Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
xiegeng
/
ship-expert
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: cedaac7c97
Dallar Biçim İmleri
ship-expert
/
application
/
admin
/
controller
/
Login.php

Login.php 5.3 KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116 
  1. <?php
    2. 

  2. 

  3. // +----------------------------------------------------------------------
    4. 

  4. // | ThinkAdmin
    5. 

  5. // +----------------------------------------------------------------------
    6. 

  6. // | 版权所有 2014~2019 广州楚才信息科技有限公司 [ http://www.cuci.cc ]
    7. 

  7. // +----------------------------------------------------------------------
    8. 

  8. // | 官方网站: http://demo.thinkadmin.top
    9. 

  9. // +----------------------------------------------------------------------
    10. 

  10. // | 开源协议 ( https://mit-license.org )
    11. 

  11. // +----------------------------------------------------------------------
    12. 

  12. // | gitee 代码仓库:https://gitee.com/zoujingli/ThinkAdmin
    13. 

  13. // | github 代码仓库:https://github.com/zoujingli/ThinkAdmin
    14. 

  14. // +----------------------------------------------------------------------
    15. 

  15. 

  16. namespace app\admin\controller;
    17. 

  17. 

  18. use app\admin\service\NodeService;
    19. 

  19. use library\Controller;
    20. 

  20. use think\Db;
    21. 

  21. 

  22. /**
    23. 

  23.  * 用户登录管理
    24. 

  24.  * Class Login
    25. 

  25.  * @package app\admin\controller
    26. 

  26.  */
    27. 

  27. class Login extends Controller
    28. 

  28. {
    29. 

  29. 

  30.     /**
    31. 

  31.      * 后台登录入口
    32. 

  32.      * @throws \think\Exception
    33. 

  33.      * @throws \think\db\exception\DataNotFoundException
    34. 

  34.      * @throws \think\db\exception\ModelNotFoundException
    35. 

  35.      * @throws \think\exception\DbException
    36. 

  36.      * @throws \think\exception\PDOException
    37. 

  37.      */
    38. 

  38.     public function index()
    39. 

  39.     {
    40. 

  40.         $this->title = '系统登录';
    41. 

  41.         if ($this->request->isGet()) {
    42. 

  42.             if (NodeService::islogin()) {
    43. 

  43.                 $this->redirect('@admin');
    44. 

  44.             } else {
    45. 

  45.                 $this->loginskey = session('loginskey');
    46. 

  46.                 if (empty($this->loginskey)) {
    47. 

  47.                     $this->loginskey = uniqid();
    48. 

  48.                     session('loginskey', $this->loginskey);
    49. 

  49.                 }
    50. 

  50.                 $this->fetch();
    51. 

  51.             }
    52. 

  52.         } else {
    53. 

  53.             $data = $this->_input([
    54. 

  54.                 'username' => $this->request->post('username'),
    55. 

  55.                 'password' => $this->request->post('password'),
    56. 

  56.             ], [
    57. 

  57.                 'username' => 'require|min:4',
    58. 

  58.                 'password' => 'require|min:4',
    59. 

  59.             ], [
    60. 

  60.                 'username.require' => '登录账号不能为空!',
    61. 

  61.                 'password.require' => '登录密码不能为空!',
    62. 

  62.                 'username.min'     => '登录账号长度不能少于4位有效字符!',
    63. 

  63.                 'password.min'     => '登录密码长度不能少于4位有效字符!',
    64. 

  64.             ]);
    65. 

  65.             // 用户信息验证
    66. 

  66.             $map = ['is_deleted' => '0', 'username' => $data['username']];
    67. 

  67.             $user = Db::name('SystemUser')->where($map)->order('id desc')->find();
    68. 

  68.             if (empty($user)) $this->error('登录账号或密码错误,请重新输入!');
    69. 

  69.             if (empty($user['status'])) $this->error('账号已经被禁用,请联系管理员!');
    70. 

  70.             // 账号锁定消息
    71. 

  71.             $cache = cache("user_login_{$user['username']}");
    72. 

  72.             if (is_array($cache) && !empty($cache['number']) && !empty($cache['time'])) {
    73. 

  73.                 if ($cache['number'] >= 10 && ($diff = $cache['time'] + 3600 - time()) > 0) {
    74. 

  74.                     list($m, $s, $info) = [floor($diff / 60), floor($diff % 60), ''];
    75. 

  75.                     if ($m > 0) $info = "{$m} 分";
    76. 

  76.                     $this->error("<strong class='color-red'>抱歉,该账号已经被锁定!</strong><p class='nowrap'>连续 10 次登录错误,请 {$info} {$s} 秒后再登录!</p>");
    77. 

  77.                 }
    78. 

  78.             }
    79. 

  79.             if (md5($user['password'] . session('loginskey')) !== $data['password']) {
    80. 

  80.                 if (empty($cache) || empty($cache['time']) || empty($cache['number']) || $cache['time'] + 3600 < time()) {
    81. 

  81.                     $cache = ['time' => time(), 'number' => 1, 'geoip' => $this->request->ip()];
    82. 

  82.                 } elseif ($cache['number'] + 1 <= 10) {
    83. 

  83.                     $cache = ['time' => time(), 'number' => $cache['number'] + 1, 'geoip' => $this->request->ip()];
    84. 

  84.                 }
    85. 

  85.                 cache("user_login_{$user['username']}", $cache);
    86. 

  86.                 if (($diff = 10 - $cache['number']) > 0) {
    87. 

  87.                     $this->error("<strong class='color-red'>登录账号或密码错误!</strong><p class='nowrap'>还有 {$diff} 次尝试机会,将锁定一小时内禁止登录!</p>");
    88. 

  88.                 } else {
    89. 

  89.                     sysoplog('系统管理', "账号{$user['username']}连续10次登录密码错误,请注意账号安全!");
    90. 

  90.                     $this->error("<strong class='color-red'>登录账号或密码错误!</strong><p class='nowrap'>尝试次数达到上限,锁定一小时内禁止登录!</p>");
    91. 

  91.                 }
    92. 

  92.             }
    93. 

  93.             // 登录成功并更新账号
    94. 

  94.             cache("user_login_{$user['username']}", null);
    95. 

  95.             Db::name('SystemUser')->where(['id' => $user['id']])->update([
    96. 

  96.                 'login_at' => Db::raw('now()'), 'login_ip' => $this->request->ip(), 'login_num' => Db::raw('login_num+1'),
    97. 

  97.             ]);
    98. 

  98.             session('loginskey', null);
    99. 

  99.             session('admin_user', $user);
    100. 

  100.             NodeService::applyUserAuth();
    101. 

  101.             sysoplog('系统管理', '用户登录系统成功');
    102. 

  102.             $this->success('登录成功,正在进入系统...', url('@admin'));
    103. 

  103.         }
    104. 

  104.     }
    105. 

  105. 

  106.     /**
    107. 

  107.      * 退出登录
    108. 

  108.      */
    109. 

  109.     public function out()
    110. 

  110.     {
    111. 

  111.         \think\facade\Session::clear();
    112. 

  112.         \think\facade\Session::destroy();
    113. 

  113.         $this->success('退出登录成功!', url('@admin/login'));
    114. 

  114.     }
    115. 

  115. 

  116. }
    117.