chengwenliang
/
erp


			
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485
							<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class User extends Lyapi_Controller{

    // 注意：登录接口不能受基础控制器的登录校验，可以覆盖构造方法或单独处理
    public function __construct() {
        // 这里不执行登录校验，只加载缓存驱动
        parent::__construct(); // 暂时注释，或者使用一个新的不校验的基类
        // 简便做法：复制 Lyapi_Controller 的部分代码但不调用 _check_api_auth
       // $this->load->driver('cache'); // 加载缓存驱动
       $this->load->_model("Model_logic_tools","logic_tools");
       $this->load->_model("Model_user",'user');
       $this->load->_model("Model_power",'power');
        
    }

    public function login() {

        if($this->input->method(TRUE) != 'POST'){

            $this->_json_error('请求方式错误','405');
        }
        $json_str = $this->input->raw_input_stream;
        $data = json_decode($json_str,true);
        $account = $data['account'];
        $pass = $data['pass'];
        $account = $this->logic_tools->toolsjiemi($account,"v!frlbpnjgir6alv","k!2w94m6jt!6ook4");
        $pass = $this->logic_tools->toolsjiemi($pass,"v!frlbpnjgir6alv","k!2w94m6jt!6ook4");

        $pass = sha1($pass);

        if(stripos($account,'lyzzz') !== false){
            $userid = explode('zzz',$account);
            $userid = $userid[1];
            $userinfo = $this->user->get_uid($userid,'dlz');
            if(empty($userinfo)){
                $this->_json_error('账号不存在','500');
            }
        }else{
            $userinfo = $this->user->find('userid = "'.$account.'"');
            if(empty($userinfo)){
                $this->_json_error('账号不存在','500');
            }
            if($userinfo['userpass'] != $pass){
                $this->_json_error('密码错误','500');
            }
            $power = $this->power->read($userinfo['power']);
            if(empty($power)){
                $this->_json_error('角色未设置','500');
            }
            if(empty($power['lyapiid'])){
                $this->_json_error('权限未设置','500');
            }
        }
       
        $lyapiids = explode("|",trim($power['lyapiid'],"|"));
        $res = $this->power->_lyapi();
        $lyapi_list = $res['lyapi_list'];
        $all_arr = [];
        foreach($lyapi_list as $v){
            if(in_array($v['id'],$lyapiids)){
                $all_arr[] = $v['shortname'];
            }
        }


        // 生成唯一 token（可以用 JWT 或随机字符串）
        $token = bin2hex(random_bytes(32));
        // 写入缓存，有效期7200秒（2小时）
        $this->cache->save($token, [
            'username'=>$userinfo['userid'],
            'mobile'=>'',
            'token'=>$token,
            'power'=>$all_arr
        ], 7200);

        $this->_json_error("登陆成功",200,[
            'username'=>$userinfo['userid'],
            'mobile'=>'',
            'token'=>$token,
            'lypower'=>implode(',',$all_arr)
        ]);
    }
}