class GmOauth_Action extends Typecho_Widget implements Widget_Interface_Do
{
public function action(){
}
public function GmOauth(){
$this->ref();
$site = $_GET['site'];
if($site){
$plugin = Typecho_Widget::widget('Widget_Options')->plugin('GmOauth');
if($plugin->$site){
$this->response->redirect('https://auth.gmit.vip/'.$_GET['site'].'?redirectUrl='.Typecho_Common::url('GmOauth/Callback', Helper::options()->index));
}else{
throw new Typecho_Exception(_t('未开通此第三方登陆'));
}
}
}
public function GmOauthBind(){
$code = $_GET['code'];
if($code){
$db = Typecho_Db::get();
Typecho_Widget::widget('Widget_User')->to($user);
Typecho_Widget::widget('Widget_Options')->to($options);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'https://auth.gmit.vip/api/info');
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
'code' => $code
]);
$info = curl_exec($curl);
curl_close($curl);
$info = json_decode($info,true);
if($info['code'] == 1){
$query = $db->select()->from('table.gm_oauth')->where('openid = ?',$info['data']['openid']);
$IsUser = $db->fetchAll($query);
if(count($IsUser)){
echo '';
}else{
$addGm = array(
'uid'=> $user->uid,
'app'=> $info['data']['app'],
'openid' => $info['data']['openid'],
'time' => time(),
);
$insert = $db->insert('table.gm_oauth')->rows($addGm);
$insertId = $db->query($insert);
if($insertId){
echo '';
}else{
echo '';
}
}
}else{
echo '';
}
}else{
echo '';
}
}
public function GmOauthCallback(){
$db = Typecho_Db::get();
$code = @$_GET['code'];
if($code){
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'https://auth.gmit.vip/api/info');
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
'code' => $code,
]);
$info = curl_exec($curl);
curl_close($curl);
$info = json_decode(trim($info,chr(239).chr(187).chr(191)),true);
if(@$info['code'] == 1){
$query = $db->select()->from('table.gm_oauth')->where('openid = ?',$info['data']['openid']);
$IsUser = $db->fetchAll($query);
if(count($IsUser)){
$this->SetLogin($IsUser[0]['uid']);
$this->Ok();
}else{
$hasher = new PasswordHash(8, true);
$UserName = $this->UserName();
$data = array(
'name' => $UserName,
'screenName' => $info['data']['name'],
'password' => $hasher->HashPassword($UserName),
'created' => time(),
'group' => 'subscriber'
);
$add = Typecho_Widget::widget('Widget_Abstract_Users')->insert($data);
$addGm = array(
'uid'=> $add,
'app'=> $info['data']['app'],
'openid' => $info['data']['openid'],
'time' => time(),
);
if($add){
$insert = $db->insert('table.gm_oauth')->rows($addGm);
$insertId = $db->query($insert);
if($insertId){
$this->SetLogin($add);
$this->Ok();
}else{
throw new Typecho_Exception(_t('内部错误'));
exit();
}
}else{
throw new Typecho_Exception(_t('内部错误'));
exit();
}
}
}else{
throw new Typecho_Exception(_t($data['msg']));
exit();
}
}else {
throw new Typecho_Exception(_t('回调代码错误!'));
exit();
}
}
private function UserName(){
$chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
$UserName = "";
for ( $i = 0; $i < 6; $i++ ){
$UserName .= @$chars[mt_rand(0, strlen($chars))];
}
return strtoupper(base_convert(time() - 1420070400, 10, 36)).$UserName;
}
//设置登录
protected function SetLogin($uid, $expire = 30243600) {
$db = Typecho_Db::get();
Typecho_Widget::widget('Widget_User')->simpleLogin($uid);
$authCode = function_exists('openssl_random_pseudo_bytes') ?
bin2hex(openssl_random_pseudo_bytes(16)) : sha1(Typecho_Common::randString(20));
Typecho_Cookie::set('__typecho_uid', $uid, time() + $expire);
Typecho_Cookie::set('__typecho_authCode', Typecho_Common::hash($authCode), time() + $expire);
//更新最后登录时间以及验证码
$db->query($db->update('table.users')->expression('logged', 'activated')->rows(array('authCode' => $authCode))->where('uid = ?', $uid));
}
//验证授权来源
protected function ref(){
session_start();
if(empty($_SERVER['HTTP_REFERER'])){
//throw new Typecho_Exception(_t('来源验证失败!非法请求'));
$_SESSION['ref'] = "//".$_SERVER['HTTP_HOST'];
}else{
$_SESSION['ref'] = $_SERVER['HTTP_REFERER'];
}
}
//返回回调地址
protected function cbref(){
session_start();
if(empty($_SESSION['ref'])){
return '//'.$_SERVER['HTTP_HOST'].'/';
}else{
return $_SESSION['ref'];
}
}
protected function Ok(){
$this->response->redirect($this->cbref());
echo '
登陆成功,请您稍候…授权成功,正在加载…
setTimeout(function(){
window.location.href="'.$this->cbref().'";
}, 1000);
';
}
}
一键复制
编辑
Web IDE
原始数据
按行查看
历史