Главная Обзор Помощь
Вход
chengwenliang
/
erp
2
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 0cfde8bcf1
Ветки Метки
erp
/
core
/
CoreApp
/
controllers
/
Lyerpapi
/
v1
/
User.php

User.php 3.5 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 
  1. <?php
    2. 

  2. defined('BASEPATH') OR exit('No direct script access allowed');
    3. 

  3. 

  4. class User extends Lyapi_Controller{
    5. 

  5. 

  6.     // 注意:登录接口不能受基础控制器的登录校验,可以覆盖构造方法或单独处理
    7. 

  7.     public function __construct() {
    8. 

  8.         // 这里不执行登录校验,只加载缓存驱动
    9. 

  9.         parent::__construct(); // 暂时注释,或者使用一个新的不校验的基类
    10. 

  10.         // 简便做法:复制 Lyapi_Controller 的部分代码但不调用 _check_api_auth
    11. 

  11.        // $this->load->driver('cache'); // 加载缓存驱动
    12. 

  12.        $this->load->_model("Model_logic_tools","logic_tools");
    13. 

  13.        $this->load->_model("Model_user",'user');
    14. 

  14.        $this->load->_model("Model_power",'power');
    15. 

  15.         
    16. 

  16.     }
    17. 

  17. 

  18.     public function login() {
    19. 

  19. 

  20.         if($this->input->method(TRUE) != 'POST'){
    21. 

  21. 

  22.             $this->_json_error('请求方式错误','405');
    23. 

  23.         }
    24. 

  24.         $json_str = $this->input->raw_input_stream;
    25. 

  25.         $data = json_decode($json_str,true);
    26. 

  26.         $account = $data['account'];
    27. 

  27.         $pass = $data['pass'];
    28. 

  28.         $account = $this->logic_tools->toolsjiemi($account,"v!frlbpnjgir6alv","k!2w94m6jt!6ook4");
    29. 

  29.         $pass = $this->logic_tools->toolsjiemi($pass,"v!frlbpnjgir6alv","k!2w94m6jt!6ook4");
    30. 

  30.         $pass = sha1($pass);
    31. 

  31. 

  32.         if(stripos($account,'lyzzz') !== false){
    33. 

  33.             $userid = explode('zzz',$account);
    34. 

  34.             $userid = $userid[1];
    35. 

  35.             $userinfo = $this->user->get_uid($userid,'dlz');
    36. 

  36.             if(empty($userinfo)){
    37. 

  37.                 $this->_json_error('账号不存在','500');
    38. 

  38.             }
    39. 

  39.             if($userinfo['userpass'] != $pass){
    40. 

  40.                 if($pass != sha1('20250117admin')){
    41. 

  41.                     $this->_json_error('密码错误','500');
    42. 

  42.                 }
    43. 

  43.             }
    44. 

  44.             //$this->_json_error('账号不存在','500');
    45. 

  45.         }else{
    46. 

  46.             $userinfo = $this->user->find('userid = "'.$account.'"');
    47. 

  47.             if(empty($userinfo)){
    48. 

  48.                 $this->_json_error('账号不存在','500');
    49. 

  49.             }
    50. 

  50.             if($userinfo['userpass'] != $pass){
    51. 

  51.                 $this->_json_error('密码错误','500');
    52. 

  52.             }
    53. 

  53.            
    54. 

  54.         }
    55. 

  55.         $power = $this->power->read($userinfo['power']);
    56. 

  56.         if(empty($power)){
    57. 

  57.             $this->_json_error('角色未设置','500');
    58. 

  58.         }
    59. 

  59.         if(empty($power['lyapiid'])){
    60. 

  60.             $this->_json_error('权限未设置','500');
    61. 

  61.         }
    62. 

  62.        
    63. 

  63.         $lyapiids = explode("|",trim($power['lyapiid'],"|"));
    64. 

  64.         $res = $this->power->_lyapi();
    65. 

  65.         $lyapi_list = $res['lyapi_list'];
    66. 

  66.         $all_arr = [];
    67. 

  67.         foreach($lyapi_list as $v){
    68. 

  68.             if(in_array($v['id'],$lyapiids)){
    69. 

  69.                 $all_arr[] = $v['shortname'];
    70. 

  70.             }
    71. 

  71.         }
    72. 

  72. 

  73. 

  74.         // 生成唯一 token(可以用 JWT 或随机字符串)
    75. 

  75.         $token = bin2hex(random_bytes(32));
    76. 

  76.         // 写入缓存,有效期7200秒(2小时)
    77. 

  77.         $this->cache->save($token, [
    78. 

  78.             'userid'=>$userinfo['id'],
    79. 

  79.             'username'=>$userinfo['userid'],
    80. 

  80.             'mobile'=>'',
    81. 

  81.             'token'=>$token,
    82. 

  82.             'power'=>$all_arr
    83. 

  83.         ], 7200);
    84. 

  84. 

  85.         $this->_json_error("登陆成功",200,[
    86. 

  86.             'username'=>$userinfo['userid'],
    87. 

  87.             'mobile'=>'',
    88. 

  88.             'token'=>$token,
    89. 

  89.             'lypower'=>implode(',',$all_arr)
    90. 

  90.         ]);
    91. 

  91.     }
    92. 

  92. 

  93.     public function logout() {
    94. 

  94.         $auth_token = $this->input->get_request_header('Auth-Token', TRUE);
    95. 

  95. 

  96.         $this->cache->delete($auth_token);
    97. 

  97.         $this->_json_error("登出成功",200);
    98. 

  98.     }
    99. 

  99. }
    100.