public function _init(Dispatcher $dispatcher) { // 引入Composer,Yaf扩展的配置项yaf.use_spl_autoload务必设置为1 if (file_exists(ROOT_PATH . '/vendor/autoload.php')) { $loader = (include ROOT_PATH . '/vendor/autoload.php'); //$loader->add("",ROOT_PATH.'/library'); //$loader->addPsr4("Zend\\",ROOT_PATH.'/library/Zend'); Registry::set('loader', $loader); } // 禁止自动渲染 $dispatcher->autoRender(FALSE); // 保存配置 $this->_config = Application::app()->getConfig(); Registry::set('config', $this->_config); // 报错设置 if ($this->_config->global->showError) { error_reporting(-1); ini_set('display_errors', 'On'); } // 加解密 if (!empty($this->_config->global->key)) { Registry::set('enc', function () { $blockCipher = BlockCipher::factory('mcrypt', array('algo' => 'aes')); $blockCipher->setKey($this->_config->global->key); return $blockCipher; }); } // 命令行方式,跳过SESSION if (!defined("RUN_IN_CLI")) { // 保存路径 $sessionConfig = $this->_config->session->toArray(); if (isset($sessionConfig['save_path'])) { @mkdir($sessionConfig['save_path'], 0777, true); } // 配置 $config = new SessionConfig(); $config->setOptions($sessionConfig); // 会话管理器 $manager = new SessionManager($config); // 开启会话 $manager->start(); // 验证会话 $manager->getValidatorChain()->attach('session.validate', array(new HttpUserAgent(), 'isValid')); if (!$manager->isValid()) { $manager->destroy(); throw new \Exception("会话验证失败"); } // 会话Token $default = new Zend\Session\Container(); if (empty($default->offsetGet('securityToken'))) { $default->offsetSet('securityToken', md5(uniqid(rand(), true))); } // 保存实例 Registry::set('session', $default); Registry::set('sm', $manager); } // 数据库 Registry::set('db', function () { $mysqlMasterConfig = $this->_config->mysql->master->toArray(); $adapter = new Adapter($mysqlMasterConfig); $connect = $adapter->getDriver()->getConnection(); for ($i = 0; $i < 5; $i++) { if ($connect->isConnected()) { break; } $connect->connect(); } return $adapter; }); // 邮件 Registry::set('mail', function () { $options = new SmtpOptions($this->_config->smtp->toArray()); $mail = new SmtpTransport(); $mail->setOptions($options); return $mail; }); // 日志 Registry::set('logger', function () { $logger = new Zend\Log\Logger(); $writer = new Zend\Log\Writer\Stream($this->_config->log->path . '/' . date("Ymd") . ".log"); $logger->addWriter($writer); return $logger; }); }
public function routerShutdown(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response) { // 路由之后才能获取这三个值 $module = strtolower($request->getModuleName()); $controller = strtolower($request->getControllerName()); $action = strtolower($request->getActionName()); $default = Registry::get("session"); // 可以传入Zend\Authentication\Storage\Session对象,实际关联一个SESSION容器 $auth = new AuthenticationService(); $storage = $auth->getStorage(); Registry::set('auth', $storage); if ($auth->hasIdentity()) { $storageData = $storage->read(); $access_time = 0; if (!empty($storageData->access_time)) { $access_time = (int) $storageData->access_time; } // 已经半小时没有活动了 实际SESSION可能并没有清除 if (time() - $access_time > 1800) { $auth->clearIdentity(); $response->clearBody()->setRedirect("/auth/login"); exit; } else { $storageData->access_time = time(); $storage->write($storageData); } if ($controller === "auth") { if ($action === "logout") { $auth->clearIdentity(); $response->clearBody()->setRedirect("/auth/login"); exit; } if ($action === "login") { $response->clearBody()->setRedirect("/"); exit; } } } else { if ($request->isPost()) { // 验证token if (!isset($_POST['securityToken']) || $_POST['securityToken'] !== $default->offsetGet('securityToken')) { //$response->clearBody()->setRedirect("/auth/login"); //exit; } // 需要验证的数据 $email = trim($_POST['email']); $password = trim($_POST['password']); if (empty($email) || empty($password)) { $default->offsetSet("freshMessage", "邮件地址或密码不能为空"); $response->clearBody()->setRedirect("/auth/login"); exit; } // 匹配邮件地址 和 密码 $user = new Table\UserModel(); $userRow = $user->getUserByEmail($email); if (!empty($userRow)) { // 查看是否已经被禁用 if ((int) $userRow['active'] < 1) { $default->offsetSet("freshMessage", "账户已经禁用."); $response->clearBody()->setRedirect("/auth/login"); exit; } $hashPassword = trim($userRow['password']); $salt = Ifeeline\Password::getPasswordSaltByHash($hashPassword); $nowPassword = Ifeeline\Password::getPasswordHash($salt, $password); if ($nowPassword !== $hashPassword) { $default->offsetSet("freshMessage", "密码不正确"); $response->clearBody()->setRedirect("/auth/login"); exit; } } else { $default->offsetSet("freshMessage", "邮件地址不存在"); $response->clearBody()->setRedirect("/auth/login"); exit; } // 实际上,以上的密码比较已经结束 这里使用它的会话持久化功能 $dbAdapter = Registry::get('db'); $authAdapter = new CredentialTreatmentAdapter($dbAdapter); $authAdapter->setTableName('user')->setIdentityColumn('email')->setCredentialColumn('password'); // 这里应该使用自定义的密码哈希算法,然后再传递进行比较 $authAdapter->setIdentity($email)->setCredential($nowPassword); $result = $auth->authenticate($authAdapter); // 这个IF应该永不会进入 if (!$result->isValid()) { switch ($result->getCode()) { case Result::FAILURE_IDENTITY_NOT_FOUND: //break; //break; case Result::FAILURE_CREDENTIAL_INVALID: //break; //case Result::SUCCESS: // break; //break; //case Result::SUCCESS: // break; default: //$result->getMessages() $default->offsetSet("freshMessage", "用户名或密码不正确."); break; } $response->clearBody()->setRedirect("/auth/login"); exit; } else { $row = $authAdapter->getResultRowObject(null, array('password')); // 账户被禁用(这不会执行) if ((int) $row->active < 1) { // 清楚认证信息 $auth->clearIdentity(); $default->offsetSet("freshMessage", "用户名已经被禁用."); $response->clearBody()->setRedirect("/auth/login"); exit; } else { $row->access_time = time(); $storage = $auth->getStorage(); $storage->write($row); // 成功登录 $response->clearBody()->setRedirect("/"); exit; } } } else { if ($controller !== "auth" || $controller === "auth" && $action !== "login") { $response->clearBody()->setRedirect("/auth/login"); exit; } } } }