QuickAuthLogin-WP/QuickAuthLogin/qauth.php

357 lines
14 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/*
Plugin Name: QuickAuthLogin
Plugin URI: https://github.com/mr-wixy/QuickAuthLogin-WP
Description: QuickAuth微信扫码登陆插件
Version: 0.9.0
Author: wixy
Author URI: https://blog.wixy.cn/
*/
//自定义登录按钮
function custom_login_button() {
echo '<button class="button button-primary button-large" style="color:#fff;background: #2a0; float: right; margin: 18px 0 5px 10px; min-height: 32px;" href="" type="button" onClick="openLogin()">微信登陆</button><br />';
}
add_action('login_form', 'custom_login_button');
//自定义显示错误消息
function custom_login_message(){
$msg = $_GET['err_msg'];
if($msg){
echo '<div id="login_error">'.$msg.'<br></div>';
}
}
add_action( 'login_message', 'custom_login_message');
//登录按钮调用函数
function custom_html() {
if(get_option("qauth_options")["qauth_appkey"]){
$url = get_option("qauth_options")["qauth_api"].'/qrconnect?appkey='.get_option("qauth_options")["qauth_appkey"].'&state=login&popup=true';
echo '<script>
function openLogin(){
var iTop = (window.screen.availHeight - 30 - 600) / 2;
var iLeft = (window.screen.availWidth - 10 - 500) / 2;
window.open ("'.$url.'","QuickAuth登录","width=500,height=600,top="+iTop+",left="+iLeft);
}
</script>
';
}
else{
echo '<script>function openLogin(){alert("请先完成QuickAuth的相关配置");}</script>';
}
}
add_action('login_footer', 'custom_html');
//回调接口定义
add_action( 'rest_api_init', function () {
register_rest_route( 'wp/v2', '/qauth_login', array(
'methods' => 'GET',
'callback' => 'qauth_login',
) );
} );
function qauth_login() {
$code = $_GET['code'];
$state = $_GET['state'];
if(!$code || !$state){
wp_redirect(wp_login_url(get_permalink()));
exit;
}
$response = wp_remote_get( get_option("qauth_options")["qauth_api"].'/user?code='.$code.'&appkey='.get_option("qauth_options")["qauth_appkey"].'&secret='.get_option("qauth_options")["qauth_usersecret"] );
$body = wp_remote_retrieve_body( $response );
$content_obj = json_decode($body);
if($content_obj->code === 0){
if($state == "binding"){
wp_redirect( home_url().'/wp-admin/admin.php?page=qauth_binding&openId='.$content_obj->res->openId.'&nickName='.$content_obj->res->nickName.'&avatarUrl='.urlencode($content_obj->res->avatarUrl) );
}
else{
$user_query = new WP_User_Query( array( 'meta_key' => 'qa_openid', 'meta_value' => $content_obj->res->openId) );
if($user_query->get_results()){
$login_user=$user_query->get_results()[0]->data;
wp_set_current_user( $login_user->ID);
wp_set_auth_cookie( $login_user->ID);
wp_redirect( home_url().'/wp-admin' );
exit;
}
else{
if(get_option('qauth_options')['qauth_auto_register']){
$newUserName = 'wx_'.$content_obj->res->nickName;
$user_id = username_exists($newUserName);
if($user_id){
$newUserName = $newUserName.'_'.substr(md5(uniqid(microtime())), 0, 4);
}
$random_password = substr(md5(uniqid(microtime())), 0, 6);
$user_id = wp_create_user($newUserName, $random_password, $newUserName.'@qauth.cn');
add_user_meta($user_id, 'qa_openid', $content_obj->res->openId);
add_user_meta($user_id, 'qa_nickname', $content_obj->res->nickName);
add_user_meta($user_id, 'qa_avatarurl', $content_obj->res->avatarUrl);
wp_set_current_user( $user_id);
wp_set_auth_cookie( $user_id);
wp_redirect( home_url().'/wp-admin' );
exit;
}else{
wp_redirect( home_url().'/wp-login.php?err_msg='.urlencode('未绑定微信用户禁止登陆'));
}
}
}
}
else{
wp_redirect( home_url().'/wp-login.php?err_msg='.urlencode('QuickAuth接口调用出错【'.$content_obj->msg.'】'));
}
}
function qauth_preprocess_pages($value){
global $pagenow;
$page = (isset($_REQUEST['page']) ? $_REQUEST['page'] : false);
if($pagenow=='admin.php' && $page=='qauth_binding'){
$user_query = new WP_User_Query( array( 'meta_key' => 'qa_openid', 'meta_value' => $content_obj->res->openId) );
if($user_query->get_results()){
if($_GET['openId']){
wp_redirect( home_url().'/wp-admin/admin.php?page=qauth_binding&err_msg=alreadyuse');
exit;
}
}
else{
$current_user = wp_get_current_user();
$openid = get_user_meta($current_user->data->ID, 'qa_openid', true);
$nickName = get_user_meta($current_user->data->ID, 'qa_nickname', true);
$avatarUrl = get_user_meta($current_user->data->ID, 'qa_avatarurl', true);
if($_GET['openId']){
$uId = $_GET['openId'];
$uName = $_GET['nickName'];
$uAvatar = $_GET['avatarUrl'];
$current_user = wp_get_current_user();
if($openid){
update_user_meta($current_user->data->ID, 'qa_openid', $uId);
}
else{
add_user_meta($current_user->data->ID, 'qa_openid', $uId);
}
if($nickName){
update_user_meta($current_user->data->ID, 'qa_nickname', $uName);
}
else{
add_user_meta($current_user->data->ID, 'qa_nickname', $uName);
}
if($avatarUrl){
update_user_meta($current_user->data->ID, 'qa_avatarurl', urldecode($uAvatar));
}
else{
add_user_meta($current_user->data->ID, 'qa_avatarurl', urldecode($uAvatar));
}
wp_redirect( home_url().'/wp-admin/admin.php?page=qauth_binding');
exit;
}
}
}
}
add_action('admin_init', 'qauth_preprocess_pages');
//新增菜单
function qauth_options_page() {
add_menu_page(
'QuickAuth',
'微信绑定',
'read',
'qauth_binding',
'qauth_user_binding_html',
plugins_url('QuickAuthLogin/wechat.png')
);
add_submenu_page(
'plugins.php',
'QuickAuth设置',
'QuickAuth设置',
'manage_options',
'qauth',
'qauth_options_page_html'
);
}
function qauth_user_binding_html(){
?>
<div class=wrap>
<div class="wrap">
<h2>微信账户绑定</h2>
<?php update_qauth_binding();
$current_user = wp_get_current_user();
$openid = get_user_meta($current_user->data->ID, 'qa_openid', true);
$nickName = get_user_meta($current_user->data->ID, 'qa_nickname', true);
$avatarUrl = get_user_meta($current_user->data->ID, 'qa_avatarurl', true);
?>
<div class="qrlogin">
<form method="post">
<h3>当前账号:<?=$current_user->data->user_login?></h3>
<?php if($openid):?>
<p>已绑微信:<? echo $nickName;?> </p>
<div id="qrimg" style="margin-bottom:30px"> <img src="<? echo $avatarUrl;?>"></div>
<input type="submit" class="button button-primary" name="submit" value="重置绑定数据">
<?php else : ?>
<p id='msg'>尚未绑定微信账号</p><hr/>
<button class="button button-primary" type="button" onclick="openLogin()">绑定微信</button>
<?php endif; ?>
</form>
</div>
</div>
</div>
<?php
if(get_option("qauth_options")["qauth_appkey"]){
$url = get_option("qauth_options")["qauth_api"].'/qrconnect?appkey='.get_option("qauth_options")["qauth_appkey"].'&state=binding&popup=true';
echo '<script>
function openLogin(){
var iTop = (window.screen.availHeight - 30 - 600) / 2;
var iLeft = (window.screen.availWidth - 10 - 500) / 2;
window.open ("'.$url.'","QuickAuth登录","width=500,height=600,top="+iTop+",left="+iLeft);
}
</script>';
}
else{
if(current_user_can('manage_options')){
echo '<script>function openLogin(){
alert("请先完成QuickAuth的相关配置");
location.href="'.home_url().'/wp-admin/plugins.php?page=qauth";
}</script>';
}else{
echo '<script>function openLogin(){
alert("请联系管理员完成QuickAuth的相关配置");}</script>';
}
}
}
function update_qauth_binding(){
if($_GET['err_msg']){
if($_GET['err_msg'] == 'alreadyuse'){
echo '<p style="color:red;">该微信账号已经被其他用户绑定</p>';
}
}
$current_user = wp_get_current_user();
$openid = get_user_meta($current_user->data->ID, 'qa_openid', true);
$nickName = get_user_meta($current_user->data->ID, 'qa_nickname', true);
$avatarUrl = get_user_meta($current_user->data->ID, 'qa_avatarurl', true);
if($_POST['submit']){
delete_user_meta($current_user->data->ID, 'qa_openid', $openid);
delete_user_meta($current_user->data->ID, 'qa_nickname', $nickName);
delete_user_meta($current_user->data->ID, 'qa_avatarurl', $avatarUrl);
echo '<p style="color:green;">重置成功</p>';
}
}
function qauth_options_page_html() {
if (!current_user_can('manage_options')){
return;
}
?>
<div class=wrap>
<div class="wrap">
<h2>QuickAuth设置</h2>
<?php update_qauth_options(); ?>
<ul class="typecho-option">
<li><label class="typecho-label">使用说明:</label>
<ol>
<li><p class="description">登陆 <a target="_blank" href="https://qauth.cn">QuickAuth</a>网站</p></li>
<li><p class="description"><a target="_blank" href="https://qauth.cn/app">创建应用</a> 并填写相关信息回调地址请填写https://博客域名/index.php/wp-json/wp/v2/qauth_login</p></li>
<li><p class="description"><a target="_blank" href="https://qauth.cn/app">发布</a> 应用</p></li>
<li><p class="description">在此页面中配置 AppKey和UserSecret</p></li>
</ol>
</li>
</ul>
<form method="post">
<div style="margin:10px;">
<label style="display:block;margin:10px 0;">QuickAuthApi<small>(默认配置,正常情况无需修改)</small></label>
<input class="regular-text code" type="text" name="QauthApi" value="<?php echo get_option('qauth_options')['qauth_api'];?>"/>
</div>
<div style="margin:10px;">
<label style="display:block;margin:10px 0;">AppKey <a href="https://qauth.cn/app" target="_blank">获取</a></label>
<input class="regular-text code" type="text" name="QauthAppKey" value="<?php echo get_option('qauth_options')['qauth_appkey'];?>"/>
</div>
<div style="margin:10px;"><label style="display:block;margin:10px 0;">UserSecret <a href="https://qauth.cn/config/secret" target="_blank">获取</a></label><input class="regular-text code" type="text" name="QauthUserSecret" value="<?php echo get_option('qauth_options')['qauth_usersecret'];?>"/></div>
<div style="margin:10px;">
<label style="display:block;margin:10px 0;">未绑定用户自动注册</label>
<?php if(get_option('qauth_options')['qauth_auto_register']):?>
<input class="regular-text code" type="checkbox" name="QauthAutoRegister" value="<?php echo get_option('qauth_options')['qauth_auto_register'];?>" checked="checked"/>
<?php else : ?>
<input class="regular-text code" type="checkbox" name="QauthAutoRegister" value="<?php echo get_option('qauth_options')['qauth_auto_register'];?>"/>
<?php endif; ?>
</div>
<div style="margin:10px;"><input class="button button-primary" type="submit" name="submit" value="保存"/></div>
</form>
</div>
</div>
<?php
}
function update_qauth_options(){
if($_POST['submit']){
if($_POST['QauthAutoRegister'] === null){
$auto_register = false;
}
else{
$auto_register = true;
}
$flag = false;
$data_r = [
'qauth_api' => $_POST['QauthApi'],
'qauth_appkey' => $_POST['QauthAppKey'],
'qauth_usersecret' => $_POST['QauthUserSecret'],
'qauth_auto_register' => $auto_register,
];
if($_POST['QauthApi'] && $_POST['QauthAppKey'] && $_POST['QauthUserSecret']){
update_option('qauth_options',$data_r);
$flag = true;
}
if($flag){
echo '<p style="color:green;">保存成功</p>';
}else{
echo '<p style="color:red;">保存失败</p>';
}
}
}
add_action( 'admin_menu', 'qauth_options_page' );
function qauth_login_rewrites_init(){
add_rewrite_rule(
'qauthlogin/(.+)\$',
'index.php?&code=$matches[1]',
'top'
);
flush_rewrite_rules();
}
add_action( 'init', 'qauth_login_rewrites_init' );
function qauth_setup() {
$data_r = [
'qauth_api' => 'https://api.qauth.cn' ,
'qauth_appkey' => '',
'qauth_usersecret' => '',
'qauth_auto_register' => false
];
add_option('qauth_options', $data_r);
}
function qauth_install() {
qauth_setup();
flush_rewrite_rules();
}
register_activation_hook( __FILE__, 'qauth_install' );
function qauth_deactivation() {
flush_rewrite_rules();
}
register_deactivation_hook( __FILE__, 'qauth_deactivation' );