/**
* @general access control
*/
public function init()
{
$model = new Perm();
$permission = $model->getPerm(Yii::app()->session['rid']);
$controller = Yii::app()->getController()->id;
if ($permission['perm'] && !preg_match("/{$controller}/", $permission['perm'])) {
die('你没有访问权限!');
}
}
public function __construct($id, $name, $is_default, $owner, $syncable, $synced, $access, $read, $write, $admin) {
$this->id = $id;
$this->name = $name;
$this->displayname = $name;
$this->access = $access;
$this->read = $read;
$this->write = $write;
if($GLOBALS['obm'])
if((Perm::get_module_rights($entityType) & $GLOBALS['cright_write_admin']) == $GLOBALS['cright_write_admin']) $this->admin = 1;
else $this->admin = $admin;
$this->isDefault = $is_default;
$this->owner = $owner;
$this->syncable = TRUE;
if ($this->name == 'public_contacts' && $this->isDefault) $this->syncable = FALSE;
$this->synced = $synced;
$this->db = new DB_OBM;
$this->setQueryFilter();
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer $id the ID of the model to be loaded
* @return Perm the loaded model
* @throws CHttpException
*/
public function loadModel($id)
{
$model = Perm::model()->findByPk($id);
if ($model === null) {
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
public function init()
{
$model = new Perm();
$this->permission = $model->getPerm(Yii::app()->session['rid']);
parent::init();
}
function doLogin()
{
$config = array('jwt' => array('key' => getenv('JWT_SECRET'), 'algorithm' => 'HS256'), 'serverName' => 'reachapp.com');
$username = $_POST['email'];
$password = $_POST['password'];
if ($username && $password) {
try {
$user = \User::where('email', '=', $username)->take(1)->get();
$user = $user[0];
if (true) {
/*
* Password was generated by password_hash(), so we need to use
* password_verify() to check it.
*
* @see http://php.net/manual/en/ref.password.php
*/
if (md5($password) === $user->encrypted_password) {
//setup the data for the jwt
$random = mt_rand(0, 999999);
$tokenId = base64_encode($random);
//$tokenId = base64_encode(mcrypt_create_iv(32));
$issuedAt = time();
$notBefore = $issuedAt;
//Adding 10 seconds
$expire = $notBefore + 3600000;
// Adding 60 seconds
$serverName = $config['serverName'];
$admins = array();
$employees = array();
$customers = array();
$roles = \Perm::where('user_id', '=', $user->id)->get();
$role_admin = \Perm::where(['user_id' => $user->id, 'role' => 'admin'])->get();
$role_emp = \Perm::where(['user_id' => $user->id, 'role' => 'employee'])->get();
$role_cust = \Perm::where(['user_id' => $user->id, 'role' => 'customer'])->get();
$role_super = $user->super_admin;
if (sizeof($role_admin) > 0) {
foreach ($role_admin as $role) {
$admins[] = $role->company_id;
}
}
if (sizeof($role_emp) > 0) {
foreach ($role_emp as $role) {
$employees[] = $role->company_id;
}
}
if (sizeof($role_cust) > 0) {
foreach ($role_cust as $role) {
$customers[] = $role->company_id;
}
}
/*
* Create the token as an array
*/
$data = array('iat' => $issuedAt, 'jti' => $tokenId, 'iss' => $serverName, 'nbf' => $notBefore, 'exp' => $expire, 'data' => array('userId' => $user->id, 'userName' => $username), 'role_admin' => $admins, 'role_employee' => $employees, 'role_customer' => $customers, 'role_super' => $role_super);
//header('Content-type: application/json');
/*
* Extract the key, which is coming from the config file.
*
* Best suggestion is the key to be a binary string and
* store it in encoded in a config file.
*
* Can be generated with base64_encode(openssl_random_pseudo_bytes(64));
*
* keep it secure! You'll need the exact key to verify the
* token later.
*/
//$secretKey = base64_decode($config['jwt']['key']);
$secretKey = $config['jwt']['key'];
/*
* Extract the algorithm from the config file too
*/
$algorithm = $config['jwt']['algorithm'];
/*
* Encode the array to a JWT string.
* Second parameter is the key to encode the token.
*
* The output string can be validated at http://jwt.io/
*/
$jwt = \Firebase\JWT\JWT::encode($data, $secretKey, $algorithm);
$unencodedArray = array('jwt' => $jwt);
//$app->response->setStatus(200);
echo json_encode($unencodedArray);
} else {
header('HTTP/1.0 401 Unauthorized');
}
} else {
header('HTTP/1.0 404 Not Found');
}
} catch (Exception $e) {
header('HTTP/1.0 500 Internal Server Error');
}
} else {
header('HTTP/1.0 400 Bad Request');
}
}
