|
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
include_once(SERVER_ROOT . "/model/mBase.php");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class mUser extends mBase {
|
|
|
|
|
private $obj;
|
|
|
|
|
private $tbl;
|
|
|
|
|
|
|
|
|
|
public function __construct() {
|
|
|
|
|
$this->obj = new dUser();
|
|
|
|
|
$this->tbl = 'tcm_user';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getUserInfo($code) {
|
|
|
|
|
$openid = $this->getOpenid($code);
|
|
|
|
|
if (!$openid) {
|
|
|
|
|
$this->setError('登录失败');
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user = $this->getUserByOpenid($openid);
|
|
|
|
|
if ($user) return $user;
|
|
|
|
|
|
|
|
|
|
//获取唯一uid串
|
|
|
|
|
$identifier = $this->createUniqueID($openid);
|
|
|
|
|
$user = $this->getUserByIdentifier($identifier);
|
|
|
|
|
if ($user) {
|
|
|
|
|
$this->setError('登录失败,用户已存在');
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$uid = $this->createUser(array('identifier' => $identifier, 'openid' => $openid));
|
|
|
|
|
if (!$uid) {
|
|
|
|
|
$this->setError('登录失败,用户不存在');
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->getUserByUid($uid);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getOpenid($code) {
|
|
|
|
|
$appid = MP_APPID;
|
|
|
|
|
$secret = MP_SECRET;
|
|
|
|
|
|
|
|
|
|
$get_openid_url = sprintf(MP_GET_OPENID_HREF, $appid, $secret, $code);
|
|
|
|
|
|
|
|
|
|
$jsonres = $this->getCUrl($get_openid_url);
|
|
|
|
|
$get_openid_res = json_decode($jsonres, true);
|
|
|
|
|
if (empty($get_openid_res['openid'])) {
|
|
|
|
|
$this->writeLog('user', 'get_openid_error_log', $get_openid_url . "|" . $jsonres);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $get_openid_res['openid'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getUserByOpenid($openid) {
|
|
|
|
|
return $this->obj->select($this->tbl, array('sql' => '`openid`=?', 'vals' => array($openid)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function createUniqueID($openid) {
|
|
|
|
|
$uuid = uniqid($openid, true);
|
|
|
|
|
$hash = hash('sha256', $uuid);
|
|
|
|
|
$decimal = base_convert(substr($hash, 0, 16), 16, 10);
|
|
|
|
|
return substr($decimal, 0, 10);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getUserByIdentifier($identifier) {
|
|
|
|
|
return $this->obj->select($this->tbl, array('sql' => '`identifier`=?', 'vals' => array($identifier)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getUserByUid($uid) {
|
|
|
|
|
return $this->obj->select($this->tbl, array('sql' => '`uid`=?', 'vals' => array($uid)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function createUser($info) {
|
|
|
|
|
return $this->obj->insert($this->tbl, $info);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getToken($uid) {
|
|
|
|
|
$secretKey = JWT_KEY;
|
|
|
|
|
$timestamp = time();
|
|
|
|
|
$data = $uid . '|' . $timestamp;
|
|
|
|
|
$token = hash_hmac('sha256', $data, $secretKey);
|
|
|
|
|
return base64_encode($data . '|' . $token);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function validateToken($uid, $token) {
|
|
|
|
|
$secretKey = JWT_KEY;
|
|
|
|
|
$decodedToken = base64_decode($token);
|
|
|
|
|
list($valid_uid, $timestamp, $tokenHash) = explode('|', $decodedToken);
|
|
|
|
|
|
|
|
|
|
$data = $uid . '|' . $timestamp;
|
|
|
|
|
$validToken = hash_hmac('sha256', $data, $secretKey);
|
|
|
|
|
|
|
|
|
|
if (hash_equals($validToken, $tokenHash) && time() - $timestamp < 7200) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
