/**
* 用户名密码验证流程
*
* @param array $inputData
*/
public function grant(array $inputData)
{
if (empty($inputData[OpenApi_OAuth_OAuth::PARAM_USERNAME]) || empty($inputData[OpenApi_OAuth_OAuth::PARAM_PASSWORD])) {
require_once 'OpenApi/OAuth/Exception.php';
throw new OpenApi_OAuth_Exception("Invalid parameter for grant accessToken by type \"password\"", OpenApi_OAuth_OAuth::ERROR_INVALID_REQUEST);
}
try {
$auth = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD));
$auth->setUsername($inputData[OpenApi_OAuth_OAuth::PARAM_USERNAME])->setPassword($inputData[OpenApi_OAuth_OAuth::PARAM_PASSWORD]);
$result = $auth->authenticate();
} catch (Tudu_Auth_Adapter_Exception $e) {
require_once 'OpenApi/OAuth/Exception.php';
throw new OpenApi_OAuth_Exception("Authorize failed", OpenApi_OAuth_OAuth::ERROR_INVALID_REQUEST);
}
if (!$result->isValid()) {
require_once 'OpenApi/OAuth/Exception.php';
throw new OpenApi_OAuth_Exception("Authorize failed", OpenApi_OAuth_OAuth::ERROR_INVALID_REQUEST);
}
$identity = $result->getIdentity();
$identity['logintime'] = time();
return array(OpenApi_OAuth_OAuth::PARAM_USER_ID => $inputData[OpenApi_OAuth_OAuth::PARAM_USERNAME], OpenApi_OAuth_OAuth::PARAM_SCOPE => null, 'auth' => $identity);
}
/**
* 接收参数,通过接口方 OpenApi 进行验证
* 登录图度
*/
public function indexAction()
{
$query = $this->_request->getQuery();
$config = $this->getInvokeArg('bootstrap')->getOptions();
$multidb = $this->getInvokeArg('bootstrap')->getResource('multidb');
$time = time();
Tudu_Dao_Manager::setDbs(array(Tudu_Dao_Manager::DB_TS => $multidb->getDb('ts1')));
// 缺少验证接口标识参数
if (empty($query['from'])) {
return $this->_redirect('http://www.tudu.com/');
}
$from = $query['from'];
$className = 'Model_OpenApi_' . ucfirst($query['from']);
$classFile = 'Model/OpenApi/' . ucfirst($query['from']) . '.php';
// 缺少配置参数
if (empty($config['openapi'][strtolower($from)])) {
return $this->_redirect('http://www.tudu.com/');
}
$params = array_merge($config['openapi'][strtolower($from)], $query);
header('P3P: CP=”CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR”');
try {
require_once $classFile;
// 进行登录验证
call_user_func(array($className, 'auth'), $params);
// 查找应用组织关联表
$daoAssociate = Tudu_Dao_Manager::getDao('Dao_Md_Org_Associate', Tudu_Dao_Manager::DB_MD);
// 获取用户信息
$params = array_merge($config['openapi'][strtolower($from)], array('uid' => $query['uu_id']));
$userInfo = call_user_func(array($className, 'getUserInfo'), $params);
$orgId = $daoAssociate->getOrgIdByUid($from, $userInfo['uid']);
if (false === $orgId) {
$orgId = $this->_getOrgId($from);
// 创建组织
require_once 'Model/Org/Org.php';
Model_Org_Org::setResource('config', $config);
Model_Org_Org::createOrg($orgId, array('userid' => 'admin', 'password' => md5(Oray_Function::randKeys(16)), 'truename' => $userInfo['truename'], 'orgname' => $userInfo['orgname']));
// 创建关联
$daoAssociate->createAssociate(array('orgid' => $orgId, 'from' => $from, 'uid' => $userInfo['uid'], 'truename' => $userInfo['truename'], 'email' => $userInfo['email'], 'mobile' => $userInfo['mobile'], 'tel' => $userInfo['tel'], 'createtime' => time()));
}
// 获取用户信息
$adapter = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD));
$adapter->setUsername('admin@' . $orgId)->setAuto(true);
$result = $adapter->authenticate();
$names = $config['cookies'];
if (!$result->isValid()) {
$this->_setCookies(array($names['auth'] => false, $names['username'] => false));
return $this->_redirect('http://www.tudu.com/');
}
$identity = $result->getIdentity();
// 登录
if (Zend_Session::isStarted()) {
session_unset();
Zend_Session::namespaceUnset(self::SESSION_NAMESPACE);
Zend_Session::regenerateId();
}
$session = new Zend_Session_Namespace(self::SESSION_NAMESPACE, true);
$session->auth = array_merge($identity, array('logintime' => $time));
$session->auth['appinvoker'] = $from;
// 验证相关的Cookies
$this->_setCookies(array($names['username'] => $identity['username'], $names['server'] => $orgId . '.tudu.com'), null);
// 其它场合要用到的Cookies,永久。
$this->_setCookies(array($names['track'] => base64_encode('http://www.tudu.com/login')), $time + 86400 * 365);
// 同时要登录后台
$adapter = new Tudu_Auth_Adapter_Admin(array('db' => Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)));
$adapter->setUsername($identity['username'])->setAuto(true);
$result = $adapter->authenticate();
if ($result->isValid()) {
$session->admin = array_merge($result->getIdentity(), array('logintime' => $time));
}
// 操作失败
} catch (Exception $e) {
return $this->_redirect('http://www.tudu.com/');
}
return $this->_redirect('http://online-app.tudu.com/frame-inc/');
}
/**
* 屏幕解锁
*/
public function unlockAction()
{
$password = $this->_request->getPost('password');
if (!$password) {
return $this->json(false, $this->lang['invalid_password']);
}
$uid = $this->_user->userName;
$adapter = new Tudu_Auth_Adapter_User($this->multidb->getDb(), null, null, array('skiplock' => true));
$result = $adapter->setUsername($uid)->setPassword($password)->authenticate();
if (!$result->isValid()) {
$msg = $result->getMessages();
return $this->json(false, $this->lang['unlock_auth_' . $msg[0]]);
}
$this->json(true, $this->lang['unlock_auth_success']);
}
/**
* 登陆接口
*/
public function indexAction()
{
// 关闭缓存
$this->_response->setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', true)->setHeader('Pragma', 'no-cache', true);
$userId = trim($this->_request->getPost('uid'));
$orgId = trim($this->_request->getPost('orgid'));
$domain = $this->_request->getPost('domain');
$password = trim($this->_request->getPost('password'));
$seccode = $this->_request->getPost('seccode');
$remember = (bool) $this->_request->getPost('remember');
// 来源地址
$referer = $this->_request->getServer('HTTP_REFERER', $this->options['sites']['www']);
$referer = preg_replace('/[\\#\\?].*/i', '', $referer);
$redirect = $this->_request->getPost('redirect');
$error = null;
do {
if (empty($userId) || empty($password)) {
$error = 'params';
break;
}
if (false === strpos($userId, '@')) {
$userId .= '@' . $orgId;
}
list(, $suffix) = explode('@', $userId);
// 验证码
if (Oray_Seccode::getInstance()->getCode('login')) {
if (empty($seccode) || !Oray_Seccode::isValid($seccode, 'login')) {
$error = 'seccode';
break;
}
Oray_Seccode::clear('login');
}
$adapter = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD));
$adapter->setUsername($userId)->setPassword($password);
$result = $adapter->authenticate();
if (!$result->isValid()) {
$message = $result->getMessages();
$error = isset($message[0]) ? $message[0] : 'failure';
break;
}
} while (false);
// 登陆失败
if (null !== $error) {
$referer .= '?error=' . $error;
if ($redirect) {
$referer .= '&redirect=' . urlencode($redirect);
}
$this->referer($referer);
return;
}
$identity = $result->getIdentity();
$identity['referer'] = $referer;
$isHttps = $identity['ishttps'];
// 检测登陆IP写入登录日志
$clientIp = $this->_request->getClientIp();
$daoIp = Tudu_Dao_Manager::getDao('Dao_Md_Ip_Info', Tudu_Dao_Manager::DB_MD);
$ipInfo = $daoIp->getInfoByIp($clientIp);
if (null !== $ipInfo) {
$identity['local'] = $ipInfo->city;
}
$logId = $this->_loginLog(array('orgid' => $identity['orgid'], 'uniqueid' => $identity['uniqueid'], 'address' => $identity['username'], 'truename' => $identity['truename'], 'ip' => $clientIp, 'local' => !empty($identity['local']) ? $identity['local'] : null));
$identity['loginlogid'] = $logId;
$identity = $this->_loginFilter($identity);
$this->_user->clearCache($identity['username']);
if (Zend_Session::isStarted()) {
session_unset();
Zend_Session::namespaceUnset(self::SESSION_NAMESPACE);
Zend_Session::regenerateId();
}
$this->session = new Zend_Session_Namespace(self::SESSION_NAMESPACE, true);
$this->session->auth = array_merge($identity, array('logintime' => $this->_timestamp));
$server = $this->getServer($identity['orgid']);
$names = $this->options['cookies'];
// 验证相关的Cookies
$this->_setCookies(array($names['username'] => $identity['username'], $names['server'] => $server), $remember ? $this->_timestamp + 86400 * 30 : null);
// 其它场合要用到的Cookies,永久。
$this->_setCookies(array($names['track'] => base64_encode($referer)), $this->_timestamp + 86400 * 365);
// 记住自动登录信息
if ($remember) {
$daoSession = Tudu_Dao_Manager::getDao('Dao_Md_User_Session', Tudu_Dao_Manager::DB_MD);
$authId = Dao_Md_User_Session::getSessionId($identity['userid'] . '@' . $identity['orgid']);
$daoSession->createSession(array('sessionid' => $authId, 'orgid' => $identity['orgid'], 'userid' => $identity['userid'], 'logintime' => $this->_timestamp, 'loginip' => $clientIp, 'expiretime' => $this->_timestamp + 86400 * 30));
// 自动登录Cookies,一个月。
$this->_setCookies(array($names['auth'] => $authId), $this->_timestamp + 86400 * 30);
$this->session->auth['authid'] = $authId;
}
// 是否使用ssl
if (!$redirect) {
$protocol = $identity['ishttps'] ? 'https:' : 'http:';
$redirect = $protocol . '//' . $server . '/frame';
}
$this->referer($redirect);
}
