<?php
namespace app\admin\controller;
use app\common\model\Seeker;
use think\Controller;
use think\Db;
use think\Exception;
class Common extends Controller
{
public function initialize()
{
parent::initialize();
}
public function login(){
if(request()->isPost()){
$username = input('?post.account')?input('post.account','','trim'):'';
$password = input('?post.password')?input('post.password','','trim'):'';
$jzma = input('?post.jzma')?input('post.jzma','','trim'):'';
if(!$username||!$password){
$this->error('用户名或密码错误');
}
$ret = (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->tooManyAttempts($username); // 登录限流
if($ret){
$this->error('账号已被锁定,请稍后重试');
}
$info = Db::name('user')->where('account',$username)->where('del',0)->find();
if(empty($info)) $this->error('用户信息不存在');
if($info['enable']==0) $this->error('该账号被禁用');
if(!password_verify($password,$info['password'])){
$this->error('用户名或密码错误');
}
$rolesId = Db::name('user_roles')->where('user_id',$info['id'])->value('roles_id');
if(!$rolesId){
$this->error('用户未设置角色,无法登陆');
}
$orgs = model('Org')->getListByRoles($info['id']);
if(empty($orgs)){
$this->error('用户没有组织,无法登陆');
}
/* 更新登录信息 */
$data = array(
'last_login_time' => date('Y-m-d H:i:s')
);
Db::name('user')->where('id',$info['id'])->update($data);
/* 记录登录SESSION和COOKIES */
$auth = array(
'id' => $info['id'],
'account' => $info['account'],
'real_name' => $info['real_name'],
'last_login_time' => $data['last_login_time'],
'rolesId' => $rolesId?$rolesId:0
);
session('user_auth',$auth);
session('user_auth_sign',data_auth_sign($auth));
session('orgId',$orgs[0]['id']);
session('orgName',$orgs[0]['name']);
(new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->resetAttempts($username); // 登录成功,重置限流
if(!empty($jzma)){
$day = 30;
cookie("user_auth",$auth,time()+3600*24*$day);
cookie("user_auth_sign",data_auth_sign($auth),time()+3600*24*$day);
cookie("orgId",$orgs[0]['id'],time()+3600*24*$day);
cookie("orgName",$orgs[0]['name'],time()+3600*24*$day);
}else{
cookie("user_auth",null);
cookie("user_auth_sign",null);
cookie("orgId",null);
cookie("orgName",null);
}
$url = $_SERVER['HTTP_REFERER']?$_SERVER['HTTP_REFERER']:url('Index/index');
$this->success('登录成功',$url);
}else{
$config = Db::name('config')
->where('name','web_site_title')
->value('value');
if(is_login()){
$url = request()->domain().'/home/index.html';
$this->redirect($url);
}
$forgeturl = request()->domain().'/common/forget.html';
$this->assign('forgeturl',$forgeturl);
$this->assign('title',$config);
return $this->fetch();
}
}
public function forget(){
if(request()->isPost()) {
$username = input('?post.account')?input('post.account','','trim'):'';
$password = input('?post.password')?input('post.password','','trim'):'';
$code = input('?post.code')?input('post.code','','trim'):'';
if(!$username){
$this->error('手机号不能为空');
}
if(!$code){
$this->error('验证码不能为空');
}
if(!$password){
$this->error('新密码不能为空');
}
if(!verify_sms($username,$code)){
$this->error('验证码信息错误');
}
$info = Db::name('user')
->where('mobile',$username)
->where('del',0)->find();
if(empty($info)) $this->error('用户信息不存在');
if($info['enable']==0) $this->error('该账号被禁用');
$pas = password_hash($password, PASSWORD_DEFAULT);
$sdata = [
'update_time' => date('Y-m-d H:i:s'),
'password' =>$pas
];
$res = Db::name('user')
->where('id',$info['id'])
->update($sdata);
$res?$this->success('修改成功',request()->domain().'/common/login.html'):$this->error('修改失败');
}else{
$config = Db::name('config')
->where('name', 'web_site_title')
->value('value');
$loginurl = request()->domain().'/common/login.html';
$this->assign('loginurl',$loginurl);
$this->assign('title',$config);
return $this->fetch();
}
}
public function sms(){
$phone = input('mobile');
if(empty($phone)){
$this->error('手机号不能为空');
}
$res = send_verify_sms($phone);
if(!$res){
$this->error('发送失败');
}
$this->success('发送成功');
}
/**
* 退出登录
*/
public function logout(){
session('user_auth',null);
session('user_auth_sign',null);
cookie("user_auth",null);
cookie("user_auth_sign",null);
$this->redirect(request()->domain().'/common/login.html');
}
/**
* 无权限跳转页面
*/
public function access(){
return $this->fetch();
}
/**
* 403页面
*/
public function forbid(){
return $this->fetch('403');
}
}