Beispiel #1
0
 /**
  * 进行登录
  */
 public function todoAction()
 {
     // 参数检查
     try {
         $request = $this->getRequest();
         $username = $request->get('username');
         $password = $request->get('password');
     } catch (\Exceptions\Multi $e) {
         $this->json(FALSE, '手机号或密码格式不正确', 20001);
     }
     // 用户检查
     $adminModel = new \AdminModel();
     $adminArr = $adminModel->where('username=:u and password=:p and status=1', $username, $adminModel->enctypePassword($password))->limit(1)->select()->fetchRow();
     if (!$adminArr) {
         $this->json(FALSE, '手机号或密码错误', 20002, $adminModel->enctypePassword($password));
     }
     // 获取用户权限
     $groupModel = new \GroupModel();
     $groupArr = $groupModel->where('id=:id', $adminArr['group_id'])->select()->fetchRow();
     // 计算用户权限
     if ($groupArr['id'] != '*') {
         $rules = $adminArr['attach_rules'] ? explode(',', $adminArr['attach_rules']) : array();
         $rules = implode(',', array_merge(explode(',', $groupArr['rules']), $rules));
     }
     // 保存用户权限
     $session = $this->getSession();
     $session->set('admin.uid', $adminArr['id']);
     $session->set('admin.name', $adminArr['nickname']);
     $session->set('admin.ip', IP::client());
     $session->set('admin.time', time());
     $session->set('admin.avatar', $adminArr['avatar']);
     $session->set('admin.rules', $rules);
     // 登录成功返回
     $this->json(TRUE, '登录成功', 20010);
 }
Beispiel #2
0
 /**
  * 登录检查
  */
 public function loginInit()
 {
     // 检查登录状态
     switch (TRUE) {
         case !ADMIN_UID:
         case ADMIN_IP != IP::client():
         case ADMIN_TIME + 1800 < time():
             $this->redirect('/logout/');
             break;
     }
     // 更新上次访问时间
     $this->getSession()->set('admin.time', time());
 }