
|
||||
login(options[:id])
|
||||
|
||||
## 选择性跳转
|
||||
|
||||
redirect_to Organization.find(82)
|
||||
|
||||
end
|
||||
|
||||
private
|
||||
def base64_safe(content)
|
||||
content = content.gsub('-', '+')
|
||||
content.gsub('_', '/')
|
||||
end
|
||||
|
||||
def parse(auth)
|
||||
crypted_str = Base64.decode64(base64_safe(auth))
|
||||
pkey = OpenSSL::PKey::RSA.new(File.new(File.join(Rails.root,"config/private.key")))
|
||||
content = pkey.private_decrypt(crypted_str,OpenSSL::PKey::RSA::PKCS1_PADDING)
|
||||
# content = pkey.private_decrypt(crypted_str)
|
||||
ActiveSupport::JSON.decode(content)
|
||||
end
|
||||
|
||||
def login(id)
|
||||
sso = Sso.find(id)
|
||||
start_user_session(sso.user)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
@ -0,0 +1,66 @@
|
|||
#coding=utf-8
|
||||
|
||||
require 'base64'
|
||||
require 'json'
|
||||
require 'openssl'
|
||||
|
||||
## 单点登录 <=> 北斗
|
||||
class SsosController < ApplicationController
|
||||
|
||||
skip_before_filter :check_if_login_required
|
||||
layout false
|
||||
|
||||
def show
|
||||
begin
|
||||
# suRh2nFEJd0Ai_TFbqZ-1yQXnGfIB-YD_f4KTA3O4dQGSBMiXfOMt-0mzizgXekWTjHKfn62nJ60iHM3_eY_KS0Qn8SF8vANfa46GhzZRt4T0iC5ZOSs4cWeK43OU0RoekQLZZAo5OyOVibxabmiPGzEFCnVVtdmRk9d7X_B0Is=
|
||||
@auth = params[:auth]
|
||||
@options = parse(params[:auth])
|
||||
|
||||
if params[:login].present?
|
||||
@options["name"] = params[:login]
|
||||
end
|
||||
|
||||
logger.debug @options
|
||||
## 认证
|
||||
login(@options)
|
||||
|
||||
logger.debug "login over"
|
||||
|
||||
## 选择性跳转
|
||||
|
||||
redirect_to Organization.find(1)
|
||||
rescue => e
|
||||
logger.error e
|
||||
if e.message == "exist user"
|
||||
render 'ssos/show', :layout => false
|
||||
else
|
||||
raise e
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
## 改用户名
|
||||
def create
|
||||
show and return
|
||||
end
|
||||
|
||||
private
|
||||
def base64_safe(content)
|
||||
content = content.gsub('-', '+')
|
||||
content.gsub('_', '/')
|
||||
end
|
||||
|
||||
def parse(auth)
|
||||
crypted_str = Base64.decode64(base64_safe(auth))
|
||||
pkey = OpenSSL::PKey::RSA.new(File.new(File.join(Rails.root,"config/private.key")))
|
||||
content = pkey.private_decrypt(crypted_str,OpenSSL::PKey::RSA::PKCS1_PADDING)
|
||||
# content = pkey.private_decrypt(crypted_str)
|
||||
ActiveSupport::JSON.decode(content)
|
||||
end
|
||||
|
||||
def login(opt)
|
||||
sso = Sso.sync_user(opt)
|
||||
start_user_session(sso.user)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
@ -1,4 +1,56 @@
|
|||
class Sso < ActiveRecord::Base
|
||||
belongs_to :user
|
||||
attr_accessible :email, :name, :openid, :password, :school, :sex
|
||||
attr_accessible :email, :name, :openid, :password, :school, :sex, :user, :user_id
|
||||
|
||||
validates :user_id, :user, :email, :openid, :presence => true
|
||||
|
||||
def self.sync_user(opt)
|
||||
sso = Sso.where(openid: opt["openid"]).first
|
||||
return sso if sso
|
||||
|
||||
sso = Sso.new
|
||||
sso.name = opt["name"]
|
||||
sso.openid = opt["openid"]
|
||||
sso.email = opt["email"]
|
||||
sso.password = opt["password"]
|
||||
sso.school = opt["school"]
|
||||
sso.sex = opt["sex"]
|
||||
|
||||
|
||||
# 查邮箱
|
||||
user = User.where(mail: opt["email"]).first
|
||||
|
||||
unless user
|
||||
# 查用户名
|
||||
|
||||
user = User.where(login: opt["name"]).first
|
||||
if user
|
||||
# 跳到修改用户名
|
||||
raise "exist user"
|
||||
end
|
||||
|
||||
password = opt["password"]
|
||||
if password.size < 8
|
||||
password = random_pwd
|
||||
end
|
||||
us = UsersService.new
|
||||
user = us.register(login: opt["name"], mail: opt["email"],
|
||||
password: password,
|
||||
:should_confirmation_password => false)
|
||||
if user.new_record?
|
||||
raise user.errors.full_messages.first
|
||||
end
|
||||
end
|
||||
|
||||
sso.user = user
|
||||
sso.save!
|
||||
return sso
|
||||
end
|
||||
|
||||
|
||||
private
|
||||
def self.random_pwd
|
||||
('a'..'z').to_a.shuffle[0..7].join
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
|||
|
|
@ -0,0 +1,64 @@
|
|||
<!doctype html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title>跳转页面</title>
|
||||
<style>
|
||||
body,h1,h2,h3,h4,h5,h6,hr,p,blockquote,dl,dt,dd,ul,ol,li,pre,form,fieldset,legend,button,input,textarea,th,td{ margin:0; padding:0;}
|
||||
body,table,input,textarea,select,button { font-family: "微软雅黑","宋体"; font-size:12px;line-height:1.5; background:#eaebec;}
|
||||
div,img,tr,td,table{ border:0;}
|
||||
table,tr,td{border:0;cellspacing:0; cellpadding:0;}
|
||||
ol,ul,li{ list-style-type:none}
|
||||
a:link,a:visited{color:#7f7f7f;text-decoration:none;}
|
||||
a:hover,a:active{color:#000;}
|
||||
|
||||
/*跳转页面*/
|
||||
.goto-cont{ width:1000px; margin: 10px auto; padding:100px 0 500px; line-height:1.9; background:#fff;color:#636363;}
|
||||
.goto-cont h2{ text-align:center; font-weight:normal; font-size:20px; margin-bottom:15px; color:#636363; }
|
||||
.goto-table{ width:382px; margin:0 auto; }
|
||||
.goto-table tr td{ line-height:40px; background-color:#fff; }
|
||||
.goto-tableft{ width:80px; text-align:right; font-size:16px;}
|
||||
.goto-input{ border: 1px solid #c2c2c2; padding: 2px 5px;vertical-align: middle;line-height: 35px;height: 35px; background-color:#fff; width:300px; font-size:16px;}
|
||||
.goto-submit{ width:312px; height:40px; margin:0 auto;line-height:40px; background-color:#269ac9; color:#fff; text-align:center; border:none; margin-top:20px; font-size:16px; }
|
||||
.goto-submit:hover{background-color: #1f82aa;}
|
||||
.goto-red{ color:#D71215;}
|
||||
|
||||
|
||||
|
||||
</style>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="" style="height:54px; background:#269ac9;"></div>
|
||||
<%= form_tag('/sso') do -%>
|
||||
<div class="goto-cont">
|
||||
<h2>请修改您的资料,以确保Trustie为您提供更便捷的服务</h2>
|
||||
<table cellSpacing="0" cellPadding="0" class="goto-table">
|
||||
<tr>
|
||||
<td class="goto-tableft"> 用户名:</td>
|
||||
<td >
|
||||
<input type="text" class="goto-input" value="<%= @options["name"] %>" name="login"/>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td></td>
|
||||
<td class="goto-red">已存在相同用户名,请选择更合适的用户名</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="goto-tableft" > 邮箱:</td>
|
||||
<td >
|
||||
<input type="email" class="goto-input" value="<%= @options["email"] %>" disabled="disabled" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td></td>
|
||||
<td ><input type="submit" value="确定" class="goto-submit"/></td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
<%= hidden_field_tag 'auth', @auth %>
|
||||
<% end -%>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
@ -1197,7 +1197,7 @@ RedmineApp::Application.routes.draw do
|
|||
end
|
||||
end
|
||||
|
||||
get '/sso', to: 'sso#index'
|
||||
resource :sso, only: [:show, :create]
|
||||
|
||||
get '/:sub_dir_name', :to => 'org_subfields#show', :as => 'show_subfield_without_id'
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue