Login.php 7.83 KB
<?php

use Action\WebAction;
use LibModels\Web\Passport\RegData;
use LibModels\Web\Passport\LoginData;
use Passport\PassportModel as PassportModel;
use Plugin\Helpers;
class LoginController extends WebAction
{

    /**
     * 登录页
     */
    public function indexAction()
    {
        $this->setTitle('用户登录');
        // 设置登录有效时间30分钟, 防机器刷
        $this->setSession('_LOGIN_EXPIRE', time() + 1800);

        // 清除客户端
        $this->setCookie('_UID', '');
        $this->setCookie('_TOKEN', '');

        //登录后跳转页面
        $refer = empty($_SERVER["HTTP_REFERER"]) ? '' : $_SERVER["HTTP_REFERER"];
        if (!empty($refer)) {
            $this->setCookie('refer', $refer);
        }
        //获取用户
        $uid = $this->getUid(true);
        if (!$uid) {
            $isLogin = false;
            $username = '';
        }
        else {
            $isLogin = true;
            $username = $this->_uname;
        }
        $simpleHeader = PassportModel::getSimpleHeader($isLogin, $username);
        //获取登陆页左侧资源
        $cover = PassportModel::getLeftBanner(PassportModel::SIGNIN_LEFT_BANNER_CODE);
        //是否记住密码
        $isRemember = $this->getCookie('isRemember', FALSE);
        $account = '';
        $password = '';
        if ($isRemember) {
            $account = $this->decrypt($this->getCookie('account', ''));
            $password = $this->decrypt($this->getCookie('userInfo', ''));
        }
        //整合
        $data = array(
            'loginPage' => true,
            'simpleHeader' => $simpleHeader,
            'passport' => array(
                'coverHref' => $cover['url'],
                'coverImg' => !empty($cover['img']) ? $cover['img'] : 'http://img12.static.yhbimg.com/yhb-img01/2015/12/01/07/020a0b6e7ff908d0c2bc4045b4fef42b9f.png?imageView/2/w/252/h/190',
                'countryCode' => '+86',
                'countryName' => '中国',
                'countryList' => RegData::getAreasData(),
                'forgetPwd' => Helpers::url('/passport/back/index'),
                'fastReg' => Helpers::url('/reg.html'),
                'weixinLogin' => Helpers::url('/passport/autosign/wechat'),
                'qqLogin' => Helpers::url('/passport/autosign/qq'),
                'weiboLogin' => Helpers::url('/passport/autosign/sina'),
                'alipayLogin' => Helpers::url('/passport/autosign/alipay'),
                'doubanLogin' => Helpers::url('/passport/autosign/douban'),
                'renrenLogin' => Helpers::url('/passport/autosign/renren'),
                'isRemember' => $isRemember,
                'password' => $password,
                'account' => $account
            ),
        );

        $this->_view->display('index', $data);
    }

    /**
     * 登录操作
     *
     * @param string areaCode 地区编号, 不需要+号
     * @param string account 账号(邮箱或手机号)
     * @param string password 密码
     * @return json
     */
    public function authAction()
    {
        $data = array('code' => 400, 'message' => '账号或密码不正确', 'data' => '');

        do {
            /* 判断是不是AJAX请求 */
            if (!$this->isAjax()) {
                break;
            }

            /* 判断参数是否传递 */
            $area = trim($this->post('areaCode', '86'));
            $account = trim($this->post('account'));
            $password = trim($this->post('password'));
            $isRemember = trim($this->post('isRemember'));
            $isRemember = false;
            if (!is_numeric($area) || empty($account) || empty($password)) {
                break;
            }

            /* 判断参数是否有效 */
            $verifyEmail = Helpers::verifyEmail($account);
            $verifyMobile = ($area === '86') ? Helpers::verifyMobile($account) : Helpers::verifyAreaMobile($account, $area);
            if (!$verifyEmail && !$verifyMobile) {
                break;
            }

            /* 设置登录有效时间30分钟, 防机器刷 */
            $expire = $this->getSession('_LOGIN_EXPIRE');
            if (empty($expire) || $expire < time()) {
                break;
            }

            /* 调用登录接口进行登录 */
            // 获取未登录时的唯一识别码
            $shoppingKey = Helpers::getShoppingKeyByCookie();
            $data = LoginData::signin($area, $account, $password, $shoppingKey);
            if (!isset($data['code']) || $data['code'] != 200 || !isset($data['data']['uid'])) {
                break;
            }
            //登录成功记录账户信息
            if ($isRemember) {
                $this->setCookie('account', $this->encrypt($account), time() + 3600 * 24 * 7, '/');
                $this->setCookie('userInfo', $this->encrypt($password), time() + 3600 * 24 * 7, '/');
                $this->setCookie('isRemember', $isRemember, time() + 3600 * 24 * 7);
            }
            else {
                $this->setCookie('account', '', -1, '/');
                $this->setCookie('userInfo', '', -1, '/');
                $this->setCookie('isRemember', '', -1, '/');
            }

            $refer = $this->getCookie('refer');
            if (empty($refer)) {
                $refer = SITE_MAIN . '/?go=1';
            }
            else {
                $refer = rawurldecode($refer);
            }
            $data['data']['session'] = Helpers::syncUserSession($data['data']['uid']);
            $data['data']['href'] = $refer;

            $token = Helpers::makeToken($data['data']['uid']);
            $this->setCookie('_TOKEN', $token);
            $this->setSession('_TOKEN', $token);
            $this->setSession('_LOGIN_UID', $data['data']['uid']);
        }
        while (false);

        $this->echoJson($data);
    }

    //退出
    public function outAction()
    {
        // 清除服务端会话
        $this->setSession('_TOKEN', '');
        $this->setSession('_LOGIN_UID', '');

        // 清除客户端
        $this->setCookie('_UID', '');
        $this->setCookie('_TOKEN', '');
        $this->setCookie('_SPK', '');

        $refer = $this->server('HTTP_REFERER', SITE_MAIN);
        $token = $this->get('token');
        if (!empty($token)) {
            $this->go(Helpers::logoutSession($token, $refer));
        }

        $this->go($refer);
    }

    /*
     * 加密算法
     */

    private function encrypt($data, $key='yohobuy')
    {
        $key = md5($key);
        $x = 0;
        $str='';
        $char='';
        $len = strlen($data);
        $l = strlen($key);
        for ($i = 0; $i < $len; $i++) {
            if ($x == $l) {
                $x = 0;
            }
            $char .= $key{$x};
            $x++;
        }
        for ($i = 0; $i < $len; $i++) {
            $str .= chr(ord($data{$i}) + (ord($char{$i})) % 256);
        }
        return base64_encode($str);
    }

    /*
     * 解密算法
     */

    private function decrypt($data, $key='yohobuy')
    {
        $key = md5($key);
        $x = 0;
        $str='';
        $char='';
        $data = base64_decode($data);
        $len = strlen($data);
        $l = strlen($key);
        for ($i = 0; $i < $len; $i++) {
            if ($x == $l) {
                $x = 0;
            }
            $char .= substr($key, $x, 1);
            $x++;
        }
        for ($i = 0; $i < $len; $i++) {
            if (ord(substr($data, $i, 1)) < ord(substr($char, $i, 1))) {
                $str .= chr((ord(substr($data, $i, 1)) + 256) - ord(substr($char, $i, 1)));
            }
            else {
                $str .= chr(ord(substr($data, $i, 1)) - ord(substr($char, $i, 1)));
            }
        }
        return $str;
    }

}