public function updateAction()
{
$nick = ApiRequest::getParam('nick');
$avatar = UploadFile::getInstanceByName('avatar');
if (TextUtil::isEmptyString($nick) || !$avatar) {
(new ApiResponse(Code::FAIL_PARAMETER_MISSING, 'nick avatar at least one'))->flush();
return false;
}
if (!$avatar && $nick == $this->user->nick) {
(new ApiResponse(Code::SUCCESS, $this->user->toArray()))->flush();
return false;
}
$model = $this->user;
if ($avatar) {
if (!($path = Uploader::saveFile($avatar, 'avatar', Uploader::TYPE_IMAGE))) {
(new ApiResponse(Uploader::getLastErrorCode(), null))->flush();
return false;
}
$model->avatar = $path;
}
$model->nick = $nick ?: $model->nick;
if ($resp = UserManager::getInstance()->updateUser($model)) {
$resp->flush();
} else {
(new ApiResponse(Code::SUCCESS, $model->toArray()))->flush();
}
return false;
}
protected function checkAuth(Request_Abstract $request, Response_Abstract $response)
{
$config = ['allow' => ['api-user-create' => 1, 'api-user-login' => 1, 'api-user-recommend' => 1, 'api-user-info' => 1, 'api-group-recommend' => 1]];
$id = strtolower($request->getModuleName() . '-' . $request->getControllerName() . '-' . $request->getActionName());
if (!isset($config['allow'][$id])) {
$user = new User();
$user->id = ApiRequest::getParam('uid');
$token = ApiRequest::getParam('token');
if (!$user->id || TextUtil::isEmptyString($token)) {
return new ApiResponse(Code::FAIL_PARAMETER_MISSING, 'uid or token is missing');
}
if ($resp = UserManager::getInstance()->getUser($user)) {
return $resp;
}
if ($user->token != $token) {
return new ApiResponse(Code::FAIL_USER_TOKEN_EXPIRE, null);
}
UserManager::getInstance()->setAuthorizedUser($user);
}
return null;
}
public function checkPermission()
{
return !TextUtil::isEmptyString($this->permission) && (self::PERMISSION_NORMAL == $this->permission || self::PERMISSION_ADMIN == $this->permission || self::PERMISSION_ROOT == $this->permission);
}
public function checkType()
{
return !TextUtil::isEmptyString($this->type) && ($this->type == self::TYPE_GROUP || $this->type == self::TYPE_CHATROOM);
}
public function checkStatus()
{
return !TextUtil::isEmptyString($this->status) && (self::STATUS_REQUEST == $this->status || self::STATUS_RECEIVE == $this->status || self::STATUS_UNSUBSCRIBE == $this->status || self::STATUS_AGREE == $this->status || self::STATUS_REFUSED == $this->status || self::STATUS_BLACK == $this->status);
}
public function checkGroup(Group $model)
{
if (!$model->uid) {
return new ApiResponse(Code::FAIL_USER_NOT_EXISTS, 'uid is empty');
}
if (TextUtil::isEmptyString($model->name)) {
return new ApiResponse(Code::FAIL_GROUP_NAME_EMPTY, null);
}
return null;
}
public function login(User $model)
{
if (TextUtil::isEmptyString($model->password)) {
return new ApiResponse(Code::FAIL_EMPTY_PASSWORD, null);
}
$dbModel = clone $model;
if ($resp = $this->getUser($dbModel)) {
return $resp;
}
$loginFailedMax = 5;
$count = LoginLogManager::getInstance()->getStatusCount($dbModel->id, time() - 1200, LoginLog::STATUS_FAILED);
if (false === $count || $count >= $loginFailedMax) {
return new ApiResponse(Code::FAIL_LOGIN_FAILED, ['next_time' => 1200, 'retry_number' => 0]);
}
if (!$this->auth($dbModel, $model)) {
$loginLog = new LoginLog($dbModel->id, LoginLog::STATUS_FAILED);
if ($resp = LoginLogManager::getInstance()->addLog($loginLog)) {
return $resp;
}
return new ApiResponse(Code::FAIL_LOGIN_FAILED, ['next_time' => 0, 'retry_number' => $loginFailedMax - $count - 1]);
} else {
$loginLog = new LoginLog($dbModel->id, LoginLog::STATUS_SUCCESS);
if ($resp = LoginLogManager::getInstance()->addLog($loginLog)) {
return $resp;
}
}
$this->updateUserToken($dbModel);
$this->setAuthorizedUser($dbModel);
return null;
}
