public function loginHandle($request, $response, $args) { // $data = $request->post('sdf'); $email = $request->getParam('email'); $email = strtolower($email); $passwd = $request->getParam('passwd'); $rememberMe = $request->getParam('remember_me'); // Handle Login $user = User::where('email', '=', $email)->first(); if ($user == null) { $res['ret'] = 0; $res['error_code'] = self::UserNotExist; $res['msg'] = "邮箱或者密码错误"; return $this->echoJson($response, $res); } if (!Hash::checkPassword($user->pass, $passwd)) { $res['ret'] = 0; $res['error_code'] = self::UserPasswordWrong; $res['msg'] = "邮箱或者密码错误"; return $this->echoJson($response, $res); } // @todo $time = 3600 * 24; if ($rememberMe) { $time = 3600 * 24 * 7; } Logger::info("login user {$user->id} "); Auth::login($user->id, $time); $res['ret'] = 1; $res['msg'] = "欢迎回来"; return $this->echoJson($response, $res); }
public function hashTest() { $pwd = "testPassword"; $hashPwd = Hash::passwordHash($pwd); $this->assertEquals(true, Hash::checkPassword($hashPwd, $pwd)); $this->assertEquals(false, Hash::checkPassword("", $pwd)); }
public function loginHandle($request, $response, $args) { // $data = $request->post('sdf'); $email = $request->getParam('email'); $email = strtolower($email); $passwd = $request->getParam('passwd'); $rememberMe = $request->getParam('remember_me'); // Handle Login $user = User::where('email', '=', $email)->first(); if ($user == null) { $rs['ret'] = 0; $rs['msg'] = "401 邮箱或者密码错误"; return $response->getBody()->write(json_encode($rs)); } if (!Hash::checkPassword($user->pass, $passwd)) { $rs['ret'] = 0; $rs['msg'] = "402 邮箱或者密码错误"; return $response->getBody()->write(json_encode($rs)); } // @todo $time = 3600 * 24; if ($rememberMe) { $time = 3600 * 24 * 7; } Auth::login($user->id, $time); $rs['ret'] = 1; $rs['msg'] = "欢迎回来"; return $response->getBody()->write(json_encode($rs)); }
public function newToken($request, $response, $args) { // $data = $request->post('sdf'); $email = $request->getParam('email'); $email = strtolower($email); $passwd = $request->getParam('passwd'); // Handle Login $user = User::where('email', '=', $email)->first(); if ($user == null) { $res['ret'] = 0; $res['msg'] = "401 邮箱或者密码错误"; return $this->echoJson($response, $res); } if (!Hash::checkPassword($user->pass, $passwd)) { $res['ret'] = 0; $res['msg'] = "402 邮箱或者密码错误"; return $this->echoJson($response, $res); } $tokenStr = Tools::genToken(); $storage = Factory::createTokenStorage(); $expireTime = time() + 3600 * 24 * 7; if ($storage->store($tokenStr, $user, $expireTime)) { $res['ret'] = 1; $res['msg'] = "ok"; $res['data']['token'] = $tokenStr; $res['data']['user_id'] = $user->id; return $this->echoJson($response, $res); } $res['ret'] = 0; $res['msg'] = "system error"; return $this->echoJson($response, $res); }
public function updatePassword($request, $response, $args) { $oldpwd = $request->getParam('oldpwd'); $pwd = $request->getParam('pwd"'); $repwd = $request->getParam('repwd"'); $user = $this->user; if (!Hash::checkPassword($user->pass, $oldpwd)) { $res['ret'] = 0; $res['msg'] = "旧密码错误"; return $response->getBody()->write(json_encode($res)); } if ($pwd != $repwd) { $res['ret'] = 0; $res['msg'] = "两次输入不符合"; return $response->getBody()->write(json_encode($res)); } if (strlen($pwd) < 8) { $res['ret'] = 0; $res['msg'] = "密码太短啦"; return $response->getBody()->write(json_encode($res)); } $hashPwd = Hash::passwordHash($pwd); $user->pass = $hashPwd; $user->save(); $res['ret'] = 1; $res['msg'] = "ok"; return $response->getBody()->write(json_encode($res)); }
public function handleKill($request, $response, $args) { $user = Auth::getUser(); $passwd = $request->getParam('passwd'); // check passwd $res = array(); if (!Hash::checkPassword($user->pass, $passwd)) { $res['ret'] = 0; $res['msg'] = " 密码错误"; return $this->echoJson($response, $res); } Auth::logout(); $user->delete(); $res['ret'] = 1; $res['msg'] = "GG!您的帐号已经从我们的系统中删除."; return $this->echoJson($response, $res); }