195 lines
5.1 KiB
PHP
195 lines
5.1 KiB
PHP
<?php
|
|
/**
|
|
* 商业使用授权协议
|
|
*
|
|
* Copyright (c) 2025 [云泽网]. 保留所有权利.
|
|
*
|
|
* 本软件仅供评估使用。任何商业用途必须获得书面授权许可。
|
|
* 未经授权商业使用本软件属于侵权行为,将承担法律责任。
|
|
*
|
|
* 授权购买请联系: 357099073@qq.com
|
|
* 官方网站: https://www.yunzer.cn
|
|
*
|
|
* 评估用户须知:
|
|
* 1. 禁止移除版权声明
|
|
* 2. 禁止用于生产环境
|
|
* 3. 禁止转售或分发
|
|
*/
|
|
|
|
/**
|
|
* 后台管理系统-登录
|
|
*/
|
|
namespace app\admin\controller;
|
|
use think\App;
|
|
use app\AppApi;
|
|
use think\facade\Db;
|
|
use think\facade\View;
|
|
use think\facade\Cookie;
|
|
use think\facade\Request;
|
|
use app\admin\model\YzAdminConfig;
|
|
use app\admin\model\AdminUser;
|
|
use app\admin\model\Log\LogsLogin;
|
|
|
|
class LoginController extends Base
|
|
{
|
|
public $app;
|
|
public $config;
|
|
|
|
public function __construct(App $app)
|
|
{
|
|
$this->app = $app;
|
|
$this->config = new YzAdminConfig();
|
|
}
|
|
|
|
// 登录页面
|
|
public function index()
|
|
{
|
|
# 获取配置
|
|
$config = $this->config->getAll();
|
|
View::assign([
|
|
'config' => $config
|
|
]);
|
|
return View::fetch();
|
|
}
|
|
|
|
// 记录登录日志
|
|
public function recordLoginLog($username, $status, $reason = '')
|
|
{
|
|
$data = [
|
|
'username' => $username,
|
|
'ip_address' => Request::ip(),
|
|
'location' => $this->getLocation(Request::ip()),
|
|
'device_type' => $this->getDeviceType(),
|
|
'user_agent' => Request::header('user-agent'),
|
|
'login_status' => $status,
|
|
'failure_reason' => $reason,
|
|
'login_time' => date('Y-m-d H:i:s')
|
|
];
|
|
LogsLogin::create($data);
|
|
}
|
|
|
|
// 获取IP地址位置
|
|
public function getLocation($ip)
|
|
{
|
|
// 这里可以接入IP地址库或第三方API
|
|
return '未知';
|
|
}
|
|
|
|
// 获取设备类型
|
|
public function getDeviceType()
|
|
{
|
|
$agent = Request::header('user-agent');
|
|
if (preg_match('/(iPhone|iPod|Android|ios|iPad|Mobile)/i', $agent)) {
|
|
return '移动端';
|
|
}
|
|
return 'PC端';
|
|
}
|
|
|
|
// 登录
|
|
public function login()
|
|
{
|
|
if (Request::isPost()) {
|
|
$account = trim(input('post.account'));
|
|
if (empty($account)) {
|
|
$this->recordLoginLog($account, 0, '账号不能为空');
|
|
return json(['code' => 1, 'msg' => '账号不能为空']);
|
|
}
|
|
$pattern = "/^([0-9A-Za-z-_.]+)@([0-9a-z]+.[a-z]{2,3}(.[a-z]{2})?)$/i";
|
|
if (!preg_match($pattern, $account)) {
|
|
$this->recordLoginLog($account, 0, '邮箱格式不正确');
|
|
return json(['code' => 1, 'msg' => '邮箱格式不正确']);
|
|
}
|
|
$password = trim(input('post.password'));
|
|
if (empty($password)) {
|
|
$this->recordLoginLog($account, 0, '密码不能为空');
|
|
return json(['code' => 1, 'msg' => '密码不能为空']);
|
|
}
|
|
$code = trim(input('post.code'));
|
|
if ($code == '') {
|
|
$this->recordLoginLog($account, 0, '验证码不能为空');
|
|
return json(['code' => 1, 'msg' => '验证码不能为空']);
|
|
}
|
|
if (!captcha_check($code)) {
|
|
$this->recordLoginLog($account, 0, '验证码错误');
|
|
return json(['code' => 1, 'msg' => '验证码错误']);
|
|
}
|
|
$aUser = AdminUser::where('account', $account)->find();
|
|
if (empty($aUser)) {
|
|
$this->recordLoginLog($account, 0, '账号不存在');
|
|
return json(['code' => 1, 'msg' => '账号不存在']);
|
|
}
|
|
if ($aUser['status'] != 1) {
|
|
$this->recordLoginLog($account, 0, '账号已被禁用');
|
|
return json(['code' => 1, 'msg' => '账号已被禁用']);
|
|
}
|
|
if ($aUser['password'] != md5($password)) {
|
|
$this->recordLoginLog($account, 0, '密码错误');
|
|
return json(['code' => 1, 'msg' => '密码错误']);
|
|
}
|
|
$remember = input('post.remember');
|
|
if (!empty($remember)) {
|
|
Cookie::set('admin_id', $aUser['uid'], 60 * 60 * 24 * 7);
|
|
Cookie::set('admin_name', $aUser['name'], 60 * 60 * 24 * 7);
|
|
} else {
|
|
Cookie::set('admin_id', $aUser['uid']);
|
|
Cookie::set('admin_name', $aUser['name']);
|
|
}
|
|
AdminUser::where('uid', $aUser['uid'])->update(
|
|
['login_count' => $aUser['login_count'] + 1, 'update_time' => time()]
|
|
);
|
|
// 记录登录成功日志
|
|
$this->recordLoginLog($account, 1);
|
|
return json(['code' => 0, 'msg' => '登录成功', 'data' => []]);
|
|
}
|
|
}
|
|
|
|
// 退出
|
|
public function logout()
|
|
{
|
|
Cookie::delete('admin_id');
|
|
Cookie::delete('admin_name');
|
|
return json(['code' => 0, 'msg' => '退出成功', 'data' => []]);
|
|
}
|
|
|
|
// 密码重置页面
|
|
public function resetpwdindex()
|
|
{
|
|
return View::fetch('resetpwd');
|
|
}
|
|
|
|
//管理员密码重置
|
|
public function resetpwd()
|
|
{
|
|
$account = trim(input('post.account'));
|
|
if (empty($account)) {
|
|
return json(['code' => 1, 'msg' => '账号不能为空']);
|
|
}
|
|
|
|
$user = AdminUser::where('account', $account)->find();
|
|
|
|
if (!$user) {
|
|
return json(['code' => 1, 'msg' => '未找到该用户名']);
|
|
}
|
|
|
|
// 使用md5进行密码加密处理
|
|
$password = md5('123456');
|
|
|
|
try {
|
|
$res = AdminUser::where('account', $account)
|
|
->update(['password' => $password]);
|
|
|
|
if ($res === false) {
|
|
return json(['code' => 1, 'msg' => '数据库更新失败']);
|
|
}
|
|
|
|
if ($res === 0) {
|
|
return json(['code' => 1, 'msg' => '密码未发生变化']);
|
|
}
|
|
|
|
return json(['code' => 0, 'msg' => '密码重置成功', 'data' => []]);
|
|
} catch (\Exception $e) {
|
|
return json(['code' => 1, 'msg' => '系统错误:' . $e->getMessage()]);
|
|
}
|
|
}
|
|
|
|
} |