Common.php 6.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184
  1. <?php
  2. namespace app\admin\controller;
  3. use app\common\model\Seeker;
  4. use think\Controller;
  5. use think\Db;
  6. use think\Exception;
  7. class Common extends Controller
  8. {
  9. public function initialize()
  10. {
  11. parent::initialize();
  12. }
  13. public function login(){
  14. if(request()->isPost()){
  15. $username = input('?post.account')?input('post.account','','trim'):'';
  16. $password = input('?post.password')?input('post.password','','trim'):'';
  17. $jzma = input('?post.jzma')?input('post.jzma','','trim'):'';
  18. if(!$username||!$password){
  19. $this->error('用户名或密码错误');
  20. }
  21. $ret = (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->tooManyAttempts($username); // 登录限流
  22. if($ret){
  23. $this->error('账号已被锁定,请稍后重试');
  24. }
  25. $info = Db::name('user')->where('account',$username)->where('del',0)->find();
  26. if(empty($info)) $this->error('用户信息不存在');
  27. if($info['enable']==0) $this->error('该账号被禁用');
  28. if(!password_verify($password,$info['password'])){
  29. $this->error('用户名或密码错误');
  30. }
  31. $rolesId = Db::name('user_roles')->where('user_id',$info['id'])->value('roles_id');
  32. if(!$rolesId){
  33. $this->error('用户未设置角色,无法登陆');
  34. }
  35. $orgs = model('Org')->getListByRoles($info['id']);
  36. if(empty($orgs)){
  37. $this->error('用户没有组织,无法登陆');
  38. }
  39. /* 更新登录信息 */
  40. $data = array(
  41. 'last_login_time' => date('Y-m-d H:i:s')
  42. );
  43. Db::name('user')->where('id',$info['id'])->update($data);
  44. /* 记录登录SESSION和COOKIES */
  45. $auth = array(
  46. 'id' => $info['id'],
  47. 'account' => $info['account'],
  48. 'real_name' => $info['real_name'],
  49. 'last_login_time' => $data['last_login_time'],
  50. 'rolesId' => $rolesId?$rolesId:0
  51. );
  52. session('user_auth',$auth);
  53. session('user_auth_sign',data_auth_sign($auth));
  54. session('orgId',$orgs[0]['id']);
  55. session('orgName',$orgs[0]['name']);
  56. (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->resetAttempts($username); // 登录成功,重置限流
  57. if(!empty($jzma)){
  58. $day = 30;
  59. cookie("user_auth",$auth,time()+3600*24*$day);
  60. cookie("user_auth_sign",data_auth_sign($auth),time()+3600*24*$day);
  61. cookie("orgId",$orgs[0]['id'],time()+3600*24*$day);
  62. cookie("orgName",$orgs[0]['name'],time()+3600*24*$day);
  63. }else{
  64. cookie("user_auth",null);
  65. cookie("user_auth_sign",null);
  66. cookie("orgId",null);
  67. cookie("orgName",null);
  68. }
  69. $url = $_SERVER['HTTP_REFERER']?$_SERVER['HTTP_REFERER']:url('Index/index');
  70. $this->success('登录成功',$url);
  71. }else{
  72. $config = Db::name('config')
  73. ->where('name','web_site_title')
  74. ->value('value');
  75. if(is_login()){
  76. $url = request()->domain().'/home/index.html';
  77. $this->redirect($url);
  78. }
  79. $forgeturl = request()->domain().'/common/forget.html';
  80. $this->assign('forgeturl',$forgeturl);
  81. $this->assign('title',$config);
  82. return $this->fetch();
  83. }
  84. }
  85. public function forget(){
  86. if(request()->isPost()) {
  87. $username = input('?post.account')?input('post.account','','trim'):'';
  88. $password = input('?post.password')?input('post.password','','trim'):'';
  89. $code = input('?post.code')?input('post.code','','trim'):'';
  90. if(!$username){
  91. $this->error('手机号不能为空');
  92. }
  93. if(!$code){
  94. $this->error('验证码不能为空');
  95. }
  96. if(!$password){
  97. $this->error('新密码不能为空');
  98. }
  99. if(!verify_sms($username,$code)){
  100. $this->error('验证码信息错误');
  101. }
  102. $info = Db::name('user')
  103. ->where('mobile',$username)
  104. ->where('del',0)->find();
  105. if(empty($info)) $this->error('用户信息不存在');
  106. if($info['enable']==0) $this->error('该账号被禁用');
  107. $pas = password_hash($password, PASSWORD_DEFAULT);
  108. $sdata = [
  109. 'update_time' => date('Y-m-d H:i:s'),
  110. 'password' =>$pas
  111. ];
  112. $res = Db::name('user')
  113. ->where('id',$info['id'])
  114. ->update($sdata);
  115. $res?$this->success('修改成功',request()->domain().'/common/login.html'):$this->error('修改失败');
  116. }else{
  117. $config = Db::name('config')
  118. ->where('name', 'web_site_title')
  119. ->value('value');
  120. $loginurl = request()->domain().'/common/login.html';
  121. $this->assign('loginurl',$loginurl);
  122. $this->assign('title',$config);
  123. return $this->fetch();
  124. }
  125. }
  126. public function sms(){
  127. $phone = input('mobile');
  128. if(empty($phone)){
  129. $this->error('手机号不能为空');
  130. }
  131. $res = send_verify_sms($phone);
  132. if(!$res){
  133. $this->error('发送失败');
  134. }
  135. $this->success('发送成功');
  136. }
  137. /**
  138. * 退出登录
  139. */
  140. public function logout(){
  141. session('user_auth',null);
  142. session('user_auth_sign',null);
  143. cookie("user_auth",null);
  144. cookie("user_auth_sign",null);
  145. $this->redirect(request()->domain().'/common/login.html');
  146. }
  147. /**
  148. * 无权限跳转页面
  149. */
  150. public function access(){
  151. return $this->fetch();
  152. }
  153. /**
  154. * 403页面
  155. */
  156. public function forbid(){
  157. return $this->fetch('403');
  158. }
  159. }