static function check_login($username, $password) { $res = false; if (Utils::is_mobile($username)) { $stf_id = Model_Admin_Staff::get_staff_id_by_mobile($username); if (!$stf_id) { _throw("员工不存在"); } self::_debug(array(__METHOD__, $stf_id)); $user = Model_Admin_Staff::get_auth_user_by_stf_id($stf_id); self::_debug(array("auth user", $stf_id, $user)); if (!$user) { _throw("员工未授权"); } $_password = $user['password']; $salt = $user['salt']; if ($_password !== self::gen_password($password, $salt)) { _throw("密码不正确"); } $res = true; } return $res; }
function action_add($row) { $res = self::getSaveRow($row); $table = self::table(); $pk = self::pk(); $res['row']['add_time'] = Utils::date_time_now(); if (!Utils::is_mobile($res['row']['mobile'])) { _throw("手机号不合法"); } $mobile = $res['row']['mobile']; $user_mobile = self::_db()->row("select mobile from {$table} where mobile = ?", $mobile); if ($user_mobile) { _throw("手机号已存在"); } if (!empty($res['row']['password'])) { $password = $res['row']['password']; $salt = \Model_Admin_Auth::gen_salt(); $res['row']['password'] = \Model_Admin_Auth::gen_password($password, $salt); $res['row']['salt'] = $salt; } else { _throw("密码不能为空"); } $user_id = self::_db()->insert($table, $res['row']); $stf_id = Model_Admin_Staff::get_staff_id_by_mobile($mobile); if ($stf_id) { Model_Admin_Staff::bind_staff_user($stf_id, $user_id); } $res = $this->action_row($user_id); $res['row'][$pk] = $user_id; return $res; }
/** * 微信绑定手机号 * @return string */ function action_wechat_bind_mobile() { Model_Session::session_start(true); $mobile = Utils::I("mobile"); $nick_name = Utils::I("nick_name"); $captcha = Utils::I("captcha"); $oauth_id = Utils::I("oauth_id"); self::_debug(array($oauth_id)); $safe_token = Utils::I(Model_Auth::ENCRYPT_FIELD_NAME); if (!$safe_token) { _throw("safe_token is null"); } //Model_Auth::login_safe($username,$password,$safe_token); $encrypt_data = self::_redis()->get(Model_Auth::ENCRYPT_CACEH_KEY . $safe_token); if (empty($encrypt_data)) { _throw("加密信息已过期"); } $encrypt_data = json_decode($encrypt_data); $private_key = $encrypt_data->private_key; $reqData = array('mobile' => $mobile, 'captcha' => $captcha, 'nick_name' => $nick_name); $reqData = Safe::decrypt($reqData, $private_key); self::_debug($reqData); if (!$reqData) { _throw("解密失败"); } $mobile = $reqData['mobile']; $nick_name = $reqData['nick_name']; $captcha = $reqData['captcha']; if (!Utils::is_mobile($mobile)) { _throw("手机号不合法"); } $key = Controller_Captcha::get_captcha_session_key($mobile, "wechat_bind_mobile"); self::_debug($key); if (empty($_SESSION[$key])) { _throw("验证码已过期"); } $_captcha_session = $_SESSION[$key]; self::_debug($_captcha_session); list($_captcha, $time) = explode("|", $_captcha_session); if (time() - $time > 60 * 60 * 5) { unset($_SESSION[$key]); _throw("验证码已过期"); } self::_debug($_captcha_session); if ($captcha != $_captcha) { _throw("验证码不正确"); } if (!($user_id = Model_User::check_user_exsits($mobile))) { $user = array("password" => null, "mobile" => $mobile, "nick_name" => $nick_name, "add_time" => Utils::date_time_now(), "email" => null); self::_debug("create user"); self::_debug($user); $user_id = self::_db()->insert(Model_User::TABLE, $user); } self::_debug(array("update", Model_Wechat_User::TABLE, $user_id, $oauth_id)); self::_db()->update(Model_Wechat_User::TABLE, array("uid" => $user_id), array("id" => $oauth_id)); $wx_auth_info = $_SESSION['wx_auth_info']; $wx_auth_info['uid'] = $user_id; $_SESSION['wx_auth_info'] = $wx_auth_info; self::_debug($user_id); Model_Admin_Auth::set_login_session($user_id); //set login unset($_SESSION[$key]); Controller_Captcha::clear_status_key("wechat_bind_mobile"); $redirect = self::get_redirect_url(); return array("message" => "绑定成功", "redirect" => $redirect); }
static function getSaveRow($row, $is_add = true) { $row = json_decode($row, 1); if (empty($row['stf_name'])) { _throw("姓名不能为空"); } if (!Utils::is_mobile($row['mobile'])) { _throw("手机号不合法"); } $_row = array("stf_name" => $row['stf_name'], "role_id" => empty($row['role_id']) ? null : intval($row['role_id']), "dep_id" => empty($row['dep_id']) ? null : intval($row['dep_id']), "pot_id" => empty($row['pot_id']) ? null : intval($row['pot_id']), "mobile" => empty($row['mobile']) ? null : $row['mobile'], "password" => empty($row['password']) ? null : $row['password'], "py" => \CUtf8_PY::encode($row['stf_name'])); return array("row" => $_row); }
/** * 使用密码登陆 * @param $username * @param $password * @return array|bool|mixed * @throws Exception */ static function login_by_password($username, $password) { self::_debug($username, $password); try { if ($user_id = self::check_user_exsits($username)) { //绿电通验证 self::_debug("user_id" . $user_id); $user_info = self::get_user_info($user_id); self::check_login_user_info($user_info, $password); } else { //passport 验证 $passport_user = Model_Passport::login($username, $password); if (Utils::is_mobile($passport_user['username'])) { $mobile = $passport_user['username']; } else { $mobile = ""; try { $passport_user = Model_Passport::get_user($passport_user['user_id']); $mobile = $passport_user['mobile']; } catch (Exception $e) { self::_warn("passport get user error " . $e->getMessage()); } } $user_info = self::create_new_user($passport_user['username'], $password, $mobile, $passport_user['locked'], $passport_user['userid']); self::check_login_user_info($user_info, $password); } } catch (AppException $e) { _throw($e->getMessage()); } self::_debug("登陆成功"); return $user_info; }