php 单点登陆accessTocken登陆制作杂记
注:此篇代码混乱,纯属个人笔记1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
<?php
function createUser($verifier, $name, $password, $citycode) {
if(checkv($verifier))
{
//插入
$token = md5($name.$password.time());
echo $token.'<hr/>';
//生成token
$token = getaccessToken($token,'a01',$citycode);
print_r($token);
}
else
throw new api\ApiException(array('code'=>$this->getErrorCode('API_AUTH_EXPIRED')));
}
function login($verifier, $name, $password) {
if(checkv($verifier))
{
$table = $this->getTable('Ogcommon_Member');
$password = strlen($password)==32?$password:md5($password);
$result = $table->get(array(Ogcommon_Member::name.'=?'=>$name,Ogcommon_Member::password.'=?'=>$password));
if(!empty($result))
{
if(empty($result['token']))
{ //数据库字段 1>id 2>name 3>password 4>tocken (用md5($name.$password.time())保存,其中$password也是经过md5加密的)
//返回的accessToken是一个数组
/*
function getaccessToken($token,$id,$citycode)
{
$expireTime = time()+86400*7;//86400=3600*24
$token = md5($token.$id.$expireTime.$citycode);
$token = base64_encode($token.'|'.$id.'|'.$expireTime.'|'.$citycode);
return array('accessToken'=>$token,'oid'=>$id,'expireTime'=>$expireTime,'citycode'=>$citycode);
}
*/
$result['token'] = md5($name.$password.time());
$table->mod($result['id'],array(Ogcommon_Member::token=>$result['token']));
}
$token = $this->getaccessToken($result['token'],$result['id'],$result['citycode']);
return new api\models\token($token);
}
else
throw new api\ApiException(array('code'=>$this->getErrorCode('API_INVALID_AUTH')));
}
else
throw new api\ApiException(array('code'=>$this->getErrorCode('API_AUTH_EXPIRED')));
}
function refresh($accessToken,$citycode) {
// TODO Auto-generated method stub
if($user = $this->accessToken($accessToken,$citycode))
{
if(isset($citycode) && $citycode!=$user['citycode'])
$user['citycode'] = $citycode;
$token = $this->getaccessToken($user['token'],$user['id'],$user['citycode']);
return new api\models\token($token);
}
else
throw new api\ApiException(array('code'=>$this->getErrorCode('API_AUTH_EXPIRED')));
}
function getUser($accessToken,\api\models\Query $query) {
if($user = $this->accessToken($accessToken))
{
$table = $this->getTable('Ogcommon_Member');
if(empty($query->where))
{
$user['oid'] = $user['id'];
return new api\models\userProfile($user);
}
$result = $table->get($query->where);
if(!empty($result))
{
$result['oid'] = $result['id'];
return new api\models\userProfile($result);
}
else
throw new api\ApiException(array('code'=>$this->getErrorCode('API_USER_NOT_EXIST')));
}
else
throw new api\ApiException(array('code'=>$this->getErrorCode('API_AUTH_EXPIRED')));
}
function bindMobile($accessToken, $mobile, $code) {
// TODO Auto-generated method stub
if($user = $this->accessToken($accessToken))
{
if(empty($user['id']))
throw new api\ApiException(array('code'=>$this->getErrorCode('API_PERMISSION_DENIED')));
$table = $this->getTable('Ogcommon_Member');
$where = array(
Ogcommon_Member::id.'=?'=>$user['id'],
Ogcommon_Member::mobile.'=?'=>$mobile,
Ogcommon_Member::secret.'=?'=>$code
);
return $table->mod($where, array(Ogcommon_Member::isBinded=>1,Ogcommon_Member::secret=>''));
}
else
throw new api\ApiException(array('code'=>$this->getErrorCode('API_AUTH_EXPIRED')));
}
function checkv($verifier)
{
return TRUE;
}
function getaccessToken($token,$id,$citycode)
{
$expireTime = time()+86400*7;//86400=3600*24
$token = md5($token.$id.$expireTime.$citycode);
$token = base64_encode($token.'|'.$id.'|'.$expireTime.'|'.$citycode);
return array('accessToken'=>$token,'oid'=>$id,'expireTime'=>$expireTime,'citycode'=>$citycode);
}
function accessToken($accessToken,$citycode=NULL)
{
if(empty($accessToken) && strlen($citycode)==6 && $citycode=='H' && $citycode=='D')
{
return $this->getuserdata($citycode);
}
$token = base64_decode($accessToken);
$token = explode('|', $token);
if(is_array($token) && count($token)==4 && $token>time())
{//0:token,1:id,2:time,3:citycode
if(empty($token))
$data = $this->getuserdata($token);
else
{
$member = $this->getTable('Ogcommon_Member');
$data = $member->get(array('{id}=?'=>$token));
}
if(md5($data['token'].$data['id'].$token.$token) == $token)
{
if(isset($citycode) && $citycode!=$data['citycode'] && $member instanceof Ogcommon_Member)
{
$member->mod(array('{id}=?'=>$token), array(Ogcommon_Member::citycode=>$citycode));
}
return $data;
}
else
return FALSE;
}
else
return FALSE;
}
function getuserdata($citycode)
{
$data = array(
'id' => '0',
'name' => 'xxx.com',
'password' => '',
'fullName' => '网络技术有限公司',
'nickName' => 'xx网络',
'icon' => '',
'gender' => '9',
'mobile' => '4001-55-4001',
'isBinded' => '1',
'email' => '',
'citycode' => $citycode,//'HD0001'
'credit' => '0',
'picture' => 'http://img.xxx.com/',
'token' => '179b3c4e4428d6c5t4r59573842ef1b1'
);
return $data;
}
createUser('abc','肖红阳','321321','HD0001');
页:
[1]