dfgApi.git - Gitblit

			@@ -12,6 +12,7 @@
			use think\Request;
			use think\Validate;
			use app\common\model\user\Third as ModelThird;
			use EasyWeChat\Kernel\Support\AES;

			class Auth
			{
			@@ -122,6 +123,62 @@
			}
			}

			public function initSession($sessionkey,$params)
			{
			//$sessionkey分两部分，.前是md5加密，.后是aes加密的userid
			//校验sessionkey是否合法
			$enstrs="";
			$searr=explode('.',$sessionkey);
			if(count($searr)!=2)
			{
			$this->setError('Account not exist');
			return false;
			}
			foreach ($params as $key => $value) {
			$enstrs=$enstrs.$key;
			$pvalue=preg_replace('/^\"\|\"$/','',json_encode($value,JSON_UNESCAPED_UNICODE));
			$enstrs=$enstrs.$pvalue;
			}
			$enstrs="dfg".$enstrs."apph5".$searr[1];
			$enstrs=md5($enstrs,false);
			if($enstrs!=$searr[0])
			{//session校验不通过
			$this->setError('Account not exist');
			return false;
			}
			//aes解密
			$enKey="wp4hs3bvu7wq2mud";
			$iv = 'fedcba9876543210';
			$user_id = AES::decrypt(base64_decode($searr[1],true),$enKey, $iv);
			if(empty($user_id))
			{
			$this->setError('Account not exist');
			return false;
			}
			if ($user_id > 0) {
			$user = User::get($user_id);
			if (!$user) {
			$this->setError('Account not exist');
			return false;
			}
			if ($user['status'] != 'normal') {
			$this->setError('Account is locked');
			return false;
			}
			$this->_user = $user;
			$this->_logined = true;
			$this->_token = $user_id;

			//初始化成功的事件
			Hook::listen("user_init_successed", $this->_user);

			return true;
			} else {
			$this->setError('You are not logged in');
			return false;
			}
			}

			/**
			* 注册用户
			*