/**
* 登录方法 POST
* @return string|\yii\web\Response
*/
public function actionLogin()
{
$username = Yii::$app->request->post('username');
//用户名
$password = Yii::$app->request->post('password');
//密码
$captcha = Yii::$app->request->post('captcha');
//验证码
$returnUrl = Yii::$app->request->post('returnUrl');
//登录前的URL
$remember = Yii::$app->request->post('remember');
//记住密码
$errors = [];
$errorCount = 0;
$showVerifyCode = false;
//从Redis 获取用户名登录错误次数
$cacheCount = Yii::$app->redis->get(Code::SYS_USER_LOGIN_ERROR_COUNT_PREFIX . $username);
$valCode = Yii::$app->session->get(Code::SYS_USER_LOGIN_VERIFY_CODE);
if (!empty($cacheCount)) {
$errorCount = $cacheCount;
}
//判断登录错误次数 是否验证 验证码
if ($errorCount > Code::SYS_LOGIN_ERROR_COUNT) {
$showVerifyCode = true;
if (empty($captcha)) {
$errors[] = "验证码不能为空";
}
if (!empty($captcha) && $valCode != strtolower($captcha)) {
$errors[] = "验证码不正确";
}
} else {
if (empty($username) || strlen($username) > 20 || strlen($username) < 5) {
$errors[] = "用户名格式不正确";
} else {
if (empty($password) || strlen($password) > 20 || strlen($password) < 5) {
$errors[] = "密码格式不正确";
}
}
}
//用户输入信息验证
if (count($errors) > 0) {
return $this->render('index', ['errors' => $errors, 'showVerifyCode' => $showVerifyCode]);
}
try {
//验证用户名是否存在
$result = $this->sysUserService->findUser($username, $password);
if (isset($result)) {
//设置Session
Yii::$app->session->set(Code::SYS_USER_LOGIN_SESSION, $result);
//如果用户点击记住密码,设置Cookie
if (!empty($remember)) {
//记录加密Cookie
$enPassword = Yii::$app->params['encryptPassword'];
$enDigit = Yii::$app->params['encryptDigit'];
$aes = new Aes();
$sysSign = $aes->encrypt($result->userSign, $enPassword, $enDigit);
$cookies = Yii::$app->response->cookies;
//cookie 注意,发送Cookie 是response 读取是 request
$signCookie = new Cookie(['name' => Yii::$app->params['sys_suiuu_sign'], 'value' => $sysSign]);
$signCookie->expire = time() + 24 * 60 * 60 * floor(Yii::$app->params['cookie_expire']);
$cookies->add($signCookie);
}
//清除错误登录次数
Yii::$app->redis->del(Code::SYS_USER_LOGIN_ERROR_COUNT_PREFIX . $username);
//跳转用户登录前的页面
if (!empty($returnUrl)) {
return $this->redirect($returnUrl);
} else {
return $this->redirect('/');
}
} else {
Yii::$app->redis->set(Code::SYS_USER_LOGIN_ERROR_COUNT_PREFIX . $username, ++$errorCount);
Yii::$app->redis->expire(Code::SYS_USER_LOGIN_ERROR_COUNT_PREFIX . $username, Code::SYS_USER_LOGIN_VERIFY_CODE_EXPIRE_TIME);
$errors[] = "用户名或密码错误";
}
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
return $this->render('index', ['errors' => $errors, 'showVerifyCode' => $showVerifyCode]);
}
/**
* 获取临时加密的密码
* @param $password
* @return string
*/
private function getEncryptPassword($password)
{
$enPassword = \Yii::$app->params['encryptPassword'];
$enDigit = \Yii::$app->params['encryptDigit'];
return Aes::encrypt($password, $enPassword, $enDigit);
}
