Browse Source

FIX educoder帐号同步流程优化(支持邮箱自动授权)

tags/v1.0.0
Jasder 5 years ago
parent
commit
7db195147e
2 changed files with 7 additions and 10 deletions
  1. +5
    -3
      app/controllers/oauth/educoder_controller.rb
  2. +2
    -7
      app/forms/oauth_educoder_form.rb

+ 5
- 3
app/controllers/oauth/educoder_controller.rb View File

@@ -5,7 +5,7 @@ class Oauth::EducoderController < Oauth::BaseController
callback_url = params[:callback_url] callback_url = params[:callback_url]
token = params[:token] token = params[:token]


::OauthEducoderForm.new({login: login, token: token, callback_url: callback_url}).validate!
::OauthEducoderForm.new({login: login, token: token, mail: mail, callback_url: callback_url}).validate!


open_user= OpenUsers::Educoder.find_by(uid: login) open_user= OpenUsers::Educoder.find_by(uid: login)


@@ -16,8 +16,10 @@ class Oauth::EducoderController < Oauth::BaseController
redirect_to callback_url redirect_to callback_url
else else
Rails.logger.info "######## open user not exits" Rails.logger.info "######## open user not exits"
user = User.find_by(login: login)
if user
user = User.find_by(login: login) || User.find_by(mail: mail)
user = User.find_by('login = ? or mail = ?', login, mail)

if user && user.is_a?(User)
OpenUsers::Educoder.create!(user: user, uid: user.login) OpenUsers::Educoder.create!(user: user, uid: user.login)
successful_authentication(user) successful_authentication(user)




+ 2
- 7
app/forms/oauth_educoder_form.rb View File

@@ -1,26 +1,21 @@
class OauthEducoderForm class OauthEducoderForm
include ActiveModel::Model include ActiveModel::Model


attr_accessor :login, :token, :callback_url
attr_accessor :login, :token, :mail, :callback_url


validates :login, presence: true validates :login, presence: true
validates :token, presence: true validates :token, presence: true
validates :mail, presence: true
validates :callback_url, presence: true validates :callback_url, presence: true


validate :check_callback_url! validate :check_callback_url!
validate :check_auth! validate :check_auth!


def check_auth! def check_auth!
Rails.logger.info "====login: #{login} ====token: #{token} ==== callback_url: #{callback_url}"
secret = OauthEducoder.config[:access_key_secret] secret = OauthEducoder.config[:access_key_secret]
Rails.logger.info "==== secret: #{secret}"
before_raw_pay_load = Digest::SHA1.hexdigest("#{login}#{secret}#{Time.now.to_i/60-1}") before_raw_pay_load = Digest::SHA1.hexdigest("#{login}#{secret}#{Time.now.to_i/60-1}")
now_raw_pay_load = Digest::SHA1.hexdigest("#{login}#{secret}#{Time.now.to_i/60}") now_raw_pay_load = Digest::SHA1.hexdigest("#{login}#{secret}#{Time.now.to_i/60}")


Rails.logger.info "==== before_raw_pay_load: #{before_raw_pay_load}"
Rails.logger.info "==== now_raw_pay_load: #{now_raw_pay_load}"
Rails.logger.info "==== token: #{token}"

if token != now_raw_pay_load && token != before_raw_pay_load if token != now_raw_pay_load && token != before_raw_pay_load
raise '你的请求无效值无效.' raise '你的请求无效值无效.'
end end


Loading…
Cancel
Save