扶持号SDK登录安全防护业务

master
zhengchanglong 5 years ago
parent 5d7385e77a
commit dee6c2e60d

@ -1051,16 +1051,32 @@ class UserModel extends Model{
}
}
public function login_sdk($account,$password,$type=1,$game_id,$game_name,$sdk_version){
public function login_sdk($account,$password,$type=1,$game_id,$game_name,$sdk_version,$unique_code){
$map['account'] = $account;
/* 获取用户数据 */
$user = $this->where($map)->find();
if(is_array($user) && $user['lock_status'] && $user['check_status']){
/* 验证用户密码 */
if(think_ucenter_md5($password, UC_AUTH_KEY) === $user['password']||$type==2){
$token = $this->updateLogin_($user['id'],$account,$password,$user['fgame_id'],$game_id,$game_name); //更新用户登录信息
$this->user_login_record2($user,$type,$game_id,$game_name,$sdk_version);
return array("user_id"=>$user['id'],"token"=>$token); //登录成功返回用户ID
$test_resource = M('test_resource','tab_')->where("user_id=%s and apply_status=2",$user['id'])->find();//测试资源(扶持号)
if($test_resource){ //扶持号
if($user['device_number'] && $unique_code && $user['device_number'] !=$unique_code){ //#当前登录设备信息与历史登录设备信息不一致,触发账户冻结
$this->sdklogin_device_error($user,$test_resource,$unique_code);
$this->sdklogin_ip_error($user,$test_resource,get_client_ip());
return -1;//扶持号被禁用
}else{
$token = $this->sdklogin_update($user,$account,$password,$user['fgame_id'],$game_id,$game_name,$unique_code); //更新用户登录信息
$this->user_login_record2($user,$type,$game_id,$game_name,$sdk_version);
$this->sdklogin_ip_error($user,$test_resource,get_client_ip());
return array("user_id"=>$user['id'],"token"=>$token); //登录成功返回用户ID
}
}else{
Log::write('进入SDK_1' , 'INFO');
$token = $this->sdklogin_update($user,$account,$password,$user['fgame_id'],$game_id,$game_name,$unique_code); //更新用户登录信息
$this->user_login_record2($user,$type,$game_id,$game_name,$sdk_version);
return array("user_id"=>$user['id'],"token"=>$token); //登录成功返回用户ID
}
} else {
return -2; //密码错误
}
@ -1070,6 +1086,79 @@ class UserModel extends Model{
}
//更新用户登录信息
protected function sdklogin_update($user,$account,$password,$user_fgame_id,$game_id,$game_name,$unique_code=''){
$model = M('User','tab_');
$uid = $user['id'];
$data["id"] = $uid;
$data["login_time"] = NOW_TIME;
$data["login_ip"] = get_client_ip();
$data["device_number"] = $unique_code;
$data["last_login_ip"] = $user['login_ip'];
$data["last_device_number"] = $user['device_number'];
$data["token"] = $this->generateToken($uid,$account,$password);
if($user_fgame_id){
$model->save($data);
}else{
$data['fgame_id']=$game_id;
$data['fgame_name']=$game_name;
$model->save($data);
}
return $data["token"];
}
// 扶持号登录设备异常
protected function sdklogin_device_error($user,$resource,$unique_code){
$model = M('User','tab_');
$uid = $user['id'];
$data["id"] = $uid;
$data["device_number"] = $unique_code;
$data["last_device_number"] = $user['device_number'];
$data["lock_status"] = 0 ;
$model->save($data);
$protect_data['user_id']= $uid;
$protect_data['user_account']= $resource['user_account'];
$protect_data['server_id'] = $resource['server_id'];
$protect_data['server_name']= $resource['server_name'];
$protect_data['game_id']=$resource['game_id'];
$protect_data['game_name']=$resource['game_name'];
$protect_data['nickname']=$resource['role_name'];
$protect_data['promote_id']=$resource['promote_id'];
$protect_data['promote_account']=$resource['promote_account'];
$protect_data['type']=2;
$protect_data['detail']="登录设备号异常,本次异常设备号:".$unique_code.",历史登录设备号:".$user['device_number'];
$protect_data['create_time'] = NOW_TIME;
M('protect_log','tab_')->add($protect_data);
}
// 扶持号登录IP异常
protected function sdklogin_ip_error($user,$resource,$ip){
$newloginip_source = file_get_contents("http://ip.taobao.com/service/getIpInfo.php?ip=".$ip);
$aldloginip_source = file_get_contents("http://ip.taobao.com/service/getIpInfo.php?ip=".$user['login_ip']);
$newloginip_source = json_decode($newloginip_source,true);
$aldloginip_source = json_decode($aldloginip_source,true);
if($newloginip_source['data']['city']!=$aldloginip_source['data']['city']){ //登录城市不一致时触发IP异常
$uid = $user['id'];
$protect_data['user_id']= $uid;
$protect_data['user_account']= $resource['user_account'];
$protect_data['server_id'] = $resource['server_id'];
$protect_data['server_name']= $resource['server_name'];
$protect_data['game_id']=$resource['game_id'];
$protect_data['game_name']=$resource['game_name'];
$protect_data['nickname']=$resource['role_name'];
$protect_data['promote_id']=$resource['promote_id'];
$protect_data['promote_account']=$resource['promote_account'];
$protect_data['type']=1;
$protect_data['detail']="登录IP异常本次异常IP".$ip."历史登录IP".$user['login_ip'];
$protect_data['create_time'] = NOW_TIME;
M('protect_log','tab_')->add($protect_data);
}
}
//判断game_id是否有值
protected function updateLogin_($uid,$account,$password,$user_fgame_id,$game_id,$game_name){
$model = M('User','tab_');

@ -40,7 +40,7 @@ class UserController extends BaseController
//1.登录成功,验证在本地是否有此账号
$user_res = M('user', 'tab_') -> where(['account' => $uc_username]) -> find();
if (!empty($user_res)) {//本地存在账号,验证密码直接登录
$result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version']);#调用登录
$result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version'],$user['unique_code']);#调用登录
$res_msg = array();
switch ($result) {
case - 1:
@ -112,7 +112,7 @@ class UserController extends BaseController
if ($res > 0) {
$result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version']);#调用登录
$result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version'],$user['unique_code']);#调用登录
$res_msg = array();
switch ($result) {
case - 1:
@ -173,7 +173,7 @@ class UserController extends BaseController
} elseif ($uc_uid == - 1) {
//用户不存在,验证本地用户账号密码
$result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version']);#调用登录
$result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version'],$user['unique_code']);#调用登录
$res_msg = array();
switch ($result) {
case - 1:
@ -236,7 +236,7 @@ class UserController extends BaseController
}
#实例化用户接口
$userApi = new MemberApi();
$result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version']);#调用登录
$result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version'],$user['unique_code']);#调用登录
$res_msg = array();
switch ($result) {

@ -111,12 +111,12 @@ class MemberApi extends Api{
public function login_($account, $password,$type=2,$game_id=0,$game_name='',$sdk_version){
return $this->model->login_1($account, $password,$type,$game_id,$game_name,$sdk_version);
}
public function login_sdk($account, $password,$type=2,$game_id=0,$game_name='',$sdk_version){
return $this->model->login_sdk($account, $password,$type,$game_id,$game_name,$sdk_version);
public function login_sdk($account, $password,$type=2,$game_id=0,$game_name='',$sdk_version,$unique_code=''){
return $this->model->login_sdk($account, $password,$type,$game_id,$game_name,$sdk_version,$unique_code);
}
/**
*修改数据
*/

Loading…
Cancel
Save