0
0

Common.php 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174
  1. <?php
  2. namespace app\admin\controller;
  3. use app\common\model\Seeker;
  4. use think\Controller;
  5. use think\Db;
  6. use think\Exception;
  7. class Common extends Controller
  8. {
  9. public function initialize()
  10. {
  11. parent::initialize();
  12. }
  13. public function login(){
  14. if(request()->isPost()){
  15. $username = input('?post.account')?input('post.account','','trim'):'';
  16. $password = input('?post.password')?input('post.password','','trim'):'';
  17. $jzma = input('?post.jzma')?input('post.jzma','','trim'):'';
  18. if(!$username||!$password){
  19. $this->error('用户名或密码错误');
  20. }
  21. $ret = (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->tooManyAttempts($username); // 登录限流
  22. if($ret){
  23. $this->error('账号已被锁定,请稍后重试');
  24. }
  25. $info = Db::name('user')->where('account',$username)->where('del',0)->find();
  26. if(empty($info)) $this->error('用户信息不存在');
  27. if($info['enable']==0) $this->error('该账号被禁用');
  28. if(!password_verify($password,$info['password'])){
  29. $this->error('用户名或密码错误');
  30. }
  31. $rolesId = Db::name('user_roles')->where('user_id',$info['id'])->value('roles_id');
  32. if(!$rolesId){
  33. $this->error('用户未设置角色,无法登陆');
  34. }
  35. $orgs = model('Org')->getListByRoles($info['id']);
  36. if(empty($orgs)){
  37. $this->error('用户没有组织,无法登陆');
  38. }
  39. /* 更新登录信息 */
  40. $data = array(
  41. 'last_login_time' => date('Y-m-d H:i:s')
  42. );
  43. Db::name('user')->where('id',$info['id'])->update($data);
  44. /* 记录登录SESSION和COOKIES */
  45. $auth = array(
  46. 'id' => $info['id'],
  47. 'account' => $info['account'],
  48. 'real_name' => $info['real_name'],
  49. 'last_login_time' => $data['last_login_time'],
  50. 'rolesId' => $rolesId?$rolesId:0
  51. );
  52. session('user_auth',$auth);
  53. session('user_auth_sign',data_auth_sign($auth));
  54. session('orgId',$orgs[0]['id']);
  55. session('orgName',$orgs[0]['name']);
  56. (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->resetAttempts($username); // 登录成功,重置限流
  57. if(!empty($jzma)){
  58. $day = 30;
  59. cookie("user_auth",$auth,time()+3600*24*$day);
  60. cookie("user_auth_sign",data_auth_sign($auth),time()+3600*24*$day);
  61. cookie("orgId",$orgs[0]['id'],time()+3600*24*$day);
  62. cookie("orgName",$orgs[0]['name'],time()+3600*24*$day);
  63. }else{
  64. cookie("user_auth",null);
  65. cookie("user_auth_sign",null);
  66. cookie("orgId",null);
  67. cookie("orgName",null);
  68. }
  69. $url = $_SERVER['HTTP_REFERER']?$_SERVER['HTTP_REFERER']:url('Index/index');
  70. $this->success('登录成功',$url);
  71. }else{
  72. $config = Db::name('config')
  73. ->where('name','web_site_title')
  74. ->value('value');
  75. if(is_login()){
  76. $this->redirect(url('Index/index'));
  77. }
  78. $this->assign('title',$config);
  79. return $this->fetch();
  80. }
  81. }
  82. public function forget(){
  83. if(request()->isPost()) {
  84. $username = input('?post.account')?input('post.account','','trim'):'';
  85. $password = input('?post.password')?input('post.password','','trim'):'';
  86. $code = input('?post.code')?input('post.code','','trim'):'';
  87. if(!$username){
  88. $this->error('手机号不能为空');
  89. }
  90. if(!$code){
  91. $this->error('验证码不能为空');
  92. }
  93. if(!$password){
  94. $this->error('新密码不能为空');
  95. }
  96. if(!verify_sms($username,$code)){
  97. $this->error('验证码信息错误');
  98. }
  99. $info = Db::name('user')
  100. ->where('mobile',$username)
  101. ->where('del',0)->find();
  102. if(empty($info)) $this->error('用户信息不存在');
  103. if($info['enable']==0) $this->error('该账号被禁用');
  104. $pas = password_hash($password, PASSWORD_DEFAULT);
  105. $sdata = [
  106. 'update_time' => date('Y-m-d H:i:s'),
  107. 'password' =>$pas
  108. ];
  109. $res = Db::name('user')
  110. ->where('id',$info['id'])
  111. ->update($sdata);
  112. $res?$this->success('修改成功',url('common/login')):$this->error('修改失败');
  113. }else{
  114. $config = Db::name('config')
  115. ->where('name', 'web_site_title')
  116. ->value('value');
  117. $this->assign('title',$config);
  118. return $this->fetch();
  119. }
  120. }
  121. public function sms(){
  122. $phone = input('mobile');
  123. if(empty($phone)){
  124. $this->error('手机号不能为空');
  125. }
  126. $res = send_verify_sms($phone);
  127. if(!$res){
  128. $this->error('发送失败');
  129. }
  130. $this->success('发送成功');
  131. }
  132. /**
  133. * 退出登录
  134. */
  135. public function logout(){
  136. session('user_auth',null);
  137. session('user_auth_sign',null);
  138. cookie("user_auth",null);
  139. cookie("user_auth_sign",null);
  140. $this->redirect(url('Common/login'));
  141. }
  142. /**
  143. * 无权限跳转页面
  144. */
  145. public function access(){
  146. return $this->fetch();
  147. }
  148. /**
  149. * 403页面
  150. */
  151. public function forbid(){
  152. return $this->fetch('403');
  153. }
  154. }