控制台应用,yzncms本身基于tp5.1框架,里面的队列用不了,bug,坑
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

User.php 13KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407
  1. <?php
  2. // +----------------------------------------------------------------------
  3. // | Yzncms [ 御宅男工作室 ]
  4. // +----------------------------------------------------------------------
  5. // | Copyright (c) 2018 http://yzncms.com All rights reserved.
  6. // +----------------------------------------------------------------------
  7. // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
  8. // +----------------------------------------------------------------------
  9. // | Author: 御宅男 <530765310@qq.com>
  10. // +----------------------------------------------------------------------
  11. // +----------------------------------------------------------------------
  12. // | 后台用户服务
  13. // +----------------------------------------------------------------------
  14. namespace app\admin\service;
  15. use app\admin\model\AdminUser;
  16. use think\Db;
  17. use think\facade\Config;
  18. use think\facade\Cookie;
  19. use think\facade\Request;
  20. use think\facade\Session;
  21. use util\Random;
  22. use util\Tree;
  23. class User extends \libs\Auth
  24. {
  25. //当前登录会员详细信息
  26. protected $error = '';
  27. protected $logined = false; //登录状态
  28. public function __construct()
  29. {
  30. parent::__construct();
  31. }
  32. public function __get($name)
  33. {
  34. return Session::get('admin.' . $name);
  35. }
  36. /**
  37. * 取出当前管理员所拥有权限的分组.
  38. *
  39. * @param bool $withself 是否包含当前所在的分组
  40. *
  41. * @return array
  42. */
  43. public function getChildrenGroupIds($withself = false)
  44. {
  45. //取出当前管理员所有的分组
  46. $groups = $this->getGroups();
  47. $groupIds = [];
  48. foreach ($groups as $k => $v) {
  49. $groupIds[] = $v['id'];
  50. }
  51. $originGroupIds = $groupIds;
  52. foreach ($groups as $k => $v) {
  53. if (in_array($v['parentid'], $originGroupIds)) {
  54. $groupIds = array_diff($groupIds, [$v['id']]);
  55. unset($groups[$k]);
  56. }
  57. }
  58. // 取出所有分组
  59. $groupList = \app\admin\model\AuthGroup::where('status', 1)->select()->toArray();
  60. $objList = [];
  61. foreach ($groups as $k => $v) {
  62. if ($v['rules'] === '*') {
  63. $objList = $groupList;
  64. break;
  65. }
  66. // 取出包含自己的所有子节点
  67. $childrenList = Tree::instance()->init($groupList)->getChildren($v['id'], true);
  68. $obj = Tree::instance()->init($childrenList)->getTreeArray($v['parentid']);
  69. $objList = array_merge($objList, Tree::instance()->getTreeList($obj, 'title'));
  70. }
  71. $childrenGroupIds = [];
  72. foreach ($objList as $k => $v) {
  73. $childrenGroupIds[] = $v['id'];
  74. }
  75. if (!$withself) {
  76. $childrenGroupIds = array_diff($childrenGroupIds, $groupIds);
  77. }
  78. return $childrenGroupIds;
  79. }
  80. public function check($name, $uid = '', $mode = 'url', $relation = 'or')
  81. {
  82. $uid = $uid ? $uid : $this->id;
  83. return parent::check($name, $uid, $mode, $relation);
  84. }
  85. /**
  86. * 取出当前管理员所拥有权限的管理员.
  87. *
  88. * @param bool $withself 是否包含自身
  89. *
  90. * @return array
  91. */
  92. public function getChildrenAdminIds($withself = false)
  93. {
  94. $childrenAdminIds = [];
  95. if (!$this->isAdministrator()) {
  96. $groupIds = $this->getChildrenGroupIds(false);
  97. $childrenAdminIds = Db::name('Admin')->where('roleid', 'in', $groupIds)->column('id');
  98. } else {
  99. //超级管理员拥有所有人的权限
  100. $childrenAdminIds = Db::name('Admin')->column('id');
  101. }
  102. if ($withself) {
  103. if (!in_array($this->id, $childrenAdminIds)) {
  104. $childrenAdminIds[] = $this->id;
  105. }
  106. } else {
  107. $childrenAdminIds = array_diff($childrenAdminIds, [$this->id]);
  108. }
  109. return $childrenAdminIds;
  110. }
  111. public function getGroups($uid = null)
  112. {
  113. $uid = is_null($uid) ? $this->id : $uid;
  114. return parent::getGroups($uid);
  115. }
  116. public function getAuthList($uid = null)
  117. {
  118. $uid = is_null($uid) ? $this->id : $uid;
  119. return parent::getAuthList($uid);
  120. }
  121. public function getRuleIds($uid = null)
  122. {
  123. $uid = is_null($uid) ? $this->id : $uid;
  124. return parent::getRuleIds($uid);
  125. }
  126. /**
  127. * 用户登录
  128. * @param string $username 用户名
  129. * @param string $password 密码
  130. * @return bool|mixed
  131. */
  132. public function login($username = '', $password = '', $keeptime = 0)
  133. {
  134. $username = trim($username);
  135. $password = trim($password);
  136. $admin = AdminUser::get(['username' => $username]);
  137. if (!$admin) {
  138. $this->setError('用户名不正确');
  139. return false;
  140. }
  141. if ($admin['status'] !== 1) {
  142. $this->setError('管理员已经被禁止登录');
  143. return false;
  144. }
  145. if (Config::get('login_failure_retry') && $admin->login_failure >= 10 && time() - $admin->getData('update_time') < 86400) {
  146. $this->setError('请于1天后再尝试登录');
  147. return false;
  148. }
  149. if ($admin->password != encrypt_password($password, $admin->encrypt)) {
  150. $admin->login_failure++;
  151. $admin->save();
  152. $this->setError('密码不正确');
  153. return false;
  154. }
  155. $admin->login_failure = 0;
  156. $admin->last_login_time = time();
  157. $admin->last_login_ip = request()->ip();
  158. $admin->token = Random::uuid();
  159. $admin->save();
  160. Session::set("admin", $admin->toArray());
  161. Session::set("admin.safecode", $this->getEncryptSafecode($admin));
  162. $this->keeplogin($admin, $keeptime);
  163. return true;
  164. }
  165. /**
  166. * 刷新保持登录的Cookie
  167. *
  168. * @param int $keeptime
  169. * @return boolean
  170. */
  171. protected function keeplogin($admin, $keeptime = 0)
  172. {
  173. if ($keeptime) {
  174. $expiretime = time() + $keeptime;
  175. $key = $this->getKeeploginKey($admin, $keeptime, $expiretime);
  176. Cookie::set('keeplogin', implode('|', [$admin['id'], $keeptime, $expiretime, $key]), $keeptime);
  177. return true;
  178. }
  179. return false;
  180. }
  181. /**
  182. * 自动登录
  183. * @return boolean
  184. */
  185. public function autologin()
  186. {
  187. $keeplogin = Cookie::get('keeplogin');
  188. if (!$keeplogin) {
  189. return false;
  190. }
  191. list($id, $keeptime, $expiretime, $key) = explode('|', $keeplogin);
  192. if ($id && $keeptime && $expiretime && $key && $expiretime > time()) {
  193. $admin = AdminUser::get($id);
  194. if (!$admin || !$admin->token) {
  195. return false;
  196. }
  197. //token有变更
  198. if ($key != $this->getKeeploginKey($admin, $keeptime, $expiretime)) {
  199. return false;
  200. }
  201. $ip = request()->ip();
  202. //IP有变动
  203. if ($admin->last_login_ip != $ip) {
  204. return false;
  205. }
  206. Session::set("admin", $admin->toArray());
  207. Session::set("admin.safecode", $this->getEncryptSafecode($admin));
  208. //刷新自动登录的时效
  209. $this->keeplogin($admin, $keeptime);
  210. return true;
  211. } else {
  212. return false;
  213. }
  214. }
  215. /**
  216. * 检验用户是否已经登陆
  217. * @return boolean 失败返回false,成功返回当前登陆用户基本信息
  218. */
  219. public function isLogin()
  220. {
  221. if ($this->logined) {
  222. return true;
  223. }
  224. $admin = Session::get('admin');
  225. if (!$admin) {
  226. return false;
  227. }
  228. $my = AdminUser::get($admin['id']);
  229. if (!$my) {
  230. return false;
  231. }
  232. //校验安全码,可用于判断关键信息发生了变更需要重新登录
  233. if (!isset($admin['safecode']) || $this->getEncryptSafecode($my) !== $admin['safecode']) {
  234. $this->logout();
  235. return false;
  236. }
  237. //判断是否同一时间同一账号只能在一个地方登录
  238. if (Config::get('login_unique')) {
  239. if ($my['token'] != $admin['token']) {
  240. $this->logout();
  241. return false;
  242. }
  243. }
  244. //判断管理员IP是否变动
  245. if (Config::get('loginip_check')) {
  246. if (!isset($admin['last_login_ip']) || $admin['last_login_ip'] != request()->ip()) {
  247. $this->logout();
  248. return false;
  249. }
  250. }
  251. $this->logined = true;
  252. return true;
  253. }
  254. /**
  255. * 检查当前用户是否超级管理员
  256. * @return boolean
  257. */
  258. public function isAdministrator()
  259. {
  260. return in_array('*', $this->getRuleIds()) ? true : false;
  261. }
  262. /**
  263. * 获取自动登录Key
  264. * @param $params
  265. * @param $keeptime
  266. * @param $expiretime
  267. * @return string
  268. */
  269. public function getKeeploginKey($params, $keeptime, $expiretime)
  270. {
  271. $key = md5(md5($params['id']) . md5($keeptime) . md5($expiretime) . $params['token'] . Config::get('token.key'));
  272. return $key;
  273. }
  274. /**
  275. * 获取加密后的安全码
  276. * @param $params
  277. * @return string
  278. */
  279. public function getEncryptSafecode($params)
  280. {
  281. return md5(md5($params['username']) . md5(substr($params['password'], 0, 6)) . Config::get('token.key'));
  282. }
  283. /**
  284. * 检测当前控制器和方法是否匹配传递的数组
  285. *
  286. * @param array $arr 需要验证权限的数组
  287. * @return bool
  288. */
  289. public function match($arr = [])
  290. {
  291. $request = Request::instance();
  292. $arr = is_array($arr) ? $arr : explode(',', $arr);
  293. if (!$arr) {
  294. return false;
  295. }
  296. $arr = array_map('strtolower', $arr);
  297. // 是否存在
  298. if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr)) {
  299. return true;
  300. }
  301. // 没找到匹配
  302. return false;
  303. }
  304. /**
  305. * 注销登录
  306. */
  307. public function logout()
  308. {
  309. $admin = AdminUser::get(intval($this->id));
  310. if ($admin) {
  311. $admin->token = '';
  312. $admin->save();
  313. }
  314. $this->logined = false; //重置登录状态
  315. Session::delete("admin");
  316. Cookie::delete("keeplogin");
  317. return true;
  318. }
  319. public function getSidebar()
  320. {
  321. $module = request()->module();
  322. // 读取管理员当前拥有的权限节点
  323. $userRule = $this->getAuthList();
  324. // 必须将结果集转换为数组
  325. $ruleList = \app\admin\model\AuthRule::where('status', 1)
  326. ->where('ismenu', 1)
  327. ->order('listorder', 'desc')
  328. ->cache("__menu__")
  329. ->select()->toArray();
  330. $indexRuleList = \app\admin\model\AuthRule::where('status', 1)
  331. ->where('ismenu', 0)
  332. ->where('name', 'like', '%/index')
  333. ->column('name,parentid');
  334. $pidArr = array_unique(array_filter(array_column($ruleList, 'parentid')));
  335. foreach ($ruleList as $k => &$v) {
  336. if (!in_array($v['name'], $userRule)) {
  337. unset($ruleList[$k]);
  338. continue;
  339. }
  340. $indexRuleName = $v['name'] . '/index';
  341. if (isset($indexRuleList[$indexRuleName]) && !in_array($indexRuleName, $userRule)) {
  342. unset($ruleList[$k]);
  343. continue;
  344. }
  345. $v['openType'] = $v['menutype']; //兼容前端
  346. $v['type'] = $v['ismenu']; //兼容前端
  347. $v['href'] = isset($v['url']) && $v['url'] ? $v['url'] : '/' . $module . '/' . $v['name'];
  348. $v['href'] = preg_match("/^((?:[a-z]+:)?\/\/|data:image\/)(.*)/i", $v['href']) ? $v['href'] : url($v['href']);
  349. }
  350. $lastArr = array_unique(array_filter(array_column($ruleList, 'parentid')));
  351. $pidDiffArr = array_diff($pidArr, $lastArr);
  352. foreach ($ruleList as $index => $item) {
  353. if (in_array($item['id'], $pidDiffArr)) {
  354. unset($ruleList[$index]);
  355. }
  356. }
  357. // 构造菜单数据
  358. Tree::instance()->init($ruleList);
  359. return Tree::instance()->getTreeArray(0);
  360. }
  361. /**
  362. * 获取错误信息
  363. * @access public
  364. * @return mixed
  365. */
  366. public function getError()
  367. {
  368. return $this->error ? $this->error : '';
  369. }
  370. /**
  371. * 设置错误信息
  372. *
  373. * @param string $error 错误信息
  374. * @return Auth
  375. */
  376. public function setError($error)
  377. {
  378. $this->error = $error;
  379. return $this;
  380. }
  381. }