public function login_success($uid, $uname)
{
// 更新最后登录信息
$this->where('uid=' . $uid)->save(['last_login_ip' => get_client_ip(1), 'last_login_time' => time()]);
$this->where('uid=' . $uid)->setInc('login_num');
// 让之前的token失效
$token_name = C('COOKIE_TOKEN');
$token = cookie($token_name);
if ($token) {
M('user_login')->where(['token' => $token])->setField('token_status', 0);
cookie($token_name, null);
}
cookie('token') && cookie('token', null);
// 生成用户令牌
$crypt = new \Think\Crypt('think');
$token = $crypt->encrypt($uid, uniqid());
// 写入登录信息
list($app, $os, $version) = app_info();
M('user_login')->add(['uid' => $uid, 'uname' => $uname, 'token' => $token, 'token_status' => 1, 'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '', 'ip' => get_client_ip(1), 'created' => time(), 'app' => $app ?: '']);
cookie($token_name, $token, 86400 * 90);
// 客户端无法正常自动管理cookie,故手动增加一个头信息
header('X-Auth-Token: ' . $token);
return $token;
}
/**
* 跳到重置密码
*/
public function toResetPass()
{
$key = I('key');
$keyFactory = new \Think\Crypt();
$key = $keyFactory->decrypt($key, C('SESSION_PREFIX'));
$key = explode('_', $key);
if (time() > floatval($key[2]) + 30 * 60) {
$this->error('连接已失效!');
}
if (intval($key[1]) == 0) {
$this->error('无效的用户!');
}
session('REST_userId', $key[1]);
session('REST_Time', $key[2]);
session('REST_success', '1');
$this->display('default/forget_pass3');
}
/**
* 重置密码
*
* @param int $uid 用户手机号
* @param string $password 新密码
*/
protected function _updatePassword($mobile, $password)
{
// 验证密码长度
strlen($password) >= 6 or ajax_error('PASSWORD_LENGTH_ERROR', '密码最小长度为6位!');
strlen($password) <= 32 or ajax_error('PASSWORD_LENGTH_ERROR', '密码最大长度为32位!');
// 检验用户
$userModel = D('User');
$user = $userModel->field('uid,uname,salt')->where(['mobile' => $mobile])->find() or ajax_error('ACCOUNT_NOT_FOUND', '此账号不存在!');
$uid = $user['uid'];
// 更新密码
$userModel->where('uid=' . $uid)->setField('password', $userModel->password($password, $user['salt']));
// 让旧的登录信息全部失效
M('user_login')->where('uid=' . $uid)->setField('token_status', 0);
// 生成新的用户令牌
$crypt = new \Think\Crypt('think');
$token = $crypt->encrypt($uid, uniqid());
// 写入登录信息
M('user_login')->add(['uid' => $uid, 'uname' => $user['uname'], 'token' => $token, 'token_status' => 1, 'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '', 'ip' => get_client_ip(1), 'created' => time()]);
// 保存cookie
cookie('token', $token);
ajax_success();
}
/**
* 修改密码初始化
*/
public function updatePassword()
{
$user = get_user();
if (!$user) {
$this->redirect('Other/Public/login?type=miss_token');
exit;
}
$uid = $user['uid'];
if (IS_POST) {
// 获取参数
$old_password = I('post.old');
empty($old_password) && $this->error('请输入原密码');
$password = $data['password'] = I('post.password');
empty($data['password']) && $this->error('请输入新密码');
$repassword = I('post.repassword');
empty($repassword) && $this->error('请输入确认密码');
if ($data['password'] !== $repassword) {
$this->error('您输入的新密码与确认密码不一致');
}
// 验证密码长度
strlen($password) >= 6 or $this->error('密码最小长度为6位!');
strlen($password) <= 32 or $this->error('密码最大长度为32位!');
// 检验用户
$userModel = D('User');
$user = $userModel->field('uid,uname,password,salt')->find($uid) or $this->error('此账号不存在!');
// 检验旧密码
$userModel->password($old_password, $user['salt']) == $user['password'] or $this->error('旧密码不正确!');
// 更新密码
$userModel->where('uid=' . $uid)->setField('password', $userModel->password($password, $user['salt']));
// 让旧的登录信息全部失效
M('user_login')->where('uid=' . $uid)->setField('token_status', 0);
// 生成新的用户令牌
$crypt = new \Think\Crypt('think');
$token = $crypt->encrypt($uid, uniqid());
// 写入登录信息
M('user_login')->add(['uid' => $uid, 'uname' => $user['uname'], 'token' => $token, 'token_status' => 1, 'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '', 'ip' => get_client_ip(1), 'created' => time()]);
// 保存cookie
cookie('token', $token);
$this->success('修改密码成功!');
exit;
}
$this->meta_title = '修改密码';
$this->display('Public/updatepassword');
}
public function login()
{
if (IS_AJAX) {
if (check_verify(I('post.verify'), 1)) {
$Member = M('Member');
$is_email = $Member->regex(I('post.username'), 'email');
if ($is_email) {
$resuser = $Member->where('email=\'' . I('post.username') . '\'')->find();
} else {
$resuser = $Member->where('username=\'' . I('post.username') . '\'')->find();
}
if (sys_md5(I('post.password')) == $resuser['password']) {
if (!$resuser['status']) {
$this->error(L('USER_STOP'));
}
$data = array('login_ip' => get_client_ip(), 'last_login_time' => time());
$saveres = $Member->where(array('id' => $resuser['id']))->save($data);
if ($saveres) {
$Member->where(array('id' => $resuser['id']))->setInc('login_count');
}
if (I('post.keep') == 'on') {
$crypt = new \Think\Crypt();
$userinfo = array('username' => $crypt->encrypt($resuser['username'], sys_md5(C('DATA_AUTH_KEY'), 'isky71'), 3600 * 24 * 15), 'password' => $crypt->encrypt($resuser['password'], sys_md5(C('DATA_AUTH_KEY'), 'CMS'), 3600 * 24 * 15));
$str = $crypt->encrypt(json_encode($userinfo), C('DATA_AUTH_KEY') . $__SERVER["HTTP_USER_AGENT"]);
cookie('member', $str, 3600 * 24 * 15);
}
session(C('USER_AUTH_KEY'), $resuser['id']);
session('uname', $resuser['username']);
$this->success(L('LOGIN_SUCCESS'), U('Index/index', $this->vl));
} else {
$this->error(L('LOGIN_ERROR'));
}
} else {
$this->error(L('VERIFY_ERROR'));
}
} else {
if (session(C('USER_AUTH_KEY'))) {
$this->redirect('Index/index');
} elseif (cookie('member')) {
$crypt = new \Think\Crypt();
$userjson = $crypt->decrypt(cookie('member'), C('DATA_AUTH_KEY') . $__SERVER["HTTP_USER_AGENT"]);
$userarr = json_decode($userjson, TRUE);
foreach ($userarr as $key => $value) {
if ($key == 'username') {
$uname = $crypt->decrypt($value, sys_md5(C('DATA_AUTH_KEY'), 'isky71'));
}
if ($key == 'password') {
$pwd = $crypt->decrypt($value, sys_md5(C('DATA_AUTH_KEY'), 'CMS'));
}
}
$Member = M('Member');
$ures = $Member->where('username=\'' . $uname . '\'')->find();
if ($ures && $ures['password'] == $pwd) {
session(C('USER_AUTH_KEY'), $ures['id']);
session('uname', $ures['username']);
$this->redirect('Index/index');
} else {
cookie(NULL);
$this->display();
}
} else {
$this->display();
}
}
}
