public function loginAction()
{
// 取回登录失败信息
$default = Registry::get("session");
if ($default->offsetExists("freshMessage")) {
$this->_view->freshMessage = $default->offsetGet("freshMessage");
$default->offsetUnset("freshMessage");
}
$this->_view->securityToken = $default->offsetGet("securityToken");
$this->_view->layout = false;
$this->render("auth/login.phtml");
}
public function __construct(AdapterInterface $adapter = null, $features = null, ResultSetInterface $resultSetPrototype = null, Sql $sql = null)
{
if ($adapter instanceof Adapter) {
parent::__construct($this->table, $adapter, $features, $resultSetPrototype, $sql);
} else {
$adapter = Registry::get('db');
if ($adapter instanceof Adapter) {
parent::__construct($this->table, $adapter);
} else {
throw new Exception("Need an Zend\\Db\\Adapter object.");
}
}
}
public function encAction()
{
$request = $this->getRequest();
if ($request->isXmlHttpRequest()) {
$type = $request->getPost("type");
$content = $request->getPost("content");
if (in_array($type, array('enc', 'denc')) && !empty($content)) {
$enc = Registry::get('enc');
if ($type === 'enc') {
echo json_encode(array("success" => 1, "content" => $enc->encrypt($content)));
return;
} else {
echo json_encode(array("success" => 1, "content" => $enc->decrypt($content)));
return;
}
}
}
$this->render("test/enc.phtml");
}
public function render($tpl, array $parameters = NULL)
{
if (!empty($tpl) && is_string($tpl)) {
if (!empty($parameters) && is_array($parameters)) {
$this->_view->assign($parameters);
}
$content = $this->_view->render($tpl);
// 总是启用布局,除非明确禁止
if ($this->_view->layout !== false) {
// 确定布局文件
$layout = $this->_view->layoutTemplate;
if (empty($layout) || !is_string($layout)) {
$layout = "main.phtml";
}
// 确定布局路径
$layoutPath = '';
$config = Registry::get('config');
if (isset($config->global->layoutPath)) {
$layoutPath = $config->global->layoutPath;
}
if (empty($layoutPath)) {
if (defined('APPLICATION_PATH')) {
$layoutPath = APPLICATION_PATH . "/layouts";
}
}
// 布局文件存在
if (!empty($layoutPath) && file_exists($layoutPath . "/" . $layout)) {
$this->_view->setScriptPath(APPLICATION_PATH . "/layouts");
$this->_view->assign("content", $content);
echo $this->_view->render($layout);
return;
}
}
echo $content;
}
}
public function _init(Dispatcher $dispatcher)
{
// 引入Composer,Yaf扩展的配置项yaf.use_spl_autoload务必设置为1
if (file_exists(ROOT_PATH . '/vendor/autoload.php')) {
$loader = (include ROOT_PATH . '/vendor/autoload.php');
//$loader->add("",ROOT_PATH.'/library');
//$loader->addPsr4("Zend\\",ROOT_PATH.'/library/Zend');
Registry::set('loader', $loader);
}
// 禁止自动渲染
$dispatcher->autoRender(FALSE);
// 保存配置
$this->_config = Application::app()->getConfig();
Registry::set('config', $this->_config);
// 报错设置
if ($this->_config->global->showError) {
error_reporting(-1);
ini_set('display_errors', 'On');
}
// 加解密
if (!empty($this->_config->global->key)) {
Registry::set('enc', function () {
$blockCipher = BlockCipher::factory('mcrypt', array('algo' => 'aes'));
$blockCipher->setKey($this->_config->global->key);
return $blockCipher;
});
}
// 命令行方式,跳过SESSION
if (!defined("RUN_IN_CLI")) {
// 保存路径
$sessionConfig = $this->_config->session->toArray();
if (isset($sessionConfig['save_path'])) {
@mkdir($sessionConfig['save_path'], 0777, true);
}
// 配置
$config = new SessionConfig();
$config->setOptions($sessionConfig);
// 会话管理器
$manager = new SessionManager($config);
// 开启会话
$manager->start();
// 验证会话
$manager->getValidatorChain()->attach('session.validate', array(new HttpUserAgent(), 'isValid'));
if (!$manager->isValid()) {
$manager->destroy();
throw new \Exception("会话验证失败");
}
// 会话Token
$default = new Zend\Session\Container();
if (empty($default->offsetGet('securityToken'))) {
$default->offsetSet('securityToken', md5(uniqid(rand(), true)));
}
// 保存实例
Registry::set('session', $default);
Registry::set('sm', $manager);
}
// 数据库
Registry::set('db', function () {
$mysqlMasterConfig = $this->_config->mysql->master->toArray();
$adapter = new Adapter($mysqlMasterConfig);
$connect = $adapter->getDriver()->getConnection();
for ($i = 0; $i < 5; $i++) {
if ($connect->isConnected()) {
break;
}
$connect->connect();
}
return $adapter;
});
// 邮件
Registry::set('mail', function () {
$options = new SmtpOptions($this->_config->smtp->toArray());
$mail = new SmtpTransport();
$mail->setOptions($options);
return $mail;
});
// 日志
Registry::set('logger', function () {
$logger = new Zend\Log\Logger();
$writer = new Zend\Log\Writer\Stream($this->_config->log->path . '/' . date("Ymd") . ".log");
$logger->addWriter($writer);
return $logger;
});
}
public function routerShutdown(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
// 路由之后才能获取这三个值
$module = strtolower($request->getModuleName());
$controller = strtolower($request->getControllerName());
$action = strtolower($request->getActionName());
$default = Registry::get("session");
// 可以传入Zend\Authentication\Storage\Session对象,实际关联一个SESSION容器
$auth = new AuthenticationService();
$storage = $auth->getStorage();
Registry::set('auth', $storage);
if ($auth->hasIdentity()) {
$storageData = $storage->read();
$access_time = 0;
if (!empty($storageData->access_time)) {
$access_time = (int) $storageData->access_time;
}
// 已经半小时没有活动了 实际SESSION可能并没有清除
if (time() - $access_time > 1800) {
$auth->clearIdentity();
$response->clearBody()->setRedirect("/auth/login");
exit;
} else {
$storageData->access_time = time();
$storage->write($storageData);
}
if ($controller === "auth") {
if ($action === "logout") {
$auth->clearIdentity();
$response->clearBody()->setRedirect("/auth/login");
exit;
}
if ($action === "login") {
$response->clearBody()->setRedirect("/");
exit;
}
}
} else {
if ($request->isPost()) {
// 验证token
if (!isset($_POST['securityToken']) || $_POST['securityToken'] !== $default->offsetGet('securityToken')) {
//$response->clearBody()->setRedirect("/auth/login");
//exit;
}
// 需要验证的数据
$email = trim($_POST['email']);
$password = trim($_POST['password']);
if (empty($email) || empty($password)) {
$default->offsetSet("freshMessage", "邮件地址或密码不能为空");
$response->clearBody()->setRedirect("/auth/login");
exit;
}
// 匹配邮件地址 和 密码
$user = new Table\UserModel();
$userRow = $user->getUserByEmail($email);
if (!empty($userRow)) {
// 查看是否已经被禁用
if ((int) $userRow['active'] < 1) {
$default->offsetSet("freshMessage", "账户已经禁用.");
$response->clearBody()->setRedirect("/auth/login");
exit;
}
$hashPassword = trim($userRow['password']);
$salt = Ifeeline\Password::getPasswordSaltByHash($hashPassword);
$nowPassword = Ifeeline\Password::getPasswordHash($salt, $password);
if ($nowPassword !== $hashPassword) {
$default->offsetSet("freshMessage", "密码不正确");
$response->clearBody()->setRedirect("/auth/login");
exit;
}
} else {
$default->offsetSet("freshMessage", "邮件地址不存在");
$response->clearBody()->setRedirect("/auth/login");
exit;
}
// 实际上,以上的密码比较已经结束 这里使用它的会话持久化功能
$dbAdapter = Registry::get('db');
$authAdapter = new CredentialTreatmentAdapter($dbAdapter);
$authAdapter->setTableName('user')->setIdentityColumn('email')->setCredentialColumn('password');
// 这里应该使用自定义的密码哈希算法,然后再传递进行比较
$authAdapter->setIdentity($email)->setCredential($nowPassword);
$result = $auth->authenticate($authAdapter);
// 这个IF应该永不会进入
if (!$result->isValid()) {
switch ($result->getCode()) {
case Result::FAILURE_IDENTITY_NOT_FOUND:
//break;
//break;
case Result::FAILURE_CREDENTIAL_INVALID:
//break;
//case Result::SUCCESS:
// break;
//break;
//case Result::SUCCESS:
// break;
default:
//$result->getMessages()
$default->offsetSet("freshMessage", "用户名或密码不正确.");
break;
}
$response->clearBody()->setRedirect("/auth/login");
exit;
} else {
$row = $authAdapter->getResultRowObject(null, array('password'));
// 账户被禁用(这不会执行)
if ((int) $row->active < 1) {
// 清楚认证信息
$auth->clearIdentity();
$default->offsetSet("freshMessage", "用户名已经被禁用.");
$response->clearBody()->setRedirect("/auth/login");
exit;
} else {
$row->access_time = time();
$storage = $auth->getStorage();
$storage->write($row);
// 成功登录
$response->clearBody()->setRedirect("/");
exit;
}
}
} else {
if ($controller !== "auth" || $controller === "auth" && $action !== "login") {
$response->clearBody()->setRedirect("/auth/login");
exit;
}
}
}
}