From faa1cdb9fab8cbfbf177c65597d87083e4e3aa76 Mon Sep 17 00:00:00 2001 From: yaooo <272523191@qq.com> Date: Wed, 25 Oct 2023 11:01:22 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E7=99=BB=E5=BD=95=E5=A4=84?= =?UTF-8?q?=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/api/BaseController.php | 9 +++++++-- app/home/controller/Login.php | 5 +++-- app/home/validate/UserCheck.php | 2 +- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/app/api/BaseController.php b/app/api/BaseController.php index 7f9668c..912c459 100644 --- a/app/api/BaseController.php +++ b/app/api/BaseController.php @@ -97,10 +97,15 @@ abstract class BaseController protected function checkLogin() { $session_admin = get_config('app.session_admin'); - if (!Session::has($session_admin)) { + $header = Request::header(); + $token = $header['token'] ?? ''; + if (!Session::has($session_admin) || !$token) { $this->apiError('请先登录'); } - else{ + if ($token) { + + } + if (Session::has($session_admin)) { $this->uid = Session::get($session_admin); $login_admin = Db::name('Admin')->where(['id' => $this->uid])->find(); $this->did = $login_admin['did']; diff --git a/app/home/controller/Login.php b/app/home/controller/Login.php index d82ff52..f4b9332 100644 --- a/app/home/controller/Login.php +++ b/app/home/controller/Login.php @@ -46,16 +46,17 @@ class Login if ($admin['status'] != 1) { return to_assign(1, '该用户禁止登录,请与管理者联系'); } + $token = make_token(); $data = [ 'is_lock' => 0, 'last_login_time' => time(), 'last_login_ip' => request()->ip(), 'login_num' => $admin['login_num'] + 1, + 'token' => $token ]; Db::name('admin')->where(['id' => $admin['id']])->update($data); $session_admin = get_config('app.session_admin'); Session::set($session_admin, $admin['id']); - $token = make_token(); set_cache($token, $admin, 7200); $admin['token'] = $token; $logdata = [ @@ -69,7 +70,7 @@ class Login 'create_time' => time() ]; Db::name('AdminLog')->strict(false)->field(true)->insert($logdata); - return to_assign(0, '登录成功', ['uid' => $admin['id']]); + return to_assign(0, '登录成功', ['uid' => $admin['id'], 'token' => $token]); } //退出登录 diff --git a/app/home/validate/UserCheck.php b/app/home/validate/UserCheck.php index ba67a18..cdc50f9 100644 --- a/app/home/validate/UserCheck.php +++ b/app/home/validate/UserCheck.php @@ -14,7 +14,7 @@ class UserCheck extends Validate protected $rule = [ 'username' => 'require', 'password' => 'require', - 'captcha' => 'require|captcha', + 'captcha' => 'captcha', ]; protected $message = [