/**
* 从Cookie中获取用户身份信息并设置到用户身份管理类
* @return boolean
*/
public function initIdentity()
{
$clusterName = self::CLUSTER_NAME;
$config = Cfg::getApp($clusterName);
$expiry = isset($config['expiry']) ? (int) $config['expiry'] : 0;
$cookieName = isset($config['cookie_name']) ? trim($config['cookie_name']) : '';
$cooksetPassword = isset($config['cookset_password']) ? (bool) $config['cookset_password'] : false;
$cooksetRoleNames = isset($config['cookset_rolenames']) ? (bool) $config['cookset_rolenames'] : false;
$cooksetAppNames = isset($config['cookset_appnames']) ? (bool) $config['cookset_appnames'] : false;
if ($cookieName === '') {
Log::warning(sprintf('Account cookie name must be string and not empty, cluster_name "%s"', $clusterName), 0, __METHOD__);
return false;
}
$authentica = new Authentica($clusterName);
$data = $authentica->getIdentity();
if (!$data || !is_array($data) || !isset($data['user_id'])) {
Log::debug(sprintf('Account cookie data must be array and not empty, cluster_name "%s", cookie_name "%s"', $clusterName, $cookieName), 0, __METHOD__);
return false;
}
$userId = isset($data['user_id']) ? (int) $data['user_id'] : 0;
$loginName = isset($data['user_name']) ? trim($data['user_name']) : '';
$password = isset($data['password']) ? $data['password'] : '';
$ip = isset($data['ip']) ? (int) $data['ip'] : 0;
$expiry = isset($data['expiry']) ? (int) $data['expiry'] : 0;
$time = isset($data['time']) ? (int) $data['time'] : 0;
$nickname = isset($data['nickname']) ? trim($data['nickname']) : '';
$roleNames = isset($data['role_names']) ? (array) $data['role_names'] : array();
$extends = isset($data['extends']) ? $data['extends'] : '';
if ($userId <= 0 || $loginName === '') {
Log::warning(sprintf('Account cookie user_id and login_name must be not empty, cluster_name "%s", cookie_name "%s", user_id "%d", login_name "%s"', $clusterName, $cookieName, $userId, $loginName), 0, __METHOD__);
return false;
}
$clientIp = ip2long(Ap::getRequest()->getClientIp());
if ($ip !== $clientIp) {
Log::warning(sprintf('Account cookie ip "%s" is not equal to client ip "%s", cluster_name "%s", cookie_name "%s", user_id "%d", login_name "%s"', long2ip($ip), long2ip($clientIp), $clusterName, $cookieName, $userId, $loginName), 0, __METHOD__);
return false;
}
if ($cooksetPassword) {
if ($password === '') {
Log::warning(sprintf('Account config cookset_password and cookie password must be not empty, cluster_name "%s", cookie_name "%s", user_id "%d", login_name "%s"', $clusterName, $cookieName, $userId, $loginName), 0, __METHOD__);
return false;
}
$dbpwd = $this->_users->getPasswordByUserId($userId);
if ($password !== $dbpwd) {
Log::warning(sprintf('Account cookie password "%s" is not equal to db password "%s", cluster_name "%s", cookie_name "%s", user_id "%d", login_name "%s"', $clusterName, $cookieName, $userId, $loginName), 0, __METHOD__);
return false;
}
}
$groupIds = $roleNames;
$appNames = explode(',', $extends);
$authoriz = $this->getAuthoriz($roleNames);
Identity::setAll($userId, $loginName, $nickname, $roleNames, $appNames, 0, 0, $authoriz);
return true;
}
/**
* 从Cookie中获取用户身份信息并设置到用户身份管理类
* @return boolean
*/
public function initIdentity()
{
$clusterName = self::CLUSTER_NAME;
$config = Cfg::getApp($clusterName);
$expiry = isset($config['expiry']) ? (int) $config['expiry'] : 0;
$cookieName = isset($config['cookie_name']) ? trim($config['cookie_name']) : '';
$cooksetPassword = isset($config['cookset_password']) ? (bool) $config['cookset_password'] : false;
if ($cookieName === '') {
Log::warning(sprintf('Account cookie name must be string and not empty, cluster_name "%s"', $clusterName), 0, __METHOD__);
return false;
}
$authentica = new Authentica($clusterName);
$data = $authentica->getIdentity();
if (!$data || !is_array($data) || !isset($data['user_id'])) {
Log::debug(sprintf('Account cookie data must be array and not empty, cluster_name "%s", cookie_name "%s"', $clusterName, $cookieName), 0, __METHOD__);
return false;
}
$memberId = isset($data['user_id']) ? (int) $data['user_id'] : 0;
$loginName = isset($data['user_name']) ? trim($data['user_name']) : '';
$password = isset($data['password']) ? $data['password'] : '';
$ip = isset($data['ip']) ? (int) $data['ip'] : 0;
$expiry = isset($data['expiry']) ? (int) $data['expiry'] : 0;
$time = isset($data['time']) ? (int) $data['time'] : 0;
$nickname = isset($data['nickname']) ? trim($data['nickname']) : '';
$roleNames = isset($data['role_names']) ? (array) $data['role_names'] : array();
$extends = isset($data['extends']) ? $data['extends'] : '';
if ($memberId <= 0 || $loginName === '') {
Log::warning(sprintf('Account cookie member_id and login_name must be not empty, cluster_name "%s", cookie_name "%s", member_id "%d", login_name "%s"', $clusterName, $cookieName, $memberId, $loginName), 0, __METHOD__);
return false;
}
$clientIp = ip2long(Ap::getRequest()->getClientIp());
if ($ip !== $clientIp) {
Log::warning(sprintf('Account cookie ip "%s" is not equal to client ip "%s", cluster_name "%s", cookie_name "%s", member_id "%d", login_name "%s"', long2ip($ip), long2ip($clientIp), $clusterName, $cookieName, $memberId, $loginName), 0, __METHOD__);
return false;
}
if ($cooksetPassword) {
if ($password === '') {
Log::warning(sprintf('Account config cookset_password and cookie password must be not empty, cluster_name "%s", cookie_name "%s", member_id "%d", login_name "%s"', $clusterName, $cookieName, $memberId, $loginName), 0, __METHOD__);
return false;
}
$dbpwd = $this->_portal->getPasswordByUserId($memberId);
if ($password !== $dbpwd) {
Log::warning(sprintf('Account cookie password "%s" is not equal to db password "%s", cluster_name "%s", cookie_name "%s", member_id "%d", login_name "%s"', $clusterName, $cookieName, $memberId, $loginName), 0, __METHOD__);
return false;
}
}
$typeId = $rankId = 0;
foreach ($roleNames as $name) {
$prev = substr($name, 0, 7);
if ($prev === 'type_id') {
$typeId = (int) substr($name, 8);
continue;
}
if ($prev === 'rank_id') {
$rankId = (int) substr($name, 8);
continue;
}
}
$appNames = array();
$authoriz = null;
Identity::setAll($memberId, $loginName, $nickname, $roleNames, $appNames, $typeId, $rankId, $authoriz);
return true;
}
