Description:
add authentication by CU-CAS from p' krerk
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
-
r396:4b88edeab117 - - 1 file changed: 31 inserted, 6 deleted
| @@ -1,5 +1,6 | |||
|
|
1 | 1 | require 'digest/sha1' |
|
|
2 | 2 | require 'net/pop' |
|
|
3 | + require 'json' | |
|
|
3 | 4 | |
|
|
4 | 5 | class User < ActiveRecord::Base |
|
|
5 | 6 | |
| @@ -62,11 +63,13 | |||
|
|
62 | 63 | |
|
|
63 | 64 | def self.authenticate(login, password) |
|
|
64 | 65 | user = find_by_login(login) |
|
|
65 | - return user if user && user.authenticated?(password) | |
|
|
66 |
- if user |
|
|
|
67 | - user.password = password | |
|
|
68 | - user.save | |
|
|
69 |
- |
|
|
|
66 | + if user | |
|
|
67 | + return user if user.authenticated?(password) | |
|
|
68 | + if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password) | |
|
|
69 | + user.password = password | |
|
|
70 | + user.save | |
|
|
71 | + return user | |
|
|
72 | + end | |
|
|
70 | 73 | end |
|
|
71 | 74 | end |
|
|
72 | 75 | |
| @@ -83,7 +86,7 | |||
|
|
83 | 86 | pop = Net::POP3.new('pops.it.chula.ac.th') |
|
|
84 | 87 | authen = true |
|
|
85 | 88 | begin |
|
|
86 |
- pop.start(login, password) |
|
|
|
89 | + pop.start(login, password) | |
|
|
87 | 90 | pop.finish |
|
|
88 | 91 | return true |
|
|
89 | 92 | rescue |
| @@ -91,6 +94,28 | |||
|
|
91 | 94 | end |
|
|
92 | 95 | end |
|
|
93 | 96 | |
|
|
97 | + def authenticated_by_cucas?(password) | |
|
|
98 | + url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate') | |
|
|
99 | + appid = '41508763e340d5858c00f8c1a0f5a2bb' | |
|
|
100 | + appsecret ='d9cbb5863091dbe186fded85722a1e31' | |
|
|
101 | + post_args = { | |
|
|
102 | + 'appid' => appid, | |
|
|
103 | + 'appsecret' => appsecret, | |
|
|
104 | + 'username' => login, | |
|
|
105 | + 'password' => password | |
|
|
106 | + } | |
|
|
107 | + | |
|
|
108 | + #simple call | |
|
|
109 | + begin | |
|
|
110 | + resp = Net::HTTP.post_form(url, post_args) | |
|
|
111 | + result = JSON.parse resp.body | |
|
|
112 | + return true if result["type"] == "beanStudent" | |
|
|
113 | + rescue | |
|
|
114 | + return false | |
|
|
115 | + end | |
|
|
116 | + return false | |
|
|
117 | + end | |
|
|
118 | + | |
|
|
94 | 119 | def admin? |
|
|
95 | 120 | self.roles.detect {|r| r.name == 'admin' } |
|
|
96 | 121 | end |
You need to be logged in to leave comments.
Login now