SAM2O2O
diff --git a/‎src/config.sample.php‎
Lines changed: 3 additions & 2 deletions b/‎src/config.sample.php‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎src/controller/Api/Group/Api_Group_InvitableFriendsController.php‎
Lines changed: 4 additions & 4 deletions b/‎src/controller/Api/Group/Api_Group_InvitableFriendsController.php‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/controller/Api/Passport/Api_Passport_PasswordFindPasswordController.php‎
Lines changed: 0 additions & 1 deletion b/‎src/controller/Api/Passport/Api_Passport_PasswordFindPasswordController.php‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎src/controller/Api/Passport/Api_Passport_PasswordResetPasswordController.php‎
Lines changed: 0 additions & 7 deletions b/‎src/controller/Api/Passport/Api_Passport_PasswordResetPasswordController.php‎
Lines changed: 0 additions & 7 deletions
diff --git a/‎src/controller/Api/Plugin/Api_Plugin_ListController.php‎
Lines changed: 1 addition & 0 deletions b/‎src/controller/Api/Plugin/Api_Plugin_ListController.php‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/controller/Api/Site/Api_Site_ConfigController.php‎
Lines changed: 1 addition & 1 deletion b/‎src/controller/Api/Site/Api_Site_ConfigController.php‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/controller/BaseController.php‎
Lines changed: 1 addition & 7 deletions b/‎src/controller/BaseController.php‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎src/controller/Duckchat/Duckchat_MiniProgramController.php‎
Lines changed: 46 additions & 7 deletions b/‎src/controller/Duckchat/Duckchat_MiniProgramController.php‎
Lines changed: 46 additions & 7 deletions
diff --git a/‎src/controller/Duckchat/Session/Duckchat_Session_ClearController.php‎
Lines changed: 57 additions & 0 deletions b/‎src/controller/Duckchat/Session/Duckchat_Session_ClearController.php‎
Lines changed: 57 additions & 0 deletions
diff --git a/‎src/controller/Duckchat/Session/Duckchat_Session_ProfileController.php‎
Lines changed: 2 additions & 2 deletions b/‎src/controller/Duckchat/Session/Duckchat_Session_ProfileController.php‎
Lines changed: 2 additions & 2 deletions
@@ -15,9 +15,10 @@
      'apiPageWidget' => './index.php?action=page.widget',
      'apiPageSiteInit' => "./index.php?action=installDB",
      'apiSiteLogin' => './index.php?action=api.site.login&body_format=pb',
-     'session_verify_100' => 'http://open.akaxin.com:5208/index.php?action=api.session.verify&body_format=pb',
-     'session_verify_105' => 'http://127.0.0.1:5207/index.php?action=api.session.verify&body_format=pb',
+     'session_verify_101' => 'http://open.akaxin.com:5208/index.php?action=api.session.verify&body_format=pb',
+     'session_verify_102' => 'http://127.0.0.1/index.php?action=api.session.verify&body_format=pb',
      "siteAddress" => '',
+     'passport_cookie_name' => "duckchat_passport_cookie",
      'mail' =>
          array (
              'host' => 'smtp.126.com',
 
@@ -48,7 +48,7 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf
                 throw new Exception($errorInfo);
             }
 
-            $results = $this->getInvitableFriendsFromDB($groupId, $offset, $pageSize);
+            $results = $this->getInvitableFriendsFromDB($this->userId, $groupId, $offset, $pageSize);
             $userCount = $this->getUserCount($groupId);
 
             $response = $this->buildGroupInvitableFriendsResponse($results, $userCount);
@@ -63,10 +63,10 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf
 
     }
 
-    ///TODO 理论上 加群的时候，不会返回已经在群里的人
-    private function getInvitableFriendsFromDB($groupId, $offset, $pageSize)
+
+    private function getInvitableFriendsFromDB($userId, $groupId, $offset, $pageSize)
     {
-        $result = $this->ctx->SiteUserTable->getUserListNotInGroup($groupId, $offset, $pageSize);
+        $result = $this->ctx->SiteUserFriendTable->getUserFriendListNotInGroup($userId, $groupId, $offset, $pageSize);
         return $result;
     }
 
 
@@ -58,7 +58,6 @@ private function sendEmail($loginName)
             $this->ctx->PassportPasswordTokenTable->insertCodeInfo($codeInfo);
             $this->ctx->ZalyMail->sendEmail($toEmail, $token, $sendSiteName);
         }catch (Exception $ex) {
-            $this->ctx->Wpf_Logger->error($tag, "error_msg=" . $ex->getMessage());
             $where = [
                 "loginName" => $user['loginName']
             ];
 
@@ -39,18 +39,11 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf
 
     private function  checkToken($loginName, $token)
     {
-        $tag = __CLASS__ . '-' . __FUNCTION__;
-
         $codeInfo = $this->ctx->PassportPasswordTokenTable->getCodeInfoByLoginName($loginName);
         $time = ZalyHelper::getMsectime();
         $tokenTime  = $codeInfo['timeReg'];
         $timeExpire =  $time - $tokenTime;
 
-        $this->ctx->Wpf_Logger->info($tag, "code info  =" .json_encode($codeInfo));
-
-        $this->ctx->Wpf_Logger->info($tag, " tokenTime=" . $tokenTime);
-        $this->ctx->Wpf_Logger->info($tag, "now time =" .$time);
-        $this->ctx->Wpf_Logger->info($tag, "time expire =" . $timeExpire);
         if(!$codeInfo || $token != $codeInfo['token'] || ($timeExpire > $this->tokenExipreTime)) {
             $errorCode = $this->zalyError->errorVerifyToken;
             $errorInfo = $this->zalyError->getErrorInfo($errorCode);
 
@@ -49,6 +49,7 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf
                 case Zaly\Proto\Core\PluginUsageType::PluginUsageU2Message:
                 case Zaly\Proto\Core\PluginUsageType::PluginUsageTmpMessage:
                 case Zaly\Proto\Core\PluginUsageType::PluginUsageGroupMessage:
+                case \Zaly\Proto\Core\PluginUsageType::PluginUsageAccountSafe:
                     break;
                 case Zaly\Proto\Core\PluginUsageType::PluginUsageLogin:
                 default:
 
@@ -30,7 +30,6 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf
         $tag = __CLASS__ . '-' . __FUNCTION__;
 
         try {
-
             $requestHeader = $transportData->getHeader();
             $hostUrl = $requestHeader[TransportDataHeaderKey::HeaderHostUrl];
 
@@ -217,6 +216,7 @@ private function buildSiteConfigResponse($host, $port, $configData, $isValid, $r
             $config->setEnableRealName($configData[SiteConfig::SITE_ENABLE_REAL_NAME]);
             $config->setEnableWidgetWeb($configData[SiteConfig::SITE_ENABLE_WEB_WIDGET]);
             $config->setSiteIdPubkBase64($configData[SiteConfig::SITE_ID_PUBK_PEM]);
+            $config->setAccountSafePluginId($configData[SiteConfig::SITE_PASSPORT_ACCOUNT_SAFE_PLUGIN_ID]);
 
             $response->setConfig($config);
 
 
@@ -286,13 +286,7 @@ public function checkSessionId($action)
         $timeActive = $sessionInfo['timeActive'];
         $nowTime = $this->ctx->ZalyHelper->getMsectime();
 
-        ///TODO 临时屏蔽 sessionId 时间过期
-
-        $this->ctx->Wpf_Logger->info("sessionTime", "session nowtime=" . $nowTime);
-        $this->ctx->Wpf_Logger->info("sessionTime", "session timeActive=" . $timeActive);
-        $this->ctx->Wpf_Logger->info("sessionTime", "session sessonTimeOut=" . $this->sessionIdTimeOut);
-        $this->ctx->Wpf_Logger->info("sessionTime", "(nowTime - timeActive) > sessionIdTimeOut" . (($nowTime - $timeActive) > $this->sessionIdTimeOut) ? 1 : 0);
-
+        ///TODO 临时屏蔽 sessionId 时间过
 //        if (($nowTime - $timeActive) > $this->sessionIdTimeOut) {
 //            $this->ctx->Wpf_Logger->error($tag, "session  time out  , session id = " . $sessionId);
 //
 
@@ -34,6 +34,7 @@ abstract class Duckchat_MiniProgramController extends \Wpf_Controller
     protected $language = Zaly\Proto\Core\UserClientLangType::UserClientLangEN;
 
     protected $pluginMiniProgramId;
+    protected $pluginMiniProgramProfile;
     /**
      * @var BaseCtx
      */
@@ -79,12 +80,20 @@ public function doIndex()
 
         $this->pluginMiniProgramId = $_GET['miniProgramId'];
 
+        if (empty($this->pluginMiniProgramId)) {
+            throw new Exception("request with empty miniProgram ID");
+        }
+
+        //校验miniProgram
+        $this->pluginMiniProgramProfile = $this->getMiniProgramProfile($this->pluginMiniProgramId);
+
+        if (empty($this->pluginMiniProgramProfile)) {
+            throw new Exception("request with error miniProgram profile");
+        }
+
         // 接收的 加密的数据流
         $secretReqData = file_get_contents("php://input");
 
-        // 将数据转为TransportData
-        $this->requestTransportData = new \Zaly\Proto\Core\TransportData();
-
         ////判断 request proto 类 是否存在。
         $requestClassName = $this->rpcRequestClassName();
         if (class_exists($requestClassName, true)) {
@@ -93,16 +102,23 @@ public function doIndex()
             trigger_error("no request proto class: " . $requestClassName, E_USER_ERROR);
             die();
         }
+
+        $authKey = $this->pluginMiniProgramProfile['authKey'];
+
+        $requestData = $this->ctx->ZalyAes->decrypt($secretReqData, $authKey);
+
+        // 将数据转为TransportData
+        $this->requestTransportData = new \Zaly\Proto\Core\TransportData();
         try {
             if ("json" == $this->bodyFormatType) {
                 if (empty($secretReqData)) {
                     $secretReqData = "{}";
                 }
-                $this->requestTransportData->mergeFromJsonString($secretReqData);
+                $this->requestTransportData->mergeFromJsonString($requestData);
             } else if ("pb" == $this->bodyFormatType) {
-                $this->requestTransportData->mergeFromString($secretReqData);
+                $this->requestTransportData->mergeFromString($requestData);
             } else if ("base64pb" == $this->bodyFormatType) {
-                $realData = base64_decode($secretReqData);
+                $realData = base64_decode($requestData);
                 $this->requestTransportData->mergeFromString($realData);
             }
         } catch (Exception $e) {
@@ -203,7 +219,30 @@ public function rpcReturn($action, $response)
         } else {
             return;
         }
-        echo $body;
+
+        //这里用小程序的authKey进行AES加密
+        $authKey = $this->pluginMiniProgramProfile['authKey'];
+        $encryptedBody = $this->ctx->ZalyAes->encrypt($body, $authKey);
+        echo $encryptedBody;
+    }
+
+
+    private function getMiniProgramProfile($miniProgramId)
+    {
+        $miniProgramProfile = $this->ctx->SitePluginTable->getPluginById($miniProgramId);
+
+        if (!empty($miniProgramProfile)) {
+
+            if (empty($miniProgramProfile['authKey'])) {
+                if (empty($authKey)) {
+                    $config = $this->ctx->SiteConfigTable->selectSiteConfig(SiteConfig::SITE_PLUGIN_PLBLIC_KEY);
+                    $miniProgramProfile['authKey'] = $config[SiteConfig::SITE_PLUGIN_PLBLIC_KEY];
+                }
+            }
+
+        }
+
+        return $miniProgramProfile;
     }
 
     protected function finish_request()
 
@@ -0,0 +1,57 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: zhangjun
+ * Date: 08/09/2018
+ * Time: 12:11 PM
+ */
+
+class Duckchat_Session_ClearController extends Duckchat_MiniProgramController
+{
+    private $classNameForRequest = '\Zaly\Proto\Plugin\DuckChatSessionClearRequest';
+    private $classNameForResponse = '\Zaly\Proto\Plugin\DuckChatSessionClearResponse';
+    private $requestAction = "duckchat.session.clear";
+
+    public function rpcRequestClassName()
+    {
+        return $this->classNameForRequest;
+    }
+
+    /**
+     * @param \Zaly\Proto\Plugin\DuckChatSessionClearRequest $request
+     * @param \Zaly\Proto\Core\TransportData $transportData
+     */
+    public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf\Internal\Message $transportData)
+    {
+        try {
+            $userId = $request->getUserId();
+
+            if(!$userId) {
+                $errorCode = $this->zalyError->errorSessionClear;
+                $errorInfo = $this->zalyError->getErrorInfo($errorCode);
+                $this->setRpcError($errorCode, $errorInfo);
+                throw new Exception("duckchat.session.id userid is not exits");
+            }
+            $this->clearSessionByUserId($userId);
+            $this->setRpcError($this->defaultErrorCode, "");
+        } catch (Exception $ex) {
+            $tag = __CLASS__."-".__FUNCTION__;
+            $errorCode = $this->zalyError->errorSessionClear;
+            $errorInfo = $this->zalyError->getErrorInfo($errorCode);
+            $this->setRpcError($errorCode, $errorInfo);
+            $this->ctx->Wpf_Logger->error($tag, $ex->getMessage());
+        }
+        $this->rpcReturn($this->requestAction, new \Zaly\Proto\Plugin\DuckChatSessionClearResponse());
+        return;
+    }
+
+    private function clearSessionByUserId($userId)
+    {
+        $flag = $this->ctx->SiteSessionTable->deleteSessionByUserId($userId);
+
+        if($flag >0) {
+            return true;
+        }
+        throw new Exception("delete session failed");
+    }
+}
@@ -65,9 +65,10 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf
             $this->rpcReturn($this->requestAction, $response);
         } catch (Exception $e) {
             $this->setRpcError("error.alert", $e->getMessage());
+            $response = new $this->classNameForResponse();
             $this->ctx->Wpf_Logger->error($this->requestAction, $e);
+            $this->rpcReturn($this->requestAction, new Zaly\Proto\Plugin\DuckChatSessionProfileResponse());
         }
-        $this->rpcReturn($this->requestAction, $response);
         return;
     }
 
@@ -76,7 +77,6 @@ private function getPluginProfile($pluginId)
         return $this->ctx->SitePluginTable->getPluginById($pluginId);
     }
 
-
     private function buildRequestResponse($userProfile)
     {
         $publicProfile = new \Zaly\Proto\Core\PublicUserProfile();
Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf`
`48`	`48`	`throw new Exception($errorInfo);`
`49`	`49`	`}`
`50`	`50`
`51`		`- $results = $this->getInvitableFriendsFromDB($groupId, $offset, $pageSize);`
	`51`	`+ $results = $this->getInvitableFriendsFromDB($this->userId, $groupId, $offset, $pageSize);`
`52`	`52`	`$userCount = $this->getUserCount($groupId);`
`53`	`53`
`54`	`54`	`$response = $this->buildGroupInvitableFriendsResponse($results, $userCount);`
`@@ -63,10 +63,10 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf`
`63`	`63`
`64`	`64`	`}`
`65`	`65`
`66`		`- ///TODO 理论上加群的时候，不会返回已经在群里的人`
`67`		`- private function getInvitableFriendsFromDB($groupId, $offset, $pageSize)`
	`66`	`+`
	`67`	`+ private function getInvitableFriendsFromDB($userId, $groupId, $offset, $pageSize)`
`68`	`68`	`{`
`69`		`- $result = $this->ctx->SiteUserTable->getUserListNotInGroup($groupId, $offset, $pageSize);`
	`69`	`+ $result = $this->ctx->SiteUserFriendTable->getUserFriendListNotInGroup($userId, $groupId, $offset, $pageSize);`
`70`	`70`	`return $result;`
`71`	`71`	`}`
`72`	`72`
Original file line number	Diff line number	Diff line change
`@@ -65,9 +65,10 @@ public function rpc(\Google\Protobuf\Internal\Message $request, \Google\Protobuf`
`65`	`65`	`$this->rpcReturn($this->requestAction, $response);`
`66`	`66`	`} catch (Exception $e) {`
`67`	`67`	`$this->setRpcError("error.alert", $e->getMessage());`
	`68`	`+ $response = new $this->classNameForResponse();`
`68`	`69`	`$this->ctx->Wpf_Logger->error($this->requestAction, $e);`
	`70`	`+ $this->rpcReturn($this->requestAction, new Zaly\Proto\Plugin\DuckChatSessionProfileResponse());`
`69`	`71`	`}`
`70`		`- $this->rpcReturn($this->requestAction, $response);`
`71`	`72`	`return;`
`72`	`73`	`}`
`73`	`74`
`@@ -76,7 +77,6 @@ private function getPluginProfile($pluginId)`
`76`	`77`	`return $this->ctx->SitePluginTable->getPluginById($pluginId);`
`77`	`78`	`}`
`78`	`79`
`79`		`-`
`80`	`80`	`private function buildRequestResponse($userProfile)`
`81`	`81`	`{`
`82`	`82`	`$publicProfile = new \Zaly\Proto\Core\PublicUserProfile();`