User.php
4.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
namespace app\river\controller;
use app\admin\model\AdminLog;
use app\common\controller\Backend;
use app\admin\model\Admin;
use think\Session;
use think\Db;
use think\Config;
use think\Hook;
use think\Validate;
use fast\Random;
use fast\Tree;
class User extends Backend
{
protected $noNeedLogin = ['login'];
protected $noNeedRight = '*';
protected $layout = '';
public function _initialize()
{
parent::_initialize();
$this->model = new \app\admin\model\reservoir\Messagelog;
}
/**
* 管理员登录
*/
public function login()
{
$url2 = $this->request->domain() . '/river/index/index';
/*if ($this->auth->id) {
$this->redirect($url);
//$this->success(__('You\'ve logged in, do not login again'), $url ? $url : url('user/index'));
}
$this->view->assign('url', $url2);
$this->view->assign('title', __('Login'));
return $this->view->fetch();
*/
///--------------
$url = $this->request->get('url', '/river/index/index');
if ($this->auth->isLogin()) {
$this->success(__("You've logged in, do not login again"), $url);
}
if ($this->request->isPost()) {
$username = $this->request->param('username');
$password = $this->request->param('password');
$keeplogin = $this->request->param('keeplogin', 1);
$token = $this->request->param('__token__');
$rule = [
'username' => 'require|length:3,30',
'password' => 'require|length:3,30',
'__token__' => 'require|token',
];
$data = [
'username' => $username,
'password' => $password,
'__token__' => $token,
];
$validate = new Validate($rule, [], ['username' => __('Username'), 'password' => __('Password'), 'captcha' => __('Captcha')]);
$result = $validate->check($data);
if (!$result) {
$this->error($validate->getError(), $url, ['token' => $this->request->token()]);
}
AdminLog::setTitle(__('Login'));
$admin = Admin::get(['username' => $username]);
if (!$admin) {
$this->setError('Username is incorrect');
return false;
}
if ($admin['status'] == 'hidden') {
$this->setError('Admin is forbidden');
return false;
}
if (Config::get('fastadmin.login_failure_retry') && $admin->loginfailure >= 10 && time() - $admin->updatetime < 86400) {
$this->setError('Please try again after 1 day');
return false;
}
if ($admin->password != md5(md5($password) . $admin->salt)) {
$admin->loginfailure++;
$admin->save();
$this->setError('Password is incorrect');
return false;
}
$admin->loginfailure = 0;
$admin->logintime = time();
$admin->loginip = request()->ip();
$admin->token = Random::uuid();
$admin->save();
Session::set("admin", $admin->toArray());
$rd['code'] = 1;
$rd['msg'] = '登录成功';
return $rd;
}
$background = Config::get('fastadmin.login_background');
$background = $background ? (stripos($background, 'http') === 0 ? $background : config('site.cdnurl') . $background) : '';
$this->view->assign('background', $background);
$this->view->assign('title', __('Login'));
$this->view->assign('url', $url2);
Hook::listen("admin_login_init", $this->request);
return $this->view->fetch();
/// --------------
}
public function logout()
{
if ($this->request->isPost()) {
$this->token();
//退出本站
$this->auth->logout();
$this->redirect('river/user/login');
//$this->success(__('Logout successful'), url('user/index'));
}
$html = "<form id='logout_submit' name='logout_submit' action='' method='post'>" . token() . "<input type='submit' value='ok' style='display:none;'></form>";
$html .= "<script>document.forms['logout_submit'].submit();</script>";
return $html;
}
}