guanli
/
aklast


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225
							<?php
namespace frontendApi\modules\v1\models;

use common\components\Model;
use common\helpers\Cache;
use common\helpers\Date;
use common\libs\IpFilter;
use common\libs\LoginIpChecker;
use common\models\UserInfo;
use Yii;
use yii\base\Exception;
use yii\captcha\Captcha;
use common\libs\logging\login\UserLogin as UserLoginLogger;

/**
 * Login form
 */
class LoginForm extends Model
{
    public $userName;
    public $password;
    public $verifyCode;
    public $rememberMe = true;

    private $_user;
    private $_userInfo;

    const ERROR_IS_MODIFY_PASSWORD = 'ERROR_IS_MODIFY_PASSWORD';

    const FRONTEND_LOGIN_FAIL_TIMES = 'frontend:loginFail:times_%s';


    /**
     * {@inheritdoc}
     */
    public function rules()
    {
        return [
            // username and password are both required
            [['userName', 'password'], 'required', 'on'=>['login', 'loginVerify']],
            [['verifyCode'], 'required', 'on'=>['loginVerify']],
            // rememberMe must be a boolean value
            ['rememberMe', 'boolean'],
            // password is validated by validatePassword()
            ['password', 'validatePassword'],
            ['verifyCode', 'captcha', 'captchaAction'=>'/v1/site/captcha', 'on'=>['loginVerify']],
        ];
    }

    /**
     * Validates the password.
     * This method serves as the inline validation for password.
     *
     * @param string $attribute the attribute currently being validated
     * @param array $params the additional name-value pairs given in the rule
     */
    public function validatePassword($attribute, $params)
    {
        if (!$this->hasErrors()) {
            $user = $this->getUser();
            if(!$user){
                $this->addError($attribute, '用户名或密码错误');
            } else {

//                $userInfo = UserInfo::findOneAsArray('USER_ID=:USER_ID', [':USER_ID'=>$user['ID']]);
//                if($userInfo['CLOSE_LOGIN'] == 1){
//                    $this->addError($attribute, '会员已被禁止登录');
//                    return ;
//                }
            }
        }
    }

    /**
     * 更新失败次数
     * @param $transaction
     * @param $returnResult
     * @throws \Exception
     */
    private function _updateFailTimes($transaction,$returnResult){
        UserInfo::updateAllCounters([
            'FAIL_NUMS' => 1,
        ], 'USER_NAME=:USER_NAME', ['USER_NAME' => $this->userName]);
        $transaction->commit();

        $cacheKey = sprintf(self::FRONTEND_LOGIN_FAIL_TIMES, $this->userName);
        Yii::$app->tokenRedis->incr($cacheKey);

        if(isset($this->_user)){
            UserLoginLogger::fail($this->_userInfo,$returnResult);
        }
    }

    /**
     * 更新成功次数
     */
    private function _updateSuccessTimes(){
        $cacheKey = sprintf(self::FRONTEND_LOGIN_FAIL_TIMES, $this->userName);
        Yii::$app->tokenRedis->del($cacheKey);

        UserInfo::updateAllCounters([
            'LOGIN_NUMS' => 1,
        ], 'USER_NAME=:USER_NAME', ['USER_NAME' => $this->userName]);
    }

    /**
     * 登录
     * @return array|bool
     * @throws \yii\base\Exception
     * @throws \yii\db\Exception
     */
    public function login(){
        if(!$this->validate()){
            return false;
        }
        // 判断是否关闭了站点 
        $systemConfig = Cache::getSystemConfig();
        if ($systemConfig['siteClose']['VALUE']) {
            $siteCloseInfo = $systemConfig['siteCloseInfo']['VALUE'];
            throw new Exception($siteCloseInfo);
        }
        $transaction = \Yii::$app->db->beginTransaction();

        $result = false;
        try{
            // 验证IP
            $loginIp = $_SERVER['REMOTE_ADDR'];
            if (\Yii::$app->redis->get('member_ip_filter') && !(new IpFilter())->checkIp('member', true)) {
                $this->_updateFailTimes($transaction, '登陆IP异常，无法登陆. ' . $loginIp);
                throw new Exception('用户名或密码错误');
            }
            $this->getUser();

            if(!$this->_user){
                throw new Exception('账号不存在');
            }

            if (!$this->_user->validatePassword($this->password)) {
                $this->_updateFailTimes($transaction,'用户名或密码错误');
                throw new Exception('用户名或密码错误');
            }
            // 找到会员的基本信息来判断其是否可登录
            if(!$this->_user['ALLOW_LOGIN']){
                $this->_updateFailTimes($transaction,'会员编号异常');
                throw new Exception('会员编号异常');
            }
            if($this->_user['STATUS'] == Yii::$app->params['userStatus'][0]['value']){
                $this->_updateFailTimes($transaction,'会员未激活');
                throw new Exception('会员未激活');
            } elseif($this->_user['STATUS'] == Yii::$app->params['userStatus'][2]['value']){
                $this->_updateFailTimes($transaction,'会员已被注销');
                throw new Exception('会员已被注销');
            } elseif($this->_user['STATUS'] == Yii::$app->params['userStatus'][3]['value']){
                $this->_updateFailTimes($transaction,'会员已被列入黑名单');
                throw new Exception('会员已被列入黑名单');
            } elseif($this->_user['STATUS'] == Yii::$app->params['userStatus'][9]['value']){
                $this->_updateFailTimes($transaction,'会员已被永久关停');
                throw new Exception('会员已被永久关停');
            } elseif($this->_user['PART_FUNC_CLOSED'] == 1){
                $this->_updateFailTimes($transaction,'会员部分功能关闭，无法登录');
                throw new Exception('会员部分功能关闭，无法登录');
            } elseif($this->_user['IS_MODIFY_PASSWORD'] == 1){
                throw new Exception(self::ERROR_IS_MODIFY_PASSWORD);
            }
            //验证IP
            /*$bindIp = trim($this->_user['BIND_IP']);
            if(!empty($bindIp) && !(new LoginIpChecker(Yii::$app->request->getUserIP(), $bindIp))->validate()){
                $this->_updateFailTimes($transaction,'登录IP与此账号绑定的IP不符');
                throw new Exception('登录IP与此账号绑定的IP不符'.$bindIp);
            }*/

            //更新clientid
            $clientId = Yii::$app->request->post('clientid');
            if( $clientId ) {
                $update = [
                    'BONUS_APP_CLIENT_ID' => $clientId,
                ];
                if (!User::updateAll($update, 'ID=:ID', ['ID' => $this->_user['ID']])) {
                    $this->_updateFailTimes($transaction, '会员APP设备信息更新失败');
                    throw new Exception('会员APP设备信息更新失败');
                }
            }


            $this->_updateSuccessTimes();
            $transaction->commit();

            UserLoginLogger::success($this->_userInfo);

            // 把用户的登录时间存在操作时间里
            Yii::$app->tokenRedis->hset('user:timeOut', $this->_userInfo['USER_ID'], time());
            $result = Yii::$app->user->loginWithUAndP($this->_user);

        }catch(\Exception $e){
            $transaction->rollBack();
            $this->setError($e->getMessage());
            //AdminLoginLogger::fail($this->_user, $e->getMessage());
        }

        return $result;
    }

    /**
     * Finds user by [[username]]
     *
     * @return User|null
     */
    public function getUser() {
        if ($this->_user === null) {
            $this->_user = User::findByUsername($this->userName);
            $this->_userInfo = UserInfo::findOne(['USER_NAME' =>$this->userName]);
        }
        return $this->_user;
    }

    /**
     * 登录是否需要验证
     * @return bool
     */
    public function isLoginVerify() {
        $cacheKey = sprintf(self::FRONTEND_LOGIN_FAIL_TIMES, $this->userName);
        $times = Yii::$app->tokenRedis->get($cacheKey);
        return $times && $times >= 3;
    }
}