| | |
|---|
| | | use think\Request; |
|---|
| | | use think\Validate; |
|---|
| | | use app\common\model\user\Third as ModelThird; |
|---|
| | | use EasyWeChat\Kernel\Support\AES; |
|---|
| | | |
|---|
| | | class Auth |
|---|
| | | { |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | public function initSession($sessionkey,$params) |
|---|
| | | { |
|---|
| | | //$sessionkey分两部分,.前是md5加密,.后是aes加密的userid |
|---|
| | | //校验sessionkey是否合法 |
|---|
| | | $enstrs=""; |
|---|
| | | $searr=explode('.',$sessionkey); |
|---|
| | | if(count($searr)!=2) |
|---|
| | | { |
|---|
| | | $this->setError('Account not exist'); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | foreach ($params as $key => $value) { |
|---|
| | | $enstrs=$enstrs.$key; |
|---|
| | | //$pvalue=preg_replace('/^\"|\"$/','',json_encode($value,JSON_UNESCAPED_UNICODE)); |
|---|
| | | $pvalue=preg_replace('/^\"|\"$/','',json_encode($value,JSON_UNESCAPED_UNICODE+JSON_UNESCAPED_SLASHES)); |
|---|
| | | $enstrs=$enstrs.$pvalue; |
|---|
| | | } |
|---|
| | | $enstrs="dfg".$enstrs."apph5".$searr[1]; |
|---|
| | | $enstrs=md5($enstrs,false); |
|---|
| | | if($enstrs!=$searr[0]) |
|---|
| | | {//session校验不通过 |
|---|
| | | $this->setError('Account not exist'); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | //aes解密 |
|---|
| | | $enKey="wp4hs3bvu7wq2mud"; |
|---|
| | | $iv = 'fedcba9876543210'; |
|---|
| | | $user_id = AES::decrypt(base64_decode($searr[1],true),$enKey, $iv); |
|---|
| | | if(empty($user_id)) |
|---|
| | | { |
|---|
| | | $this->setError('Account not exist'); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | if ($user_id > 0) { |
|---|
| | | $user = User::get($user_id); |
|---|
| | | if (!$user) { |
|---|
| | | $this->setError('Account not exist'); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | if ($user['status'] != 'normal') { |
|---|
| | | $this->setError('Account is locked'); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | $this->_user = $user; |
|---|
| | | $this->_logined = true; |
|---|
| | | $this->_token = $user_id; |
|---|
| | | |
|---|
| | | //初始化成功的事件 |
|---|
| | | Hook::listen("user_init_successed", $this->_user); |
|---|
| | | |
|---|
| | | return true; |
|---|
| | | } else { |
|---|
| | | $this->setError('You are not logged in'); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 注册用户 |
|---|
| | | * |
|---|
| | |
|---|
| | | * @param string $third_info 三方用户信息 注:需保持统一结构 |
|---|
| | | * @return boolean |
|---|
| | | */ |
|---|
| | | public function register($username = '', $password, $email = '', $mobile = '', $extend = [],$third_platform="",$third_info=[]) |
|---|
| | | public function register($username = '', $password, $email = '', $mobile = '', $extend = [],$third_platform="",$third_info=[],$pushCid="") |
|---|
| | | { |
|---|
| | | // 检测用户名、昵称、邮箱、手机号是否存在 |
|---|
| | | if(!empty($third_platform) && !empty($third_info)){ |
|---|
| | |
|---|
| | | 'logintime' => $time, |
|---|
| | | 'loginip' => $ip, |
|---|
| | | 'prevtime' => $time, |
|---|
| | | 'status' => 'normal' |
|---|
| | | 'status' => 'normal', |
|---|
| | | 'push_cid'=>$pushCid |
|---|
| | | ]); |
|---|
| | | //$params['password'] = $this->getEncryptPassword($password, $params['salt']); |
|---|
| | | $params = array_merge($params, $extend); |
|---|
| | |
|---|
| | | * @param int $user_id |
|---|
| | | * @return boolean |
|---|
| | | */ |
|---|
| | | public function direct($user_id) |
|---|
| | | public function direct($user_id,$pushCid='') |
|---|
| | | { |
|---|
| | | $user = User::get($user_id); |
|---|
| | | if ($user) { |
|---|
| | |
|---|
| | | //!empty(PUSH_CID) && $user->push_cid = PUSH_CID; |
|---|
| | | //重置登录失败次数 |
|---|
| | | $user->loginfailure = 0; |
|---|
| | | if(!empty($pushCid)) |
|---|
| | | { |
|---|
| | | $user->push_cid=$pushCid; |
|---|
| | | } |
|---|
| | | $user->save(); |
|---|
| | | $this->_user = $user; |
|---|
| | | $this->_token = Random::uuid(); |
|---|
