static function check_login($username, $password)
{
$res = false;
if (Utils::is_mobile($username)) {
$stf_id = Model_Admin_Staff::get_staff_id_by_mobile($username);
if (!$stf_id) {
_throw("员工不存在");
}
self::_debug(array(__METHOD__, $stf_id));
$user = Model_Admin_Staff::get_auth_user_by_stf_id($stf_id);
self::_debug(array("auth user", $stf_id, $user));
if (!$user) {
_throw("员工未授权");
}
$_password = $user['password'];
$salt = $user['salt'];
if ($_password !== self::gen_password($password, $salt)) {
_throw("密码不正确");
}
$res = true;
}
return $res;
}
function action_add($row)
{
$res = self::getSaveRow($row);
$table = self::table();
$pk = self::pk();
$res['row']['add_time'] = Utils::date_time_now();
if (!Utils::is_mobile($res['row']['mobile'])) {
_throw("手机号不合法");
}
$mobile = $res['row']['mobile'];
$user_mobile = self::_db()->row("select mobile from {$table} where mobile = ?", $mobile);
if ($user_mobile) {
_throw("手机号已存在");
}
if (!empty($res['row']['password'])) {
$password = $res['row']['password'];
$salt = \Model_Admin_Auth::gen_salt();
$res['row']['password'] = \Model_Admin_Auth::gen_password($password, $salt);
$res['row']['salt'] = $salt;
} else {
_throw("密码不能为空");
}
$user_id = self::_db()->insert($table, $res['row']);
$stf_id = Model_Admin_Staff::get_staff_id_by_mobile($mobile);
if ($stf_id) {
Model_Admin_Staff::bind_staff_user($stf_id, $user_id);
}
$res = $this->action_row($user_id);
$res['row'][$pk] = $user_id;
return $res;
}
/**
* 微信绑定手机号
* @return string
*/
function action_wechat_bind_mobile()
{
Model_Session::session_start(true);
$mobile = Utils::I("mobile");
$nick_name = Utils::I("nick_name");
$captcha = Utils::I("captcha");
$oauth_id = Utils::I("oauth_id");
self::_debug(array($oauth_id));
$safe_token = Utils::I(Model_Auth::ENCRYPT_FIELD_NAME);
if (!$safe_token) {
_throw("safe_token is null");
}
//Model_Auth::login_safe($username,$password,$safe_token);
$encrypt_data = self::_redis()->get(Model_Auth::ENCRYPT_CACEH_KEY . $safe_token);
if (empty($encrypt_data)) {
_throw("加密信息已过期");
}
$encrypt_data = json_decode($encrypt_data);
$private_key = $encrypt_data->private_key;
$reqData = array('mobile' => $mobile, 'captcha' => $captcha, 'nick_name' => $nick_name);
$reqData = Safe::decrypt($reqData, $private_key);
self::_debug($reqData);
if (!$reqData) {
_throw("解密失败");
}
$mobile = $reqData['mobile'];
$nick_name = $reqData['nick_name'];
$captcha = $reqData['captcha'];
if (!Utils::is_mobile($mobile)) {
_throw("手机号不合法");
}
$key = Controller_Captcha::get_captcha_session_key($mobile, "wechat_bind_mobile");
self::_debug($key);
if (empty($_SESSION[$key])) {
_throw("验证码已过期");
}
$_captcha_session = $_SESSION[$key];
self::_debug($_captcha_session);
list($_captcha, $time) = explode("|", $_captcha_session);
if (time() - $time > 60 * 60 * 5) {
unset($_SESSION[$key]);
_throw("验证码已过期");
}
self::_debug($_captcha_session);
if ($captcha != $_captcha) {
_throw("验证码不正确");
}
if (!($user_id = Model_User::check_user_exsits($mobile))) {
$user = array("password" => null, "mobile" => $mobile, "nick_name" => $nick_name, "add_time" => Utils::date_time_now(), "email" => null);
self::_debug("create user");
self::_debug($user);
$user_id = self::_db()->insert(Model_User::TABLE, $user);
}
self::_debug(array("update", Model_Wechat_User::TABLE, $user_id, $oauth_id));
self::_db()->update(Model_Wechat_User::TABLE, array("uid" => $user_id), array("id" => $oauth_id));
$wx_auth_info = $_SESSION['wx_auth_info'];
$wx_auth_info['uid'] = $user_id;
$_SESSION['wx_auth_info'] = $wx_auth_info;
self::_debug($user_id);
Model_Admin_Auth::set_login_session($user_id);
//set login
unset($_SESSION[$key]);
Controller_Captcha::clear_status_key("wechat_bind_mobile");
$redirect = self::get_redirect_url();
return array("message" => "绑定成功", "redirect" => $redirect);
}
static function getSaveRow($row, $is_add = true)
{
$row = json_decode($row, 1);
if (empty($row['stf_name'])) {
_throw("姓名不能为空");
}
if (!Utils::is_mobile($row['mobile'])) {
_throw("手机号不合法");
}
$_row = array("stf_name" => $row['stf_name'], "role_id" => empty($row['role_id']) ? null : intval($row['role_id']), "dep_id" => empty($row['dep_id']) ? null : intval($row['dep_id']), "pot_id" => empty($row['pot_id']) ? null : intval($row['pot_id']), "mobile" => empty($row['mobile']) ? null : $row['mobile'], "password" => empty($row['password']) ? null : $row['password'], "py" => \CUtf8_PY::encode($row['stf_name']));
return array("row" => $_row);
}
/**
* 使用密码登陆
* @param $username
* @param $password
* @return array|bool|mixed
* @throws Exception
*/
static function login_by_password($username, $password)
{
self::_debug($username, $password);
try {
if ($user_id = self::check_user_exsits($username)) {
//绿电通验证
self::_debug("user_id" . $user_id);
$user_info = self::get_user_info($user_id);
self::check_login_user_info($user_info, $password);
} else {
//passport 验证
$passport_user = Model_Passport::login($username, $password);
if (Utils::is_mobile($passport_user['username'])) {
$mobile = $passport_user['username'];
} else {
$mobile = "";
try {
$passport_user = Model_Passport::get_user($passport_user['user_id']);
$mobile = $passport_user['mobile'];
} catch (Exception $e) {
self::_warn("passport get user error " . $e->getMessage());
}
}
$user_info = self::create_new_user($passport_user['username'], $password, $mobile, $passport_user['locked'], $passport_user['userid']);
self::check_login_user_info($user_info, $password);
}
} catch (AppException $e) {
_throw($e->getMessage());
}
self::_debug("登陆成功");
return $user_info;
}
