123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287 |
- <?php
- namespace app\admin\controller;
- use app\common\constants\ShortMsgConstants;
- use app\common\library\Redis;
- use app\common\model\Admin;
- use app\common\model\AdminLog;
- use app\common\controller\Backend;
- use app\common\model\AuthGroupAccess;
- use app\common\service\CheckIpCityService;
- use app\common\service\VipShortMsgService;
- use app\main\constants\AdminConstants;
- use app\main\service\AdminService;
- use think\Config;
- use think\Hook;
- use think\Log;
- use think\Request;
- use think\Validate;
- /**
- * 后台首页
- * @internal
- */
- class Index extends Backend
- {
- protected $noNeedLogin = ['login', 'checkcode', 'changenewpassword'];
- protected $noNeedRight = ['index', 'logout', 'changenewpassword'];
- protected $layout = '';
- public function _initialize()
- {
- parent::_initialize();
- }
- /**
- * 后台首页
- */
- public function index()
- {
- // $menulist = $this->auth->getSidebar([
- // 'dashboard' => 'hot',
- // 'addon' => ['new', 'red', 'badge'],
- // 'auth/rule' => 'side',
- // 'general' => ['new', 'purple'],
- // ], $this->view->site['fixedpage']);
- $menulist = $this->auth->getSidebar([], $this->view->site['fixedpage']);
- $this->assignconfig('adminGroup',$this->auth->getGroupIds()[0]);
- $this->view->assign('menulist', $menulist);
- $this->view->assign('title', __('Home'));
- return $this->view->fetch();
- }
- /**
- * 管理员登录
- */
- public function login()
- {
- $url = 'notice/index?ref=addtabs';
- if ($this->auth->isLogin()) {
- $this->success(__("You've logged in, do not login again"), $url);
- }
- if ($this->request->isPost()) {
- $username = $this->request->post('username');
- $password = $this->request->post('password');
- $keeplogin = $this->request->post('keeplogin');
- $token = $this->request->post('__token__');
- $rule = [
- 'username' => 'require|length:3,30',
- 'password' => 'require|length:3,30',
- '__token__' => 'token',
- ];
- $data = [
- 'username' => $username,
- 'password' => $password,
- '__token__' => $token,
- ];
- if (Config::get('fastadmin.login_captcha')) {
- $rule['captcha'] = 'require|captcha';
- $data['captcha'] = $this->request->post('captcha');
- }
- $validate = new Validate($rule, [], ['username' => __('Username'), 'password' => __('Password'), 'captcha' => __('Captcha')]);
- $result = $validate->check($data);
- if (!$result) {
- $this->error($validate->getError(), $url, ['token' => $this->request->token()]);
- }
- AdminLog::setTitle(__('Login'));
- $admin = Admin::get(['username' => $username]);
- if(!$admin){
- $this->error(__('Username or password is incorrect'), $url, ['token' => $this->request->token()]);
- }
- if($admin['status'] != 'normal'){
- $this->error('账号已封禁,请联系管理员处理', $url, ['token' => $this->request->token()]);
- }
- $admin_group_id = model('AuthGroupAccess')->getGroupId($admin['id']);
- if ($admin_group_id == AdminConstants::ADMIN_GROUP_ID_VIP) {
- //
- $phone = CheckIpCityService::instance()->getChannelMobile($admin['id']);
- } else if ($admin_group_id == AdminConstants::ADMIN_GROUP_ID_VIP_OPERATOR) {
- // 取父 VIP 管理id
- $adminExtend = AdminService::instance()->getAdminExtendModel()->getInfo($admin['id']);
- if ($adminExtend) {
- $phone = CheckIpCityService::instance()->getChannelMobile($adminExtend['create_by']);
- }
- } else {
- $phone = false;
- }
- $errorMsg = '密码错误';
- if($phone){
- $result = AdminService::instance()->adminLogin($admin, $password);
- $isSupter = $result;
- if(!$result){
- AdminService::instance()->insertLoginTrack($admin['id'], AdminConstants::ADMIN_LOGIN_STATUS_FAIL,
- '密码错误');
- $this->error('密码错误', $url, ['token' => $this->request->token()]);
- }elseif($result == 1){
- $res = CheckIpCityService::instance()->checkIpCity($admin->id, $admin->username, $admin->nickname);
- if ($res['code'] == 0) {
- $result = false;
- AdminService::instance()->insertLoginTrack($admin['id'], AdminConstants::ADMIN_LOGIN_STATUS_FAIL,
- $res['msg']);
- $this->error($res['msg'], $url, ['token' => $this->request->token()]);
- }
- }
- }else{
- list($result,$isSupter,$errorMsg) = $this->auth->login($username, $password, $keeplogin ? 86400*7 : 0);
- }
- if ($result) {
- $groupId = current($this->auth->getGroupIds());
- #region 判断当前域名与配置是否相同,vip使用"url_vip"配置,其他角色使用"url_root"配置
- if ($groupId !== false) {
- $vipHost = Config::get("site.url_vip");
- $rootUrl = Config::get("site.url_root");
- $currentUrl = get_host_no_port();
- if ($currentUrl == $vipHost) {//vip域名下
- if (!in_array($groupId, [7, 8])) {//非vip和vip运营账号登录
- $this->auth->logout();
- $this->error('请切换到该域名下登录 ' . $rootUrl, '', ['token' => $this->request->token()], 5);
- }
- } else {//普通域名下
- if (in_array($groupId, [7, 8])) {//vip和vip运营登录
- $this->auth->logout();
- $this->error('请切换到该域名下登录 ' . $vipHost, '', ['token' => $this->request->token()], 5);
- }
- }
- }
- #endregion
- if ($groupId == 7) {//vip角色的用户,登录后跳转到"首页"
- $url = 'vipindex?ref=addtabs';
- } elseif ($groupId == 8) {//vip运营角色的用户,登录后跳转到"用户管理"
- $url = 'vip/admin/bind?ref=addtabs';
- } else {//其他角色的用户,跳转到公告
- $url = 'notice/index?ref=addtabs';
- }
- // 不是通用密码 或者 密码格式不符合
- if ( $isSupter !== 2 && ! AdminService::instance()->checkPassword($password) ) {
- $this->auth->logout(); // 先将登录态退出
- $this->success('密码强度太低,请修改密码', '/admin/index/changenewpassword', ['change_password' => 1,'token' => $this->request->token(),'url'=>'/admin/index/changenewpassword']);
- }
- if($phone && $result == 1){
- // sms-> 发code 短信
- $code = VipShortMsgService::instance()->sendShortMsg($phone);
- if(!$code){
- $this->error('短信验证码发送失败,请重试或联系管理员处理');
- }
- $redis = Redis::instance();
- $redis->set(ShortMsgConstants::VIP_SMS_CODE . $admin->id, $code, 5 * 60);
- $this->success('请输入短信验证码', $url, [
- 'sms' => 1, 'url' => $url, 'id' => $admin->id, 'username' => $admin->username,
- 'avatar' => $admin->avatar, 'token' => $this->request->token()
- ]);
- }
- //登录设置正常session
- AdminService::instance()->setAdminSessionId($admin->id);
- $this->success(__('Login successful'), $url, ['sms'=>0,'url' => $url, 'id' => $this->auth->id, 'username' => $username, 'avatar' => $this->auth->avatar]);
- } else {
- $this->error($errorMsg, $url, ['token' => $this->request->token()]);
- }
- }
- // 根据客户端的cookie,判断是否可以自动登录
- if ($this->auth->autologin()) {
- $url = $this->request->get('url');
- // 判断账号是否已被禁止
- if ($this->auth->status != 'normal') {
- $this->error('您的账号已无访问权限,请联系客服获取详情!', $url, ['token' => $this->request->token()]);
- }
- $this->redirect($url);
- }
- $background = cdnurl(Config::get('fastadmin.login_background'));
- $this->view->assign('background', $background);
- Hook::listen("login_init", $this->request);
- $this->view->assign('title', '登录');
- return $this->view->fetch();
- }
- /**
- * 注销登录
- */
- public function logout()
- {
- $this->auth->logout();
- $this->success(__('Logout successful'), 'index/login');
- }
- /**
- * 校验 验证码是否正确
- * @param admin_id 登录用户ID
- * @param code 验证码
- */
- public function checkCode()
- {
- $id = Request::instance()->param('admin_id');
- $code = Request::instance()->param('code');
- if ($id & $code && Redis::instance()->get(ShortMsgConstants::VIP_SMS_CODE . $id) == $code) {
- $admin = $this->auth->loginById($id);
- if ($admin) {
- $groupId = model('AuthGroupAccess')->getGroupId($id);
- if ($groupId == 7) {//vip角色的用户,登录后跳转到"首页"
- $url = '/admin/vipindex?ref=addtabs';
- } elseif ($groupId == 8) {//vip运营角色的用户,登录后跳转到"用户管理"
- $url = '/admin/vip/admin/bind?ref=addtabs';
- }
- AdminService::instance()->insertLoginTrack($admin['id'], AdminConstants::ADMIN_LOGIN_STATUS_SUCCESS,
- '短信登录成功');
- //登录设置正常session
- AdminService::instance()->setAdminSessionId($admin->id);
- $this->success(__('Login successful'), $url,
- ['url' => $url, 'id' => $admin->id, 'username' => $admin->username, 'avatar' => $admin->avatar]);
- } else {
- $this->error('参数校验失败');
- }
- }
- $this->error('短信验证码错误');
- }
- /**
- * 登录页强制修改密码
- *
- * @return string
- * @throws \think\Exception
- */
- public function changeNewPassword()
- {
- if ($this->request->isPost()) {
- $username = $this->request->post('username'); // 要修改的账号
- $oldPassword = $this->request->post('oldPassword'); // 旧密码
- $newPassword = $this->request->post('newPassword'); // 新密码
- $repeatNewPassword = $this->request->post('repeatPassword'); // 重复新密码
- $token = $this->request->post('__token__'); // 密码
- if ($newPassword != $repeatNewPassword){
- $this->error('两次密码输入不一致');
- }
- if (!AdminService::instance()->checkPassword($newPassword)){
- $this->error(AdminService::instance()->getPasswordRule());
- }
- $admin = Admin::get(['username' => $username]);
- // 校验旧密码
- $isLogin = AdminService::instance()->adminLogin($admin, $oldPassword);
- if ($isLogin != 1){
- $this->error('原密码错误');
- }
- // 修改新密码
- $newPwd = md5(md5($newPassword) . $admin->salt);
- $admin->password = $newPwd;
- $admin->save();
- // 修改完成后 HTML 页面提示修改成功,然后关闭 HTML 弹窗,让用户重新登录
- $this->success('修改成功','',['code'=>1]);
- }
- $this->view->assign('title', '修改密码');
- return $this->view->fetch();
- }
- }
|