恒富网

//注册用户
    public function register(){
        // $userID = 'admin3';
        // $userPwd = '123456';
        // $userTel = '111';
        $userID = isset($_POST['name']) ? $_POST['name'] : '';
        $userPwd = isset($_POST['password']) ? md5($_POST['password']) : '';
        $userTel = isset($_POST['tel']) ? $_POST['tel']:'';
        if(!empty($userID)&&!empty($userPwd)&&!empty($userTel)){
            $sql = "select count(id) as num from userInfo where userTel='{$userTel}' or userID='{$userID}'";
            $num = $this->db->fetchRow($sql);
            //根据不同的返回结果，对其进行相应的响应
            if ($num['num']==0) {
                $sql = "insert into userInfo (userID,userPwd,userTel) values ('{$userID}','{$userPwd}','{$userTel}')";
                // var_dump($sql);die;
                $data = $this->db->query($sql);
                if(!empty($data)){
                    Response::json(200,"注册成功",$data);
                }else if(empty($data)){
                    Response::json(404,"记录不存在");
                }else if($data==false){
                    Response::json(406,"读取数据失败");
                }else{
                    Response::json(500,"服务器发生错误");
                }
            }else{
                Response::json(400,"用户名或手机号重复",$num);
            }
        }else{
            Response::json(406,"读取数据失败");
        }
    }
 
 
 
//用户登陆时把token插入数据库的代码
 
    public function login(){
        // $_POST['userID']='admin1';
        // $_POST['userPwd']='123456';
        if(empty($_POST['userID']) || empty($_POST['userPwd'])){
            Response::show(400,'请输入账号和密码');
            exit;
        }
        $userID=$_POST['userID'];
        $userPwd=$_POST['userPwd'];
        $userPwd=md5($userPwd);
        $token = $this->setToken();
        $time_out = strtotime("+7 days");
     $data=$this->db->fetchRow("select userID,userName,userTel,url from userinfo where userID='{$userID}' and userPwd='{$userPwd}'");
        if(empty($data)){
            Response::show(404,'账号或密码输入错误');
            exit;
        }
 
      $rst2=$this->db->query("update userinfo set token='{$token}',time_out='{$time_out}' where userID='{$userID}'");
 
        $cnt = $rst2->rowCount();
        $data['token']=$token;
         // var_dump($data);die;
        //根据不同的返回结果，对其进行相应的响应
        if ($cnt >= 1) {
            Response::json(201,"登录成功",$data);
        }else if ($rst2 == false) {
            Response::json(407,"登录失败");
        } else {
            Response::json(500,"未知错误");
        }
    }
 
    //生成token方法代码
    public static function setToken()
    {
        $str = md5(uniqid(md5(microtime(true)),true));  //生成一个不会重复的字符串
        $str = sha1($str);  //SHA1加密
        return $str;
    }
 
 
    //每个接口都必须调用的token验证
    public function checkToken(){
        // $_POST['token'] = '1a2b7e9d7ed0a61f339f3ad1a63560c3c48a19f8';
        if(empty($_POST['token'])){
            Response::show(400,'请求出错');
            exit;
        }
        $token = $_POST['token'];
        // $token ='6f329eac42ffbaaee01cc110ddf98bbe27a5b26e';
        $tokencheck = $this->checkTokensFct($token);
        if ($tokencheck == 90001){
            // return 1;
            Response::json(402,"用户得到权限");
        }else{
            // return 0;
            Response::json(401,"用户没有权限");
        }
 
    }
 
    //token验证方法
    public function checkTokensFct($token)
    {
        $res = $this->db->fetchRow("select time_out from userinfo where token='{$token}'");
        if (!empty($res)){
            if (time() - $res['time_out'] > 0) {
                return 90003;  //token长时间未使用而过期，需重新登陆
            }
 
            $new_time_out = time() + 604800;//604800是七天
            if ($this->db->query("update userinfo set time_out='{$new_time_out}' where token='{$token}'")){
                return 90001;  //token验证成功，time_out刷新成功，可以获取接口信息
            }
        }else{
            return 90002;  //token错误验证失败
        }
 
    }