/**
* 接收参数,通过接口方 OpenApi 进行验证
* 登录图度
*/
public function indexAction()
{
$query = $this->_request->getQuery();
$config = $this->getInvokeArg('bootstrap')->getOptions();
$multidb = $this->getInvokeArg('bootstrap')->getResource('multidb');
$time = time();
Tudu_Dao_Manager::setDbs(array(Tudu_Dao_Manager::DB_TS => $multidb->getDb('ts1')));
// 缺少验证接口标识参数
if (empty($query['from'])) {
return $this->_redirect('http://www.tudu.com/');
}
$from = $query['from'];
$className = 'Model_OpenApi_' . ucfirst($query['from']);
$classFile = 'Model/OpenApi/' . ucfirst($query['from']) . '.php';
// 缺少配置参数
if (empty($config['openapi'][strtolower($from)])) {
return $this->_redirect('http://www.tudu.com/');
}
$params = array_merge($config['openapi'][strtolower($from)], $query);
header('P3P: CP=”CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR”');
try {
require_once $classFile;
// 进行登录验证
call_user_func(array($className, 'auth'), $params);
// 查找应用组织关联表
$daoAssociate = Tudu_Dao_Manager::getDao('Dao_Md_Org_Associate', Tudu_Dao_Manager::DB_MD);
// 获取用户信息
$params = array_merge($config['openapi'][strtolower($from)], array('uid' => $query['uu_id']));
$userInfo = call_user_func(array($className, 'getUserInfo'), $params);
$orgId = $daoAssociate->getOrgIdByUid($from, $userInfo['uid']);
if (false === $orgId) {
$orgId = $this->_getOrgId($from);
// 创建组织
require_once 'Model/Org/Org.php';
Model_Org_Org::setResource('config', $config);
Model_Org_Org::createOrg($orgId, array('userid' => 'admin', 'password' => md5(Oray_Function::randKeys(16)), 'truename' => $userInfo['truename'], 'orgname' => $userInfo['orgname']));
// 创建关联
$daoAssociate->createAssociate(array('orgid' => $orgId, 'from' => $from, 'uid' => $userInfo['uid'], 'truename' => $userInfo['truename'], 'email' => $userInfo['email'], 'mobile' => $userInfo['mobile'], 'tel' => $userInfo['tel'], 'createtime' => time()));
}
// 获取用户信息
$adapter = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD));
$adapter->setUsername('admin@' . $orgId)->setAuto(true);
$result = $adapter->authenticate();
$names = $config['cookies'];
if (!$result->isValid()) {
$this->_setCookies(array($names['auth'] => false, $names['username'] => false));
return $this->_redirect('http://www.tudu.com/');
}
$identity = $result->getIdentity();
// 登录
if (Zend_Session::isStarted()) {
session_unset();
Zend_Session::namespaceUnset(self::SESSION_NAMESPACE);
Zend_Session::regenerateId();
}
$session = new Zend_Session_Namespace(self::SESSION_NAMESPACE, true);
$session->auth = array_merge($identity, array('logintime' => $time));
$session->auth['appinvoker'] = $from;
// 验证相关的Cookies
$this->_setCookies(array($names['username'] => $identity['username'], $names['server'] => $orgId . '.tudu.com'), null);
// 其它场合要用到的Cookies,永久。
$this->_setCookies(array($names['track'] => base64_encode('http://www.tudu.com/login')), $time + 86400 * 365);
// 同时要登录后台
$adapter = new Tudu_Auth_Adapter_Admin(array('db' => Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)));
$adapter->setUsername($identity['username'])->setAuto(true);
$result = $adapter->authenticate();
if ($result->isValid()) {
$session->admin = array_merge($result->getIdentity(), array('logintime' => $time));
}
// 操作失败
} catch (Exception $e) {
return $this->_redirect('http://www.tudu.com/');
}
return $this->_redirect('http://online-app.tudu.com/frame-inc/');
}
/**
* 管理员登录流程
*
* /login/login-admin
*/
public function loginAdminAction()
{
// 未登录前台
if (!$this->_user->isLogined()) {
$referer = $this->options['sites']['www'];
if (!empty($this->session->auth['referer'])) {
$referer = $this->session->auth['referer'];
}
return $this->referer($referer);
}
// 非管理员身份
if (!$this->_user->isAdmin() && !$this->_user->isOwner()) {
PROTOCOL . '//' . $this->getServer($this->_user->orgId) . '/admin/login/?err=timeout';
}
$email = $this->_request->getPost('email');
$password = $this->_request->getPost('password');
$seccode = $this->_request->getPost('seccode');
$error = null;
do {
if (empty($email)) {
$error = 'invalid email';
break;
}
if (empty($password)) {
$error = 'invalid password';
break;
}
if (empty($seccode)) {
$error = 'unvalid seccode';
break;
}
if (!Oray_Seccode::isValid($seccode, 'adlogin')) {
$error = 'invalid seccode';
break;
}
Oray_Seccode::clear('adlogin');
$adapter = new Tudu_Auth_Adapter_Admin(array('db' => Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)));
$adapter->setUsername($email)->setPassword($password);
$result = $adapter->authenticate();
if (!$result->isValid()) {
$message = $result->getMessages();
$error = isset($message[0]) ? $message[0] : 'failure';
break;
}
} while (false);
if (null !== $error) {
return $this->referer(PROTOCOL . '//' . $this->getServer($this->_user->orgId) . '/admin/login/?err=' . $error);
}
$this->session->admin = array_merge($result->getIdentity(), array('logintime' => time()));
//$this->_user->initAdmin($this->session->admin);
// 添加登入日志
$daoLog = Tudu_Dao_Manager::getDao('Dao_Md_Log_Oplog', Tudu_Dao_Manager::DB_MD);
$clientIp = isset($_SERVER['HTTP_X_REAL_IP']) ? $_SERVER['HTTP_X_REAL_IP'] : $this->_request->getClientIp();
$ret = $daoLog->createAdminLog(array('orgid' => $this->_user->orgId, 'userid' => $this->_user->userId, 'ip' => $clientIp, 'module' => Dao_Md_Log_Oplog::MODULE_LOGIN, 'action' => Dao_Md_Log_Oplog::OPERATION_LOGIN, 'subaction' => null, 'target' => implode(':', array($this->_user->orgId, $this->_user->address, $this->_user->uniqueId)), 'local' => !empty($this->session->auth['local']) ? $this->session->auth['local'] : null, 'detail' => serialize(array('account' => $this->_user->userName))));
return $this->referer(PROTOCOL . '//' . $this->getServer($this->_user->orgId) . '/admin/');
}