public function adminLogin($username, $admin_name = '', $remember = false)
{
$admin_info = $this->admin_model->getAdminByUsername($username);
$auth_list = array();
if (empty($admin_info)) {
$now_time = time();
$password = Password::Encryption($username, mt_rand(100000, 9999999999));
//密码加密
$admin_data = array('username' => $username, 'admin_name' => $admin_name, 'password' => $password, 'department_id' => 0, 'last_login' => $now_time, 'error_times' => 0, 'error_date' => Star_Date::getDate(), 'add_time' => $now_time, 'update_time' => $now_time);
$admin_id = $this->admin_model->insert($admin_data);
$admin_info = $this->admin_model->getAdminById($admin_id);
} else {
$admin_data = array('last_login' => time());
$admin_id = $admin_info['admin_id'];
$this->updateAdmin($admin_info['admin_id'], $admin_data);
}
$admin_login_data = array('admin_id' => $admin_id, 'login_ip' => ip2long(Star_Http_Request::getIp()), 'add_time' => time());
$admin_login_model = new AdminLoginModel();
$admin_login_model->insert($admin_login_data);
//添加登录记录
//返回部门权限
$department_auth = $this->auth_model->getAuthByDepartment($admin_info['department_id']);
//返回管理员权限
$admin_auth = $this->auth_model->getAuthByAdmin($admin_info['admin_id']);
if ($department_auth) {
foreach ($department_auth as $auth) {
$menu_id = $auth['menu_id'];
$controller = $auth['controller'];
$action = $auth['action'];
$auth_list[$menu_id] = $this->getUrl($controller, $action);
}
}
if ($admin_auth) {
foreach ($admin_auth as $auth) {
$menu_id = $auth['menu_id'];
$controller = $auth['controller'];
$action = $auth['action'];
$auth_list[$menu_id] = $this->getUrl($controller, $action);
}
}
$auth_token = $this->makeAuthSign($auth_list);
$token = $this->makeLoginSign($admin_info['admin_id'], $admin_info['username'], $admin_info['department_id'], $admin_info['last_login'], $auth_token);
$admin_data = array('admin_id' => $admin_info['admin_id'], 'department_id' => $admin_info['department_id'], 'username' => $admin_info['username'], 'last_login' => $admin_info['last_login'], 'token' => $token, 'auth_token' => $auth_token, 'admin_name' => $admin_info['admin_name']);
$this->setLoginInfo($admin_data, $remember);
//设置用户登录信息
Star_Cookie::set('auth', base64_encode(json_encode($auth_list)), time() + 86400 * 30, '/', '', false, true);
//设置用户权限信息
}
/**
* 管理员登录
*/
public function loginAction()
{
$request = $this->getRequest();
$admin_service = new AdminService();
//用户已登录跳转到后台首页
if ($admin_service->checkLogin() == true) {
return $this->redirect('/admin');
}
if ($request->isPost()) {
$username = trim($request->getParam('username'));
$password = $request->getParam('password');
$captcha = $request->getParam('captcha');
$remember = $request->getParam('remember');
if (empty($username)) {
return $this->showJson(1, '请输入用户名');
}
if (empty($password) || strlen($password) < 6) {
return $this->showJson(2, '请输入6位以上密码');
}
if ($admin_service->checkCaptcha($captcha) == false) {
return $this->showJson(3, '帐号或密码有误,请重新输入');
}
$admin = $admin_service->getAdminByUsername($username);
if (empty($admin)) {
return $this->showJson(403, '帐号或密码有误,请重新输入');
}
//当天密码错误超过500次
if ($admin['error_times'] > 500) {
return $this->showJson(4, '帐号密码输入错误次数过多,请明日再试。');
}
//验证密码是否正确
if ($admin['password'] == Password::Encryption($username, $password)) {
$admin_service->adminLogin($username, '', $remember);
} else {
$admin_data = array();
if (Star_Date::getDate() == $admin['error_date']) {
$admin_data = array('error_date' => Star_Date::getDate(), 'error_times' => 'error_times + 1');
} else {
$admin_data = array('error_date' => Star_Date::getDate(), 'error_times' => 1);
}
$admin_service->updateAdmin($admin['admin_id'], $admin_data, false);
return $this->showJson(403, '帐号或密码有误,请重新输入');
}
return $this->showJson(0, '登录成功');
}
}
/**
* 编辑管理员
*/
public function editadminAction()
{
$request = $this->getRequest();
$admin_service = new AdminService();
$admin_id = (int) $request->getParam('admin_id');
$admin_info = $admin_service->getAdminById($admin_id);
if (empty($admin_info)) {
return $this->showWarning('对不起,管理员不存在', '/system/adminmanage');
}
if ($request->isPost()) {
$username = Star_String::escape($request->getParam('username'));
$admin_name = Star_String::escape($request->getParam('admin_name'));
$department_id = (int) $request->getParam('department_id');
$password = $request->getParam('password');
if ($password && Star_String::strLength($password) < 6) {
return $this->showWarning('对不起,密码不能少于6个字符。');
}
if (empty($username)) {
return $this->showWarning('对不起,用户名不能为空。');
}
$admin_data = array('admin_name' => $admin_name, 'department_id' => $department_id, 'update_time' => time());
$password && ($admin_data['password'] = Password::Encryption($username, $password));
$rs = $admin_service->updateAdmin($admin_id, $admin_data);
if ($rs) {
$admin_service->deleteAuth('admin_id = ' . (int) $admin_info['admin_id']);
//删除用户权限
$menu_ids = $request->getParam('menu_ids');
if (!empty($menu_ids)) {
$menu_ids = array_unique($menu_ids);
foreach ($menu_ids as $menu_id) {
$auth_data = array('menu_id' => (int) $menu_id, 'department_id' => 0, 'admin_id' => $admin_id, 'add_time' => time(), 'update_time' => time());
//添加权限
$admin_service->insertAuth($auth_data);
}
}
return $this->showWarning('恭喜您,修改成功。', '/system/adminmanage');
} else {
return $this->showWarning('很遗憾,修改失败。');
}
}
$departments = $admin_service->getDepartmentOption();
$menus = $admin_service->getAllSortMenu();
//返回所有菜单
$department_auth_options = $admin_service->getDepartmentAuthOption($admin_info['department_id']);
//返回部门所有权限
$admin_auth_options = $admin_service->getAdminAuthOption($admin_info['admin_id']);
$this->view->assign(array('admin' => $admin_info, 'departments' => $departments, 'menus' => $menus, 'department_auth_options' => $department_auth_options, 'admin_auth_options' => $admin_auth_options));
$this->render('admininfo');
}
