cafe-grader-web

Commit r406:b2fd7182e3dc public

parent | child
Description:
fix authen pop3 bugs and redundant code
Commit status:
[Not Reviewed]
References:
java
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r406:b2fd7182e3dc - - 1 file changed: 3 inserted, 14 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,145 +1,134
1 require 'digest/sha1'
1 require 'digest/sha1'
2 require 'net/pop'
2 require 'net/pop'
3 + require 'net/https'
4 + require 'net/http'
3 require 'json'
5 require 'json'
4
6
5 class User < ActiveRecord::Base
7 class User < ActiveRecord::Base
6
8
7 has_and_belongs_to_many :roles
9 has_and_belongs_to_many :roles
8
10
9 has_many :test_requests, :order => "submitted_at DESC"
11 has_many :test_requests, :order => "submitted_at DESC"
10
12
11 has_many :messages,
13 has_many :messages,
12 :class_name => "Message",
14 :class_name => "Message",
13 :foreign_key => "sender_id",
15 :foreign_key => "sender_id",
14 :order => 'created_at DESC'
16 :order => 'created_at DESC'
15
17
16 has_many :replied_messages,
18 has_many :replied_messages,
17 :class_name => "Message",
19 :class_name => "Message",
18 :foreign_key => "receiver_id",
20 :foreign_key => "receiver_id",
19 :order => 'created_at DESC'
21 :order => 'created_at DESC'
20
22
21 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
23 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
22
24
23 belongs_to :site
25 belongs_to :site
24 belongs_to :country
26 belongs_to :country
25
27
26 has_and_belongs_to_many :contests, :uniq => true, :order => 'name'
28 has_and_belongs_to_many :contests, :uniq => true, :order => 'name'
27
29
28 scope :activated_users, :conditions => {:activated => true}
30 scope :activated_users, :conditions => {:activated => true}
29
31
30 validates_presence_of :login
32 validates_presence_of :login
31 validates_uniqueness_of :login
33 validates_uniqueness_of :login
32 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
34 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
33 validates_length_of :login, :within => 3..30
35 validates_length_of :login, :within => 3..30
34
36
35 validates_presence_of :full_name
37 validates_presence_of :full_name
36 validates_length_of :full_name, :minimum => 1
38 validates_length_of :full_name, :minimum => 1
37
39
38 validates_presence_of :password, :if => :password_required?
40 validates_presence_of :password, :if => :password_required?
39 validates_length_of :password, :within => 4..20, :if => :password_required?
41 validates_length_of :password, :within => 4..20, :if => :password_required?
40 validates_confirmation_of :password, :if => :password_required?
42 validates_confirmation_of :password, :if => :password_required?
41
43
42 validates_format_of :email,
44 validates_format_of :email,
43 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
45 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
44 :if => :email_validation?
46 :if => :email_validation?
45 validate :uniqueness_of_email_from_activated_users,
47 validate :uniqueness_of_email_from_activated_users,
46 :if => :email_validation?
48 :if => :email_validation?
47 validate :enough_time_interval_between_same_email_registrations,
49 validate :enough_time_interval_between_same_email_registrations,
48 :if => :email_validation?
50 :if => :email_validation?
49
51
50 # these are for ytopc
52 # these are for ytopc
51 # disable for now
53 # disable for now
52 #validates_presence_of :province
54 #validates_presence_of :province
53
55
54 attr_accessor :password
56 attr_accessor :password
55
57
56 before_save :encrypt_new_password
58 before_save :encrypt_new_password
57 before_save :assign_default_site
59 before_save :assign_default_site
58 before_save :assign_default_contest
60 before_save :assign_default_contest
59
61
60 # this is for will_paginate
62 # this is for will_paginate
61 cattr_reader :per_page
63 cattr_reader :per_page
62 @@per_page = 50
64 @@per_page = 50
63
65
64 def self.authenticate(login, password)
66 def self.authenticate(login, password)
65 user = find_by_login(login)
67 user = find_by_login(login)
66 if user
68 if user
67 return user if user.authenticated?(password)
69 return user if user.authenticated?(password)
68 if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
70 if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
69 user.password = password
71 user.password = password
70 user.save
72 user.save
71 return user
73 return user
72 end
74 end
73 end
75 end
74 end
76 end
75
77
76 def authenticated?(password)
78 def authenticated?(password)
77 if self.activated
79 if self.activated
78 hashed_password == User.encrypt(password,self.salt)
80 hashed_password == User.encrypt(password,self.salt)
79 else
81 else
80 false
82 false
81 end
83 end
82 end
84 end
83
85
84 - def authenticated_by_pop3?(password)
86 + def authenticated_by_pop3?(password)
85 - Net::POP3.enable_ssl
86 - pop = Net::POP3.new('pops.it.chula.ac.th')
87 - authen = true
88 - begin
89 - pop.start(login, password) # (1)
90 - pop.finish
91 - return true
92 - rescue
93 - return false
94 - end
95 - end
96 -
97 - def authenticated_by_pop3?(password)
98 Net::POP3.enable_ssl
87 Net::POP3.enable_ssl
99 pop = Net::POP3.new('pops.it.chula.ac.th')
88 pop = Net::POP3.new('pops.it.chula.ac.th')
100 authen = true
89 authen = true
101 begin
90 begin
102 pop.start(login, password)
91 pop.start(login, password)
103 pop.finish
92 pop.finish
104 return true
93 return true
105 rescue
94 rescue
106 return false
95 return false
107 end
96 end
108 end
97 end
109
98
110 def authenticated_by_cucas?(password)
99 def authenticated_by_cucas?(password)
111 url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
100 url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
112 appid = '41508763e340d5858c00f8c1a0f5a2bb'
101 appid = '41508763e340d5858c00f8c1a0f5a2bb'
113 appsecret ='d9cbb5863091dbe186fded85722a1e31'
102 appsecret ='d9cbb5863091dbe186fded85722a1e31'
114 post_args = {
103 post_args = {
115 'appid' => appid,
104 'appid' => appid,
116 'appsecret' => appsecret,
105 'appsecret' => appsecret,
117 'username' => login,
106 'username' => login,
118 'password' => password
107 'password' => password
119 }
108 }
120
109
121 #simple call
110 #simple call
122 begin
111 begin
123 resp = Net::HTTP.post_form(url, post_args)
112 resp = Net::HTTP.post_form(url, post_args)
124 result = JSON.parse resp.body
113 result = JSON.parse resp.body
125 return true if result["type"] == "beanStudent"
114 return true if result["type"] == "beanStudent"
126 rescue
115 rescue
127 return false
116 return false
128 end
117 end
129 return false
118 return false
130 end
119 end
131
120
132 def admin?
121 def admin?
133 self.roles.detect {|r| r.name == 'admin' }
122 self.roles.detect {|r| r.name == 'admin' }
134 end
123 end
135
124
136 def email_for_editing
125 def email_for_editing
137 if self.email==nil
126 if self.email==nil
138 "(unknown)"
127 "(unknown)"
139 elsif self.email==''
128 elsif self.email==''
140 "(blank)"
129 "(blank)"
141 else
130 else
142 self.email
131 self.email
143 end
132 end
144 end
133 end
145
134
You need to be logged in to leave comments. Login now