You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

344 lines
13 KiB

3 years ago
  1. <?php
  2. namespace Api\Controller;
  3. use Think\Controller;
  4. class UserController extends BaseController {
  5. //注册
  6. public function register(){
  7. $username = trim(I("username"));
  8. $password = I("password");
  9. $confirm_password = I("confirm_password");
  10. $v_code = I("v_code");
  11. $register_open = D("Options")->get("register_open" ) ;
  12. if ($register_open === '0') {
  13. $this->sendError(10101,"管理员已关闭注册");
  14. return ;
  15. }
  16. if (C('CloseVerify') || $v_code && $v_code == session('v_code') ) {
  17. session('v_code',null) ;
  18. if ( $password != '' && $password == $confirm_password) {
  19. if(!D("User")->checkDbOk()){
  20. $this->sendError(100100,"数据库连接不上。请确保安装了php-sqlite扩展以及数据库文件Sqlite/showdoc.db.php可用");
  21. return;
  22. }
  23. if ( ! D("User")->isExist($username) ) {
  24. $new_uid = D("User")->register($username,$password);
  25. if ($new_uid) {
  26. $create_sample = D("Options")->get("create_sample") ;
  27. //获取后台的语言设置
  28. //这是个历史包袱。因为安装的时候语言设置没有写到API模块的配置下,所以只能读文件读取Home模快的配置文件
  29. $config = file_get_contents("./Application/Home/Conf/config.php");
  30. if ($create_sample !== '0' && strstr($config, "'zh-cn',") ) {
  31. //导入示例项目
  32. $this->_importSample($new_uid);
  33. }
  34. //设置自动登录
  35. $ret = D("User")->where("uid = '$new_uid' ")->find() ;
  36. unset($ret['password']);
  37. session("login_user" , $ret );
  38. $token = D("UserToken")->createToken($ret['uid']);
  39. cookie('cookie_token',$token,array('expire'=>60*60*24*90,'httponly'=>'httponly'));//此处由服务端控制token是否过期,所以cookies过期时间设置多久都无所谓
  40. $this->sendResult(array(
  41. "uid" => $ret['uid'] ,
  42. "username" => $ret['username'] ,
  43. "name" => $ret['name'] ,
  44. "groupid" => $ret['groupid'] ,
  45. "avatar" => $ret['avatar'] ,
  46. "avatar_small" => $ret['avatar_small'] ,
  47. "email" => $ret['email'] ,
  48. "email_verify" => $ret['email_verify'] ,
  49. "user_token" => $token ,
  50. ));
  51. }else{
  52. $this->sendError(10101,'register fail');
  53. }
  54. }else{
  55. $this->sendError(10101,L('username_exists'));
  56. }
  57. }else{
  58. $this->sendError(10101,L('code_much_the_same'));
  59. }
  60. }else{
  61. $this->sendError(10206,L('verification_code_are_incorrect'));
  62. }
  63. }
  64. //导入示例项目
  65. private function _importSample($uid){
  66. $this->_importZip("../Public/SampleZip/apidoc.zip" , $uid);
  67. $this->_importZip("../Public/SampleZip/databasedoc.zip" , $uid);
  68. $this->_importZip("../Public/SampleZip/teamdoc.zip" , $uid);
  69. $this->_importZip("../Public/SampleZip/spreadsheet.zip" , $uid);
  70. }
  71. private function _importZip($file , $uid){
  72. $zipArc = new \ZipArchive();
  73. $ret = $zipArc->open($file, \ZipArchive::CREATE);
  74. $info = $zipArc->getFromName("prefix_info.json") ;
  75. if ($info) {
  76. $info_array = json_decode($info ,1 );
  77. if ($info_array) {
  78. D("Item")->import( json_encode($info_array) , $uid );
  79. return true;
  80. }
  81. }
  82. return false ;
  83. }
  84. //登录
  85. public function login(){
  86. $username = trim(I("username"));
  87. $password = I("password");
  88. $v_code = I("v_code");
  89. if (!$password) {
  90. $this->sendError(10206,"no empty password");
  91. return;
  92. }
  93. //检查用户输错密码的次数。如果超过一定次数,则需要验证 验证码
  94. $key= 'login_fail_times_'.$username;
  95. if(!D("VerifyCode")->_check_times($key)){
  96. if (!$v_code || $v_code != session('v_code')) {
  97. $this->sendError(10206,L('verification_code_are_incorrect'));
  98. return;
  99. }
  100. }
  101. session('v_code',null) ;
  102. if(!D("User")->checkDbOk()){
  103. $this->sendError(100100,"数据库连接不上。请确保安装了php-sqlite扩展以及数据库文件Sqlite/showdoc.db.php可用");
  104. return;
  105. }
  106. $ret = D("User")->checkLogin($username,$password);
  107. //如果失败则尝试ldap登录
  108. if (!$ret) {
  109. $ret = D("User")->checkLdapLogin($username,$password);
  110. }
  111. if ($ret) {
  112. //获取后台的语言设置
  113. //这是个历史包袱。因为安装的时候语言设置没有写到API模块的配置下,所以只能读文件读取Home模快的配置文件
  114. $config = file_get_contents("./Application/Home/Conf/config.php");
  115. if (D("Item")->count() < 1 && strstr($config, "'zh-cn',") ) {
  116. //如果项目表是空的,则生成系统示例项目
  117. $this->_importSample(1);
  118. }
  119. unset($ret['password']);
  120. session("login_user" , $ret );
  121. D("User")->setLastTime($ret['uid']);
  122. $token = D("UserToken")->createToken($ret['uid'],60*60*24*180);
  123. cookie('cookie_token',$token,array('expire'=>60*60*24*180,'httponly'=>'httponly'));//此处由服务端控制token是否过期,所以cookies过期时间设置多久都无所谓
  124. $this->sendResult(array(
  125. "uid" => $ret['uid'] ,
  126. "username" => $ret['username'] ,
  127. "name" => $ret['name'] ,
  128. "groupid" => $ret['groupid'] ,
  129. "avatar" => $ret['avatar'] ,
  130. "avatar_small" => $ret['avatar_small'] ,
  131. "email" => $ret['email'] ,
  132. "email_verify" => $ret['email_verify'] ,
  133. "user_token" => $token ,
  134. ));
  135. }else{
  136. D("VerifyCode")->_ins_times($key);//输错密码则设置输错次数
  137. if(D("VerifyCode")->_check_times($key)){
  138. $error_code = 10204 ;
  139. }else{
  140. $error_code = 10210 ;
  141. }
  142. $this->sendError($error_code,L('username_or_password_incorrect'));
  143. return;
  144. }
  145. }
  146. //登录2
  147. public function loginByVerify(){
  148. $username = I("username");
  149. $password = I("password");
  150. $captcha_id = I("captcha_id");
  151. $captcha = I("captcha");
  152. if ( !D("Captcha")->check($captcha_id , $captcha) ) {
  153. $this->sendError(10206,L('verification_code_are_incorrect'));
  154. return;
  155. }
  156. $ret = D("User")->checkLogin($username,$password);
  157. //如果失败则尝试ldap登录
  158. if (!$ret) {
  159. $ret = D("User")->checkLdapLogin($username,$password);
  160. }
  161. if ($ret) {
  162. //获取后台的语言设置
  163. //这是个历史包袱。因为安装的时候语言设置没有写到API模块的配置下,所以只能读文件读取Home模快的配置文件
  164. $config = file_get_contents("./Application/Home/Conf/config.php");
  165. if (D("Item")->count() < 1 && strstr($config, "'zh-cn',") ) {
  166. //如果项目表是空的,则生成系统示例项目
  167. $this->_importSample(1);
  168. }
  169. unset($ret['password']);
  170. session("login_user" , $ret );
  171. D("User")->setLastTime($ret['uid']);
  172. $token = D("UserToken")->createToken($ret['uid'], 60*60*24*180);
  173. $this->sendResult(array(
  174. "uid" => $ret['uid'] ,
  175. "username" => $ret['username'] ,
  176. "name" => $ret['name'] ,
  177. "groupid" => $ret['groupid'] ,
  178. "avatar" => $ret['avatar'] ,
  179. "avatar_small" => $ret['avatar_small'] ,
  180. "email" => $ret['email'] ,
  181. "email_verify" => $ret['email_verify'] ,
  182. "user_token" => $token ,
  183. ));
  184. }else{
  185. $this->sendError(10204,L('username_or_password_incorrect'));
  186. return;
  187. }
  188. }
  189. //注册2
  190. public function registerByVerify(){
  191. $username = trim(I("username"));
  192. $password = I("password");
  193. $confirm_password = I("confirm_password");
  194. $captcha_id = I("captcha_id");
  195. $captcha = I("captcha");
  196. $register_open = D("Options")->get("register_open" ) ;
  197. if ($register_open === '0') {
  198. $this->sendError(10101,"管理员已关闭注册");
  199. return ;
  200. }
  201. if ( !D("Captcha")->check($captcha_id , $captcha) ) {
  202. $this->sendError(10206,L('verification_code_are_incorrect'));
  203. return;
  204. }
  205. if ( $password != '' && $password == $confirm_password) {
  206. if ( ! D("User")->isExist($username) ) {
  207. $new_uid = D("User")->register($username,$password);
  208. if ($new_uid) {
  209. $create_sample = D("Options")->get("create_sample") ;
  210. //获取后台的语言设置
  211. //这是个历史包袱。因为安装的时候语言设置没有写到API模块的配置下,所以只能读文件读取Home模快的配置文件
  212. $config = file_get_contents("./Application/Home/Conf/config.php");
  213. if ($create_sample !== '0' && strstr($config, "'zh-cn',") ) {
  214. //导入示例项目
  215. $this->_importSample($new_uid);
  216. }
  217. //设置自动登录
  218. $ret = D("User")->where("uid = '$new_uid' ")->find() ;
  219. unset($ret['password']);
  220. session("login_user" , $ret );
  221. $token = D("UserToken")->createToken($ret['uid']);
  222. cookie('cookie_token',$token,array('expire'=>60*60*24*90,'httponly'=>'httponly'));//此处由服务端控制token是否过期,所以cookies过期时间设置多久都无所谓
  223. $this->sendResult(array(
  224. "uid" => $ret['uid'] ,
  225. "username" => $ret['username'] ,
  226. "name" => $ret['name'] ,
  227. "groupid" => $ret['groupid'] ,
  228. "avatar" => $ret['avatar'] ,
  229. "avatar_small" => $ret['avatar_small'] ,
  230. "email" => $ret['email'] ,
  231. "user_token" => $token ,
  232. ));
  233. }else{
  234. $this->sendError(10101,'register fail');
  235. }
  236. }else{
  237. $this->sendError(10101,L('username_exists'));
  238. }
  239. }else{
  240. $this->sendError(10101,L('code_much_the_same'));
  241. }
  242. }
  243. //获取用户信息
  244. public function info(){
  245. $login_user = $this->checkLogin();
  246. $uid = $login_user['uid'] ;
  247. $field = "uid,username,email,name,avatar,avatar_small,groupid" ;
  248. $info = D("User")->where(" uid = '$uid' ")->field($field)->find();
  249. $this->sendResult($info);
  250. }
  251. //获取所有用户名
  252. public function allUser(){
  253. $login_user = $this->checkLogin();
  254. $uid = $login_user['uid'] ;
  255. $username = I("username");
  256. $field = "username as value" ;
  257. if ($username) {
  258. $username = \SQLite3::escapeString($username) ;
  259. $where = " username like '%{$username}%'" ;
  260. }else{
  261. $where = ' 1 = 1 ';
  262. }
  263. $info = D("User")->where($where)->field($field)->select();
  264. $this->sendResult($info);
  265. }
  266. //通过旧密码验证来更新用户密码
  267. public function resetPassword(){
  268. $login_user = $this->checkLogin();
  269. $username = $login_user['username'];
  270. $password = I("password");
  271. $new_password = I("new_password");
  272. $ret = D("User")->checkLogin($username,$password);
  273. if ($ret) {
  274. $ret = D("User")->updatePwd($login_user['uid'],$new_password);
  275. if ($ret) {
  276. $this->sendResult(array());
  277. }else{
  278. $this->sendError(10101,L('modify_faild'));
  279. }
  280. }else{
  281. $this->sendError(10101,L('old_password_incorrect'));
  282. }
  283. }
  284. //退出登录
  285. public function logout(){
  286. $login_user = $this->checkLogin();
  287. D("UserToken")->where(" uid = '$login_user[uid]' ")->save(array("token_expire"=>0));
  288. session("login_user" , NULL);
  289. cookie('cookie_token',NULL);
  290. session(null);
  291. $this->sendResult(array());
  292. }
  293. public function updateInfo(){
  294. $user = $this->checkLogin();
  295. $uid = $user['uid'];
  296. $name = I("name");
  297. D("User")->where(" uid = '$uid' ")->save(array("name"=>$name));
  298. $this->sendResult(array());
  299. }
  300. }