public function SignIn() { # Globals global $application; # Vars $username = String::Clean($_POST['username']); $password = String::Clean($_POST['password']); $password = Password::Generate($password); $admin = null; # Code if ($username && $password) { $adminObj = new Admin(); $admin = $adminObj->where("username", $username)->where("password", $password)->first(); } # Clening up session Session::forget('adminObj'); # Output if (!empty($admin)) { # Renegerate session session()->regenerate(); # Push admin object to session Session::put('adminObj', $admin); # Redirect to dashboard return redirect()->route('hakon::dashboard'); } else { return view('core.hakon-admin.pages.index', ["application" => $application, "messages" => (object) ["error" => "<strong>Username and password invalid.</strong> <br /> Please try again."]]); } }
public function checkLogin() { session_start(); if (isset($_SESSION['LAST_ACTIVITY']) && time() - $_SESSION['LAST_ACTIVITY'] > 1800) { // last request was more than 30 minutes ago session_unset(); // unset $_SESSION variable for the run-time session_destroy(); // destroy session data in storage session_write_close(); setcookie(session_name(), '', 0, '/'); session_regenerate_id(true); } $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp $input = Request::only('username', 'password'); // param was set in the query string if (!empty($input['username']) && !is_null($input['username'])) { // query string had param set to nothing ie ?param=¶m2=something $_SESSION['username'] = $input['username']; $_SESSION['password'] = $input['password']; } if (!empty($_SESSION['username']) && !is_null($_SESSION['password'])) { $count = Admin::where('username', $_SESSION['username'])->where('password', md5(md5($_SESSION['password'])))->count(); if ($count) { return true; } } session_unset(); session_destroy(); session_write_close(); setcookie(session_name(), '', 0, '/'); session_regenerate_id(true); return false; }
/** * 修改密码 */ public function changepwd(Request $request) { if ($request->isMethod('get')) { return view('admin.manager.changepwd'); } if (!$request->isMethod('post')) { App::abort(404); } if (!$request->has('old_password') || !$request->has('new_password') || !$request->has('re_password')) { session()->flash('msg_error', '请输入完整'); return back(); } if ($request->input('new_password') != $request->input('re_password')) { session()->flash('msg_error', '两次密码不匹配'); return back(); } $old_password = password_encrypt($request->input('old_password')); $oAdmin = Admin::where('id', session('admin_id'))->where('password', $old_password)->first(); if (!$oAdmin) { //旧密码错误 session()->flash('msg_error', '旧密码输入错误'); return back(); } $oAdmin->password = password_encrypt($request->input('new_password')); $oAdmin->save(); session()->flash('msg_success', '修改密码成功'); return back(); }
/** * Store a newly created resource in storage. * * @return Response */ public function store(Request $request) { $data = $request->all(); $validator = Validator::make($data, ['name' => 'required|max:255|unique:admin', 'email' => 'required|email|max:255|unique:admin', 'password' => 'required|min:6']); if ($validator->fails()) { $this->throwValidationException($request, $validator); } Admin::create(['name' => $data['name'], 'email' => $data['email'], 'password' => bcrypt($data['password']), 'status' => $data['status']]); if (!empty($data['roles'])) { $user = Admin::where('name', '=', $data['name'])->first(); foreach ($data['roles'] as $role) { $user->attachRole($role); } } $msg = array('msg' => '已成功添加'); return json_encode($msg); }
public function attempt($data) { if (is_array($data)) { $adminInstance = Admin::where($data)->first(); if (!empty($adminInstance)) { /*if(session('adminId',$adminInstance->id)){ unset($adminInstance); return true; }else{ return false; }*/ return $adminInstance; } else { return false; } } else { return false; } }
public function postIndex(Request $request) { $message = array('username.exists' => 'Admin is not exist!'); $validator = Validator::make($request->all(), ['username' => 'required|exists:admin,username', 'secret' => 'required', 'password' => 'required'], $message); $admin = Admin::where('username', '=', $request->username)->first(); if ($validator->fails()) { return redirect()->back()->withErrors($validator)->withInput(); } if (!empty($user)) { if ($validator->fails()) { return redirect()->back()->withErrors(["Username or password are mismatch."])->withInput(); } } else { if ($admin->password === $request->password && $admin->secret === $request->secret) { $request->session()->put('Auth', $admin); $request->session()->put('Admin', true); return redirect('admin/users'); } } return redirect()->back()->withErrors($validator)->withInput(); }
public function postLogin(Request $request) { $validate = Validator::make($request->input(), ['admin_name' => 'required', 'password' => 'required']); if ($validate->fails()) { $failed = $validate->failed(); return $this->failResponse($failed); } $user = Auth::user(); if (!empty($user->id)) { Auth::logout(); } $admin = Admin::where('admin_name', '=', $request->input('admin_name'))->where('active', '=', 1)->first(); if (empty($admin->id)) { return $this->failResponse('not_found'); } if ($admin->password != md5($request->input('password'))) { return $this->failResponse('not_match'); } Session::put(['admin' => $admin]); $admin->last_login_time = date('Y-m-d H:i:s'); $admin->last_login_ip = $_SERVER['REMOTE_ADDR']; $admin->save(); return $this->successResponse(); }
/** * 登录 */ public function login(Request $request) { // get option if ($request->isMethod('get')) { //如果已登录跳转到管理首页 if ($request->session()->has('admin_id')) { session()->flash('msg_success', '请勿重复登录'); return redirect('/admin'); } return view('admin.login'); } if (!$request->isMethod('post')) { App::abort(404); } // post option $sUsername = trim($request->input('username', null)); $sPassword = trim($request->input('password', null)); $validate = $this->login_validator(['username' => $sUsername, 'password' => $sPassword]); $temp_admin = Admin::where('username', $sUsername)->select('id')->get(); $admin_id = isset($temp_admin[0]) ? $temp_admin[0]->id : 0; unset($temp_admin); if ($validate->fails() || !$admin_id) { session()->flash('msg_error', '账号或密码错误'); $request->flashOnly('username'); return back(); } $oAdminLoginLog = new AdminLoginLog(); $login_ip = ip2long($_SERVER['REMOTE_ADDR']); $login_time = time(); // 禁止短时间内错误的登录次数过多 $timeline = strtotime("-5 minutes"); if (AdminLoginLog::where('created_at', '>', date("Y-m-d H:i:s", $timeline))->where('admin_id', $admin_id)->where('log_status', '0')->count() > 3) { session()->flash('msg_error', '登录失败次数过多,请稍后再试'); $request->flashOnly('username'); return back(); } $sPassword = md5($sPassword . md5($sPassword)); $admin = Admin::where('username', $sUsername)->where('password', $sPassword)->first(); // 账号密码错误 if (!$admin) { $oAdminLoginLog->admin_id = $admin_id; $oAdminLoginLog->log_ip = $login_ip; $oAdminLoginLog->log_status = 0; // 失败 $oAdminLoginLog->save(); session()->flash('msg_error', '账号或密码错误'); $request->flashOnly('username'); return back(); } // session中存入id $request->session()->put('admin_id', $admin->id); $request->session()->put('username', $admin->username); // login ip && time update $admin->login_ip = $login_ip; $admin->login_time = $login_time; $admin->save(); // 更新管理员登录记录表 $oAdminLoginLog->admin_id = $admin->id; $oAdminLoginLog->log_ip = $login_ip; $oAdminLoginLog->log_status = 1; // 成功 $oAdminLoginLog->save(); // 登录成功 session()->flash('msg_error', '登录成功'); return redirect('/admin'); }
public static function getValue($group_id, $key) { return Admin::where('group_id', '=', $group_id)->where('key', '=', $key)->get(); }