public function update($request, $response, $args)
{
$id = $args['id'];
$user = User::find($id);
$user->email = $request->getParam('email');
if ($request->getParam('pass') != '') {
$user->pass = Hash::passwordHash($request->getParam('pass'));
}
$user->port = $request->getParam('port');
$user->passwd = $request->getParam('passwd');
$user->transfer_enable = $request->getParam('transfer_enable');
$user->invite_num = $request->getParam('invite_num');
$user->method = $request->getParam('method');
$user->enable = $request->getParam('enable');
$user->is_admin = $request->getParam('is_admin');
$user->ref_by = $request->getParam('ref_by');
if (!$user->save()) {
$rs['ret'] = 0;
$rs['msg'] = "修改失败";
return $response->getBody()->write(json_encode($rs));
}
$rs['ret'] = 1;
$rs['msg'] = "修改成功";
return $response->getBody()->write(json_encode($rs));
}
public function hashTest()
{
$pwd = "testPassword";
$hashPwd = Hash::passwordHash($pwd);
$this->assertEquals(true, Hash::checkPassword($hashPwd, $pwd));
$this->assertEquals(false, Hash::checkPassword("", $pwd));
}
public function handleToken($request, $response, $args)
{
$tokenStr = $args['token'];
$password = $request->getParam('password');
// check token
$token = PasswordReset::where('token', $tokenStr)->first();
if ($token == null || $token->expire_time < time()) {
$rs['ret'] = 0;
$rs['msg'] = '链接已经失效,请重新获取';
return $response->getBody()->write(json_encode($rs));
}
$user = User::where('email', $token->email)->first();
if ($user == null) {
$rs['ret'] = 0;
$rs['msg'] = '链接已经失效,请重新获取';
return $response->getBody()->write(json_encode($rs));
}
// reset password
$hashPassword = Hash::passwordHash($password);
$user->pass = $hashPassword;
if (!$user->save()) {
$rs['ret'] = 0;
$rs['msg'] = '重置失败,请重试';
return $response->getBody()->write(json_encode($rs));
}
$rs['ret'] = 1;
$rs['msg'] = '重置成功';
return $response->getBody()->write(json_encode($rs));
}
public function loginHandle($request, $response, $next)
{
// $data = $request->post('sdf');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
$rememberMe = $request->getParam('remember_me');
// Handle Login
$user = User::where('email', '=', $email)->first();
if ($user == null) {
$rs['code'] = '0';
$rs['msg'] = "401 邮箱或者密码错误";
return $response->getBody()->write(json_encode($rs));
}
if ($user->pass != Hash::passwordHash($passwd)) {
$rs['code'] = '0';
$rs['msg'] = "402 邮箱或者密码错误";
return $response->getBody()->write(json_encode($rs));
}
// @todo
$time = 3600 * 24;
Auth::login($user->id, $time);
$rs['code'] = '1';
$rs['ok'] = '1';
$rs['msg'] = "欢迎回来";
return $response->getBody()->write(json_encode($rs));
}
public function newToken($request, $response, $args)
{
// $data = $request->post('sdf');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
// Handle Login
$user = User::where('email', '=', $email)->first();
if ($user == null) {
$res['ret'] = 0;
$res['msg'] = "401 邮箱或者密码错误";
return $this->echoJson($response, $res);
}
if (!Hash::checkPassword($user->pass, $passwd)) {
$res['ret'] = 0;
$res['msg'] = "402 邮箱或者密码错误";
return $this->echoJson($response, $res);
}
$tokenStr = Tools::genToken();
$storage = Factory::createTokenStorage();
$expireTime = time() + 3600 * 24 * 7;
if ($storage->store($tokenStr, $user, $expireTime)) {
$res['ret'] = 1;
$res['msg'] = "ok";
$res['data']['token'] = $tokenStr;
$res['data']['user_id'] = $user->id;
return $this->echoJson($response, $res);
}
$res['ret'] = 0;
$res['msg'] = "system error";
return $this->echoJson($response, $res);
}
public static function getUser()
{
$uid = Utils\Cookie::get('uid');
$key = Utils\Cookie::get('key');
if ($uid == null) {
$user = new User();
$user->isLogin = false;
return $user;
}
$user = User::find($uid);
if ($user == null) {
$user->isLogin = false;
return $user;
}
if (Hash::cookieHash($user->pass) != $key) {
$user->isLogin = false;
return $user;
}
$user->isLogin = true;
return $user;
}
public function createAdmin()
{
echo "add admin/ 创建管理员帐号.....";
// ask for input
fwrite(STDOUT, "Enter your email/输入管理员邮箱: ");
// get input
$email = trim(fgets(STDIN));
// write input back
fwrite(STDOUT, "Enter password for: {$email} / 为 {$email} 添加密码 ");
$passwd = trim(fgets(STDIN));
echo "Email: {$email}, Password: {$passwd}! ";
fwrite(STDOUT, "Press [Y] to create admin..... 按下[Y]确认来确认创建管理员账户..... ");
$y = trim(fgets(STDIN));
if (strtolower($y) == "y") {
echo "start create admin account";
// create admin user
// do reg user
$user = new User();
$user->user_name = "admin";
$user->email = $email;
$user->pass = Hash::passwordHash($passwd);
$user->passwd = Tools::genRandomChar(6);
$user->port = Tools::getLastPort() + 1;
$user->t = 0;
$user->u = 0;
$user->d = 0;
$user->transfer_enable = Tools::toGB(Config::get('defaultTraffic'));
$user->invite_num = Config::get('inviteNum');
$user->ref_by = 0;
$user->is_admin = 1;
if ($user->save()) {
echo "Successful/添加成功!";
return true;
}
echo "添加失败";
return false;
}
echo "cancel";
return false;
}
public function registerHandle($request, $response, $args)
{
$name = $request->getParam('name');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
$repasswd = $request->getParam('repasswd');
$code = $request->getParam('code');
$verifycode = $request->getParam('verifycode');
// check code
$c = InviteCode::where('code', $code)->first();
if ($c == null) {
$res['ret'] = 0;
$res['error_code'] = self::WrongCode;
$res['msg'] = "邀请码无效";
return $this->echoJson($response, $res);
}
// check email format
if (!Check::isEmailLegal($email)) {
$res['ret'] = 0;
$res['error_code'] = self::IllegalEmail;
$res['msg'] = "邮箱无效";
return $this->echoJson($response, $res);
}
// check pwd length
if (strlen($passwd) < 8) {
$res['ret'] = 0;
$res['error_code'] = self::PasswordTooShort;
$res['msg'] = "密码太短";
return $this->echoJson($response, $res);
}
// check pwd re
if ($passwd != $repasswd) {
$res['ret'] = 0;
$res['error_code'] = self::PasswordNotEqual;
$res['msg'] = "两次密码输入不符";
return $this->echoJson($response, $res);
}
// check email
$user = User::where('email', $email)->first();
if ($user != null) {
$res['ret'] = 0;
$res['error_code'] = self::EmailUsed;
$res['msg'] = "邮箱已经被注册了";
return $this->echoJson($response, $res);
}
// verify email
if (Config::get('emailVerifyEnabled') && !EmailVerify::checkVerifyCode($email, $verifycode)) {
$res['ret'] = 0;
$res['msg'] = '邮箱验证代码不正确';
return $this->echoJson($response, $res);
}
// check ip limit
$ip = Http::getClientIP();
$ipRegCount = Check::getIpRegCount($ip);
if ($ipRegCount >= Config::get('ipDayLimit')) {
$res['ret'] = 0;
$res['msg'] = '当前IP注册次数超过限制';
return $this->echoJson($response, $res);
}
// do reg user
$user = new User();
$user->user_name = $name;
$user->email = $email;
$user->pass = Hash::passwordHash($passwd);
$user->passwd = Tools::genRandomChar(6);
$user->port = Tools::getLastPort() + 1;
$user->t = 0;
$user->u = 0;
$user->d = 0;
$user->transfer_enable = Tools::toGB(Config::get('defaultTraffic'));
$user->invite_num = Config::get('inviteNum');
$user->reg_ip = Http::getClientIP();
$user->ref_by = $c->user_id;
if ($user->save()) {
$res['ret'] = 1;
$res['msg'] = "注册成功";
$c->delete();
return $this->echoJson($response, $res);
}
$res['ret'] = 0;
$res['msg'] = "未知错误";
return $this->echoJson($response, $res);
}
public static function genSID()
{
$unid = uniqid(Config::get('key'));
return Hash::sha256WithSalt($unid);
}
public function updatePassword($request, $response, $args)
{
$oldpwd = $request->getParam('oldpwd');
$pwd = $request->getParam('pwd"');
$repwd = $request->getParam('repwd"');
$user = $this->user;
if (!Hash::checkPassword($user->pass, $oldpwd)) {
$res['ret'] = 0;
$res['msg'] = "旧密码错误";
return $response->getBody()->write(json_encode($res));
}
if ($pwd != $repwd) {
$res['ret'] = 0;
$res['msg'] = "两次输入不符合";
return $response->getBody()->write(json_encode($res));
}
if (strlen($pwd) < 8) {
$res['ret'] = 0;
$res['msg'] = "密码太短啦";
return $response->getBody()->write(json_encode($res));
}
$hashPwd = Hash::passwordHash($pwd);
$user->pass = $hashPwd;
$user->save();
$res['ret'] = 1;
$res['msg'] = "ok";
return $response->getBody()->write(json_encode($res));
}
public function updatePassword($pwd)
{
$this->pass = Hash::passwordHash($pwd);
$this->save();
}
public function handleKill($request, $response, $args)
{
$user = Auth::getUser();
$passwd = $request->getParam('passwd');
// check passwd
$res = array();
if (!Hash::checkPassword($user->pass, $passwd)) {
$res['ret'] = 0;
$res['msg'] = " 密码错误";
return $this->echoJson($response, $res);
}
Auth::logout();
$user->delete();
$res['ret'] = 1;
$res['msg'] = "GG!您的帐号已经从我们的系统中删除.";
return $this->echoJson($response, $res);
}
public function registerHandle($request, $response, $next)
{
$name = $request->getParam('name');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
$repasswd = $request->getParam('repasswd');
$code = $request->getParam('code');
// check code
$c = InviteCode::where('code', $code)->first();
if ($c == null) {
$res['ret'] = 0;
$res['msg'] = "邀请码无效";
return $response->getBody()->write(json_encode($res));
}
// check email format
if (!Check::isEmailLegal($email)) {
$res['ret'] = 0;
$res['msg'] = "邮箱无效";
return $response->getBody()->write(json_encode($res));
}
// check pwd length
if (strlen($passwd) < 8) {
$res['ret'] = 0;
$res['msg'] = "密码太短";
return $response->getBody()->write(json_encode($res));
}
// check pwd re
if ($passwd != $repasswd) {
$res['ret'] = 0;
$res['msg'] = "两次密码输入不符";
return $response->getBody()->write(json_encode($res));
}
// check email
$user = User::where('email', $email)->first();
if ($user != null) {
$res['ret'] = 0;
$res['msg'] = "邮箱已经被注册了";
return $response->getBody()->write(json_encode($res));
}
// do reg user
$user = new User();
$user->user_name = $name;
$user->email = $email;
$user->pass = Hash::passwordHash($passwd);
$user->passwd = Tools::genRandomChar(6);
$user->port = Tools::getLastPort() + 1;
$user->t = 0;
$user->u = 0;
$user->d = 0;
$user->transfer_enable = Tools::toGB(Config::get('defaultTraffic'));
$user->invite_num = Config::get('inviteNum');
$user->ref_by = $c->user_id;
if ($user->save()) {
$res['ret'] = 1;
$res['msg'] = "注册成功";
$c->delete();
return $response->getBody()->write(json_encode($res));
}
$res['ret'] = 0;
$res['msg'] = "未知错误";
return $response->getBody()->write(json_encode($res));
}
