private function _successHandle($user)
{
$data = array('admin_id' => $user['admin_id'], 'last_login_time' => time(), 'last_login_ip' => get_client_ip());
M('admin_user')->save($data);
session(C('USER_AUTH_KEY'), $user['admin_id']);
session('user_name', $user['admin_name']);
session('user_login_time', date('Y-m-d H:i:s', $user['last_login_time']));
session('user_login_ip', $user['last_login_ip']);
//超级管理员识别
if ($user['admin_name'] == C('RBAC_SUPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
//读取用户权限
$Rbac = new \Org\Util\Rbac();
$Rbac->saveAccessList();
$this->success('登陆成功', __ROOT__ . '/index.php/Admin/Index/index');
}
public function login()
{
if (!IS_POST) {
$this->error('页面不存在');
}
$verify = new \Think\Verify();
if (!$verify->check(I('post.code'))) {
$this->error('验证码错误');
}
$username = I('post.username');
$pwd = I('post.password', '', 'md5');
$user = M('user')->where(array('user_stu_num' => $username))->find();
if (!$user || $user['user_password'] != $pwd) {
$this->error('账号或密码错误');
}
if ($user['lock']) {
$this->error('用户被锁定');
}
$data = array('user_id' => $user['user_id'], 'user_log_time' => time(), 'user_log_ip' => get_client_ip());
M('user')->save($data);
//查到登陆者相应的部门
$uid = $user['user_id'];
$dept = M('user_dept_role')->where("user_id = {$uid}")->select();
$deptId = $dept[0]['dept_id'];
session('deptId', $deptId);
session(C('USER_AUTH_KEY'), $user['user_id']);
session('user_name', $user['user_name']);
session('user_log_time', date('Y-m-d H:i:s', $user['user_log_time']));
session('user_log_ip', $user['user_log_ip']);
//超级管理员识别
if ($user['user_name'] == C('RBAC_SUPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
//读取用户权限
$Rbac = new \Org\Util\Rbac();
$Rbac->saveAccessList();
$this->success('登陆成功', __ROOT__ . '/index.php/Admin/Index/index');
}
