ipAccess(); // if(!$ipAccess){ // throw new \think\exception\HttpException(404, '非法请求!'); // } // 如果超过登录有效期，清除相关session if (time() > ((int)session('user_last_login') + (int)config('session_save_time'))) { $this->nullSession(); } $user_name = session('user_name'); if(empty($user_name)){ $this->redirect(url('login/index')); } $gdb = db('groups'); $odb = db('organize'); $uid = session('user_id'); $this->admin_id = $uid; // 根据登录用户进行查找条件 $this->role_name = session('role_name'); if ($this->role_name == '平台管理员' && !$this->where) { $group = $gdb->where('admin_id', $uid)->find(); if (!$group) { $this->nullSession(); echo ""; return; } $this->where = ['group_id' => $group['id']]; $this->is_root = false; } if ($this->role_name == '平台管理员') { $this->group_name = $group['name']; } if ($this->role_name == '组长' && !$this->where) { $uid = session('user_id'); $organize = $odb->where('admin_id', $uid)->find(); if (!$organize) { $this->nullSession(); echo ""; return; } $this->where = ['organize_id' => $organize['id']]; $this->is_root = false; } // 检查 白名单 $check_ip = $this->checkIp(); if (!$check_ip) { // $this->redirect(APP_PATH . '404.html'); $this->nullSession(); echo ""; return; } $this->assign([ 'version' => config('version'), 'is_root' => $this->is_root, 'role_name' => session('role_name'), 'group_name' => $this->group_name, ]); } // 清空session public function nullSession() { session('user_name', null); session('user_id', null); session('user_last_login', null); session('role_name', null); } /** * 获取管理员的菜单列表 */ public function getAdminMeunList() { $adb = db('admin_role'); $rdb = db('role'); $amdb = db('admin_menus'); $this->role_name = session('role_name'); $uid = session('user_id'); $result = [ 'menu_one' => [], 'menu_two' => [], ]; // 角色记录 $role_log = $adb->where('admin_id', $uid)->find(); if (!$role_log) return $result; // 角色详情 $role = $rdb->where('id', $role_log['role_id'])->find(); if (!$role) return $result; // 获取列表 $menu_one = $amdb->whereIn('id', $role['menu_id_one'])->order('sort asc')->select(); $menu_two = $amdb->whereIn('id', $role['menu_id_two'])->order('sort asc')->select(); $result['menu_one'] = $menu_one ? $menu_one : []; $result['menu_two'] = $menu_two ? $menu_two : []; return $result; } // 检查 白名单 public function checkIp () { $ip = $this->request->ip(); if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false){ //内网的地址，不做限制 return true; } $group_id = null; if ($this->is_root) { $group_id = 0; } else { if ($this->role_name == '平台管理员') { $group_id = db('groups')->where('admin_id', $this->admin_id)->value('id'); } else if ($this->role_name == '组长') { $group_id = db('organize')->where('admin_id', $this->admin_id)->value('group_id'); } } if ($group_id === null) { return false; } $db = db('white_ip'); if ($db->where('group_id', $group_id)->value('id')) { $where = [ 'group_id' => $group_id, 'ip' => $this->request->ip(), ]; if (!$db->where($where)->value('id')) { return false; } } return true; } /** * 获取平台管理员列表 */ public function getPlatformList() { $adb = db('admins'); $rdb = db('role'); $ardb = db('admin_role'); // 管理员 $role = $rdb->where(['name' => '平台管理员', 'status' => 1])->find(); if (!$role) return []; // 管理员角色记录 $role_list = $ardb->where('role_id', $role['id'])->select(); $admin_ids = []; foreach($role_list as $vo) { $admin_ids[] = $vo['admin_id']; } $admin_ids = implode(',', $admin_ids); $admin = $adb->whereIn('id', $admin_ids)->select(); return $admin; } /** * 保存金额流动记录 * @parm $initiative 主动方 * @parm $passivity 被动方 * @parm $money 金额 * @parm $type 类型1: 增加, 2: 收入 * @parm $msg 提示信息 */ public function saveMoneyFlowLog($initiative, $passivity, $money, $msg = '') { if (!$initiative || !$passivity || empty($money)) return false; $amldb = db('money_log'); $data = [ 'initiative' => $initiative, 'passivity' => $passivity, 'money' => $money, 'type' => 1, 'msg' => $msg, 'date' => date('Y-m-d h:i:s'), ]; $save = $amldb->insertGetId($data); $data['type'] = 2; $save1 = $amldb->insertGetId($data); if (!$save) return false; return $save; } /** * 获取表名 */ public function getTableName($table, $uid) { return $table.'_'.($uid % config('chat_table_num')); } // 创建二次验证秘钥 public function make_google_auth_secret () { $ga = new GoogleAuthenticator(); $key = $ga->createSecret($this->googleAuthSecretLength); $content = $ga->getQrContent($this->request->host(),$key,session('user_name').'['.date('Y-m-d H:i:s').']'); if (isset($key)){ return json(['code' => 1, 'key' => $key, 'qrcode_url' => $content, 'msg' => '获取成功']); } return json(['code' => 0, 'key' => null, 'qrcode_url' => null, 'msg' => '获取失败']); } // 谷歌验证 public function bind_google_auth () { if (request()->isPost()) { $param = input('post.'); if (empty($param['new_google_auth'])) { return json(['code' => -2, 'data' => '', 'msg' => '请输入验证码']); } if (empty($param['key'])) { return json(['code' => -2, 'data' => '', 'msg' => '请重试']); } $old = isset($param['old_google_auth']) ? $param['old_google_auth'] : null; $code = isset($param['new_google_auth']) ? $param['new_google_auth'] : null; $secret = $param['key']; $google_secret = null; $admin_id = session('user_id'); if ($admin_id) { $google_secret = db('admins')->where(['id' => session('user_id')])->value('google_secret'); } if ($google_secret && strlen($google_secret) == $this->googleAuthSecretLength) { if (empty($param['old_google_auth'])) { return json(['code' => -2, 'data' => '', 'msg' => '请输入旧验证码']); } //先验证老的 $ga = new GoogleAuthenticator(); if(!$ga->verifyCode($google_secret, strval($old))){ return json(['code' => -2, 'data' => '', 'msg' => '旧验证码验证失败']); } if (!$ga->verifyCode($secret,$code)){ return json(['code' => -2, 'data' => '', 'msg' => '验证码验证失败']); } //验证新的 if (db('admins')->where(['id' => session('user_id')])->update(['google_secret' => $secret])){ return json(['code' => 1, 'data' => '', 'msg' => '绑定成功']); } } else { $ga = new GoogleAuthenticator(); if (!$ga->verifyCode($secret,$code)){ return json(['code' => -2, 'data' => '', 'msg' => '验证码验证失败']); } //验证新的 if (db('admins')->where(['id' => session('user_id')])->update(['google_secret' => $secret])){ return json(['code' => 1, 'data' => '', 'msg' => '绑定成功']); } } } } }