public function auth() { //判断微信Secret $wechatSecret = Config::getConfig('wechat_secret'); if ($wechatSecret !== $this->secret) { return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ERROR, Config::getConfig('forbid_access_msg')); } //账号及带查询的学号为空 if (empty($this->sid) || empty($this->uid)) { return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ERROR, '参数有误,请检查'); } //获取用户信息 $sql = 'SELECT `s`.`sid`, `s`.`name`, `u`.`rank` FROM `student` `s` LEFT JOIN `user` `u` ON `u`.`uid` = `s`.`sid` WHERE `s`.`sid` = ? LIMIT 1'; $result = Mysql::execute($sql, array($this->uid)); //用户不存在 if (empty($result)) { return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ERROR, '账号不存在,请检查'); } //获取用户信息 $this->name = $result[0]['name']; $this->rank = $result[0]['rank'] ? (int) $result[0]['rank'] : -1; //更新API调用次数 $sql = 'UPDATE `user` SET `wxCount` = `wxCount` + 1, `lastTime` = NOW() WHERE `uid` = ?'; Mysql::execute($sql, array($this->uid)); //处理学号 if ($this->uid !== $this->sid) { $student = new \Hnust\Analyse\Student(); $result = $student->search($this->sid); $result = $result['data']; //返回错误 if (empty($result)) { return $this->checkAuth($this->NMStatus, Config::RETURN_ERROR, '未找到相关学号'); } elseif (1 !== count($result)) { return $this->checkAuth($this->NMStatus, Config::RETURN_ERROR, '学号不唯一,请修改关键词'); } else { $this->sid = $result[0]['sid']; } } //返回记录 return $this->checkAuth(Config::STATE_WECHAT, Config::RETURN_NORMAL); }
public function auth() { if (!empty($this->token)) { //Token转学号 $loginInfo = $this->authCache->hget('token', $this->token); //获取用户信息 if (!empty($loginInfo)) { $sql = 'SELECT `s`.`name`, `u`.`error`, `u`.`rank` FROM `user` `u`, `student` `s` WHERE `u`.`uid` = `s`.`sid` AND `u`.`uid` = ? LIMIT 1'; $result = Mysql::execute($sql, array($loginInfo['uid'])); } //学号或Token不存在 if (empty($loginInfo) || empty($result)) { $this->logout(); if ($this->access > Config::RANK_VISITOR) { return $this->checkAuth(Config::STATE_NEED_LOGIN, Config::RETURN_NEED_LOGIN, Config::getConfig('token_error_msg')); } else { return $this->checkAuth($this->NMStatus, Config::RETURN_NORMAL); } } $loginInfo = array_merge($loginInfo, $result[0]); //获取用户信息 $this->uid = $loginInfo['uid']; $this->name = $loginInfo['name']; $this->rank = (int) $loginInfo['rank']; //密码错误次数过多 if ($loginInfo['error'] >= Config::getConfig('max_passwd_error')) { $this->logout(); return $this->checkAuth(Config::STATE_ERROR, Config::RETURN_NEED_LOGIN, Config::getConfig('excessive_error_msg')); } //记住登陆失效 if (time() - $loginInfo['time'] > Config::getConfig('max_remember_time')) { $this->logout(); return $this->checkAuth(Config::STATE_NEED_LOGIN, Config::RETURN_NEED_LOGIN, Config::getConfig('invalid_token_msg')); } //账号冻结 if ($this->rank === Config::RANK_FREEZE) { return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ALERT, Config::getConfig('freeze_msg')); } $sql = 'UPDATE `user` SET `webCount` = `webCount` + 1, `lastTime` = NOW() WHERE `uid` = ?'; Mysql::execute($sql, array($this->uid)); } //404错误 if (empty($this->method) || is_null($this->access)) { http_response_code(404); return $this->checkAuth(Config::STATE_NOT_FOUND, Config::RETURN_ALERT, Config::getConfig('not_found_msg')); } //权限不足 if ($this->rank < $this->access) { //登陆后访问 if (empty($this->token)) { return $this->checkAuth(Config::STATE_NEED_LOGIN, Config::RETURN_NEED_LOGIN, Config::getConfig('login_access_msg')); //无权访问 } else { return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ALERT, Config::getConfig('forbid_access_msg')); } } //权限不足查自己 if ($this->rank < Config::RANK_OTHER) { $this->sid = $this->uid; //学号为空或者为自己学号 } elseif (in_array($this->sid, array('', $this->uid))) { $this->sid = $this->uid; //查询对应的学号 } else { $student = new \Hnust\Analyse\Student(); $result = $student->search($this->sid); $result = $result['data']; //返回错误 if (empty($result)) { return $this->checkAuth($this->NMStatus, Config::RETURN_ERROR, '未找到相关学号'); } elseif (1 !== count($result)) { return $this->checkAuth($this->NMStatus, Config::RETURN_ERROR, '学号不唯一,请修改关键词'); } else { $this->sid = $result[0]['sid']; } } //返回记录 return $this->checkAuth($this->NMStatus, Config::RETURN_NORMAL); }