private function _recordIpLimit()
{
Wind::import('SRV:user.srv.PwTryPwdBp');
$pwdBp = new PwTryPwdBp();
$pwdBp->allowTryAgain($uid, Wind::getComponent('request')->getClientIp(), true);
}
/**
* 验证安全问题
*/
public function checkquestionAction()
{
$statu = $this->checkUserInfo();
list($question, $answer) = $this->getInput(array('question', 'answer'), 'post');
Wind::import('SRV:user.srv.PwTryPwdBp');
$pwdBp = new PwTryPwdBp();
$result = $pwdBp->checkQuestion($this->loginUser->uid, $question, $answer, $this->getRequest()->getClientIp());
if ($result instanceof PwError) {
$this->showError($result->getError());
}
$this->showMessage();
}
/**
* 设置登录cookie
*
* @param PwUserBo $userBo
* @param string $ip
* @param int $rememberme
*/
public function setLoginCookie(PwUserBo $userBo, $ip, $rememberme = 0)
{
//登录成功,将用户该次登录的尝试密码记录清空
Wind::import("SRV:user.srv.PwTryPwdBp");
$pwdBp = new PwTryPwdBp();
$pwdBp->restoreTryRecord($userBo->uid, '');
/* @var $userService PwUserService */
$userService = Wekit::load('user.srv.PwUserService');
$userService->createIdentity($userBo->uid, $userBo->info['password'], $rememberme);
return $this->welcome($userBo, $ip);
}
/**
* 检查原密码
* @param int $uid
* @param string $pwd
* @return PwError|true
*/
private function checkOldPwd($uid, $pwd)
{
Wind::import('SRV:user.srv.PwTryPwdBp');
$userSrv = new PwTryPwdBp();
if (($r = $userSrv->checkPassword($uid, $pwd, $this->getRequest()->getClientIp())) instanceof PwError) {
$refer = '';
$error = $r->getError();
$msg = is_array($error) ? $error[0] : $error;
switch ($msg) {
case 'USER:login.error.tryover.pwd':
$error[0] = 'USER:pwd.error.tryover';
$this->loginUser->reset();
$refer = 'u/login/logout';
break;
case 'USER:login.error.pwd':
$error[0] = 'USER:pw.error.limit';
break;
default:
break;
}
$this->showError($error, $refer);
}
return true;
}
/**
* 密码验证
*/
public function doeditemailAction()
{
list($passwd, $email) = $this->getInput(array('passwd', 'email'), 'post');
if (!$passwd || !$email) {
$this->showError('USER:empty.error');
}
Wind::import('SRV:user.srv.PwTryPwdBp');
$tryPwdBp = new PwTryPwdBp();
if (($result = $tryPwdBp->checkPassword($this->loginUser->uid, $passwd, $this->getRequest()->getClientIp())) instanceof PwError) {
list($error, ) = $result->getError();
if ($error == 'USER:login.error.pwd') {
$this->showError($result->getError());
} else {
Wind::import('SRC:service.user.srv.PwUserService');
$srv = new PwUserService();
$srv->logout();
$this->forwardAction('u/login/run', array('backurl' => WindUrlHelper::createUrl('profile/index/run')));
}
}
$userDm = new PwUserInfoDm($this->loginUser->uid);
$r = PwUserValidator::isEmailValid($email, $this->loginUser->username);
if ($r instanceof PwError) {
$this->showError($r->getError());
}
$userDm->setEmail($email);
$result = $this->_editUser($userDm, PwUser::FETCH_MAIN);
if ($result instanceof PwError) {
$this->showError($result->getError());
} else {
$this->loginUser->info = array_merge($this->loginUser->info, $userDm->getData());
$this->showMessage('USER:user.edit.contact.success', 'profile/index/contact?_tab=contact');
}
}
protected function checkPasswd($oldPwd)
{
if (!$oldPwd) {
$this->showError('USER:pwd.change.oldpwd.require');
}
Wind::import('SRV:user.srv.PwTryPwdBp');
$tryPwdBp = new PwTryPwdBp();
$ip = $this->getRequest()->getClientIp();
if (($result = $tryPwdBp->checkPassword($this->loginUser->uid, $oldPwd, $ip)) instanceof PwError) {
list($error, $data) = $result->getError();
switch ($error) {
case 'USER:login.error.tryover.pwd':
return new PwError("已经连续" . $data['{totalTry}'] . "次密码错误,您将在" . $data['{min}'] . "分钟后再尝试");
case 'USER:login.error.pwd':
return new PwError("密码错误,您还可以尝试" . $data['{num}'] . "次");
}
}
return $result;
}
