首页 发现 帮助
注册 登录
chenhao
/
china
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: 1db393e75a
分支列表 标签列表
china
/
application
/
admin
/
controller
/
Login.php

Login.php 6.7 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Created by PhpStorm.
    4. 

  4.  * User: Kevin
    5. 

  5.  * Date: 2018/8/2
    6. 

  6.  * Time: 22:30
    7. 

  7.  */
    8. 

  8. namespace app\admin\controller;
    9. 

  9. use think\Controller;
    10. 

  10. use think\Db;
    11. 

  11. use org\Verify;
    12. 

  12. use com\Geetestlib;
    13. 

  13. use app\admin\model\UserType;
    14. 

  14. class Login extends Controller
    15. 

  15. {
    16. 

  16.     /**
    17. 

  17.      * 登录页面
    18. 

  18.      * @return mixed
    19. 

  19.      */
    20. 

  20.     public function index()
    21. 

  21.     {
    22. 

  22.         return $this->fetch('/login');
    23. 

  23.     }
    24. 

  24. 

  25.     /**
    26. 

  26.      * 生成验证码
    27. 

  27.      * @return mixed
    28. 

  28.      */
    29. 

  29.     public function checkVerify()
    30. 

  30.     {
    31. 

  31.         $config =    [
    32. 

  32.             'imageH' => 38,// 验证码图片高度
    33. 

  33.             'imageW' => 120,// 验证码图片宽度
    34. 

  34.             'codeSet' => '02345689',// 验证码字符集合
    35. 

  35.             'useZh' => false,//使用中文验证码
    36. 

  36.             'length' => 4,// 验证码位数
    37. 

  37.             'useNoise' => true,//是否添加杂点
    38. 

  38.             'useCurve' => false,//是否画混淆曲线
    39. 

  39.             'useImgBg' => false,//使用背景图片
    40. 

  40.             'fontSize' => 16// 验证码字体大小(px)
    41. 

  41.         ];
    42. 

  42.         $verify = new Verify($config);
    43. 

  43.         return $verify->entry();
    44. 

  44.     }
    45. 

  45. 

  46.     /**
    47. 

  47.      * 极验验证
    48. 

  48.      */
    49. 

  49.     public function getVerify()
    50. 

  50.     {
    51. 

  51.         $GtSdk = new Geetestlib(config('gee.gee_id'), config('gee.gee_key'));
    52. 

  52.         $user_id = "web";
    53. 

  53.         $status = $GtSdk->pre_process($user_id);
    54. 

  54.         session('gtserver',$status);
    55. 

  55.         session('user_id',$user_id);
    56. 

  56.         echo $GtSdk->get_response_str();
    57. 

  57.     }
    58. 

  58. 

  59.     /**
    60. 

  60.      * 验证验证码
    61. 

  61.      * @return \think\response\Json
    62. 

  62.      */
    63. 

  63.     public function doLogin()
    64. 

  64.     {
    65. 

  65.         $username = input("param.username");
    66. 

  66.         $password = input("param.password");
    67. 

  67.         $verify = new Verify();
    68. 

  68.         if (config('verify_type') == 1) {
    69. 

  69.             $code = input("param.vercode");
    70. 

  70.             if (!$verify->check($code)) {
    71. 

  71.                 return json(['code' => -4, 'url' => '', 'msg' => '验证码错误']);
    72. 

  72.             }
    73. 

  73.             return  $this->checkAdmin($username,$password);
    74. 

  74.         }elseif (config('verify_type') == 2) {
    75. 

  75.             $GtSdk = new Geetestlib(config('gee.gee_id'), config('gee.gee_key'));
    76. 

  76.             $user_id = session('user_id');
    77. 

  77.             if (session('gtserver') == 1) {
    78. 

  78.                 $result = $GtSdk->success_validate(input('param.geetest_challenge'), input('param.geetest_validate'), input('param.geetest_seccode'), $user_id);
    79. 

  79.                 //极验服务器状态正常的二次验证接口
    80. 

  80.                 if (!$result) {
    81. 

  81.                     return json(['code' => -3, 'url' => '', 'msg' => '请先拖动图片到相应位置']);
    82. 

  82.                 }
    83. 

  83.             }else{
    84. 

  84.                 if (!$GtSdk->fail_validate(input('param.geetest_challenge'), input('param.geetest_validate'), input('param.geetest_seccode'))) {
    85. 

  85.                     //极验服务器状态宕机的二次验证接口
    86. 

  86.                     return json(['code' => -3, 'url' => '', 'msg' => '请先拖动图片到相应位置']);
    87. 

  87.                 }
    88. 

  88.             }
    89. 

  89.             return  $this->checkAdmin($username,$password);
    90. 

  90.         }else{
    91. 

  91.             return  $this->checkAdmin($username,$password);
    92. 

  92.         }
    93. 

  93.     }
    94. 

  94. 

  95.     /**
    96. 

  96.      * 验证帐号和密码
    97. 

  97.      * @param $username
    98. 

  98.      * @param $password
    99. 

  99.      * @return \think\response\Json
    100. 

  100.      */
    101. 

  101.     public function checkAdmin($username,$password){
    102. 

  102.         $hasUser = Db::name('admin a')
    103. 

  103.             ->join('auth_group ag','a.groupid=ag.id','left')
    104. 

  104.             ->where('username', $username)
    105. 

  105.             ->field('a.id,a.username,a.password,a.portrait,a.phone,a.loginnum,a.last_login_ip,a.last_login_time,a.real_name,a.status,a.groupid,ag.id agid,ag.title,ag.status ags')
    106. 

  106.             ->find();
    107. 

  107.         if(empty($hasUser)){
    108. 

  108.             return json(['code' => -1, 'url' => '', 'msg' => '管理员不存在']);
    109. 

  109.         }
    110. 

  110. 

  111.         $config = api('Config/lists');
    112. 

  112.         if($config['web_site_close'] == 0 && $hasUser['id'] !=1 ){
    113. 

  113.             $this->error('后台已经关闭,请稍后访问');
    114. 

  114.             return json(['code' => -7, 'url' => '', 'msg' =>'后台已经关闭,请稍后访问']);
    115. 

  115.         }
    116. 

  116.         if($config['admin_allow_ip'] && $hasUser['id'] !=1 ){
    117. 

  117.             if(in_array(request()->ip(),explode(',',$config['admin_allow_ip']))){
    118. 

  118.                 return json(['code' => -8, 'url' => '', 'msg' =>'IP禁止访问']);
    119. 

  119.             }
    120. 

  120.         }
    121. 

  121. 

  122.         if(md5(md5($password) . config('auth_key')) != $hasUser['password']){
    123. 

  123.             writelog('管理员【'.$username.'】登录失败:密码错误',100,$hasUser['id'] , $username);
    124. 

  124.             return json(['code' => -2, 'url' => '', 'msg' => '密码错误']);
    125. 

  125.         }
    126. 

  126. 

  127.         if(1 != $hasUser['status']){
    128. 

  128.             writelog('管理员【'.$username.'】登录失败:该账号被禁用',100,$hasUser['id'], $username);
    129. 

  129.             return json(['code' => -5, 'url' => '', 'msg' => '抱歉,该账号被禁用']);
    130. 

  130.         }
    131. 

  131.         if($hasUser['ags'] == 2){
    132. 

  132.             writelog('管理员【'.$username.'】登录失败:'.$hasUser['title'].'身份被禁用',100,$hasUser['id'], $username);
    133. 

  133.             return json(['code' => -6, 'url' => '', 'msg' =>'抱歉,'.$hasUser['title'].'身份被禁用']);
    134. 

  134.         }
    135. 

  135. 

  136.         if($hasUser['ags'] == null){
    137. 

  137.             writelog('管理员【'.$username.'】登录失败:所属身份不存在',100,$hasUser['id'],$username);
    138. 

  138.             return json(['code' => -7, 'url' => '', 'msg' =>'抱歉,所属身份不存在']);
    139. 

  139.         }
    140. 

  140. 

  141.         //获取该管理员的角色信息
    142. 

  142.         $user = new UserType();
    143. 

  143.         $info = $user->getRoleInfo($hasUser['groupid']);
    144. 

  144. 

  145.         session('uid', $hasUser['id']);             //用户ID
    146. 

  146.         session('username', $hasUser['username']);  //用户名
    147. 

  147.         session('portrait', $hasUser['portrait']);  //用户头像
    148. 

  148.         session('phone', $hasUser['phone']);        //手机号
    149. 

  149.         session('agid', $hasUser['agid']);          //角色id
    150. 

  150.         session('rolename', $info['title']);        //角色名
    151. 

  151.         session('describe', $info['describe']);     //角色描述
    152. 

  152.         session('rule', $info['rules']);            //角色节点
    153. 

  153.         session('name', $info['name']);             //角色权限
    154. 

  154.         session('last_time',time());                //角色登录时间点
    155. 

  155. 

  156.         //更新管理员状态
    157. 

  157.         $param = [
    158. 

  158.             'loginnum' => $hasUser['loginnum'] + 1,
    159. 

  159.             'last_login_ip' => request()->ip(),
    160. 

  160.             'last_login_time' => time()
    161. 

  161.         ];
    162. 

  162. 

  163.         Db::name('admin')->where('id', $hasUser['id'])->update($param);
    164. 

  164.         writelog('管理员【'.session('username').'】登录成功',200);
    165. 

  165.         return json(['code' => 1, 'url' => url('admin/index/index'), 'msg' => '登录成功!']);
    166. 

  166.     }
    167. 

  167. 

  168.     /**
    169. 

  169.      * 退出登录
    170. 

  170.      */
    171. 

  171.     public function loginOut()
    172. 

  172.     {
    173. 

  173.         writelog('退出登录',200);
    174. 

  174.         session(null);
    175. 

  175.         cache('db_config_data',null);
    176. 

  176.         $this->redirect(url('admin/index/index'));
    177. 

  177.     }
    178. 

  178. }
    179.