cafe-grader-web

Commit r406:b2fd7182e3dc public

parent | child
Description:
fix authen pop3 bugs and redundant code
Commit status:
[Not Reviewed]
References:
java
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r406:b2fd7182e3dc - - 1 file changed: 3 inserted, 14 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,193 +1,182
1 1 require 'digest/sha1'
2 2 require 'net/pop'
3 + require 'net/https'
4 + require 'net/http'
3 5 require 'json'
4 6
5 7 class User < ActiveRecord::Base
6 8
7 9 has_and_belongs_to_many :roles
8 10
9 11 has_many :test_requests, :order => "submitted_at DESC"
10 12
11 13 has_many :messages,
12 14 :class_name => "Message",
13 15 :foreign_key => "sender_id",
14 16 :order => 'created_at DESC'
15 17
16 18 has_many :replied_messages,
17 19 :class_name => "Message",
18 20 :foreign_key => "receiver_id",
19 21 :order => 'created_at DESC'
20 22
21 23 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
22 24
23 25 belongs_to :site
24 26 belongs_to :country
25 27
26 28 has_and_belongs_to_many :contests, :uniq => true, :order => 'name'
27 29
28 30 scope :activated_users, :conditions => {:activated => true}
29 31
30 32 validates_presence_of :login
31 33 validates_uniqueness_of :login
32 34 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
33 35 validates_length_of :login, :within => 3..30
34 36
35 37 validates_presence_of :full_name
36 38 validates_length_of :full_name, :minimum => 1
37 39
38 40 validates_presence_of :password, :if => :password_required?
39 41 validates_length_of :password, :within => 4..20, :if => :password_required?
40 42 validates_confirmation_of :password, :if => :password_required?
41 43
42 44 validates_format_of :email,
43 45 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
44 46 :if => :email_validation?
45 47 validate :uniqueness_of_email_from_activated_users,
46 48 :if => :email_validation?
47 49 validate :enough_time_interval_between_same_email_registrations,
48 50 :if => :email_validation?
49 51
50 52 # these are for ytopc
51 53 # disable for now
52 54 #validates_presence_of :province
53 55
54 56 attr_accessor :password
55 57
56 58 before_save :encrypt_new_password
57 59 before_save :assign_default_site
58 60 before_save :assign_default_contest
59 61
60 62 # this is for will_paginate
61 63 cattr_reader :per_page
62 64 @@per_page = 50
63 65
64 66 def self.authenticate(login, password)
65 67 user = find_by_login(login)
66 68 if user
67 69 return user if user.authenticated?(password)
68 70 if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
69 71 user.password = password
70 72 user.save
71 73 return user
72 74 end
73 75 end
74 76 end
75 77
76 78 def authenticated?(password)
77 79 if self.activated
78 80 hashed_password == User.encrypt(password,self.salt)
79 81 else
80 82 false
81 83 end
82 84 end
83 85
84 - def authenticated_by_pop3?(password)
85 - Net::POP3.enable_ssl
86 - pop = Net::POP3.new('pops.it.chula.ac.th')
87 - authen = true
88 - begin
89 - pop.start(login, password) # (1)
90 - pop.finish
91 - return true
92 - rescue
93 - return false
94 - end
95 - end
96 -
97 - def authenticated_by_pop3?(password)
86 + def authenticated_by_pop3?(password)
98 87 Net::POP3.enable_ssl
99 88 pop = Net::POP3.new('pops.it.chula.ac.th')
100 89 authen = true
101 90 begin
102 91 pop.start(login, password)
103 92 pop.finish
104 93 return true
105 94 rescue
106 95 return false
107 96 end
108 97 end
109 98
110 99 def authenticated_by_cucas?(password)
111 100 url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
112 101 appid = '41508763e340d5858c00f8c1a0f5a2bb'
113 102 appsecret ='d9cbb5863091dbe186fded85722a1e31'
114 103 post_args = {
115 104 'appid' => appid,
116 105 'appsecret' => appsecret,
117 106 'username' => login,
118 107 'password' => password
119 108 }
120 109
121 110 #simple call
122 111 begin
123 112 resp = Net::HTTP.post_form(url, post_args)
124 113 result = JSON.parse resp.body
125 114 return true if result["type"] == "beanStudent"
126 115 rescue
127 116 return false
128 117 end
129 118 return false
130 119 end
131 120
132 121 def admin?
133 122 self.roles.detect {|r| r.name == 'admin' }
134 123 end
135 124
136 125 def email_for_editing
137 126 if self.email==nil
138 127 "(unknown)"
139 128 elsif self.email==''
140 129 "(blank)"
141 130 else
142 131 self.email
143 132 end
144 133 end
145 134
146 135 def email_for_editing=(e)
147 136 self.email=e
148 137 end
149 138
150 139 def alias_for_editing
151 140 if self.alias==nil
152 141 "(unknown)"
153 142 elsif self.alias==''
154 143 "(blank)"
155 144 else
156 145 self.alias
157 146 end
158 147 end
159 148
160 149 def alias_for_editing=(e)
161 150 self.alias=e
162 151 end
163 152
164 153 def activation_key
165 154 if self.hashed_password==nil
166 155 encrypt_new_password
167 156 end
168 157 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
169 158 end
170 159
171 160 def verify_activation_key(key)
172 161 key == activation_key
173 162 end
174 163
175 164 def self.random_password(length=5)
176 165 chars = 'abcdefghjkmnopqrstuvwxyz'
177 166 password = ''
178 167 length.times { password << chars[rand(chars.length - 1)] }
179 168 password
180 169 end
181 170
182 171 def self.find_non_admin_with_prefix(prefix='')
183 172 users = User.find(:all)
184 173 return users.find_all { |u| !(u.admin?) and u.login.index(prefix)==0 }
185 174 end
186 175
187 176 # Contest information
188 177
189 178 def self.find_users_with_no_contest()
190 179 users = User.find(:all)
191 180 return users.find_all { |u| u.contests.length == 0 }
192 181 end
193 182
You need to be logged in to leave comments. Login now