kice/URLLogin.php

## URLLogin.php
<?php
include('connet.php');

/**
 * URL Login Class
 * URL登录
 * 使用RSA加密算法
 *
 * Copyright Kice
 **/
class URLLogin
{
	/* 原理：
		获得登录链接
		1、生成一对RSA密钥
		2、生成一个需要加密的字符串（生成时间+帐号密码+一个随机字符串+一个固定字符串）
		3、用私钥加密字符串，生成URL（调用GetLoginURL()）
		4、保存公钥，时间，随机字符串

		验证登录链接
		1、获得保存公钥，时间，随机字符串
		2、检查是否超时（暂定600秒）
		3、验证签名（通过访问URL获得签名）
		4、返回结果
	*/

	private $pubkey;
	private $prikey;
	private $time;
	private $pass;

	public function __construct()
	{
		$this->time = time();
	}

	// 如果需要更改保存信息的方法，修改这个函数
	private function SaveVerifyInfo()
	{
		// 保存验证信息
		$sql = "INSERT INTO  `url_login` (
				`id` ,
				`time` ,
				`publickey` ,
				`password`
				)
				VALUES (
				NULL ,  '".$this->time."',  '".$this->base64url_encode($this->pubkey)."',  '".$this->base64url_encode($this->pass)."'
				);";

		mysql_query($sql);
		$id = mysql_insert_id();

		// 这里是返回一个登录ID
		return $id;
	}

	// 如果需要更改读取信息的方法，修改这个函数
	private function GetVerifyInfo($id)
	{
		// 根据登录ID获取验证信息
		$sql = "SELECT * FROM `url_login` WHERE `id` = ".$id;

		$r = mysql_query($sql);
		$result = mysql_fetch_array($r);

		$this->time   = $result['time'];
		$this->pubkey = $this->base64url_decode($result['publickey']);
		$this->pass   = $this->base64url_decode($result['password']);
	}

	private function InitRSA()
	{
		// 初始化
		$res = openssl_pkey_new();
		openssl_pkey_export($res,$pri);
		$data = openssl_pkey_get_details($res);

		$this->pass   = $this->CreatePassword();
		$this->prikey = $pri;
		$this->pubkey = $data['key'];
	}

	private function CreatePassword($pw_length = 8)
	{
	    $randpwd = '';
	    for ($i = 0; $i < $pw_length; $i++)
	    {
	        $randpwd .= chr(mt_rand(33, 126));
	    }
	    return $randpwd;
	}

	private function base64url_encode($data)
	{
	  return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
	}

	private function base64url_decode($data)
	{
	  return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
	}

	private function GetUnsignData($password)
	{
		return ($this->time.$password.$this->pass."dlgmISdbRDpYTkNEUGN9Pl1JfVtbfU1jSml7ZTB6UjI=");
	}

	public function GetLoginURL($password, $verifyUrl)
	{
		// 获得登录的URL
		/*
		下面是测试用的
		$password 	 = '6*VG$*BRSj@SBMzk';
		$verifyUrl   = "verify.php";
		*/

		$this->InitRSA();
		$data = $this->GetUnsignData();

		openssl_sign($data, $signature, $this->prikey);
		$signature = $this->base64url_encode($signature);

		$id = $this->SaveVerifyInfo();

		$url = $verifyUrl."?id=".$id."&sign=".$signature;
		return $url;
	}

	public function CheckLoginURL($signature, $id, $password)
	{
		$this->GetVerifyInfo($id);

		// 验证是否为合法的登录请求
		$checkTime=time();

		if ($checkTime - $this->time > 600) {
			exit("登录超时");
		}

		$publickey = $this->pubkey;
		$data      = $this->GetUnsignData();
		$signature = $this->base64url_decode($signature);
        $r = openssl_verify($data, $signature, $publickey);

        return $r;
	}
}

?>
	<?php
	include('connet.php');

	/**
	* URL Login Class
	* URL登录
	* 使用RSA加密算法
	*
	* Copyright Kice
	**/
	class URLLogin
	{
	/* 原理：
	获得登录链接
	1、生成一对RSA密钥
	2、生成一个需要加密的字符串（生成时间+帐号密码+一个随机字符串+一个固定字符串）
	3、用私钥加密字符串，生成URL（调用GetLoginURL()）
	4、保存公钥，时间，随机字符串

	验证登录链接
	1、获得保存公钥，时间，随机字符串
	2、检查是否超时（暂定600秒）
	3、验证签名（通过访问URL获得签名）
	4、返回结果
	*/

	private $pubkey;
	private $prikey;
	private $time;
	private $pass;

	public function __construct()
	{
	$this->time = time();
	}

	// 如果需要更改保存信息的方法，修改这个函数
	private function SaveVerifyInfo()
	{
	// 保存验证信息
	$sql = "INSERT INTO `url_login` (
	`id` ,
	`time` ,
	`publickey` ,
	`password`
	)
	VALUES (
	NULL , '".$this->time."', '".$this->base64url_encode($this->pubkey)."', '".$this->base64url_encode($this->pass)."'
	);";

	mysql_query($sql);
	$id = mysql_insert_id();

	// 这里是返回一个登录ID
	return $id;
	}

	// 如果需要更改读取信息的方法，修改这个函数
	private function GetVerifyInfo($id)
	{
	// 根据登录ID获取验证信息
	$sql = "SELECT * FROM `url_login` WHERE `id` = ".$id;

	$r = mysql_query($sql);
	$result = mysql_fetch_array($r);

	$this->time = $result['time'];
	$this->pubkey = $this->base64url_decode($result['publickey']);
	$this->pass = $this->base64url_decode($result['password']);
	}

	private function InitRSA()
	{
	// 初始化
	$res = openssl_pkey_new();
	openssl_pkey_export($res,$pri);
	$data = openssl_pkey_get_details($res);

	$this->pass = $this->CreatePassword();
	$this->prikey = $pri;
	$this->pubkey = $data['key'];
	}

	private function CreatePassword($pw_length = 8)
	{
	$randpwd = '';
	for ($i = 0; $i < $pw_length; $i++)
	{
	$randpwd .= chr(mt_rand(33, 126));
	}
	return $randpwd;
	}

	private function base64url_encode($data)
	{
	return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
	}

	private function base64url_decode($data)
	{
	return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
	}

	private function GetUnsignData($password)
	{
	return ($this->time.$password.$this->pass."dlgmISdbRDpYTkNEUGN9Pl1JfVtbfU1jSml7ZTB6UjI=");
	}

	public function GetLoginURL($password, $verifyUrl)
	{
	// 获得登录的URL
	/*
	下面是测试用的
	$password = '6VG$BRSj@SBMzk';
	$verifyUrl = "verify.php";
	*/

	$this->InitRSA();
	$data = $this->GetUnsignData();

	openssl_sign($data, $signature, $this->prikey);
	$signature = $this->base64url_encode($signature);

	$id = $this->SaveVerifyInfo();

	$url = $verifyUrl."?id=".$id."&sign=".$signature;
	return $url;
	}

	public function CheckLoginURL($signature, $id, $password)
	{
	$this->GetVerifyInfo($id);

	// 验证是否为合法的登录请求
	$checkTime=time();

	if ($checkTime - $this->time > 600) {
	exit("登录超时");
	}

	$publickey = $this->pubkey;
	$data = $this->GetUnsignData();
	$signature = $this->base64url_decode($signature);
	$r = openssl_verify($data, $signature, $publickey);

	return $r;
	}
	}

	?>