public function actionLogin() { $request = Yii::$app->request; $email = $request->post('email'); $password = $request->post('password'); if (empty($email) or empty($password)) { $this->setHeader(400); echo json_encode(array('status' => 0, 'error_code' => 400, 'message' => 'Missing params'), JSON_PRETTY_PRINT); exit; } $db = Yii::$app->db; $projectName = $request->post('gbid'); if (empty($projectName)) { $sql = "SELECT * FROM user WHERE email = :email"; $params = [':email' => $email]; $record = $db->createCommand($sql, $params)->queryOne(); } else { $sql = "SELECT *, u.id, u.name FROM user u\n JOIN project p ON p.id = u.project_id\n WHERE u.email = :email AND p.name = :projectName"; $params = [':email' => $email, ':projectName' => $projectName]; $record = $db->createCommand($sql, $params)->queryOne(); } if (empty($record)) { $this->setHeader(400); echo json_encode(array('status' => 0, 'error_code' => 400, 'message' => 'No such user'), JSON_PRETTY_PRINT); exit; } if ($record['password'] != Util::hashPassword($password)) { $this->setHeader(400); echo json_encode(array('status' => 0, 'error_code' => 400, 'message' => 'Wrong password'), JSON_PRETTY_PRINT); exit; } $token = Util::generateToken($email); $expires = time() + 86400; $lastLogin = date('Y-m-d H:i:s'); $loginTimes = $record['login_times'] + 1; $sql = "UPDATE user SET token = :token, expires = :expires, last_login = :lastLogin, login_times = :loginTimes\n WHERE id = :userId"; $params = [':token' => $token, ':expires' => $expires, ':lastLogin' => $lastLogin, ':loginTimes' => $loginTimes, ':userId' => $record['id']]; $db->createCommand($sql, $params)->execute(); $data = ['user_id' => $record['id'], 'user_name' => $record['name'], 'token' => $token, 'avatar' => $record['avatar'], 'project_id' => $record['project_id'], 'last_login' => $lastLogin, 'login_times' => $loginTimes]; $this->setHeader(200); echo json_encode(array('status' => 1, 'data' => $data, 'message' => 'Login success'), JSON_PRETTY_PRINT); exit; }