Description:
add authentication by CU-CAS from p' krerk
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
-
r396:4b88edeab117 - - 1 file changed: 28 inserted, 3 deleted
| @@ -1,8 +1,9 | |||
|
|
1 | 1 | require 'digest/sha1' |
|
|
2 | 2 | require 'net/pop' |
|
|
3 | + require 'json' | |
|
|
3 | 4 | |
|
|
4 | 5 | class User < ActiveRecord::Base |
|
|
5 | 6 | |
|
|
6 | 7 | has_and_belongs_to_many :roles |
|
|
7 | 8 | |
|
|
8 | 9 | has_many :test_requests, :order => "submitted_at DESC" |
| @@ -59,19 +60,21 | |||
|
|
59 | 60 | # this is for will_paginate |
|
|
60 | 61 | cattr_reader :per_page |
|
|
61 | 62 | @@per_page = 50 |
|
|
62 | 63 | |
|
|
63 | 64 | def self.authenticate(login, password) |
|
|
64 | 65 | user = find_by_login(login) |
|
|
65 | - return user if user && user.authenticated?(password) | |
|
|
66 |
- if user |
|
|
|
66 | + if user | |
|
|
67 | + return user if user.authenticated?(password) | |
|
|
68 | + if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password) | |
|
|
67 | 69 | user.password = password |
|
|
68 | 70 | user.save |
|
|
69 | 71 | return user |
|
|
70 | 72 | end |
|
|
71 | 73 | end |
|
|
74 | + end | |
|
|
72 | 75 | |
|
|
73 | 76 | def authenticated?(password) |
|
|
74 | 77 | if self.activated |
|
|
75 | 78 | hashed_password == User.encrypt(password,self.salt) |
|
|
76 | 79 | else |
|
|
77 | 80 | false |
| @@ -80,20 +83,42 | |||
|
|
80 | 83 | |
|
|
81 | 84 | def authenticated_by_pop3?(password) |
|
|
82 | 85 | Net::POP3.enable_ssl |
|
|
83 | 86 | pop = Net::POP3.new('pops.it.chula.ac.th') |
|
|
84 | 87 | authen = true |
|
|
85 | 88 | begin |
|
|
86 |
- pop.start(login, password) |
|
|
|
89 | + pop.start(login, password) | |
|
|
87 | 90 | pop.finish |
|
|
88 | 91 | return true |
|
|
89 | 92 | rescue |
|
|
90 | 93 | return false |
|
|
91 | 94 | end |
|
|
92 | 95 | end |
|
|
93 | 96 | |
|
|
97 | + def authenticated_by_cucas?(password) | |
|
|
98 | + url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate') | |
|
|
99 | + appid = '41508763e340d5858c00f8c1a0f5a2bb' | |
|
|
100 | + appsecret ='d9cbb5863091dbe186fded85722a1e31' | |
|
|
101 | + post_args = { | |
|
|
102 | + 'appid' => appid, | |
|
|
103 | + 'appsecret' => appsecret, | |
|
|
104 | + 'username' => login, | |
|
|
105 | + 'password' => password | |
|
|
106 | + } | |
|
|
107 | + | |
|
|
108 | + #simple call | |
|
|
109 | + begin | |
|
|
110 | + resp = Net::HTTP.post_form(url, post_args) | |
|
|
111 | + result = JSON.parse resp.body | |
|
|
112 | + return true if result["type"] == "beanStudent" | |
|
|
113 | + rescue | |
|
|
114 | + return false | |
|
|
115 | + end | |
|
|
116 | + return false | |
|
|
117 | + end | |
|
|
118 | + | |
|
|
94 | 119 | def admin? |
|
|
95 | 120 | self.roles.detect {|r| r.name == 'admin' } |
|
|
96 | 121 | end |
|
|
97 | 122 | |
|
|
98 | 123 | def email_for_editing |
|
|
99 | 124 | if self.email==nil |
You need to be logged in to leave comments.
Login now