yly
/
kefu
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
kefu/application/admin/controller/Base.php

291 lines
9.6 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* 基类控制器
*/
namespace app\admin\controller;
use PHPGangsta\GoogleAuthenticator;
use think\Controller;
use Repository\IpRepository;
class Base extends Controller
{
// 管理员查询条件
public $where = [];
// 是否是超级管理员
public $is_root = true;
public $role_name = '';
public $admin_id = '';
public $group_name = '';
/**
* google 二次验证码长度
* @var int
*/
protected $googleAuthSecretLength = 64;
public function _initialize()
{
// $ipAccess = (new IpRepository)->ipAccess();
// if(!$ipAccess){
// throw new \think\exception\HttpException(404, '非法请求!');
// }
// 如果超过登录有效期清除相关session
if (time() > ((int)session('user_last_login') + (int)config('session_save_time'))) {
$this->nullSession();
}
$user_name = session('user_name');
if(empty($user_name)){
$this->redirect(url('login/index'));
}
$gdb = db('groups');
$odb = db('organize');
$uid = session('user_id');
$this->admin_id = $uid;
// 根据登录用户进行查找条件
$this->role_name = session('role_name');
if ($this->role_name == '平台管理员' && !$this->where) {
$group = $gdb->where('admin_id', $uid)->find();
if (!$group) {
$this->nullSession();
echo "<script>alert('当前平台管理员没有分配平台');window.location='/admin/login/loginOut';</script>";
return;
}
$this->where = ['group_id' => $group['id']];
$this->is_root = false;
}
if ($this->role_name == '平台管理员') {
$this->group_name = $group['name'];
}
if ($this->role_name == '组长' && !$this->where) {
$uid = session('user_id');
$organize = $odb->where('admin_id', $uid)->find();
if (!$organize) {
$this->nullSession();
echo "<script>alert('当前组长没有分配平台小组');window.location='/admin/login/loginOut';</script>";
return;
}
$this->where = ['organize_id' => $organize['id']];
$this->is_root = false;
}
// 检查 白名单
$check_ip = $this->checkIp();
if (!$check_ip) {
// $this->redirect(APP_PATH . '404.html');
$this->nullSession();
echo "<script>alert('非法ip ".$this->request->ip()."');window.parent.location='/admin/login/index';</script>";
return;
}
$this->assign([
'version' => config('version'),
'is_root' => $this->is_root,
'role_name' => session('role_name'),
'group_name' => $this->group_name,
]);
}
// 清空session
public function nullSession()
{
session('user_name', null);
session('user_id', null);
session('user_last_login', null);
session('role_name', null);
}
/**
* 获取管理员的菜单列表
*/
public function getAdminMeunList()
{
$adb = db('admin_role');
$rdb = db('role');
$amdb = db('admin_menus');
$this->role_name = session('role_name');
$uid = session('user_id');
$result = [
'menu_one' => [],
'menu_two' => [],
];
// 角色记录
$role_log = $adb->where('admin_id', $uid)->find();
if (!$role_log) return $result;
// 角色详情
$role = $rdb->where('id', $role_log['role_id'])->find();
if (!$role) return $result;
// 获取列表
$menu_one = $amdb->whereIn('id', $role['menu_id_one'])->order('sort asc')->select();
$menu_two = $amdb->whereIn('id', $role['menu_id_two'])->order('sort asc')->select();
$result['menu_one'] = $menu_one ? $menu_one : [];
$result['menu_two'] = $menu_two ? $menu_two : [];
return $result;
}
// 检查 白名单
public function checkIp ()
{
$ip = $this->request->ip();
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false){
//内网的地址,不做限制
return true;
}
$group_id = null;
if ($this->is_root) {
$group_id = 0;
} else {
if ($this->role_name == '平台管理员') {
$group_id = db('groups')->where('admin_id', $this->admin_id)->value('id');
}
else if ($this->role_name == '组长') {
$group_id = db('organize')->where('admin_id', $this->admin_id)->value('group_id');
}
}
if ($group_id === null) {
return false;
}
$db = db('white_ip');
if ($db->where('group_id', $group_id)->value('id')) {
$where = [
'group_id' => $group_id,
'ip' => $this->request->ip(),
];
if (!$db->where($where)->value('id')) {
return false;
}
}
return true;
}
/**
* 获取平台管理员列表
*/
public function getPlatformList()
{
$adb = db('admins');
$rdb = db('role');
$ardb = db('admin_role');
// 管理员
$role = $rdb->where(['name' => '平台管理员', 'status' => 1])->find();
if (!$role) return [];
// 管理员角色记录
$role_list = $ardb->where('role_id', $role['id'])->select();
$admin_ids = [];
foreach($role_list as $vo) {
$admin_ids[] = $vo['admin_id'];
}
$admin_ids = implode(',', $admin_ids);
$admin = $adb->whereIn('id', $admin_ids)->select();
return $admin;
}
/**
* 保存金额流动记录
* @parm $initiative 主动方
* @parm $passivity 被动方
* @parm $money 金额
* @parm $type 类型1: 增加, 2: 收入
* @parm $msg 提示信息
*/
public function saveMoneyFlowLog($initiative, $passivity, $money, $msg = '')
{
if (!$initiative || !$passivity || empty($money)) return false;
$amldb = db('money_log');
$data = [
'initiative' => $initiative,
'passivity' => $passivity,
'money' => $money,
'type' => 1,
'msg' => $msg,
'date' => date('Y-m-d h:i:s'),
];
$save = $amldb->insertGetId($data);
$data['type'] = 2;
$save1 = $amldb->insertGetId($data);
if (!$save) return false;
return $save;
}
/**
* 获取表名
*/
public function getTableName($table, $uid)
{
return $table.'_'.($uid % config('chat_table_num'));
}
// 创建二次验证秘钥
public function make_google_auth_secret ()
{
$ga = new GoogleAuthenticator();
$key = $ga->createSecret($this->googleAuthSecretLength);
$content = $ga->getQrContent($this->request->host(),$key,session('user_name').'['.date('Y-m-d H:i:s').']');
if (isset($key)){
return json(['code' => 1, 'key' => $key, 'qrcode_url' => $content, 'msg' => '获取成功']);
}
return json(['code' => 0, 'key' => null, 'qrcode_url' => null, 'msg' => '获取失败']);
}
// 谷歌验证
public function bind_google_auth ()
{
if (request()->isPost()) {
$param = input('post.');
if (empty($param['new_google_auth'])) {
return json(['code' => -2, 'data' => '', 'msg' => '请输入验证码']);
}
if (empty($param['key'])) {
return json(['code' => -2, 'data' => '', 'msg' => '请重试']);
}
$old = isset($param['old_google_auth']) ? $param['old_google_auth'] : null;
$code = isset($param['new_google_auth']) ? $param['new_google_auth'] : null;
$secret = $param['key'];
$google_secret = null;
$admin_id = session('user_id');
if ($admin_id) {
$google_secret = db('admins')->where(['id' => session('user_id')])->value('google_secret');
}
if ($google_secret && strlen($google_secret) == $this->googleAuthSecretLength) {
if (empty($param['old_google_auth'])) {
return json(['code' => -2, 'data' => '', 'msg' => '请输入旧验证码']);
}
//先验证老的
$ga = new GoogleAuthenticator();
if(!$ga->verifyCode($google_secret, strval($old))){
return json(['code' => -2, 'data' => '', 'msg' => '旧验证码验证失败']);
}
if (!$ga->verifyCode($secret,$code)){
return json(['code' => -2, 'data' => '', 'msg' => '验证码验证失败']);
}
//验证新的
if (db('admins')->where(['id' => session('user_id')])->update(['google_secret' => $secret])){
return json(['code' => 1, 'data' => '', 'msg' => '绑定成功']);
}
} else {
$ga = new GoogleAuthenticator();
if (!$ga->verifyCode($secret,$code)){
return json(['code' => -2, 'data' => '', 'msg' => '验证码验证失败']);
}
//验证新的
if (db('admins')->where(['id' => session('user_id')])->update(['google_secret' => $secret])){
return json(['code' => 1, 'data' => '', 'msg' => '绑定成功']);
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink