|
|
class LoginController < ApplicationController
|
|
|
|
|
|
@@authenticators = []
|
|
|
|
|
|
def index
|
|
|
# show login screen
|
|
|
reset_session
|
|
|
redirect_to :controller => 'main', :action => 'login'
|
|
|
end
|
|
|
|
|
|
def login
|
|
|
user = get_authenticated_user(params[:login], params[:password])
|
|
|
unless user
|
|
|
flash[:notice] = 'Wrong password'
|
|
|
redirect_to :controller => 'main', :action => 'login'
|
|
|
return
|
|
|
end
|
|
|
|
|
|
if (!GraderConfiguration['right.bypass_agreement']) and (!params[:accept_agree]) and !user.admin?
|
|
|
flash[:notice] = 'You must accept the agreement before logging in'
|
|
|
redirect_to :controller => 'main', :action => 'login'
|
|
|
return
|
|
|
end
|
|
|
|
|
|
#store uuid when login
|
|
|
if user.last_ip.nil?
|
|
|
user.last_ip = cookies[:uuid]
|
|
|
else
|
|
|
if user.last_ip != cookies[:uuid]
|
|
|
user.last_ip =cookies[:uuid]
|
|
|
#log different login
|
|
|
end
|
|
|
end
|
|
|
|
|
|
#process logging in
|
|
|
session[:user_id] = user.id
|
|
|
session[:admin] = user.admin?
|
|
|
|
|
|
# clear forced logout flag for multicontests contest change
|
|
|
if GraderConfiguration.multicontests?
|
|
|
contest_stat = user.contest_stat
|
|
|
if contest_stat.respond_to? :forced_logout
|
|
|
if contest_stat.forced_logout
|
|
|
contest_stat.forced_logout = false
|
|
|
contest_stat.save
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
#save login information
|
|
|
Login.create(user_id: user.id, ip_address: cookies[:uuid])
|
|
|
|
|
|
redirect_to :controller => 'main', :action => 'list'
|
|
|
end
|
|
|
|
|
|
def site_login
|
|
|
begin
|
|
|
site = Site.find(params[:login][:site_id])
|
|
|
rescue ActiveRecord::RecordNotFound
|
|
|
site = nil
|
|
|
end
|
|
|
if site==nil
|
|
|
flash[:notice] = 'Wrong site'
|
|
|
redirect_to :controller => 'main', :action => 'login' and return
|
|
|
end
|
|
|
if (site.password) and (site.password == params[:login][:password])
|
|
|
session[:site_id] = site.id
|
|
|
redirect_to :controller => 'site', :action => 'index'
|
|
|
else
|
|
|
flash[:notice] = 'Wrong site password'
|
|
|
redirect_to :controller => 'site', :action => 'login'
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def logout
|
|
|
redirect_to root_path
|
|
|
end
|
|
|
|
|
|
def self.add_authenticator(authenticator)
|
|
|
@@authenticators << authenticator
|
|
|
end
|
|
|
|
|
|
protected
|
|
|
|
|
|
def get_authenticated_user(login, password)
|
|
|
if @@authenticators.empty?
|
|
|
return User.authenticate(login, password)
|
|
|
else
|
|
|
user = User.authenticate(login, password)
|
|
|
@@authenticators.each do |authenticator|
|
|
|
if not user
|
|
|
user = authenticator.authenticate(login, password)
|
|
|
end
|
|
|
end
|
|
|
return user
|
|
|
end
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
