567 lines
19 KiB
Ruby
567 lines
19 KiB
Ruby
# Redmine - project management software
|
|
# Copyright (C) 2006-2013 Jean-Philippe Lang
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License
|
|
# as published by the Free Software Foundation; either version 2
|
|
# of the License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
class AccountController < ApplicationController
|
|
helper :custom_fields
|
|
include AccountHelper
|
|
include CustomFieldsHelper
|
|
require 'net/https'
|
|
require 'uri'
|
|
# prevents login action to be filtered by check_if_login_required application scope filter
|
|
skip_before_filter :check_if_login_required
|
|
skip_before_filter :verify_authenticity_token, :only =>[:codepedia_login]
|
|
# Login request and validation
|
|
#
|
|
def login
|
|
if params[:type] == "activated"
|
|
@message = l(:notice_account_activated)
|
|
elsif params[:type] == "expired"
|
|
@message = l(:notice_account_expired)
|
|
end
|
|
|
|
if request.get?
|
|
@login = params[:login] || true
|
|
if User.current.logged?
|
|
# 判断用户基本资料是否完善,不完善讲强制完善基本资料,完善进入主页
|
|
user = UserExtensions.where(:user_id => User.current.id).first
|
|
if user.gender.nil? || user.school_id.nil? || User.current.lastname.nil?
|
|
redirect_to my_account_path(:tip => 1)
|
|
elsif user.identity == 3 && user.school_id.nil?
|
|
redirect_to my_account_path(:tip => 1)
|
|
else
|
|
redirect_to user_path(User.current)
|
|
end
|
|
else
|
|
render :layout => 'login'
|
|
end
|
|
else
|
|
authenticate_user
|
|
end
|
|
end
|
|
|
|
def codepedia_login
|
|
logger.info("codepedia_login#########################################")
|
|
logger.info("#{params}")
|
|
user, last_login_on = User.try_to_login(params[:username], params[:password])
|
|
logger.info(user)
|
|
if user.blank?
|
|
render :json => { status: 0 }
|
|
else
|
|
render :json => { status: 1, user: user}
|
|
end
|
|
end
|
|
|
|
# 服务协议
|
|
def agreement
|
|
render :layout => 'static_base'
|
|
end
|
|
|
|
def about_us
|
|
render :layout => 'static_base'
|
|
end
|
|
|
|
# Log out current user and redirect to welcome page
|
|
def logout
|
|
if User.current.anonymous?
|
|
redirect_to signin_path
|
|
elsif request.post?
|
|
logout_user
|
|
redirect_to signin_path
|
|
end
|
|
# display the logout form
|
|
end
|
|
|
|
def heartbeat
|
|
render :json => session[:user_id]
|
|
end
|
|
|
|
# Lets user choose a new password
|
|
def lost_password
|
|
(redirect_to(signin_path); return) unless Setting.lost_password?
|
|
if params[:token]
|
|
@token = Token.find_token("recovery", params[:token].to_s)
|
|
if @token.nil? || @token.expired?
|
|
redirect_to signin_path
|
|
return
|
|
end
|
|
@user = @token.user
|
|
unless @user && @user.active?
|
|
redirect_to signin_path
|
|
return
|
|
end
|
|
if request.post?
|
|
@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
|
|
if @user.save
|
|
@token.destroy
|
|
flash[:notice] = l(:notice_account_password_updated)
|
|
redirect_to signin_url
|
|
return
|
|
end
|
|
end
|
|
render :template => "account/password_recovery"
|
|
return
|
|
else
|
|
if request.post?
|
|
user = User.find_by_mail(params[:mail].to_s)
|
|
# user not found or not active
|
|
unless user && user.active?
|
|
flash.now[:error] = l(:notice_account_unknown_email)
|
|
render :layout => 'static_base'
|
|
return
|
|
end
|
|
# user cannot change its password
|
|
unless user.change_password_allowed?
|
|
flash.now[:error] = l(:notice_can_t_change_password)
|
|
return
|
|
end
|
|
# create a new token for password recovery
|
|
token = Token.new(:user => user, :action => "recovery")
|
|
if token.save
|
|
Mailer.run.lost_password(token)
|
|
flash[:notice] = l(:notice_account_lost_email_sent)
|
|
redirect_to lost_password_path
|
|
return
|
|
end
|
|
end
|
|
render :layout => 'static_base'
|
|
end
|
|
end
|
|
|
|
# User self-registration
|
|
def register
|
|
(redirect_to(signin_path); return) unless Setting.self_registration? || session[:auth_source_registration]
|
|
if request.get?
|
|
session[:auth_source_registration] = nil
|
|
@user = User.new(:language => current_language.to_s)
|
|
else
|
|
user_params = params[:user] || {}
|
|
if session[:auth_source_registration]
|
|
@user.activate
|
|
@user.login = session[:auth_source_registration][:login]
|
|
@user.auth_source_id = session[:auth_source_registration][:auth_source_id]
|
|
if @user.save
|
|
session[:auth_source_registration] = nil
|
|
self.logged_user = @user
|
|
flash[:notice] = l(:notice_account_activated)
|
|
redirect_to my_account_path(:tip=>1)
|
|
end
|
|
else
|
|
us = UsersService.new
|
|
@user = us.register user_params.merge(:should_confirmation_password => true)
|
|
case Setting.self_registration
|
|
when '1'
|
|
#register_by_email_activation(@user)
|
|
unless @user.new_record?
|
|
redirect_to account_email_valid_path(:mail => @user.mail, :user_id => @user.id)
|
|
# flash[:notice] = l(:notice_account_register_done)
|
|
# render action: 'email_valid', locals: {:mail => @user.mail}
|
|
end
|
|
when '3'
|
|
#register_automatically(@user)
|
|
if !@user.new_record?
|
|
self.logged_user = @user
|
|
flash[:notice] = l(:notice_account_activated)
|
|
redirect_to my_account_url(:tip=>1)
|
|
else
|
|
redirect_to signin_path
|
|
end
|
|
else
|
|
#register_manually_by_administrator(@user)
|
|
unless @user.new_record?
|
|
account_pending
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
#should_confirmation_password是否验证密码
|
|
def create_and_save_user login,password,email,password_confirmation,should_confirmation_password
|
|
@user = User.new
|
|
@user.admin = false
|
|
@user.register
|
|
@user.login = login
|
|
@user.mail = email
|
|
if should_confirmation_password && !password.blank? && !password_confirmation.blank?
|
|
@user.password,@user.password_confirmation = password,password_confirmation
|
|
elsif !should_confirmation_password && !password.blank?
|
|
@user.password = password
|
|
else
|
|
@user.password = ""
|
|
end
|
|
case Setting.self_registration
|
|
when '1'
|
|
register_by_email_activation(@user)
|
|
when '3'
|
|
register_automatically(@user)
|
|
else
|
|
register_manually_by_administrator(@user)
|
|
end
|
|
if @user.id != nil
|
|
ue = @user.user_extensions ||= UserExtensions.new
|
|
ue.user_id = @user.id
|
|
ue.save
|
|
end
|
|
@user
|
|
end
|
|
|
|
# Token based account activation
|
|
def activate
|
|
(redirect_to(signin_path); return) unless Setting.self_registration? && params[:token].present?
|
|
token = Token.find_token('register', params[:token].to_s)
|
|
type = l(:notice_account_expired) if (token && token.expired?)
|
|
(redirect_to(signin_path(:type => "expired")); return) unless token and !token.expired?
|
|
user = token.user
|
|
(redirect_to(signin_path); return) unless user.registered?
|
|
user.activate
|
|
if user.save
|
|
token.destroy
|
|
flash[:notice] = l(:notice_account_activated)
|
|
end
|
|
redirect_to signin_url(:type => "activated")
|
|
end
|
|
|
|
def api_register login,password,email
|
|
users_service = UsersService.new
|
|
users_service.register({login: login, password: password, email: eamil})
|
|
end
|
|
|
|
def valid_ajax
|
|
req = Hash.new(false)
|
|
req[:message] = ''
|
|
|
|
valid_attr = params[:valid]
|
|
valid_value = params[:value]
|
|
|
|
faker = User.new
|
|
|
|
if valid_attr.eql?('login')
|
|
faker.login = valid_value
|
|
faker.valid?
|
|
req[:valid] = faker.errors[:login].blank?
|
|
req[:message] = faker.errors[:login]
|
|
end
|
|
|
|
if valid_attr.eql?('mail')
|
|
faker.mail = valid_value
|
|
faker.valid?
|
|
req[:valid] = faker.errors[:mail].blank?
|
|
req[:message] = faker.errors[:mail]
|
|
end
|
|
|
|
req[:message] = l(:modal_valid_passing) if req[:message].blank?
|
|
render :json => req
|
|
end
|
|
|
|
def get_email_info
|
|
user = User.find(params[:user_id])
|
|
if user.present? && user.mail.present?
|
|
begin
|
|
email_path = Redmine::Configuration['email_path']
|
|
email_secret = Redmine::Configuration['email_secret']
|
|
email_Corp_ID = Redmine::Configuration['email_Corp_ID']
|
|
uri = "#{email_path}/gettoken?corpid=#{email_Corp_ID}&corpsecret=#{email_secret}"
|
|
uri = URI.parse(uri)
|
|
Rails.logger.info("get_access_token_uri: #{uri}")
|
|
http = Net::HTTP.new(uri.host, uri.port)
|
|
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
http.use_ssl = true
|
|
Rails.logger.info("get_access_token_uri_path: #{uri.request_uri}")
|
|
request = Net::HTTP::Get.new(uri.request_uri)
|
|
|
|
res = http.request(request)
|
|
|
|
res = JSON.parse(res.body)
|
|
Rails.logger.info("get_access_token: #{res}")
|
|
if res['access_token'].present?
|
|
Rails.logger.info("access_token: #{res['access_token']}")
|
|
uri_params = {:begin_date => "#{Time.now.strftime('%Y-%m-%d')}", :end_date => "#{Time.now.strftime('%Y-%m-%d')}",
|
|
:mailtype => 1, :userid => "notification@trustie.org", :subject => params[:subject]}
|
|
uri_params = uri_params.to_json
|
|
Rails.logger.info("get_uri_params: #{uri_params}")
|
|
log_uri = "#{email_path}/log/mail?access_token=#{res['access_token']}"
|
|
log_uri = URI.parse(log_uri)
|
|
Rails.logger.info("get_log_uri: #{log_uri}")
|
|
|
|
http = Net::HTTP.new(log_uri.host, log_uri.port)
|
|
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
http.use_ssl = true
|
|
request = Net::HTTP::Post.new(log_uri.request_uri, initheader = {'Content-Type' =>'application/json'})
|
|
request['foo'] = 'bar'
|
|
request.body = "#{uri_params}"
|
|
|
|
Rails.logger.info("request: #{request.body}")
|
|
response = http.start { |http| http.request(request) }
|
|
res = JSON.parse(response.body)
|
|
Rails.logger.info("get_log: #{res}")
|
|
|
|
if res['errcode'] == 0
|
|
status = -1
|
|
res['list'].each do |list|
|
|
if list['receiver'] == user.mail
|
|
status = list['status']
|
|
end
|
|
end
|
|
render :json => {:result => "succuss", :message => email_status(status)}
|
|
end
|
|
else
|
|
render :json => {:result => "fail"}
|
|
end
|
|
rescue => e
|
|
Rails.logger.error("failed to get email info! #{e}")
|
|
end
|
|
end
|
|
end
|
|
|
|
def email_valid
|
|
begin
|
|
@mail_type = params[:mail].split("@")[1]
|
|
@user = User.find(params[:user_id])
|
|
rescue
|
|
return render_404
|
|
end
|
|
respond_to do |format|
|
|
format.html { render :layout => "base_mail"}
|
|
format.js
|
|
end
|
|
end
|
|
|
|
def resendmail
|
|
result = {:status=>1, :email=>""}
|
|
user = User.find(params[:user]) if params[:user]
|
|
result[:email] = user.mail
|
|
token = Token.new(:user => user, :action => "register")
|
|
if token.save
|
|
# Mailer.run.register(token)
|
|
Mailer.register(token).deliver
|
|
else
|
|
yield if block_given?
|
|
result[:status] = 0
|
|
end
|
|
render :json => result
|
|
end
|
|
|
|
def change_email
|
|
user = User.find params[:user_id].to_i
|
|
user.update_attributes(:mail => params[:value])
|
|
result = {:email => user.mail}
|
|
|
|
render :json => result
|
|
end
|
|
|
|
def email_activation
|
|
|
|
|
|
end
|
|
private
|
|
|
|
def authenticate_user
|
|
if Setting.openid? && using_open_id?
|
|
open_id_authenticate(params[:openid_url])
|
|
else
|
|
password_authentication
|
|
end
|
|
end
|
|
|
|
def password_authentication
|
|
user, last_login_on = User.try_to_login(params[:username], params[:password])
|
|
|
|
if user.nil?
|
|
invalid_credentials
|
|
elsif user.status == 2
|
|
@user = user
|
|
invalid_credentials_new
|
|
elsif user.new_record?
|
|
onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
|
|
else
|
|
# Valid user
|
|
successful_authentication(user, last_login_on)
|
|
end
|
|
end
|
|
|
|
def open_id_authenticate(openid_url)
|
|
back_url = signin_url(:autologin => params[:autologin])
|
|
|
|
authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => back_url, :method => :post) do |result, identity_url, registration|
|
|
if result.successful?
|
|
user = User.find_or_initialize_by_identity_url(identity_url)
|
|
if user.new_record?
|
|
# Self-registration off
|
|
(redirect_to(signin_path); return) unless Setting.self_registration?
|
|
|
|
# Create on the fly
|
|
user.login = registration['nickname'] unless registration['nickname'].nil?
|
|
user.mail = registration['email'] unless registration['email'].nil?
|
|
user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
|
|
user.random_password
|
|
user.register
|
|
|
|
case Setting.self_registration
|
|
when '1'
|
|
register_by_email_activation(user) do
|
|
onthefly_creation_failed(user)
|
|
end
|
|
when '3'
|
|
register_automatically(user) do
|
|
onthefly_creation_failed(user)
|
|
end
|
|
else
|
|
register_manually_by_administrator(user) do
|
|
onthefly_creation_failed(user)
|
|
end
|
|
end
|
|
else
|
|
# Existing record
|
|
if user.active?
|
|
successful_authentication(user)
|
|
else
|
|
account_pending
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
def successful_authentication(user, last_login_on)
|
|
logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
|
|
# Valid user
|
|
self.logged_user = user
|
|
# generate a key and set cookie if autologin
|
|
if params[:autologin] && Setting.autologin?
|
|
set_autologin_cookie(user)
|
|
end
|
|
call_hook(:controller_account_success_authentication_after, {:user => user })
|
|
|
|
code = /\d*/
|
|
#根据homes_url生产正则表达式
|
|
eval("code = " + "/^" + homes_url.gsub(/\//,"\\\/") + "\\\/*(welcome)?\\\/*(\\\/index\\\/*.*)?\$/")
|
|
if (code=~params[:back_url] || params[:back_url].to_s.include?('lost_password')) && last_login_on != ''
|
|
redirect_to user_activities_path(user,host: Setting.host_user)
|
|
elsif params[:back_url64]
|
|
redirect_to Base64.urlsafe_decode64(params[:back_url64])
|
|
else
|
|
if last_login_on == ''
|
|
redirect_to my_account_url
|
|
else
|
|
#by young
|
|
#redirect_back_or_default my_page_path
|
|
# 基本资料不完善的用户,将强制用户完善基本资料。
|
|
user = UserExtensions.where(:user_id => User.current.id).first
|
|
if user.gender.nil? || user.school_id.nil? || User.current.lastname.nil?
|
|
redirect_to my_account_path(:tip => 1)
|
|
elsif user.identity == 3 && user.school_id.nil?
|
|
redirect_to my_account_path(:tip => 1)
|
|
else
|
|
redirect_back_or_default User.current
|
|
#redirect_to my_account_url
|
|
#redirect_to User.current
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
def set_autologin_cookie(user)
|
|
token = Token.get_or_create_permanent_login_token(user)
|
|
cookie_options = {
|
|
:value => token.value,
|
|
:expires => 1.month.from_now,
|
|
:path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
|
|
:secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
|
|
:httponly => true
|
|
}
|
|
if Redmine::Configuration['cookie_domain'].present?
|
|
cookie_options = cookie_options.merge(domain: Redmine::Configuration['cookie_domain'])
|
|
end
|
|
cookies[autologin_cookie_name] = cookie_options
|
|
end
|
|
|
|
# Onthefly creation failed, display the registration form to fill/fix attributes
|
|
def onthefly_creation_failed(user, auth_source_options = { })
|
|
@user = user
|
|
session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
|
|
render :action => 'register'
|
|
end
|
|
|
|
def invalid_credentials
|
|
logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
|
|
flash[:error] = l(:notice_account_invalid_creditentials)
|
|
# render :layout => 'login'
|
|
redirect_to signin_path(:login=>true)
|
|
end
|
|
|
|
def invalid_credentials_new
|
|
logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
|
|
# flash[:error] = l(:notice_account_invalid_creditentials_new)
|
|
# render signin_path(:login=>true)
|
|
render :action => 'email_activation'
|
|
end
|
|
|
|
# Register a user for email activation.
|
|
#
|
|
# Pass a block for behavior when a user fails to save
|
|
def register_by_email_activation(user, &block)
|
|
token = Token.new(:user => user, :action => "register")
|
|
if user.save and token.save
|
|
UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
|
|
Mailer.run.register(token)
|
|
|
|
|
|
flash[:notice] = l(:notice_account_register_done)
|
|
|
|
render action: 'email_valid', locals: {:mail => user.mail}
|
|
else
|
|
yield if block_given?
|
|
end
|
|
end
|
|
|
|
# Automatically register a user
|
|
#
|
|
# Pass a block for behavior when a user fails to save
|
|
def register_automatically(user, &block)
|
|
# Automatic activation
|
|
user.activate
|
|
user.last_login_on = Time.now
|
|
if user.save
|
|
UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
|
|
self.logged_user = user
|
|
flash[:notice] = l(:notice_account_activated)
|
|
redirect_to my_account_url
|
|
else
|
|
yield if block_given?
|
|
end
|
|
end
|
|
|
|
# Manual activation by the administrator
|
|
#
|
|
# Pass a block for behavior when a user fails to save
|
|
def register_manually_by_administrator(user, &block)
|
|
if user.save
|
|
UserStatus.create(:user_id => user.id ,:changsets_count => 0, :watchers_count => 0)
|
|
# Sends an email to the administrators
|
|
Mailer.run.account_activation_request(user)
|
|
account_pending
|
|
else
|
|
yield if block_given?
|
|
end
|
|
end
|
|
|
|
def account_pending
|
|
flash[:notice] = l(:notice_account_pending)
|
|
redirect_to signin_url
|
|
end
|
|
end
|