客户端单点实现
(需求是存在验证,不存在插入)
一、首先找到客户端登录的位置,如下:
owncloud\lib\private\connector\sabre\auth.php中的53行,validateUserPass方法,修改为
protected function validateUserPass($username, $password) { if (OC_User::isLoggedIn() && $this->isDavAuthenticated(OC_User::getUser()) ) { OC_Util::setupFS(OC_User::getUser()); \OC::$server->getSession()->close(); return true; } else { OC_Util::setUpFS(); //login hooks may need early access to the filesystem //$displayname=$username; //查询用户id $query = OC_DB::prepare('SELECT `uid` FROM `*PREFIX*users` WHERE LOWER(`displayname`) = LOWER(?)'); $result = $query->execute(array($username)); $row = $result->fetchRow();
//如果存在用户,则请求远端的restful借口验证 if($row){ $uid=$row['uid']; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, 'http://******/uic/rest/v1/users/check/account_passwd?account='.$uid.'&password='.$password); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $re = curl_exec($curl); curl_close($curl); $arr=json_decode($re,true); //var_dump($arr->result);die; //file_put_contents("d:/2.txt",$arr['result'].OC_User::login($uid)); if($arr['result']&& OC_User::login($uid)) { // make sure we use owncloud's internal username here // and not the HTTP auth supplied one, see issue #14048 $ocUser = OC_User::getUser(); OC_Util::setUpFS($ocUser); \OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $ocUser); \OC::$server->getSession()->close(); return true; } else { \OC::$server->getSession()->close(); return false; } }else{
//如果没有登录走到这里去到本地登录,在之后进行用户插入 if( OC_User::login($username,$password)) { // make sure we use owncloud's internal username here // and not the HTTP auth supplied one, see issue #14048 $ocUser = OC_User::getUser(); OC_Util::setUpFS($ocUser); \OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $ocUser); \OC::$server->getSession()->close(); return true; } else { \OC::$server->getSession()->close(); return false; } return false; } //file_put_contents("d:/1.txt",$row.$uid.'http://******/uic/rest/v1/users/check/account_passwd?account='.$uid.'&password='.$password); } }二、修改本地数据库验证方法:
owncloud\lib\private\user\database.php中的158行,checkPassword方法,修改为:
public function checkPassword($uid, $password) {
//查询数据库是否有当前用户 $query = OC_DB::prepare('SELECT `uid`, `password` FROM `*PREFIX*users` WHERE LOWER(`displayname`) = LOWER(?)'); $result = $query->execute(array($uid)); $row = $result->fetchRow(); if ($row) {
//存在则返回uid /*$storedHash = $row['password']; $newHash = ''; if(\OC::$server->getHasher()->verify($password, $storedHash, $newHash)) { if(!empty($newHash)) { $this->setPassword($uid, $password); }*/ return $row['uid']; //} }else{
//不存在这个用户则开始插入用户过程
//如果存在本地web验证的CAS信息,则说明是web请求 if($_SESSION['phpCAS']) { $uid = $_SESSION['phpCAS']['attributes']['loginid']; $displayname = $_SESSION['phpCAS']['attributes']['nickname']; if ($displayname == "") { $displayname = $_SESSION['phpCAS']['attributes']['email']; if ($displayname == "") { $displayname = $_SESSION['phpCAS']['attributes']['cellphone']; } } $query = OC_DB::prepare('INSERT INTO `*PREFIX*users` VALUES(?,?,?)'); $result = $query->execute(array($uid, $displayname, '')); if ($result) { return $uid; } }else{
//如果不存在本地session的CAS认证信息,则说明是客户端请求 $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, 'http://*******/uic/rest/v1/users/check/account_passwd_return_loginid?account='.$uid.'&password='.$password); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $re = curl_exec($curl); curl_close($curl); $arr=json_decode($re,true); $query = OC_DB::prepare('INSERT INTO `*PREFIX*users` VALUES(?,?,?)'); //file_put_contents("d:/1.txt",$uid.$password.$arr); $result = $query->execute(array($arr['loginid'], $uid, '')); if ($result) { return $uid; } return false; } } return false; }以上。