gistfile1.rb

#encoding: UTF-8
class UploadController < ApplicationController
  include CandidatesControllerHelper
  skip_filter :authenticate_user!, only: [:callback]
  layout false

  def resume
    @bucket = Qiniu::RESUME_BUCKET_NAME # bucket name
    generate_upload_token @bucket
    response.headers['Access-Control-Allow-Origin'] = '*'
    response.headers['Access-Control-Allow-Methods'] = 'POST, GET'
  end

  def homework
    @bucket = Qiniu::HOMEWORK_BUCKET_NAME # bucket name
    generate_upload_token @bucket
    response.headers['Access-Control-Allow-Origin'] = '*'
    response.headers['Access-Control-Allow-Methods'] = 'POST, GET'
  end

  def callback
    # post 'http://rs.qbox.me/delete/'+params['bucket']+'/'+params['key'] if params['size'] > (10 * 1024 * 1024)
    candidate = Candidate.find(params['candidate_id'].to_i)
    candidate.save_file(params['bucket'], params['etag']+File.extname(params['name']))
    candidate.status.auto_accept_cv!
    response.headers['Access-Control-Allow-Origin'] = '*'
    response.headers['Access-Control-Allow-Methods'] = 'POST, GET'
    render json: {notice: '上传成功！'}, status: 200
  end

  private

  #if you use localtunnel to test with qiniu, you should not
  #visit localhost, that's will clean all session when
  #redirect back
  def generate_upload_token scope
    hash = {
        scope: scope,
        deadline: Time.now.to_i + 3600,
        callbackUrl: callback_upload_url,
        callbackBody: 'name=$(fname)&etag=$(etag)&size=$(fsize)'+
            "&candidate_id=#{current_candidate.id}&bucket=#{@bucket}",
        escape: 1
    }

    signature = Qiniu::RS::Utils.urlsafe_base64_encode(hash.to_json)
    token_obj = Qiniu::RS::AccessToken.new
    token_obj.access_key = Qiniu::RS::Config.settings[:access_key]
    token_obj.secret_key = Qiniu::RS::Config.settings[:secret_key]
    encoded_digest = token_obj.generate_encoded_digest signature
    @upload_token = %Q(#{Qiniu::RS::Config.settings[:access_key]}:#{encoded_digest}:#{signature})
  end
end