sso同步登录功能完成

9 years ago · dfdd301f2f
parent df41f7328f
commit dfdd301f2f
6 changed files with 185 additions and 48 deletions
--- a/2
+++ b/2
@ -49,7 +49,7 @@ gem 'elasticsearch-rails'
 group :development do
  gem 'grape-swagger'
  gem 'better_errors', '~> 1.1.0'
-  gem "query_reviewer"
+  # gem "query_reviewer"
  # gem 'rack-mini-profiler', '~> 0.9.3'
  if RUBY_PLATFORM =~ /w32/
    gem  'win32console'
--- a/app/controllers/sso_controller.rb
+++ b/app/controllers/sso_controller.rb
@ -1,45 +0,0 @@
-#coding=utf-8
-
-require 'base64'
-require 'json'
-require 'openssl'
-
-## 单点登录 <=> 北斗
-class SsoController < ApplicationController
-
-  skip_before_filter :check_if_login_required
-
-  def index
-    options = parse(params[:auth])
-
-    logger.debug options
-
-    ## 认证
-    login(options[:id])
-
-    ## 选择性跳转
-
-    redirect_to Organization.find(82)
-
-  end
-
-  private
-  def base64_safe(content)
-    content = content.gsub('-', '+')
-    content.gsub('_', '/')
-  end
-
-  def parse(auth)
-    crypted_str = Base64.decode64(base64_safe(auth))
-    pkey = OpenSSL::PKey::RSA.new(File.new(File.join(Rails.root,"config/private.key")))
-    content = pkey.private_decrypt(crypted_str,OpenSSL::PKey::RSA::PKCS1_PADDING)
-    # content = pkey.private_decrypt(crypted_str)
-    ActiveSupport::JSON.decode(content)
-  end
-
-  def login(id)
-    sso = Sso.find(id)
-    start_user_session(sso.user)
-  end
-
-end
--- a/app/controllers/ssos_controller.rb
+++ b/app/controllers/ssos_controller.rb
@ -0,0 +1,66 @@
+#coding=utf-8
+
+require 'base64'
+require 'json'
+require 'openssl'
+
+## 单点登录 <=> 北斗
+class SsosController < ApplicationController
+
+  skip_before_filter :check_if_login_required
+  layout false
+
+  def show
+    begin
+      # suRh2nFEJd0Ai_TFbqZ-1yQXnGfIB-YD_f4KTA3O4dQGSBMiXfOMt-0mzizgXekWTjHKfn62nJ60iHM3_eY_KS0Qn8SF8vANfa46GhzZRt4T0iC5ZOSs4cWeK43OU0RoekQLZZAo5OyOVibxabmiPGzEFCnVVtdmRk9d7X_B0Is=
+      @auth = params[:auth]
+      @options = parse(params[:auth])
+
+      if params[:login].present?
+        @options["name"] = params[:login]
+      end
+
+      logger.debug @options
+      ## 认证
+      login(@options)
+
+      logger.debug "login over"
+
+      ## 选择性跳转
+
+      redirect_to Organization.find(1)
+    rescue => e
+      logger.error e
+      if e.message == "exist user"
+        render 'ssos/show', :layout => false
+      else
+        raise e
+      end
+    end
+  end
+
+  ## 改用户名
+  def create
+    show and return
+  end
+
+  private
+  def base64_safe(content)
+    content = content.gsub('-', '+')
+    content.gsub('_', '/')
+  end
+
+  def parse(auth)
+    crypted_str = Base64.decode64(base64_safe(auth))
+    pkey = OpenSSL::PKey::RSA.new(File.new(File.join(Rails.root,"config/private.key")))
+    content = pkey.private_decrypt(crypted_str,OpenSSL::PKey::RSA::PKCS1_PADDING)
+    # content = pkey.private_decrypt(crypted_str)
+    ActiveSupport::JSON.decode(content)
+  end
+
+  def login(opt)
+    sso = Sso.sync_user(opt)
+    start_user_session(sso.user)
+  end
+
+end
--- a/app/models/sso.rb
+++ b/app/models/sso.rb
@ -1,4 +1,56 @@
 class Sso < ActiveRecord::Base
  belongs_to :user
-  attr_accessible :email, :name, :openid, :password, :school, :sex
+  attr_accessible :email, :name, :openid, :password, :school, :sex, :user, :user_id
+
+  validates :user_id, :user, :email, :openid, :presence => true
+
+  def self.sync_user(opt)
+    sso = Sso.where(openid: opt["openid"]).first
+    return sso if sso
+
+    sso = Sso.new
+    sso.name     = opt["name"]
+    sso.openid   = opt["openid"]
+    sso.email    = opt["email"]
+    sso.password = opt["password"]
+    sso.school   = opt["school"]
+    sso.sex      = opt["sex"]
+
+
+    # 查邮箱
+    user = User.where(mail: opt["email"]).first
+
+    unless user
+      # 查用户名
+
+      user = User.where(login: opt["name"]).first
+      if user
+        # 跳到修改用户名
+        raise "exist user"
+      end
+
+      password = opt["password"]
+      if password.size < 8
+        password = random_pwd
+      end
+      us = UsersService.new
+      user = us.register(login: opt["name"], mail: opt["email"],
+                         password: password,
+                         :should_confirmation_password => false)
+      if user.new_record?
+        raise user.errors.full_messages.first
+      end
+    end
+
+    sso.user = user
+    sso.save!
+    return sso
+  end
+
+
+  private
+  def self.random_pwd
+    ('a'..'z').to_a.shuffle[0..7].join
+  end
+
 end
--- a/app/views/ssos/show.html.erb
+++ b/app/views/ssos/show.html.erb
@ -0,0 +1,64 @@
+<!doctype html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>跳转页面</title>
+  <style>
+    body,h1,h2,h3,h4,h5,h6,hr,p,blockquote,dl,dt,dd,ul,ol,li,pre,form,fieldset,legend,button,input,textarea,th,td{ margin:0; padding:0;}
+    body,table,input,textarea,select,button { font-family: "微软雅黑","宋体"; font-size:12px;line-height:1.5; background:#eaebec;}
+    div,img,tr,td,table{ border:0;}
+    table,tr,td{border:0;cellspacing:0; cellpadding:0;}
+    ol,ul,li{ list-style-type:none}
+    a:link,a:visited{color:#7f7f7f;text-decoration:none;}
+    a:hover,a:active{color:#000;}
+
+    /*跳转页面*/
+    .goto-cont{ width:1000px; margin: 10px auto; padding:100px 0 500px;  line-height:1.9; background:#fff;color:#636363;}
+    .goto-cont h2{ text-align:center; font-weight:normal; font-size:20px; margin-bottom:15px; color:#636363; }
+    .goto-table{ width:382px; margin:0 auto; }
+    .goto-table tr td{ line-height:40px; background-color:#fff; }
+    .goto-tableft{ width:80px; text-align:right; font-size:16px;}
+    .goto-input{    border: 1px solid #c2c2c2; padding: 2px 5px;vertical-align: middle;line-height: 35px;height: 35px; background-color:#fff; width:300px; font-size:16px;}
+    .goto-submit{ width:312px; height:40px; margin:0 auto;line-height:40px; background-color:#269ac9; color:#fff; text-align:center; border:none; margin-top:20px; font-size:16px; }
+    .goto-submit:hover{background-color: #1f82aa;}
+    .goto-red{  color:#D71215;}
+
+
+
+  </style>
+</head>
+
+<body>
+<div class="" style="height:54px; background:#269ac9;"></div>
+<%= form_tag('/sso') do -%>
+<div class="goto-cont">
+  <h2>请修改您的资料，以确保Trustie为您提供更便捷的服务</h2>
+  <table  cellSpacing="0" cellPadding="0" class="goto-table">
+    <tr>
+      <td class="goto-tableft">  用户名：</td>
+      <td >
+        <input type="text" class="goto-input" value="<%= @options["name"] %>" name="login"/>
+      </td>
+    </tr>
+    <tr>
+      <td></td>
+      <td class="goto-red">已存在相同用户名，请选择更合适的用户名</td>
+    </tr>
+    <tr>
+      <td  class="goto-tableft" >  邮箱：</td>
+      <td  >
+        <input  type="email" class="goto-input" value="<%= @options["email"] %>" disabled="disabled" />
+      </td>
+    </tr>
+    <tr>
+      <td></td>
+      <td ><input type="submit" value="确定" class="goto-submit"/></td>
+    </tr>
+  </table>
+</div>
+
+<%= hidden_field_tag 'auth', @auth %>
+<% end -%>
+
+</body>
+</html>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -1197,7 +1197,7 @@ RedmineApp::Application.routes.draw do
    end
  end

-  get '/sso', to: 'sso#index'
+  resource :sso, only: [:show, :create]

  get '/:sub_dir_name', :to => 'org_subfields#show', :as => 'show_subfield_without_id'