/** * 单点登录用户 * * 该方法是提供给Passport前端登录的方法, 大多数API Client不会使用本方法 * * @param string $username 用户名 * @param string $password 密码 * @param string $lastLoginDate 最后登录时间 * @param string $lastLoginIp 最后登录IP * @param string $ticket 单点登录票据 * @throws ResourceException */ public function postLoginAction($username, $password, $lastLoginDate, $lastLoginIp, $ticket = '') { $user = new UserController(); $user->putAuthAction($username, $password, $lastLoginDate, $lastLoginIp); if (0 == $user->resource->active) { throw new ResourceException('Forbidden', 403); } if ($ticket == '') { $ticket = Hash::unique_string(); } (new OnlineController())->postUserAction($user->resource->UID, $ticket); $this->response(200, 'OK', array('UID' => $user->resource->UID, 'username' => $username, 'ticket' => $ticket)); }
/** * 将用户添加到在线列表 * * @param integer $uid 用户ID * @param string $ticket 单点登录票据 * @throws ResourceException */ public function postUserAction($uid, $ticket = '') { if ($ticket == '') { $ticket = Hash::unique_string(); } $online = new Online(); $online->ticket = $ticket; $online->UID = $uid; if ($online->create()) { $this->response(200, 'OK'); } else { throw new ResourceException('Internal Server Error', 500); } }
/** * 建立用户头像 * * 若用户头像已经存在, 该方法会删除旧头像且新头像的地址与原头像的地址不同 * * @param integer $uid 用户ID * @param array $files 包含所有上传图像文件信息的数组 * @throws ResourceException */ public function postUserPortraitAction($uid, $files) { $portrait = Hash::unique_string(); $this->saveUserPortrait($files, $portrait); $meta = new UserMetaController(); $meta->putUserMetaAction($uid, 'portrait', $portrait); try { $this->deleteUserPortraitAction($uid); } catch (ResourceException $e) { if ($e->getCode() != 404) { throw $e; } } $this->response(200, 'OK'); }
/** * 验证用户并更新用户登陆记录 * * @param string $username 用户名 * @param string $password 密码 * @param string $lastLoginDate 最后登录日期 * @param string $lastLoginIp 最后登录IP * @throws ResourceException */ public function putAuthAction($username, $password, $lastLoginDate, $lastLoginIp) { $user = Users::findFirst(array('conditions' => 'username = ?0', 'bind' => array($username))); if (!$user) { throw new ResourceException('Not Found', 404); } if (!Hash::check_rich_hash($user->password, $user->hash_method, $password)) { throw new ResourceException('Conflict', 409); } $user->last_login_date = $lastLoginDate; $user->last_login_ip = $lastLoginIp; if ($user->save()) { $this->response(200, 'OK', $user); } else { throw new ResourceException('Internal Server Error', 500); } }