예제 #1
0
 /**
  * 接收参数,通过接口方 OpenApi 进行验证
  * 登录图度
  */
 public function indexAction()
 {
     $query = $this->_request->getQuery();
     $config = $this->getInvokeArg('bootstrap')->getOptions();
     $multidb = $this->getInvokeArg('bootstrap')->getResource('multidb');
     $time = time();
     Tudu_Dao_Manager::setDbs(array(Tudu_Dao_Manager::DB_TS => $multidb->getDb('ts1')));
     // 缺少验证接口标识参数
     if (empty($query['from'])) {
         return $this->_redirect('http://www.tudu.com/');
     }
     $from = $query['from'];
     $className = 'Model_OpenApi_' . ucfirst($query['from']);
     $classFile = 'Model/OpenApi/' . ucfirst($query['from']) . '.php';
     // 缺少配置参数
     if (empty($config['openapi'][strtolower($from)])) {
         return $this->_redirect('http://www.tudu.com/');
     }
     $params = array_merge($config['openapi'][strtolower($from)], $query);
     header('P3P: CP=”CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR”');
     try {
         require_once $classFile;
         // 进行登录验证
         call_user_func(array($className, 'auth'), $params);
         // 查找应用组织关联表
         $daoAssociate = Tudu_Dao_Manager::getDao('Dao_Md_Org_Associate', Tudu_Dao_Manager::DB_MD);
         // 获取用户信息
         $params = array_merge($config['openapi'][strtolower($from)], array('uid' => $query['uu_id']));
         $userInfo = call_user_func(array($className, 'getUserInfo'), $params);
         $orgId = $daoAssociate->getOrgIdByUid($from, $userInfo['uid']);
         if (false === $orgId) {
             $orgId = $this->_getOrgId($from);
             // 创建组织
             require_once 'Model/Org/Org.php';
             Model_Org_Org::setResource('config', $config);
             Model_Org_Org::createOrg($orgId, array('userid' => 'admin', 'password' => md5(Oray_Function::randKeys(16)), 'truename' => $userInfo['truename'], 'orgname' => $userInfo['orgname']));
             // 创建关联
             $daoAssociate->createAssociate(array('orgid' => $orgId, 'from' => $from, 'uid' => $userInfo['uid'], 'truename' => $userInfo['truename'], 'email' => $userInfo['email'], 'mobile' => $userInfo['mobile'], 'tel' => $userInfo['tel'], 'createtime' => time()));
         }
         // 获取用户信息
         $adapter = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD));
         $adapter->setUsername('admin@' . $orgId)->setAuto(true);
         $result = $adapter->authenticate();
         $names = $config['cookies'];
         if (!$result->isValid()) {
             $this->_setCookies(array($names['auth'] => false, $names['username'] => false));
             return $this->_redirect('http://www.tudu.com/');
         }
         $identity = $result->getIdentity();
         // 登录
         if (Zend_Session::isStarted()) {
             session_unset();
             Zend_Session::namespaceUnset(self::SESSION_NAMESPACE);
             Zend_Session::regenerateId();
         }
         $session = new Zend_Session_Namespace(self::SESSION_NAMESPACE, true);
         $session->auth = array_merge($identity, array('logintime' => $time));
         $session->auth['appinvoker'] = $from;
         // 验证相关的Cookies
         $this->_setCookies(array($names['username'] => $identity['username'], $names['server'] => $orgId . '.tudu.com'), null);
         // 其它场合要用到的Cookies,永久。
         $this->_setCookies(array($names['track'] => base64_encode('http://www.tudu.com/login')), $time + 86400 * 365);
         // 同时要登录后台
         $adapter = new Tudu_Auth_Adapter_Admin(array('db' => Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)));
         $adapter->setUsername($identity['username'])->setAuto(true);
         $result = $adapter->authenticate();
         if ($result->isValid()) {
             $session->admin = array_merge($result->getIdentity(), array('logintime' => $time));
         }
         // 操作失败
     } catch (Exception $e) {
         return $this->_redirect('http://www.tudu.com/');
     }
     return $this->_redirect('http://online-app.tudu.com/frame-inc/');
 }
예제 #2
0
 /**
  * 管理员登录流程
  *
  * /login/login-admin
  */
 public function loginAdminAction()
 {
     // 未登录前台
     if (!$this->_user->isLogined()) {
         $referer = $this->options['sites']['www'];
         if (!empty($this->session->auth['referer'])) {
             $referer = $this->session->auth['referer'];
         }
         return $this->referer($referer);
     }
     // 非管理员身份
     if (!$this->_user->isAdmin() && !$this->_user->isOwner()) {
         PROTOCOL . '//' . $this->getServer($this->_user->orgId) . '/admin/login/?err=timeout';
     }
     $email = $this->_request->getPost('email');
     $password = $this->_request->getPost('password');
     $seccode = $this->_request->getPost('seccode');
     $error = null;
     do {
         if (empty($email)) {
             $error = 'invalid email';
             break;
         }
         if (empty($password)) {
             $error = 'invalid password';
             break;
         }
         if (empty($seccode)) {
             $error = 'unvalid seccode';
             break;
         }
         if (!Oray_Seccode::isValid($seccode, 'adlogin')) {
             $error = 'invalid seccode';
             break;
         }
         Oray_Seccode::clear('adlogin');
         $adapter = new Tudu_Auth_Adapter_Admin(array('db' => Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)));
         $adapter->setUsername($email)->setPassword($password);
         $result = $adapter->authenticate();
         if (!$result->isValid()) {
             $message = $result->getMessages();
             $error = isset($message[0]) ? $message[0] : 'failure';
             break;
         }
     } while (false);
     if (null !== $error) {
         return $this->referer(PROTOCOL . '//' . $this->getServer($this->_user->orgId) . '/admin/login/?err=' . $error);
     }
     $this->session->admin = array_merge($result->getIdentity(), array('logintime' => time()));
     //$this->_user->initAdmin($this->session->admin);
     // 添加登入日志
     $daoLog = Tudu_Dao_Manager::getDao('Dao_Md_Log_Oplog', Tudu_Dao_Manager::DB_MD);
     $clientIp = isset($_SERVER['HTTP_X_REAL_IP']) ? $_SERVER['HTTP_X_REAL_IP'] : $this->_request->getClientIp();
     $ret = $daoLog->createAdminLog(array('orgid' => $this->_user->orgId, 'userid' => $this->_user->userId, 'ip' => $clientIp, 'module' => Dao_Md_Log_Oplog::MODULE_LOGIN, 'action' => Dao_Md_Log_Oplog::OPERATION_LOGIN, 'subaction' => null, 'target' => implode(':', array($this->_user->orgId, $this->_user->address, $this->_user->uniqueId)), 'local' => !empty($this->session->auth['local']) ? $this->session->auth['local'] : null, 'detail' => serialize(array('account' => $this->_user->userName))));
     return $this->referer(PROTOCOL . '//' . $this->getServer($this->_user->orgId) . '/admin/');
 }