RBAC details 3 logon verification in thinkphp tutorial

Provides various official and user-released code examples. For code reference, you are welcome to learn how to log on to some instances for verification.
I have already discussed the RBAC process in the previous section. This time, I will analyze it using actual code. First of all, in the logon section, login is nothing more than verifying whether the user name and password and the verification code are correct. We can create a public class of CommonAction to verify permissions, and all other classes inherit this class. This class writes an internal Initialization Method for verification. To continue, because logon is a public module method, you can create a PublicAction class for public authentication-free methods and add it to the configuration file. 'Not _ AUTH_MODULE '=> 'public', // no authentication required by default.
'User _ AUTH_GATEWAY '=>'/Public/login', // Default Authentication GatewayThen write the Public class. The Code is as follows: Class PublicAction extends CommonAction {

// Display the verification code
Public function verify (){
Import ("ORG. Util. Image ");
Image: buildImageVerify (, "png", "verify ");
}
// Verify the account and password
Function checklogin (){
// Here, you can change it to Model for automatic verification.
If (empty ($ _ POST ['username']) {
$ This-> error ('account error! ');
} Elseif (empty ($ _ POST ['Password']) {
$ This-> error ('password is required! ');
} Elseif (empty ($ _ POST ['verify ']) {
$ This-> error ('verification code is required! ');
}
$ Map = array ();
$ Map ['username'] =_ _ POST ['username'];
$ Map ['status'] = array ('gt ', 0 );
If ($ _ SESSION ['verify ']! = Md5 ($ _ POST ['verify ']) {
$ This-> error ('verification code error! ');
}

Import ('org. Util. RBAC ');
// C ('user _ AUTH_MODEL ', 'user ');
// Verify the account password
$ AuthInfo = RBAC: authenticate ($ map );

If (empty ($ authInfo )){
$ This-> error ('account does not exist or is disabled! ');
} Else {
If ($ authInfo ['Password']! = Md5 ($ _ POST ['Password']) {
$ This-> error ('account Password error! ');
} Else {

$ _ SESSION [C ('user _ AUTH_KEY ')] = $ authInfo ['id']; // record the authentication tag, which must exist. Use other information as needed.
$ _ SESSION ['email '] = $ authInfo ['email'];
$ _ SESSION ['nickname'] = $ authInfo ['nickname'];
$ _ SESSION ['user'] = $ authInfo ['username'];
$ _ SESSION ['last _ login_date '] = $ authInfo ['last _ login_date'];
$ _ SESSION ['last _ login_ip '] = $ authInfo ['last _ login_ip'];
// Determine whether the account is a super Administrator
If ($ authInfo ['username'] = 'admin '){
$ _ SESSION [C ('admin _ AUTH_KEY ')] = true;
}
// The following operations record the logon information:
$ User = M ('user ');
$ Lastdate = date ('Y-m-d H: I: s ');
$ Data = array ();
$ Data ['id'] = $ authInfo ['id'];
$ Data ['last _ login_date '] = $ lastdate;
$ Data ['last _ login_ip '] = $ _ SERVER ["REMOTE_ADDR"];
$ User-> save ($ data );
RBAC: saveAccessList (); // method used to detect user permissions and save it to Session
$ This-> assign ('jumpurl',. '/Index/Index ');
$ This-> success ('login successful! ');
}
}
}
// Log out
Function logout (){
If (! Empty ($ _ SESSION [C ('user _ AUTH_KEY ')]) {
Unset ($ _ SESSION [C ('user _ AUTH_KEY ')]);
$ _ SESSION = array ();
Session_destroy ();
$ This-> assign ('jumpurl',/Code. '/login ');
$ This-> success ('logout successful ');
} Else {
$ This-> error ('logged out ');
}
}


}The above Code only implements functions without optimization. Some verification operations can be placed in the model, and the session does not need to be assigned a value. Just use an array, I think I should be able to change it myself.

AD: truly free, domain name + VM + enterprise mailbox = 0 RMB