From 1939c0d33f6399239023882a954e5f841b15fae1 Mon Sep 17 00:00:00 2001 From: "sylor_huang@126.com" Date: Tue, 11 Aug 2020 11:28:49 +0800 Subject: [PATCH] Set Auto Login --- app/controllers/accounts_controller.rb | 32 ++++++++++++------------ app/controllers/concerns/login_helper.rb | 4 +-- app/controllers/users_controller.rb | 2 +- app/models/token.rb | 2 +- app/models/user.rb | 8 ++++-- 5 files changed, 26 insertions(+), 22 deletions(-) diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index 23290d91c..daac6939c 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -256,23 +256,23 @@ class AccountsController < ApplicationController # UserDayCertification.create(user_id: user.id, status: 1) end - def set_autologin_cookie(user) - token = Token.get_or_create_permanent_login_token(user, "autologin") - cookie_options = { - :value => token.value, - :expires => 1.month.from_now, - :path => '/', - :secure => false, - :httponly => true - } - if edu_setting('cookie_domain').present? - cookie_options = cookie_options.merge(domain: edu_setting('cookie_domain')) - end - cookies[autologin_cookie_name] = cookie_options - cookies.signed[:user_id] ||= user.id + # def set_autologin_cookie(user) + # token = Token.get_or_create_permanent_login_token(user, "autologin_forge_military") + # cookie_options = { + # :value => token.value, + # :expires => 1.month.from_now, + # :path => '/', + # :secure => false, + # :httponly => true + # } + # if edu_setting('cookie_domain').present? + # cookie_options = cookie_options.merge(domain: edu_setting('cookie_domain')) + # end + # cookies[autologin_cookie_name] = cookie_options + # cookies.signed[:user_id] ||= user.id - logger.info("cookies is #{cookies} ======> #{cookies.signed[:user_id]} =====> #{cookies[autologin_cookie_name]}") - end + # logger.info("cookies is #{cookies} ======> #{cookies.signed[:user_id]} =====> #{cookies[autologin_cookie_name]}") + # end def logout Rails.logger.info("########___logout_current_user____________########{current_user.try(:id)}") diff --git a/app/controllers/concerns/login_helper.rb b/app/controllers/concerns/login_helper.rb index 1752e4f6c..87133f355 100644 --- a/app/controllers/concerns/login_helper.rb +++ b/app/controllers/concerns/login_helper.rb @@ -6,11 +6,11 @@ module LoginHelper end def autologin_cookie_name - edu_setting('autologin_cookie_name').presence || 'autologin' + edu_setting('autologin_cookie_name').presence || 'autologin_forge_military' end def set_autologin_cookie(user) - token = Token.get_or_create_permanent_login_token(user, "autologin") + token = Token.get_or_create_permanent_login_token(user, autologin_cookie_name) cookie_options = { :value => token.value, :expires => 1.month.from_now, diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index ac60f4d18..c029a9e72 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -141,7 +141,7 @@ class UsersController < ApplicationController def sync_token return render_error('未找相关用户!') unless @user - token = Token.get_or_create_permanent_login_token(@user, 'autologin') + token = Token.get_or_create_permanent_login_token(@user, autologin_cookie_name) token.update_column(:value, params[:token]) render_ok end diff --git a/app/models/token.rb b/app/models/token.rb index cd61090be..cbf789d5e 100644 --- a/app/models/token.rb +++ b/app/models/token.rb @@ -50,7 +50,7 @@ class Token < ActiveRecord::Base # Delete all expired tokens def self.destroy_expired - Token.delete_all ["action NOT IN (?) AND created_on < ?", ['feeds', 'api', 'autologin'], Time.now - @@validity_time] + Token.delete_all ["action NOT IN (?) AND created_on < ?", ['feeds', 'api', 'autologin', 'autologin_forge_military'], Time.now - @@validity_time] end # Returns the active user who owns the key for the given action diff --git a/app/models/user.rb b/app/models/user.rb index f919ed1bf..05acf0af8 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -123,7 +123,7 @@ class User < ApplicationRecord # 删除自动登录的token,一旦退出下次会提示需要登录 def delete_autologin_token(value) - Token.where(:user_id => id, :action => 'autologin', :value => value).delete_all + Token.where(:user_id => id, :action => autologin_name, :value => value).delete_all end def delete_session_token(value) @@ -510,7 +510,7 @@ class User < ApplicationRecord # Returns the user who matches the given autologin +key+ or nil def self.try_to_autologin(key) - user = Token.find_active_user('autologin', key) + user = Token.find_active_user(autologin_name, key) user.update(last_login_on: Time.now) if user user end @@ -674,6 +674,10 @@ class User < ApplicationRecord raise("昵称包含敏感词汇,请重新输入") if nickname && !HarmoniousDictionary.clean?(nickname) end + def autologin_name + EduSetting.get('autologin_cookie_name') || "autologin_forge_military" + end + def set_laboratory return unless new_record?