Beispiel #1
0
 static function check_login($username, $password)
 {
     $res = false;
     if (Utils::is_mobile($username)) {
         $stf_id = Model_Admin_Staff::get_staff_id_by_mobile($username);
         if (!$stf_id) {
             _throw("员工不存在");
         }
         self::_debug(array(__METHOD__, $stf_id));
         $user = Model_Admin_Staff::get_auth_user_by_stf_id($stf_id);
         self::_debug(array("auth user", $stf_id, $user));
         if (!$user) {
             _throw("员工未授权");
         }
         $_password = $user['password'];
         $salt = $user['salt'];
         if ($_password !== self::gen_password($password, $salt)) {
             _throw("密码不正确");
         }
         $res = true;
     }
     return $res;
 }
Beispiel #2
0
 function action_add($row)
 {
     $res = self::getSaveRow($row);
     $table = self::table();
     $pk = self::pk();
     $res['row']['add_time'] = Utils::date_time_now();
     if (!Utils::is_mobile($res['row']['mobile'])) {
         _throw("手机号不合法");
     }
     $mobile = $res['row']['mobile'];
     $user_mobile = self::_db()->row("select mobile from {$table} where mobile = ?", $mobile);
     if ($user_mobile) {
         _throw("手机号已存在");
     }
     if (!empty($res['row']['password'])) {
         $password = $res['row']['password'];
         $salt = \Model_Admin_Auth::gen_salt();
         $res['row']['password'] = \Model_Admin_Auth::gen_password($password, $salt);
         $res['row']['salt'] = $salt;
     } else {
         _throw("密码不能为空");
     }
     $user_id = self::_db()->insert($table, $res['row']);
     $stf_id = Model_Admin_Staff::get_staff_id_by_mobile($mobile);
     if ($stf_id) {
         Model_Admin_Staff::bind_staff_user($stf_id, $user_id);
     }
     $res = $this->action_row($user_id);
     $res['row'][$pk] = $user_id;
     return $res;
 }
Beispiel #3
0
 /**
  * 微信绑定手机号
  * @return string
  */
 function action_wechat_bind_mobile()
 {
     Model_Session::session_start(true);
     $mobile = Utils::I("mobile");
     $nick_name = Utils::I("nick_name");
     $captcha = Utils::I("captcha");
     $oauth_id = Utils::I("oauth_id");
     self::_debug(array($oauth_id));
     $safe_token = Utils::I(Model_Auth::ENCRYPT_FIELD_NAME);
     if (!$safe_token) {
         _throw("safe_token is null");
     }
     //Model_Auth::login_safe($username,$password,$safe_token);
     $encrypt_data = self::_redis()->get(Model_Auth::ENCRYPT_CACEH_KEY . $safe_token);
     if (empty($encrypt_data)) {
         _throw("加密信息已过期");
     }
     $encrypt_data = json_decode($encrypt_data);
     $private_key = $encrypt_data->private_key;
     $reqData = array('mobile' => $mobile, 'captcha' => $captcha, 'nick_name' => $nick_name);
     $reqData = Safe::decrypt($reqData, $private_key);
     self::_debug($reqData);
     if (!$reqData) {
         _throw("解密失败");
     }
     $mobile = $reqData['mobile'];
     $nick_name = $reqData['nick_name'];
     $captcha = $reqData['captcha'];
     if (!Utils::is_mobile($mobile)) {
         _throw("手机号不合法");
     }
     $key = Controller_Captcha::get_captcha_session_key($mobile, "wechat_bind_mobile");
     self::_debug($key);
     if (empty($_SESSION[$key])) {
         _throw("验证码已过期");
     }
     $_captcha_session = $_SESSION[$key];
     self::_debug($_captcha_session);
     list($_captcha, $time) = explode("|", $_captcha_session);
     if (time() - $time > 60 * 60 * 5) {
         unset($_SESSION[$key]);
         _throw("验证码已过期");
     }
     self::_debug($_captcha_session);
     if ($captcha != $_captcha) {
         _throw("验证码不正确");
     }
     if (!($user_id = Model_User::check_user_exsits($mobile))) {
         $user = array("password" => null, "mobile" => $mobile, "nick_name" => $nick_name, "add_time" => Utils::date_time_now(), "email" => null);
         self::_debug("create user");
         self::_debug($user);
         $user_id = self::_db()->insert(Model_User::TABLE, $user);
     }
     self::_debug(array("update", Model_Wechat_User::TABLE, $user_id, $oauth_id));
     self::_db()->update(Model_Wechat_User::TABLE, array("uid" => $user_id), array("id" => $oauth_id));
     $wx_auth_info = $_SESSION['wx_auth_info'];
     $wx_auth_info['uid'] = $user_id;
     $_SESSION['wx_auth_info'] = $wx_auth_info;
     self::_debug($user_id);
     Model_Admin_Auth::set_login_session($user_id);
     //set login
     unset($_SESSION[$key]);
     Controller_Captcha::clear_status_key("wechat_bind_mobile");
     $redirect = self::get_redirect_url();
     return array("message" => "绑定成功", "redirect" => $redirect);
 }
Beispiel #4
0
 static function getSaveRow($row, $is_add = true)
 {
     $row = json_decode($row, 1);
     if (empty($row['stf_name'])) {
         _throw("姓名不能为空");
     }
     if (!Utils::is_mobile($row['mobile'])) {
         _throw("手机号不合法");
     }
     $_row = array("stf_name" => $row['stf_name'], "role_id" => empty($row['role_id']) ? null : intval($row['role_id']), "dep_id" => empty($row['dep_id']) ? null : intval($row['dep_id']), "pot_id" => empty($row['pot_id']) ? null : intval($row['pot_id']), "mobile" => empty($row['mobile']) ? null : $row['mobile'], "password" => empty($row['password']) ? null : $row['password'], "py" => \CUtf8_PY::encode($row['stf_name']));
     return array("row" => $_row);
 }
Beispiel #5
0
 /**
  * 使用密码登陆
  * @param $username
  * @param $password
  * @return array|bool|mixed
  * @throws Exception
  */
 static function login_by_password($username, $password)
 {
     self::_debug($username, $password);
     try {
         if ($user_id = self::check_user_exsits($username)) {
             //绿电通验证
             self::_debug("user_id" . $user_id);
             $user_info = self::get_user_info($user_id);
             self::check_login_user_info($user_info, $password);
         } else {
             //passport 验证
             $passport_user = Model_Passport::login($username, $password);
             if (Utils::is_mobile($passport_user['username'])) {
                 $mobile = $passport_user['username'];
             } else {
                 $mobile = "";
                 try {
                     $passport_user = Model_Passport::get_user($passport_user['user_id']);
                     $mobile = $passport_user['mobile'];
                 } catch (Exception $e) {
                     self::_warn("passport get user error " . $e->getMessage());
                 }
             }
             $user_info = self::create_new_user($passport_user['username'], $password, $mobile, $passport_user['locked'], $passport_user['userid']);
             self::check_login_user_info($user_info, $password);
         }
     } catch (AppException $e) {
         _throw($e->getMessage());
     }
     self::_debug("登陆成功");
     return $user_info;
 }