kefu/application/admin/controller/Login.php

<?php

/**
 * 登录控制器.
 */

namespace app\admin\controller;

use PHPGangsta\GoogleAuthenticator;
use think\Controller;
use Repository\LogRepository;
use Repository\IpRepository;

class Login extends Controller
{
    /**
     * google 二次验证码长度
     * @var int
     */
    protected $googleAuthSecretLength = 64;
    /**
     * google 二次验证码超时时间
     * @var int
     */
    protected $googleAuthTimeout = 300;
    
    // 登录首页
    public function index()
    {
        // $ipAccess = (new IpRepository)->ipAccess();
        // if(!$ipAccess){
        //     throw new \think\exception\HttpException(404, '非法请求!');
        // }
        $this->assign([
            'version' => config('version'),
            'ga_android' => config('ga_android'),
            'ga_ios' => config('ga_ios'),
        ]);

        return $this->fetch();
    }

    // 处理登录
    public function doLogin()
    {
        if (request()->isPost()) {
            $userName = input('param.user_name');
            $password = input('param.password');

            if (empty($userName) || empty($password)) {
                return json(['code' => -1, 'data' => '', 'msg' => '用户名或密码不能为空']);
            }

            $userInfo = db('admins')->where('user_name', $userName)->find();
            // var_dump($userInfo, password_verify($password, $userInfo['password']), $password);return;
            if (empty($userInfo) || !password_verify($password, $userInfo['password']) || 1 != $userInfo['status']) {
                return json(['code' => -4, 'data' => '', 'msg' => '密码错误']);
            }
            $token = null;
            if (isset($userInfo['google_secret']) && strlen($userInfo['google_secret']) == $this->googleAuthSecretLength) {
                $token = md5(time().$userInfo['id']);
                $redis = new \Redis();
                $redis->connect(config('cache.host'),config('cache.port'));
                $redis->auth(config('cache.password'));
                $info = ['user_id'=>$userInfo['id'], 'user_name'=>$userInfo['user_name']];
                $redis->set($token, json_encode($info), $this->googleAuthTimeout);
                return json(['code' => 1, 'token' => $token, 'msg' => '请输入谷歌验证码']);
            }
 
            // 记录管理员状态
            session('user_name', $userName);
            session('user_id', $userInfo['id']);
            session('user_last_login', time());
            // 管理员角色
            $role = db('admin_role')
                ->alias('a')
                ->where('admin_id', $userInfo['id'])
                ->join('role r',"r.id=a.role_id")
                ->field('name')
                ->find();
            $role_name = $role['name'] ? $role['name'] : '暂无角色';
            session('role_name', $role_name);

            // 更新管理员状态
            $param = [
                'last_login_ip' => request()->ip(),
                'last_login_time' => time(),
            ];
            db('admins')->where('id', $userInfo['id'])->update($param);
            LogRepository::write('系统管理', '登录成功');
            return json(['code' => 1, 'data' => url('index/index'), 'token' => $token, 'msg' => '登录成功']);
        }
    }

    public function loginOut()
    {
        session('user_name', null);
        session('user_id', null);
        session('user_last_login', null);
        session('role_name', null);

        $this->redirect(url('login/index'));
    }
    
    public function google_auth ()
    {
        if (request()->isPost()) {
            $google_auth = input('param.google_auth');
            $token = input('param.token');
        
            if (empty($google_auth)) {
                return json(['code' => -1, 'data' => '', 'msg' => '谷歌验证码不能为空']);
            }
    
            if (empty($token)) {
                return json(['code' => -1, 'data' => '', 'msg' => '参数错误']);
            }
            
            $redis = new \Redis();
            $redis->connect(config('cache.host'),config('cache.port'));
            $redis->auth(config('cache.password'));
            $userInfo = $redis->get($token);
            if ($userInfo) {
                $userInfo = json_decode($userInfo, true);
                $ga = new GoogleAuthenticator();
                $google_secret = db('admins')->where('id', $userInfo['user_id'])->value('google_secret');
                if($ga->verifyCode($google_secret, $google_auth)){
                    // 记录管理员状态
                    session('user_name', $userInfo['user_name']);
                    session('user_id', $userInfo['user_id']);
                    session('user_last_login', time());
                    // 管理员角色
                    $role = db('admin_role')
                        ->alias('a')
                        ->where('admin_id', $userInfo['user_id'])
                        ->join('role r',"r.id=a.role_id")
                        ->field('name')
                        ->find();
                    $role_name = $role['name'] ? $role['name'] : '暂无角色';
                    session('role_name', $role_name);
    
                    // 更新管理员状态
                    $param = [
                        'last_login_ip' => request()->ip(),
                        'last_login_time' => time(),
                    ];
                    db('admins')->where('id', $userInfo['user_id'])->update($param);
                    LogRepository::write('系统管理', '校验成功');
                    return json(['code' => 1, 'data' => url('index/index'), 'token' => $token, 'msg' => '校验成功']);
                }
            }
    
            return json(['code' => -1, 'data' => '', 'msg' => '校验失败']);
        }
        
    }
}