public function auth()
{
//判断微信Secret
$wechatSecret = Config::getConfig('wechat_secret');
if ($wechatSecret !== $this->secret) {
return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ERROR, Config::getConfig('forbid_access_msg'));
}
//账号及带查询的学号为空
if (empty($this->sid) || empty($this->uid)) {
return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ERROR, '参数有误,请检查');
}
//获取用户信息
$sql = 'SELECT `s`.`sid`, `s`.`name`, `u`.`rank` FROM `student` `s`
LEFT JOIN `user` `u` ON `u`.`uid` = `s`.`sid`
WHERE `s`.`sid` = ? LIMIT 1';
$result = Mysql::execute($sql, array($this->uid));
//用户不存在
if (empty($result)) {
return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ERROR, '账号不存在,请检查');
}
//获取用户信息
$this->name = $result[0]['name'];
$this->rank = $result[0]['rank'] ? (int) $result[0]['rank'] : -1;
//更新API调用次数
$sql = 'UPDATE `user` SET
`wxCount` = `wxCount` + 1,
`lastTime` = NOW()
WHERE `uid` = ?';
Mysql::execute($sql, array($this->uid));
//处理学号
if ($this->uid !== $this->sid) {
$student = new \Hnust\Analyse\Student();
$result = $student->search($this->sid);
$result = $result['data'];
//返回错误
if (empty($result)) {
return $this->checkAuth($this->NMStatus, Config::RETURN_ERROR, '未找到相关学号');
} elseif (1 !== count($result)) {
return $this->checkAuth($this->NMStatus, Config::RETURN_ERROR, '学号不唯一,请修改关键词');
} else {
$this->sid = $result[0]['sid'];
}
}
//返回记录
return $this->checkAuth(Config::STATE_WECHAT, Config::RETURN_NORMAL);
}
public function card()
{
$type = \Hnust\input('type');
$startDate = \Hnust\input('startDate', null);
$endDate = \Hnust\input('endDate', null);
$card = new \Hnust\Analyse\Card($this->sid, $this->passwd);
if ('bill' === $type) {
$this->info = $card->getInfo();
$this->data = $card->getBill($this->info['cardId'], $startDate, $endDate);
$student = new \Hnust\Analyse\Student();
if ($info = $student->info($this->sid)) {
$this->data['assess'] = $info['assess'];
} else {
$this->data['assess'] = '适中';
}
} elseif (in_array($type, array('loss', 'reloss'))) {
$loss = 'loss' === $type;
$this->msg = $card->doLoss($loss);
$this->info = $card->getInfo();
} else {
$this->info = $card->getInfo();
$this->data = $card->getRecord($this->info['cardId'], $startDate, $endDate);
}
$this->info['sid'] = $this->sid;
}
public function auth()
{
if (!empty($this->token)) {
//Token转学号
$loginInfo = $this->authCache->hget('token', $this->token);
//获取用户信息
if (!empty($loginInfo)) {
$sql = 'SELECT `s`.`name`, `u`.`error`, `u`.`rank`
FROM `user` `u`, `student` `s`
WHERE `u`.`uid` = `s`.`sid` AND `u`.`uid` = ? LIMIT 1';
$result = Mysql::execute($sql, array($loginInfo['uid']));
}
//学号或Token不存在
if (empty($loginInfo) || empty($result)) {
$this->logout();
if ($this->access > Config::RANK_VISITOR) {
return $this->checkAuth(Config::STATE_NEED_LOGIN, Config::RETURN_NEED_LOGIN, Config::getConfig('token_error_msg'));
} else {
return $this->checkAuth($this->NMStatus, Config::RETURN_NORMAL);
}
}
$loginInfo = array_merge($loginInfo, $result[0]);
//获取用户信息
$this->uid = $loginInfo['uid'];
$this->name = $loginInfo['name'];
$this->rank = (int) $loginInfo['rank'];
//密码错误次数过多
if ($loginInfo['error'] >= Config::getConfig('max_passwd_error')) {
$this->logout();
return $this->checkAuth(Config::STATE_ERROR, Config::RETURN_NEED_LOGIN, Config::getConfig('excessive_error_msg'));
}
//记住登陆失效
if (time() - $loginInfo['time'] > Config::getConfig('max_remember_time')) {
$this->logout();
return $this->checkAuth(Config::STATE_NEED_LOGIN, Config::RETURN_NEED_LOGIN, Config::getConfig('invalid_token_msg'));
}
//账号冻结
if ($this->rank === Config::RANK_FREEZE) {
return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ALERT, Config::getConfig('freeze_msg'));
}
$sql = 'UPDATE `user` SET
`webCount` = `webCount` + 1,
`lastTime` = NOW()
WHERE `uid` = ?';
Mysql::execute($sql, array($this->uid));
}
//404错误
if (empty($this->method) || is_null($this->access)) {
http_response_code(404);
return $this->checkAuth(Config::STATE_NOT_FOUND, Config::RETURN_ALERT, Config::getConfig('not_found_msg'));
}
//权限不足
if ($this->rank < $this->access) {
//登陆后访问
if (empty($this->token)) {
return $this->checkAuth(Config::STATE_NEED_LOGIN, Config::RETURN_NEED_LOGIN, Config::getConfig('login_access_msg'));
//无权访问
} else {
return $this->checkAuth(Config::STATE_FORBIDDEN, Config::RETURN_ALERT, Config::getConfig('forbid_access_msg'));
}
}
//权限不足查自己
if ($this->rank < Config::RANK_OTHER) {
$this->sid = $this->uid;
//学号为空或者为自己学号
} elseif (in_array($this->sid, array('', $this->uid))) {
$this->sid = $this->uid;
//查询对应的学号
} else {
$student = new \Hnust\Analyse\Student();
$result = $student->search($this->sid);
$result = $result['data'];
//返回错误
if (empty($result)) {
return $this->checkAuth($this->NMStatus, Config::RETURN_ERROR, '未找到相关学号');
} elseif (1 !== count($result)) {
return $this->checkAuth($this->NMStatus, Config::RETURN_ERROR, '学号不唯一,请修改关键词');
} else {
$this->sid = $result[0]['sid'];
}
}
//返回记录
return $this->checkAuth($this->NMStatus, Config::RETURN_NORMAL);
}
