public function __construct()
{
$cookie = Encrypt::decode(base64_decode($_COOKIE['auth']), COOKIE_KEY);
if ($cookie) {
list($this->uid, $this->email, $this->nickname) = explode("\t", $cookie);
}
}
/**
* Login
*
* @JSON
*/
public function login()
{
/**
* 1. 判断用户是否已经登录,
* 若已经登录,则直接跳转到控制面板(仪表盘)中.
* 2. 加载登录页面模板,进入登录页面.
*/
$user = User::getCurrent();
if ($user->uid) {
header("Location:/member");
} else {
if (isset($_REQUEST['email']) && isset($_REQUEST['passwd'])) {
$result = array('error' => 1, 'message' => '账户不存在啊喂!');
$email = htmlspecialchars(trim($_REQUEST['email']));
$passwd = htmlspecialchars(trim($_REQUEST['passwd']));
$remember_me = htmlspecialchars(trim($_REQUEST['remember_me']));
$user = User::getUserByEmail($email);
if ($user) {
if ($user->verifyPassword($passwd)) {
$result['error'] = 0;
$result['message'] = '登录成功,即将跳转到 >仪表盘';
$remember_me == 'week' ? $ext = 3600 * 24 * 7 : ($ext = 3600);
$expire = time() + $ext;
$token = md5($user->uid . ":" . $user->email . ":" . $user->passwd . ":" . $expire . ":" . COOKIE_KEY);
setcookie("uid", base64_encode(Encrypt::encode($user->uid, ENCRYPT_KEY)), $expire, "/");
setcookie("expire", base64_encode(Encrypt::encode($expire, ENCRYPT_KEY)), $expire, "/");
setcookie("token", base64_encode(Encrypt::encode($token, ENCRYPT_KEY)), $expire, "/");
$_SESSION['currentUser'] = $user;
Logger::getInstance()->info('user [' . $user->email . '] Login success');
} else {
$result['message'] = "账户名或密码错误, 请检查后再试!";
Logger::getInstance()->info('user [' . $user->email . '] Login failed! wrong password');
}
}
return $result;
} else {
$data['globalMessage'] = MessageModel::getGlobalMessage();
Template::setContext($data);
Template::setView('panel/login');
}
}
}
public function Login()
{
$controller = "Login";
/**
* 1. 判断用户是否已经登陆,
* 若已经登陆,则直接跳转到控制面板(仪表盘)中.
* 2. 加载登陆页面模板,进入登陆页面.
*/
//throw new Error("Check Login :"******"Location:/Member");
} else {
if (isset($_REQUEST['email']) && isset($_REQUEST['passwd'])) {
$result = array('error' => 1, 'message' => '账户不存在啊喂!');
$email = htmlspecialchars($_REQUEST['email']);
$passwd = htmlspecialchars($_REQUEST['passwd']);
$remember_me = htmlspecialchars($_REQUEST['remember_me']);
$user = User::getInstance();
$user = $user->GetUserByEmail($email);
if ($user) {
if ($user->verifyPassword($passwd)) {
$result['error'] = 0;
$result['message'] = '登陆成功,即将跳转到 >仪表盘';
$remember_me == 'week' ? $ext = 3600 * 24 * 7 : ($ext = 3600);
$token = $user->uid . "\t" . $user->email . "\t" . $user->nickname;
$token = Encrypt::encode($token, COOKIE_KEY);
$tokenOutTime = Encrypt::encode(time(), COOKIE_KEY);
setcookie("token", base64_encode($tokenOutTime), time() + $ext, "/");
setcookie("auth", base64_encode($token), time() + $ext, "/");
} else {
$result['message'] = "账户名或密码错误, 请检查后再试!";
}
}
echo json_encode($result);
exit;
} else {
include Template::load('/panel/login');
}
}
}
/**
* Get current user object
* @return User
*/
public static function getCurrent()
{
/** @var User $user */
$user = $_SESSION['currentUser'];
if ($user && TIMESTAMP - $user->lastActive > 600) {
$userObj = self::getUserByUserId($user->uid);
if (!$userObj) {
$user = null;
} elseif ($user->password != $userObj->password) {
// Password changed
$user = null;
} else {
$userObj->lastActive = TIMESTAMP;
$user = $userObj;
}
} elseif (!$user->uid) {
$uid = Encrypt::decode(base64_decode($_COOKIE['uid']), ENCRYPT_KEY);
$expire = Encrypt::decode(base64_decode($_COOKIE['expire']), ENCRYPT_KEY);
$token = Encrypt::decode(base64_decode($_COOKIE['token']), ENCRYPT_KEY);
if ($uid && $expire && $token) {
$userObj = self::getUserByUserId($uid);
if ($userObj) {
$validateToken = md5($userObj->uid . ":" . $userObj->email . ":" . $userObj->passwd . ":" . $expire . ":" . COOKIE_KEY);
if ($token == $validateToken) {
$userObj->lastActive = TIMESTAMP;
$user = $userObj;
}
}
}
}
$_SESSION['currentUser'] = $user;
return $user;
}