obj = new dUser(); $this->tbl = 'tcm_user'; } public function checkAdminLogin($name, $password) { if (empty($name) || empty($password)) { $this->setError('参数错误'); return false; } $robj = $this->initRedis(); $user_info = $robj->get(_QR_ADMIN_USER_INFO); $user_info = json_decode($user_info, true); if ($user_info['name'] !== $name || $user_info['password'] !== $password) { $this->setError('账户或密码不正确'); return false; } //设置登录状态 $robj->setex(_QR_ADMIN_LOGIN_USER_INFO, 12 * 60 * 60, json_encode(array('uid' => 0, 'token' => $this->getToken(0)))); return true; } public function createAdminPassword() { $robj = $this->initRedis(); $user_info = $robj->get(_QR_ADMIN_USER_INFO); if (empty($user_info)) { $email = ADMIN_PASSWORD_GET_EMAIL; $pass = bin2hex(openssl_random_pseudo_bytes(8)); $robj->setex(_QR_ADMIN_USER_INFO, 12 * 60 * 60, json_encode(array('name' => 'admin', 'password' => $pass))); $this->sendMail(array($email), '医案录入后台', '新密码是:' . $pass); return true; } return false; } public function getUserInfo($code) { $openid = $this->getOpenid($code); if (!$openid) { $this->setError('获取openid失败'); return false; } $user = $this->getUserByOpenid($openid); if ($user) return $user; //获取唯一uid串 $identifier = $this->createUniqueID($openid); $user = $this->getUserByIdentifier($identifier); if ($user) { $this->setError('uid生成失败'); return false; } $uid = $this->createUser(array('identifier' => $identifier, 'openid' => $openid)); if (!$uid) { $this->setError('用户创建失败'); return false; } return $this->getUserByUid($uid); } public function getOpenid($code) { $appid = MP_APPID; $secret = MP_SECRET; $get_openid_url = sprintf(MP_GET_OPENID_HREF, $appid, $secret, $code); $jsonres = $this->getCUrl($get_openid_url); $get_openid_res = json_decode($jsonres, true); if (empty($get_openid_res['openid'])) { $this->setError('获取openid失败'); $this->writeLog('user', 'get_openid_error_log', $get_openid_url . "|" . $jsonres); return false; } return $get_openid_res['openid']; } public function getUserByOpenid($openid) { return $this->obj->select($this->tbl, array('sql' => '`openid`=?', 'vals' => array($openid))); } function createUniqueID($openid) { $uuid = uniqid($openid, true); $hash = hash('sha256', $uuid); $decimal = base_convert(substr($hash, 0, 16), 16, 10); return substr($decimal, 0, 10); } public function getUserByIdentifier($identifier) { return $this->obj->select($this->tbl, array('sql' => '`identifier`=?', 'vals' => array($identifier))); } public function getUserByUid($uid) { return $this->obj->select($this->tbl, array('sql' => '`uid`=?', 'vals' => array($uid))); } public function createUser($info) { return $this->obj->insert($this->tbl, $info); } public function getToken($uid) { $secretKey = JWT_KEY; $timestamp = time(); $data = $uid . '|' . $timestamp; $token = hash_hmac('sha256', $data, $secretKey); return base64_encode($data . '|' . $token); } public function validateToken($uid, $token) { $secretKey = JWT_KEY; $decodedToken = base64_decode($token); list($valid_uid, $timestamp, $tokenHash) = explode('|', $decodedToken); $data = $uid . '|' . $timestamp; $validToken = hash_hmac('sha256', $data, $secretKey); if (hash_equals($validToken, $tokenHash) && time() - $timestamp < 7200) { return true; } return false; } }