app = $app; $this->config = new YzAdminConfig(); } // 登录页面 public function index() { # 获取配置 $config = $this->config->getAll(); View::assign([ 'config' => $config ]); return View::fetch(); } // 记录登录日志 public function recordLoginLog($username, $status, $reason = '') { $data = [ 'username' => $username, 'ip_address' => Request::ip(), 'location' => $this->getLocation(Request::ip()), 'device_type' => $this->getDeviceType(), 'user_agent' => Request::header('user-agent'), 'login_status' => $status, 'failure_reason' => $reason, 'login_time' => date('Y-m-d H:i:s') ]; LogsLogin::create($data); } // 获取IP地址位置 public function getLocation($ip) { // 这里可以接入IP地址库或第三方API return '未知'; } // 获取设备类型 public function getDeviceType() { $agent = Request::header('user-agent'); if (preg_match('/(iPhone|iPod|Android|ios|iPad|Mobile)/i', $agent)) { return '移动端'; } return 'PC端'; } // 登录 public function login() { if (Request::isPost()) { $account = trim(input('post.account')); if (empty($account)) { $this->recordLoginLog($account, 0, '账号不能为空'); return json(['code' => 1, 'msg' => '账号不能为空']); } $pattern = "/^([0-9A-Za-z-_.]+)@([0-9a-z]+.[a-z]{2,3}(.[a-z]{2})?)$/i"; if (!preg_match($pattern, $account)) { $this->recordLoginLog($account, 0, '邮箱格式不正确'); return json(['code' => 1, 'msg' => '邮箱格式不正确']); } $password = trim(input('post.password')); if (empty($password)) { $this->recordLoginLog($account, 0, '密码不能为空'); return json(['code' => 1, 'msg' => '密码不能为空']); } $code = trim(input('post.code')); if ($code == '') { $this->recordLoginLog($account, 0, '验证码不能为空'); return json(['code' => 1, 'msg' => '验证码不能为空']); } if (!captcha_check($code)) { $this->recordLoginLog($account, 0, '验证码错误'); return json(['code' => 1, 'msg' => '验证码错误']); } $aUser = AdminUser::where('account', $account)->find(); if (empty($aUser)) { $this->recordLoginLog($account, 0, '账号不存在'); return json(['code' => 1, 'msg' => '账号不存在']); } if ($aUser['status'] != 1) { $this->recordLoginLog($account, 0, '账号已被禁用'); return json(['code' => 1, 'msg' => '账号已被禁用']); } if ($aUser['password'] != md5($password)) { $this->recordLoginLog($account, 0, '密码错误'); return json(['code' => 1, 'msg' => '密码错误']); } $remember = input('post.remember'); if (!empty($remember)) { Cookie::set('admin_id', $aUser['uid'], 60 * 60 * 24 * 7); Cookie::set('admin_name', $aUser['name'], 60 * 60 * 24 * 7); } else { Cookie::set('admin_id', $aUser['uid']); Cookie::set('admin_name', $aUser['name']); } AdminUser::where('uid', $aUser['uid'])->update( ['login_count' => $aUser['login_count'] + 1, 'update_time' => time()] ); // 记录登录成功日志 $this->recordLoginLog($account, 1); return json(['code' => 0, 'msg' => '登录成功', 'data' => []]); } } // 退出 public function logout() { Cookie::delete('admin_id'); Cookie::delete('admin_name'); return json(['code' => 0, 'msg' => '退出成功', 'data' => []]); } // 密码重置页面 public function resetpwdindex() { return View::fetch('resetpwd'); } //管理员密码重置 public function resetpwd() { $account = trim(input('post.account')); if (empty($account)) { return json(['code' => 1, 'msg' => '账号不能为空']); } $user = AdminUser::where('account', $account)->find(); if (!$user) { return json(['code' => 1, 'msg' => '未找到该用户名']); } // 使用md5进行密码加密处理 $password = md5('123456'); try { $res = AdminUser::where('account', $account) ->update(['password' => $password]); if ($res === false) { return json(['code' => 1, 'msg' => '数据库更新失败']); } if ($res === 0) { return json(['code' => 1, 'msg' => '密码未发生变化']); } return json(['code' => 0, 'msg' => '密码重置成功', 'data' => []]); } catch (\Exception $e) { return json(['code' => 1, 'msg' => '系统错误：' . $e->getMessage()]); } } }