Home Explore Help
Register Sign In
iapt-platform
/
mint
mirror of https://github.com/iapt-platform/mint.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

jwt for sign-in

visuddhinanda 3 years ago
parent
2728051b16
commit
95d99b0b71
2 changed files with 107 additions and 36 deletions
Split View Show Diff Stats
  1. 67 23
      public/app/db/user.php
  2. 40 13
      public/app/ucenter/index.php

+ 67 - 23
public/app/db/user.php
View File 

@@ -6,6 +6,9 @@ require_once "../public/function.php";
 
 // Require Composer's autoloader.
 
 require_once '../../vendor/autoload.php';
 
 
+use Firebase\JWT\JWT;
 
+use Firebase\JWT\Key;
 
+
 
 // Using Medoo namespace.
 
 use Medoo\Medoo;
 
 
@@ -36,7 +39,7 @@ class User extends Table
 
 		$where["resource_id"] = explode($_GET["id"],",");
 
 		echo json_encode($this->_index(["resource_id","user_id"],$where), JSON_UNESCAPED_UNICODE);
 
 	}
 
-	
+
 
 	public function  list(){
 
 		if(!isset($_COOKIE["userid"])){
 
 			$userId = $_COOKIE["userid"];
 
@@ -81,23 +84,23 @@ class User extends Table
 
 			if ($this->redis == false) {
 
 				$this->result["ok"]=false;
 
 				$this->result["message"]="no_redis_connect";
 
-				echo json_encode($this->result, JSON_UNESCAPED_UNICODE);	
-				return;	
+				echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
+				return;
 
 			}
 
 			$redisKey = "invitecode://".$data["invite"];
 
 			$code = $this->redis->exists($redisKey);
 
 			if(!$code){
 
 				$this->result["ok"]=false;
 
 				$this->result["message"]="invite_code_invalid";
 
-				echo json_encode($this->result, JSON_UNESCAPED_UNICODE);	
-				return;	
+				echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
+				return;
 
 			}
 
-			$data["email"] = $this->redis->get($redisKey);				
+			$data["email"] = $this->redis->get($redisKey);
 
 		}else{
 
 			$this->result["ok"]=false;
 
 			$this->result["message"]="no_invite_code";
 
-			echo json_encode($this->result, JSON_UNESCAPED_UNICODE);	
-			return;	
+			echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
+			return;
 
 		}
 
 		//验证用户名有效性
 
 		if(!$this->isValidUsername($data["username"])){
 
@@ -158,11 +161,11 @@ class User extends Table
 
 				}else{
 
 					echo json_encode($result, JSON_UNESCAPED_UNICODE);
 
 				}
 
-				
+
 
 			}else{
 
 				$this->result["ok"]=false;
 
 				$this->result["message"]="email_is_exist";
 
-				echo json_encode($this->result, JSON_UNESCAPED_UNICODE);				
+				echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
 			}
 
 		}
 
 		else{
 
@@ -171,7 +174,7 @@ class User extends Table
 
 			echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
 		}
 
 	}
 
-	
+
 
 
 
 	#发送密码重置邮件
 
@@ -189,7 +192,7 @@ class User extends Table
 
 				#send email
 
 				$resetLink="https://".$_SERVER['SERVER_NAME']."/app/ucenter/reset.php?token=".$resetToken;
 
 				$resetString="https://".$_SERVER['SERVER_NAME']."/app/ucenter/reset.php";
 
-		
+
 
 				// 打开文件并读取数据
 
 				$irow=0;
 
 				$strSubject = "";
 
@@ -198,9 +201,9 @@ class User extends Table
 
 					while(($data=fgets($fp))!==FALSE){
 
 						$irow++;
 
 						if($irow==1){
 
-							$strSubject = $data; 
+							$strSubject = $data;
 
 						}else{
 
-							$strBody .= $data; 
+							$strBody .= $data;
 
 						}
 
 					}
 
 					fclose($fp);
 
@@ -211,15 +214,15 @@ class User extends Table
 
 					echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
 					return;
 
 				}
 
-		
+
 
 				$strBody = str_replace("%ResetLink%",$resetLink,$strBody);
 
 				$strBody = str_replace("%ResetString%",$resetString,$strBody);
 
-		
+
 
 				//TODO sendmail
 
-		
+
 
 				//Create an instance; passing `true` enables exceptions
 
 				$mail = new PHPMailer(true);
 
-		
+
 
 				try {
 
 					//Server settings
 
 					$mail->SMTPDebug = SMTP::DEBUG_OFF;                      //Enable verbose debug output
 
@@ -235,13 +238,13 @@ class User extends Table
 
 					//Recipients
 
 					$mail->setFrom(Email["From"], Email["Sender"]);
 
 					$mail->addAddress($email);     //Add a recipient Name is optional
 
-		
+
 
 					//Content
 
 					$mail->isHTML(true);                                  //Set email format to HTML
 
 					$mail->Subject = $strSubject;
 
 					$mail->Body    = $strBody;
 
 					$mail->AltBody = $strBody;
 
-		
+
 
 					$mail->send();
 
 					#邮件发送成功,修改数据库
 
 					$this->_update(["reset_password_sent_at"=>Medoo::raw('datetime(<now>)')],["reset_password_sent_at"],["email"=>$email]);
 
@@ -285,7 +288,7 @@ class User extends Table
 
 				$ok = $this->_update(["reset_password_token"=>null,
 
 									  "reset_password_sent_at"=>null],
 
 									  null,
 
-									  ["username"=>$data["username"]]);	
+									  ["username"=>$data["username"]]);
 
 			}
 
 			echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
 		}else{
 
@@ -295,6 +298,47 @@ class User extends Table
 
 		}
 
 	}
 
 
+    public function signin(){
 
+        $isExist = $this->medoo->has($this->table,["username"=>$_REQUEST["username"],'password'=>md5($_REQUEST["password"])]);
 
+        if(!$isExist){
 
+            $isExist = $this->medoo->has($this->table,["email"=>$_REQUEST["username"],'password'=>md5($_REQUEST["password"])]);
 
+            if(!$isExist){
 
+                $this->result["ok"]=false;
 
+                $this->result["message"]="wrong username or password";
 
+                echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
+            }else{
 
+                $uid = $this->medoo->get( $this->table, 'userid', ["email"=>$_REQUEST["username"]] );
 
+            }
 
+        }else{
 
+            $uid = $this->medoo->get( $this->table, 'userid', ["username"=>$_REQUEST["username"]] );
 
+        }
 
+        //JWT
 
+
 
+        $key = APP_KEY;
 
+        $payload = [
 
+            'nbf' => time(),
 
+            'exp' => time()+60*60*24*365,
 
+            'uid' => $uid
 
+        ];
 
+        $jwt = JWT::encode($payload,$key,'HS512');
 
+        //End of JWT
 
+        // set cookie
 
+        if(empty($_SERVER["HTTPS"])){
 
+            //本地开发
 
+            setcookie("user_uid", $uid,["expires"=>$ExpTime,"path"=>"/","secure"=>false,"httponly"=>true]);
 
+//            setcookie("user_id", $Fetch[0]["id"], ["expires"=>$ExpTime,"path"=>"/","secure"=>false,"httponly"=>true]);
 
+            setcookie("token", $jwt, ["expires"=>$ExpTime,"path"=>"/","secure"=>false,"httponly"=>true]);
 
+        }else{
 
+            //服务器运行
 
+            setcookie("user_uid", $uid, ["expires"=>$ExpTime,"path"=>"/","secure"=>true,"httponly"=>true]);
 
+//            setcookie("user_id", $Fetch[0]["id"], ["expires"=>$ExpTime,"path"=>"/","secure"=>true,"httponly"=>true]);
 
+            setcookie("token", $jwt, ["expires"=>$ExpTime,"path"=>"/","secure"=>true,"httponly"=>true]);
 
+        }
 
+        $this->result["ok"]=true;
 
+        $this->result["data"]=['token'=>$jwt];
 
+        echo json_encode($this->result, JSON_UNESCAPED_UNICODE);
 
+    }
 
+
 
 	private function isValidPassword($password){
 
 		if(mb_strlen($password,"UTF-8")<6){
 
 			$this->result["ok"]=false;
 
@@ -344,7 +388,7 @@ class User extends Table
 
 		}
 
 		return true;
 
 	}
 
-	private function isValidEmail($email){	
+	private function isValidEmail($email){
 
 		$isValid = filter_var($email, FILTER_VALIDATE_EMAIL);
 
 		if($isValid===false){
 
 			$this->result["ok"]=false;
 
@@ -355,4 +399,4 @@ class User extends Table
 
 
 }
 
 
-?>
 
+?>

+ 40 - 13
public/app/ucenter/index.php
View File 

@@ -5,6 +5,11 @@ require_once "../public/_pdo.php";
 
 require_once "../public/function.php";
 
 require_once "../redis/function.php";
 
 
+// Require Composer's autoloader.
 
+require_once '../../vendor/autoload.php';
 
+
 
+use Firebase\JWT\JWT;
 
+use Firebase\JWT\Key;
 
 
 if (isset($_REQUEST["op"])) {
 
     $op = $_REQUEST["op"];
 
@@ -34,7 +39,7 @@ switch ($op) {
 
 		break;
 
     case "new":
 
 		$host = $_SERVER['HTTP_HOST'];
 
-		//if (strpos($host, "wikipali.org") !== false) 
+		//if (strpos($host, "wikipali.org") !== false)
 
 		{
 
 			if(isset($_REQUEST["invite"])){
 
 				$redis = redis_connect();
 
@@ -50,7 +55,7 @@ switch ($op) {
 
 				$invite_email = $redis->get("invitecode://".$_REQUEST["invite"]);
 
 			}else{
 
 				echo "无邀请码";
 
-				exit;	
+				exit;
 
 			}
 
 		}
 
 		break;
 
@@ -90,7 +95,7 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
 
 		if ($iFetch > 0) { //username is existed
 
 			$error_email = $_local->gui->email . "已经存在";
 
 			$post_error = true;
 
-		} 
+		}
 
 	}
 
     if (empty($post_password)) {
 
         $error_password = $_local->gui->password . $_local->gui->cannot_empty;
 
@@ -110,7 +115,7 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
 
     if (!$post_error) {
 
         $md5_password = md5($post_password);
 
         $new_userid = UUID::v4();
 
- 
+
 
 				$query = "INSERT INTO user ('id','userid','username','password','nickname','email') VALUES (NULL," . $PDO->quote($new_userid) . "," . $PDO->quote($post_username) . "," . $PDO->quote($md5_password) . "," . $PDO->quote($post_nickname) . "," . $PDO->quote($post_email) . ")";
 
 				$stmt = @PDO_Execute($query);
 
 				if (!$stmt || ($stmt && $stmt->errorCode() != 0)) {
 
@@ -121,7 +126,7 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
 
 					$op = "login";
 
 					unset($_POST["username"]);
 
 					//TODO create channel
 
-					
+
 
 					//TODO create studio
 
 				}
 
 
@@ -135,24 +140,38 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
 
             $_post_error = $_local->gui->account . $_local->gui->account_existed;
 
         } else if (isset($_POST["password"])) {
 
             $md5_password = md5($_POST["password"]);
 
-            PDO_Connect("" . _FILE_DB_USERINFO_);
 
+            PDO_Connect(_FILE_DB_USERINFO_);
 
             $query = "select * from user where (\"username\"=" . $PDO->quote($_POST["username"]) . " or \"email\"=" . $PDO->quote($_POST["username"]) . " ) and \"password\"=" . $PDO->quote($md5_password);
 
             $Fetch = PDO_FetchAll($query);
 
             $iFetch = count($Fetch);
 
-            if ($iFetch > 0) { 
-				//username is exite
 
+            if ($iFetch > 0) {
 
+				//验证成功
 
                 $uid = $Fetch[0]["id"];
 
                 $username = $Fetch[0]["username"];
 
                 $user_uuid = $Fetch[0]["userid"];
 
                 $nickname = $Fetch[0]["nickname"];
 
                 $email = $Fetch[0]["email"];
 
 				$ExpTime = time() + 60 * 60 * 24 * 365;
 
+                //JWT
 
+                $key = APP_KEY;
 
+                $payload = [
 
+                    'nbf' => time(),
 
+                    'exp' => $ExpTime,
 
+                    'uid' => $user_uuid
 
+                ];
 
+                $jwt = JWT::encode($payload,$key,'HS512');
 
+                //End of JWT
 
+                // set cookie
 
 				if(empty($_SERVER["HTTPS"])){
 
+                    //本地开发
 
 					setcookie("user_uid", $user_uuid,["expires"=>$ExpTime,"path"=>"/","secure"=>false,"httponly"=>true]);
 
 					setcookie("user_id", $Fetch[0]["id"], ["expires"=>$ExpTime,"path"=>"/","secure"=>false,"httponly"=>true]);
 
+					setcookie("token", $jwt, ["expires"=>$ExpTime,"path"=>"/","secure"=>false,"httponly"=>true]);
 
 				}else{
 
+                    //服务器运行
 
 					setcookie("user_uid", $user_uuid, ["expires"=>$ExpTime,"path"=>"/","secure"=>true,"httponly"=>true]);
 
 					setcookie("user_id", $Fetch[0]["id"], ["expires"=>$ExpTime,"path"=>"/","secure"=>true,"httponly"=>true]);
 
+					setcookie("token", $jwt, ["expires"=>$ExpTime,"path"=>"/","secure"=>true,"httponly"=>true]);
 
 				}
 
 				#给js用的
 
 				setcookie("uid", $uid, time()+60*60*24*365,"/");
 
@@ -161,6 +180,8 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
 
 				setcookie("nickname", $nickname, time()+60*60*24*365,"/");
 
 				setcookie("email", $email, time()+60*60*24*365,"/");
 
 
+
 
+
 
                 if (isset($_POST["url"])) {
 
                     $goto_url = $_POST["url"];
 
                 }
 
@@ -184,6 +205,9 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
 
                 }
 
             ?>
 
 		<meta http-equiv="refresh" content="0,<?php echo $goto; ?>"/>
 
+        <script>
 
+            localStorage.setItem('token',"<?php echo $jwt; ?>");
 
+        </script>
 
 	</head>
 
 
 	<body>
 
@@ -191,6 +215,7 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
 
 		<br>
 
 		<br>
 
 		<p align="center"><a href="../studio/index.php">Auto Redirecting to Homepage! IF NOT WORKING, CLICK HERE</a></p>
 
+
 
     </body>
 
 </html>
 
 <?php
 
@@ -374,6 +399,7 @@ if (isset($message_comm)) {
 
     echo '</div>';
 
 }
 
 if ($op == "new") {
 
+    //新建账号
 
     ?>
 
 			<div class="title">
 
 			<?php echo $_local->gui->join_wikipali; ?>
 
@@ -488,8 +514,9 @@ if (isset($_POST["username"]) && $_username_ok == true) {
 
     ?>
 
 			</div>
 
 			<div class="login_new">
 
-			<?php
 
-if (isset($_POST["username"]) && $_username_ok == true) {
 
+<?php
 
+    if (isset($_POST["username"]) && $_username_ok == true) {
 
+        //已经输入用户名
 
         echo '<a href="index.php?language=' . $currLanguage . '">切换账户</a>';
 
     } else {
 
         echo '<span class="form_help">' . $_local->gui->new_to_wikipali . ' ?</span><a href="index.php?language=' . $currLanguage . '&op=new">&nbsp;&nbsp;&nbsp;&nbsp;' . $_local->gui->create_account . '</a>';
 
@@ -500,8 +527,8 @@ if (isset($_POST["username"]) && $_username_ok == true) {
 
 			<div class="login_form" style="padding: 3em 0 3em 0;">
 
 			<form action="index.php" method="post">
 
 				<div>
 
-				<?php
 
-if (isset($goto_url)) {
 
+<?php
 
+    if (isset($goto_url)) {
 
         echo "<input type=\"hidden\" name=\"url\" value=\"{$goto_url}\"  />";
 
     } else if (isset($_POST["url"])) {
 
         echo "<input type=\"hidden\" name=\"url\" value=\"{$_POST["url"]}\"  />";
 
@@ -561,4 +588,4 @@ if (isset($goto_url)) {
 
 	login_init();
 
 	</script>
 
 	</body>
 
-</html>
 
+</html>