/**
* 登录页面
*
* @return \Core\Http\Response
*/
public function loginAction()
{
if ($this->adminId > 0) {
return $this->goHome();
}
$session = \App::session();
if ($this->request->isMethod('post')) {
$userName = $this->getPost('username');
$password = $this->getPost('password');
$remember = $this->getPost('remember', 0);
$adminInfo = AdminModel::getInstance()->getAdminByName($userName);
if ($adminInfo && $adminInfo['password'] == md5($password . $adminInfo['salt'])) {
$this->setLoginAuth($adminInfo['id'], $adminInfo['password'], $remember);
AdminModel::getInstance()->updateAdmin($adminInfo['id'], array('last_login' => NOW, 'last_ip' => $this->request->getClientIp()));
return $this->redirect(URL('main/index'));
}
$session->setFlash('error', '帐号或密码错误');
}
$this->assign(['error' => $session->getFlash('error')]);
return $this->display();
}
private function delAdmin()
{
$adminModel = AdminModel::getInstance();
$id = intval($this->get('id'));
if ($id == 1) {
return $this->message('不能删除ID为1的帐号');
}
$adminModel->deleteAdmin($id);
return $this->redirect(URL(CUR_ROUTE));
}
private function initAuth()
{
$auth = $this->request->cookies()->getDecrypt('auth');
$ip = '';
// $this->request->getClientIp()
if (empty($auth) || strpos($auth, '|') === false) {
return false;
}
list($id, $password) = explode('|', $auth);
$adminInfo = AdminModel::getInstance()->getAdmin($id);
if (!$adminInfo || md5($adminInfo['password'] . $ip) != $password) {
return false;
}
$this->adminId = $adminInfo['id'];
$this->userName = $adminInfo['user_name'];
$this->adminSex = $adminInfo['sex'];
$this->powers = explode(',', $adminInfo['power']);
return true;
}
