/** * 用户名密码验证流程 * * @param array $inputData */ public function grant(array $inputData) { if (empty($inputData[OpenApi_OAuth_OAuth::PARAM_USERNAME]) || empty($inputData[OpenApi_OAuth_OAuth::PARAM_PASSWORD])) { require_once 'OpenApi/OAuth/Exception.php'; throw new OpenApi_OAuth_Exception("Invalid parameter for grant accessToken by type \"password\"", OpenApi_OAuth_OAuth::ERROR_INVALID_REQUEST); } try { $auth = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)); $auth->setUsername($inputData[OpenApi_OAuth_OAuth::PARAM_USERNAME])->setPassword($inputData[OpenApi_OAuth_OAuth::PARAM_PASSWORD]); $result = $auth->authenticate(); } catch (Tudu_Auth_Adapter_Exception $e) { require_once 'OpenApi/OAuth/Exception.php'; throw new OpenApi_OAuth_Exception("Authorize failed", OpenApi_OAuth_OAuth::ERROR_INVALID_REQUEST); } if (!$result->isValid()) { require_once 'OpenApi/OAuth/Exception.php'; throw new OpenApi_OAuth_Exception("Authorize failed", OpenApi_OAuth_OAuth::ERROR_INVALID_REQUEST); } $identity = $result->getIdentity(); $identity['logintime'] = time(); return array(OpenApi_OAuth_OAuth::PARAM_USER_ID => $inputData[OpenApi_OAuth_OAuth::PARAM_USERNAME], OpenApi_OAuth_OAuth::PARAM_SCOPE => null, 'auth' => $identity); }
/** * 接收参数,通过接口方 OpenApi 进行验证 * 登录图度 */ public function indexAction() { $query = $this->_request->getQuery(); $config = $this->getInvokeArg('bootstrap')->getOptions(); $multidb = $this->getInvokeArg('bootstrap')->getResource('multidb'); $time = time(); Tudu_Dao_Manager::setDbs(array(Tudu_Dao_Manager::DB_TS => $multidb->getDb('ts1'))); // 缺少验证接口标识参数 if (empty($query['from'])) { return $this->_redirect('http://www.tudu.com/'); } $from = $query['from']; $className = 'Model_OpenApi_' . ucfirst($query['from']); $classFile = 'Model/OpenApi/' . ucfirst($query['from']) . '.php'; // 缺少配置参数 if (empty($config['openapi'][strtolower($from)])) { return $this->_redirect('http://www.tudu.com/'); } $params = array_merge($config['openapi'][strtolower($from)], $query); header('P3P: CP=”CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR”'); try { require_once $classFile; // 进行登录验证 call_user_func(array($className, 'auth'), $params); // 查找应用组织关联表 $daoAssociate = Tudu_Dao_Manager::getDao('Dao_Md_Org_Associate', Tudu_Dao_Manager::DB_MD); // 获取用户信息 $params = array_merge($config['openapi'][strtolower($from)], array('uid' => $query['uu_id'])); $userInfo = call_user_func(array($className, 'getUserInfo'), $params); $orgId = $daoAssociate->getOrgIdByUid($from, $userInfo['uid']); if (false === $orgId) { $orgId = $this->_getOrgId($from); // 创建组织 require_once 'Model/Org/Org.php'; Model_Org_Org::setResource('config', $config); Model_Org_Org::createOrg($orgId, array('userid' => 'admin', 'password' => md5(Oray_Function::randKeys(16)), 'truename' => $userInfo['truename'], 'orgname' => $userInfo['orgname'])); // 创建关联 $daoAssociate->createAssociate(array('orgid' => $orgId, 'from' => $from, 'uid' => $userInfo['uid'], 'truename' => $userInfo['truename'], 'email' => $userInfo['email'], 'mobile' => $userInfo['mobile'], 'tel' => $userInfo['tel'], 'createtime' => time())); } // 获取用户信息 $adapter = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)); $adapter->setUsername('admin@' . $orgId)->setAuto(true); $result = $adapter->authenticate(); $names = $config['cookies']; if (!$result->isValid()) { $this->_setCookies(array($names['auth'] => false, $names['username'] => false)); return $this->_redirect('http://www.tudu.com/'); } $identity = $result->getIdentity(); // 登录 if (Zend_Session::isStarted()) { session_unset(); Zend_Session::namespaceUnset(self::SESSION_NAMESPACE); Zend_Session::regenerateId(); } $session = new Zend_Session_Namespace(self::SESSION_NAMESPACE, true); $session->auth = array_merge($identity, array('logintime' => $time)); $session->auth['appinvoker'] = $from; // 验证相关的Cookies $this->_setCookies(array($names['username'] => $identity['username'], $names['server'] => $orgId . '.tudu.com'), null); // 其它场合要用到的Cookies,永久。 $this->_setCookies(array($names['track'] => base64_encode('http://www.tudu.com/login')), $time + 86400 * 365); // 同时要登录后台 $adapter = new Tudu_Auth_Adapter_Admin(array('db' => Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD))); $adapter->setUsername($identity['username'])->setAuto(true); $result = $adapter->authenticate(); if ($result->isValid()) { $session->admin = array_merge($result->getIdentity(), array('logintime' => $time)); } // 操作失败 } catch (Exception $e) { return $this->_redirect('http://www.tudu.com/'); } return $this->_redirect('http://online-app.tudu.com/frame-inc/'); }
/** * 登陆接口 */ public function indexAction() { // 关闭缓存 $this->_response->setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', true)->setHeader('Pragma', 'no-cache', true); $userId = trim($this->_request->getPost('uid')); $orgId = trim($this->_request->getPost('orgid')); $domain = $this->_request->getPost('domain'); $password = trim($this->_request->getPost('password')); $seccode = $this->_request->getPost('seccode'); $remember = (bool) $this->_request->getPost('remember'); // 来源地址 $referer = $this->_request->getServer('HTTP_REFERER', $this->options['sites']['www']); $referer = preg_replace('/[\\#\\?].*/i', '', $referer); $redirect = $this->_request->getPost('redirect'); $error = null; do { if (empty($userId) || empty($password)) { $error = 'params'; break; } if (false === strpos($userId, '@')) { $userId .= '@' . $orgId; } list(, $suffix) = explode('@', $userId); // 验证码 if (Oray_Seccode::getInstance()->getCode('login')) { if (empty($seccode) || !Oray_Seccode::isValid($seccode, 'login')) { $error = 'seccode'; break; } Oray_Seccode::clear('login'); } $adapter = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)); $adapter->setUsername($userId)->setPassword($password); $result = $adapter->authenticate(); if (!$result->isValid()) { $message = $result->getMessages(); $error = isset($message[0]) ? $message[0] : 'failure'; break; } } while (false); // 登陆失败 if (null !== $error) { $referer .= '?error=' . $error; if ($redirect) { $referer .= '&redirect=' . urlencode($redirect); } $this->referer($referer); return; } $identity = $result->getIdentity(); $identity['referer'] = $referer; $isHttps = $identity['ishttps']; // 检测登陆IP写入登录日志 $clientIp = $this->_request->getClientIp(); $daoIp = Tudu_Dao_Manager::getDao('Dao_Md_Ip_Info', Tudu_Dao_Manager::DB_MD); $ipInfo = $daoIp->getInfoByIp($clientIp); if (null !== $ipInfo) { $identity['local'] = $ipInfo->city; } $logId = $this->_loginLog(array('orgid' => $identity['orgid'], 'uniqueid' => $identity['uniqueid'], 'address' => $identity['username'], 'truename' => $identity['truename'], 'ip' => $clientIp, 'local' => !empty($identity['local']) ? $identity['local'] : null)); $identity['loginlogid'] = $logId; $identity = $this->_loginFilter($identity); $this->_user->clearCache($identity['username']); if (Zend_Session::isStarted()) { session_unset(); Zend_Session::namespaceUnset(self::SESSION_NAMESPACE); Zend_Session::regenerateId(); } $this->session = new Zend_Session_Namespace(self::SESSION_NAMESPACE, true); $this->session->auth = array_merge($identity, array('logintime' => $this->_timestamp)); $server = $this->getServer($identity['orgid']); $names = $this->options['cookies']; // 验证相关的Cookies $this->_setCookies(array($names['username'] => $identity['username'], $names['server'] => $server), $remember ? $this->_timestamp + 86400 * 30 : null); // 其它场合要用到的Cookies,永久。 $this->_setCookies(array($names['track'] => base64_encode($referer)), $this->_timestamp + 86400 * 365); // 记住自动登录信息 if ($remember) { $daoSession = Tudu_Dao_Manager::getDao('Dao_Md_User_Session', Tudu_Dao_Manager::DB_MD); $authId = Dao_Md_User_Session::getSessionId($identity['userid'] . '@' . $identity['orgid']); $daoSession->createSession(array('sessionid' => $authId, 'orgid' => $identity['orgid'], 'userid' => $identity['userid'], 'logintime' => $this->_timestamp, 'loginip' => $clientIp, 'expiretime' => $this->_timestamp + 86400 * 30)); // 自动登录Cookies,一个月。 $this->_setCookies(array($names['auth'] => $authId), $this->_timestamp + 86400 * 30); $this->session->auth['authid'] = $authId; } // 是否使用ssl if (!$redirect) { $protocol = $identity['ishttps'] ? 'https:' : 'http:'; $redirect = $protocol . '//' . $server . '/frame'; } $this->referer($redirect); }