Gitlink
/
forgeplus
33
1
Fork 58
Code Issues 1 Pull Requests 1 Packages Releases 15 Wiki Activity

Merge branch 'dev_trustie' into dev_devops

This commit is contained in:
Jasder 2020-08-17 17:41:39 +08:00
parent a4d8338cb5 9f85b8da8e
commit ad229081f0
2 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/controllers/oauth/educoder_controller.rb
View File

@ -5,7 +5,7 @@ class Oauth::EducoderController < Oauth::BaseController
callback_url = params[:callback_url]
token = params[:token]
::OauthEducoderForm.new({login: login, token: token, callback_url: callback_url}).validate!
::OauthEducoderForm.new({login: login, token: token, mail: mail, callback_url: callback_url}).validate!
open_user= OpenUsers::Educoder.find_by(uid: login)
@ -16,8 +16,9 @@ class Oauth::EducoderController < Oauth::BaseController
redirect_to callback_url
else
Rails.logger.info "######## open user not exits"
user = User.find_by(login: login)
if user
user = User.find_by('login = ? or mail = ?', login, mail)
if user.is_a?(User)
OpenUsers::Educoder.create!(user: user, uid: user.login)
successful_authentication(user)

9
app/forms/oauth_educoder_form.rb
View File

@ -1,26 +1,21 @@
class OauthEducoderForm
include ActiveModel::Model
attr_accessor :login, :token, :callback_url
attr_accessor :login, :token, :mail, :callback_url
validates :login, presence: true
validates :token, presence: true
validates :mail, presence: true
validates :callback_url, presence: true
validate :check_callback_url!
validate :check_auth!
def check_auth!
Rails.logger.info "====login: #{login} ====token: #{token} ==== callback_url: #{callback_url}"
secret = OauthEducoder.config[:access_key_secret]
Rails.logger.info "==== secret: #{secret}"
before_raw_pay_load = Digest::SHA1.hexdigest("#{login}#{secret}#{Time.now.to_i/60-1}")
now_raw_pay_load = Digest::SHA1.hexdigest("#{login}#{secret}#{Time.now.to_i/60}")
Rails.logger.info "==== before_raw_pay_load: #{before_raw_pay_load}"
Rails.logger.info "==== now_raw_pay_load: #{now_raw_pay_load}"
Rails.logger.info "==== token: #{token}"
if token != now_raw_pay_load && token != before_raw_pay_load
raise '你的请求无效值无效.'
end