public function SignIn()
{
# Globals
global $application;
# Vars
$username = String::Clean($_POST['username']);
$password = String::Clean($_POST['password']);
$password = Password::Generate($password);
$admin = null;
# Code
if ($username && $password) {
$adminObj = new Admin();
$admin = $adminObj->where("username", $username)->where("password", $password)->first();
}
# Clening up session
Session::forget('adminObj');
# Output
if (!empty($admin)) {
# Renegerate session
session()->regenerate();
# Push admin object to session
Session::put('adminObj', $admin);
# Redirect to dashboard
return redirect()->route('hakon::dashboard');
} else {
return view('core.hakon-admin.pages.index', ["application" => $application, "messages" => (object) ["error" => "<strong>Username and password invalid.</strong> <br /> Please try again."]]);
}
}
public function checkLogin()
{
session_start();
if (isset($_SESSION['LAST_ACTIVITY']) && time() - $_SESSION['LAST_ACTIVITY'] > 1800) {
// last request was more than 30 minutes ago
session_unset();
// unset $_SESSION variable for the run-time
session_destroy();
// destroy session data in storage
session_write_close();
setcookie(session_name(), '', 0, '/');
session_regenerate_id(true);
}
$_SESSION['LAST_ACTIVITY'] = time();
// update last activity time stamp
$input = Request::only('username', 'password');
// param was set in the query string
if (!empty($input['username']) && !is_null($input['username'])) {
// query string had param set to nothing ie ?param=¶m2=something
$_SESSION['username'] = $input['username'];
$_SESSION['password'] = $input['password'];
}
if (!empty($_SESSION['username']) && !is_null($_SESSION['password'])) {
$count = Admin::where('username', $_SESSION['username'])->where('password', md5(md5($_SESSION['password'])))->count();
if ($count) {
return true;
}
}
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
session_regenerate_id(true);
return false;
}
/**
* 修改密码
*/
public function changepwd(Request $request)
{
if ($request->isMethod('get')) {
return view('admin.manager.changepwd');
}
if (!$request->isMethod('post')) {
App::abort(404);
}
if (!$request->has('old_password') || !$request->has('new_password') || !$request->has('re_password')) {
session()->flash('msg_error', '请输入完整');
return back();
}
if ($request->input('new_password') != $request->input('re_password')) {
session()->flash('msg_error', '两次密码不匹配');
return back();
}
$old_password = password_encrypt($request->input('old_password'));
$oAdmin = Admin::where('id', session('admin_id'))->where('password', $old_password)->first();
if (!$oAdmin) {
//旧密码错误
session()->flash('msg_error', '旧密码输入错误');
return back();
}
$oAdmin->password = password_encrypt($request->input('new_password'));
$oAdmin->save();
session()->flash('msg_success', '修改密码成功');
return back();
}
/**
* Store a newly created resource in storage.
*
* @return Response
*/
public function store(Request $request)
{
$data = $request->all();
$validator = Validator::make($data, ['name' => 'required|max:255|unique:admin', 'email' => 'required|email|max:255|unique:admin', 'password' => 'required|min:6']);
if ($validator->fails()) {
$this->throwValidationException($request, $validator);
}
Admin::create(['name' => $data['name'], 'email' => $data['email'], 'password' => bcrypt($data['password']), 'status' => $data['status']]);
if (!empty($data['roles'])) {
$user = Admin::where('name', '=', $data['name'])->first();
foreach ($data['roles'] as $role) {
$user->attachRole($role);
}
}
$msg = array('msg' => '已成功添加');
return json_encode($msg);
}
public function attempt($data)
{
if (is_array($data)) {
$adminInstance = Admin::where($data)->first();
if (!empty($adminInstance)) {
/*if(session('adminId',$adminInstance->id)){
unset($adminInstance);
return true;
}else{
return false;
}*/
return $adminInstance;
} else {
return false;
}
} else {
return false;
}
}
public function postIndex(Request $request)
{
$message = array('username.exists' => 'Admin is not exist!');
$validator = Validator::make($request->all(), ['username' => 'required|exists:admin,username', 'secret' => 'required', 'password' => 'required'], $message);
$admin = Admin::where('username', '=', $request->username)->first();
if ($validator->fails()) {
return redirect()->back()->withErrors($validator)->withInput();
}
if (!empty($user)) {
if ($validator->fails()) {
return redirect()->back()->withErrors(["Username or password are mismatch."])->withInput();
}
} else {
if ($admin->password === $request->password && $admin->secret === $request->secret) {
$request->session()->put('Auth', $admin);
$request->session()->put('Admin', true);
return redirect('admin/users');
}
}
return redirect()->back()->withErrors($validator)->withInput();
}
public function postLogin(Request $request)
{
$validate = Validator::make($request->input(), ['admin_name' => 'required', 'password' => 'required']);
if ($validate->fails()) {
$failed = $validate->failed();
return $this->failResponse($failed);
}
$user = Auth::user();
if (!empty($user->id)) {
Auth::logout();
}
$admin = Admin::where('admin_name', '=', $request->input('admin_name'))->where('active', '=', 1)->first();
if (empty($admin->id)) {
return $this->failResponse('not_found');
}
if ($admin->password != md5($request->input('password'))) {
return $this->failResponse('not_match');
}
Session::put(['admin' => $admin]);
$admin->last_login_time = date('Y-m-d H:i:s');
$admin->last_login_ip = $_SERVER['REMOTE_ADDR'];
$admin->save();
return $this->successResponse();
}
/**
* 登录
*/
public function login(Request $request)
{
// get option
if ($request->isMethod('get')) {
//如果已登录跳转到管理首页
if ($request->session()->has('admin_id')) {
session()->flash('msg_success', '请勿重复登录');
return redirect('/admin');
}
return view('admin.login');
}
if (!$request->isMethod('post')) {
App::abort(404);
}
// post option
$sUsername = trim($request->input('username', null));
$sPassword = trim($request->input('password', null));
$validate = $this->login_validator(['username' => $sUsername, 'password' => $sPassword]);
$temp_admin = Admin::where('username', $sUsername)->select('id')->get();
$admin_id = isset($temp_admin[0]) ? $temp_admin[0]->id : 0;
unset($temp_admin);
if ($validate->fails() || !$admin_id) {
session()->flash('msg_error', '账号或密码错误');
$request->flashOnly('username');
return back();
}
$oAdminLoginLog = new AdminLoginLog();
$login_ip = ip2long($_SERVER['REMOTE_ADDR']);
$login_time = time();
// 禁止短时间内错误的登录次数过多
$timeline = strtotime("-5 minutes");
if (AdminLoginLog::where('created_at', '>', date("Y-m-d H:i:s", $timeline))->where('admin_id', $admin_id)->where('log_status', '0')->count() > 3) {
session()->flash('msg_error', '登录失败次数过多,请稍后再试');
$request->flashOnly('username');
return back();
}
$sPassword = md5($sPassword . md5($sPassword));
$admin = Admin::where('username', $sUsername)->where('password', $sPassword)->first();
// 账号密码错误
if (!$admin) {
$oAdminLoginLog->admin_id = $admin_id;
$oAdminLoginLog->log_ip = $login_ip;
$oAdminLoginLog->log_status = 0;
// 失败
$oAdminLoginLog->save();
session()->flash('msg_error', '账号或密码错误');
$request->flashOnly('username');
return back();
}
// session中存入id
$request->session()->put('admin_id', $admin->id);
$request->session()->put('username', $admin->username);
// login ip && time update
$admin->login_ip = $login_ip;
$admin->login_time = $login_time;
$admin->save();
// 更新管理员登录记录表
$oAdminLoginLog->admin_id = $admin->id;
$oAdminLoginLog->log_ip = $login_ip;
$oAdminLoginLog->log_status = 1;
// 成功
$oAdminLoginLog->save();
// 登录成功
session()->flash('msg_error', '登录成功');
return redirect('/admin');
}
public static function getValue($group_id, $key)
{
return Admin::where('group_id', '=', $group_id)->where('key', '=', $key)->get();
}
