public function loginHandle($request, $response, $args)
{
// $data = $request->post('sdf');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
$rememberMe = $request->getParam('remember_me');
// Handle Login
$user = User::where('email', '=', $email)->first();
if ($user == null) {
$res['ret'] = 0;
$res['error_code'] = self::UserNotExist;
$res['msg'] = "邮箱或者密码错误";
return $this->echoJson($response, $res);
}
if (!Hash::checkPassword($user->pass, $passwd)) {
$res['ret'] = 0;
$res['error_code'] = self::UserPasswordWrong;
$res['msg'] = "邮箱或者密码错误";
return $this->echoJson($response, $res);
}
// @todo
$time = 3600 * 24;
if ($rememberMe) {
$time = 3600 * 24 * 7;
}
Logger::info("login user {$user->id} ");
Auth::login($user->id, $time);
$res['ret'] = 1;
$res['msg'] = "欢迎回来";
return $this->echoJson($response, $res);
}
public function hashTest()
{
$pwd = "testPassword";
$hashPwd = Hash::passwordHash($pwd);
$this->assertEquals(true, Hash::checkPassword($hashPwd, $pwd));
$this->assertEquals(false, Hash::checkPassword("", $pwd));
}
public function loginHandle($request, $response, $args)
{
// $data = $request->post('sdf');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
$rememberMe = $request->getParam('remember_me');
// Handle Login
$user = User::where('email', '=', $email)->first();
if ($user == null) {
$rs['ret'] = 0;
$rs['msg'] = "401 邮箱或者密码错误";
return $response->getBody()->write(json_encode($rs));
}
if (!Hash::checkPassword($user->pass, $passwd)) {
$rs['ret'] = 0;
$rs['msg'] = "402 邮箱或者密码错误";
return $response->getBody()->write(json_encode($rs));
}
// @todo
$time = 3600 * 24;
if ($rememberMe) {
$time = 3600 * 24 * 7;
}
Auth::login($user->id, $time);
$rs['ret'] = 1;
$rs['msg'] = "欢迎回来";
return $response->getBody()->write(json_encode($rs));
}
public function newToken($request, $response, $args)
{
// $data = $request->post('sdf');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
// Handle Login
$user = User::where('email', '=', $email)->first();
if ($user == null) {
$res['ret'] = 0;
$res['msg'] = "401 邮箱或者密码错误";
return $this->echoJson($response, $res);
}
if (!Hash::checkPassword($user->pass, $passwd)) {
$res['ret'] = 0;
$res['msg'] = "402 邮箱或者密码错误";
return $this->echoJson($response, $res);
}
$tokenStr = Tools::genToken();
$storage = Factory::createTokenStorage();
$expireTime = time() + 3600 * 24 * 7;
if ($storage->store($tokenStr, $user, $expireTime)) {
$res['ret'] = 1;
$res['msg'] = "ok";
$res['data']['token'] = $tokenStr;
$res['data']['user_id'] = $user->id;
return $this->echoJson($response, $res);
}
$res['ret'] = 0;
$res['msg'] = "system error";
return $this->echoJson($response, $res);
}
public function updatePassword($request, $response, $args)
{
$oldpwd = $request->getParam('oldpwd');
$pwd = $request->getParam('pwd"');
$repwd = $request->getParam('repwd"');
$user = $this->user;
if (!Hash::checkPassword($user->pass, $oldpwd)) {
$res['ret'] = 0;
$res['msg'] = "旧密码错误";
return $response->getBody()->write(json_encode($res));
}
if ($pwd != $repwd) {
$res['ret'] = 0;
$res['msg'] = "两次输入不符合";
return $response->getBody()->write(json_encode($res));
}
if (strlen($pwd) < 8) {
$res['ret'] = 0;
$res['msg'] = "密码太短啦";
return $response->getBody()->write(json_encode($res));
}
$hashPwd = Hash::passwordHash($pwd);
$user->pass = $hashPwd;
$user->save();
$res['ret'] = 1;
$res['msg'] = "ok";
return $response->getBody()->write(json_encode($res));
}
public function handleKill($request, $response, $args)
{
$user = Auth::getUser();
$passwd = $request->getParam('passwd');
// check passwd
$res = array();
if (!Hash::checkPassword($user->pass, $passwd)) {
$res['ret'] = 0;
$res['msg'] = " 密码错误";
return $this->echoJson($response, $res);
}
Auth::logout();
$user->delete();
$res['ret'] = 1;
$res['msg'] = "GG!您的帐号已经从我们的系统中删除.";
return $this->echoJson($response, $res);
}
