mingde-bd/application/admin/controller/Common.php

<?php
namespace app\admin\controller;

use app\common\model\Seeker;
use think\Controller;
use think\Db;
use think\Exception;

class Common extends Controller
{
    public function initialize()
    {
        parent::initialize();
    }

    public function login(){
        if(request()->isPost()){
            $username = input('?post.account')?input('post.account','','trim'):'';
            $password = input('?post.password')?input('post.password','','trim'):'';
            $jzma = input('?post.jzma')?input('post.jzma','','trim'):'';
            if(!$username||!$password){
                $this->error('用户名或密码错误');
            }

            $ret = (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->tooManyAttempts($username); // 登录限流
            if($ret){
                $this->error('账号已被锁定，请稍后重试');
            }

            $info = Db::name('user')->where('account',$username)->where('del',0)->find();
            if(empty($info))  $this->error('用户信息不存在');
            if($info['enable']==0) $this->error('该账号被禁用');

            if(!password_verify($password,$info['password'])){
                $this->error('用户名或密码错误');
            }

            $rolesId = Db::name('user_roles')->where('user_id',$info['id'])->value('roles_id');
            if(!$rolesId){
                $this->error('用户未设置角色，无法登陆');
            }
            $orgs = model('Org')->getListByRoles($info['id']);
            if(empty($orgs)){
                $this->error('用户没有组织，无法登陆');
            }

            /* 更新登录信息 */
            $data = array(
                'last_login_time' => date('Y-m-d H:i:s')
            );
            Db::name('user')->where('id',$info['id'])->update($data);

            /* 记录登录SESSION和COOKIES */
            $auth = array(
                'id'                => $info['id'],
                'account'           => $info['account'],
                'real_name'         => $info['real_name'],
                'last_login_time'   => $data['last_login_time'],
                'rolesId'           => $rolesId?$rolesId:0
            );
            session('user_auth',$auth);
            session('user_auth_sign',data_auth_sign($auth));

            session('orgId',$orgs[0]['id']);
            session('orgName',$orgs[0]['name']);

            (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->resetAttempts($username); // 登录成功，重置限流
            if(!empty($jzma)){
                $day = 30;
                cookie("user_auth",$auth,time()+3600*24*$day);
                cookie("user_auth_sign",data_auth_sign($auth),time()+3600*24*$day);
                cookie("orgId",$orgs[0]['id'],time()+3600*24*$day);
                cookie("orgName",$orgs[0]['name'],time()+3600*24*$day);

            }else{
                cookie("user_auth",null);
                cookie("user_auth_sign",null);
                cookie("orgId",null);
                cookie("orgName",null);
            }
            $url = $_SERVER['HTTP_REFERER']?$_SERVER['HTTP_REFERER']:url('Index/index');

            $this->success('登录成功',$url);
        }else{
            $config = Db::name('config')
                ->where('name','web_site_title')
                ->value('value');
            if(is_login()){
                $this->redirect(url('Index/index'));
            }
            $this->assign('title',$config);
            return $this->fetch();
        }
    }

    public function forget(){
        if(request()->isPost()) {
            $username = input('?post.account')?input('post.account','','trim'):'';
            $password = input('?post.password')?input('post.password','','trim'):'';
            $code = input('?post.code')?input('post.code','','trim'):'';

            if(!$username){
                $this->error('手机号不能为空');
            }
            if(!$code){
                $this->error('验证码不能为空');
            }
            if(!$password){
                $this->error('新密码不能为空');
            }
            if(!verify_sms($username,$code)){
                $this->error('验证码信息错误');
            }
            $info = Db::name('user')
                ->where('mobile',$username)
                ->where('del',0)->find();
            if(empty($info))  $this->error('用户信息不存在');
            if($info['enable']==0) $this->error('该账号被禁用');

            $pas =  password_hash($password, PASSWORD_DEFAULT);
            $sdata = [
                'update_time' => date('Y-m-d H:i:s'),
                'password' =>$pas
            ];
            $res = Db::name('user')
                ->where('id',$info['id'])
                ->update($sdata);
            $res?$this->success('修改成功',url('common/login')):$this->error('修改失败');
        }else{
            $config = Db::name('config')
                ->where('name', 'web_site_title')
                ->value('value');
            $this->assign('title',$config);
            return $this->fetch();
        }

    }

    public function sms(){
        $phone = input('mobile');
        if(empty($phone)){
            $this->error('手机号不能为空');
        }
        $res = send_verify_sms($phone);
        if(!$res){
            $this->error('发送失败');
        }
        $this->success('发送成功');
    }
    /**
     * 退出登录
     */
    public function logout(){
        session('user_auth',null);
        session('user_auth_sign',null);
        cookie("user_auth",null);
        cookie("user_auth_sign",null);
        $this->redirect(url('Common/login'));
    }

    /**
     * 无权限跳转页面
     */
    public function access(){
        return $this->fetch();
    }

    /**
     * 403页面
     */
    public function forbid(){
        return $this->fetch('403');
    }
}