/**
* 登录
*
* @param string|User $user
* @param string $password
* @param boolean $reUser
* @return boolean
*/
public function signIn($user, $password, $reUser = false)
{
if (!$user instanceof User) {
$username = $user;
if (!$username) {
return null;
}
// Load the user
$user = User::findFirstByUserName($username);
if (!$user) {
$user = User::findFirstByUserPhone($username);
}
if (!$user) {
$user = User::findFirstByUserEmail($username);
}
}
if ($user) {
$roles = $this->getRoles($user);
// Create a hashed password
if (is_string($password)) {
$hashPassword = $this->hash($password, $user->salt);
}
//如果用户被允许登录且密码匹配,则完成登录
if (isset($roles['login']) && $user->User_passwd === $hashPassword) {
// 早期密码是不加盐的,为了兼容早期代码
// 旧密码验证通过后,保存加盐后的新密码
if (empty($user->salt) && !empty($password)) {
$user->salt = mt_rand(1000, 100000);
$user->User_passwd = $this->hash($password, $user->salt);
}
$this->performLogin($user, $reUser, $roles);
return true;
// 登录成功
} else {
return false;
// 登录失败
}
}
return null;
// 没找到用户
}
