|
...
|
...
|
@@ -5,6 +5,7 @@ namespace app\admin\controller; |
|
|
|
use app\admin\model\AdminLog;
|
|
|
|
use app\common\controller\Backend;
|
|
|
|
use think\Config;
|
|
|
|
use think\Db;
|
|
|
|
use think\Hook;
|
|
|
|
use think\Validate;
|
|
|
|
|
|
...
|
...
|
@@ -15,7 +16,7 @@ use think\Validate; |
|
|
|
class Index extends Backend
|
|
|
|
{
|
|
|
|
|
|
|
|
protected $noNeedLogin = ['login'];
|
|
|
|
protected $noNeedLogin = ['login','forget','send_ems','verify_code','reset_password'];
|
|
|
|
protected $noNeedRight = ['index', 'logout'];
|
|
|
|
protected $layout = '';
|
|
|
|
|
|
...
|
...
|
@@ -119,4 +120,208 @@ class Index extends Backend |
|
|
|
$this->success(__('Logout successful'), 'index/login');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 忘记密码
|
|
|
|
*/
|
|
|
|
public function forget(){
|
|
|
|
$url = $this->request->get('url', 'index/index');
|
|
|
|
if ($this->auth->isLogin()) {
|
|
|
|
$this->success(__("You've logged in, do not login again"), $url);
|
|
|
|
}
|
|
|
|
if ($this->request->isPost()) {
|
|
|
|
$url = $this->request->get('url', 'index/forget');
|
|
|
|
$email = $this->request->post('email');
|
|
|
|
$rule = [
|
|
|
|
'email' => 'require|email',
|
|
|
|
// '__token__' => 'require|token',
|
|
|
|
];
|
|
|
|
$data = [
|
|
|
|
'email' => $email,
|
|
|
|
// '__token__' => $token,
|
|
|
|
];
|
|
|
|
$validate = new Validate($rule, [], ['email' => __('email')]);
|
|
|
|
$result = $validate->check($data);
|
|
|
|
if (!$result) {
|
|
|
|
$this->error($validate->getError(), $url, ['token' => $this->request->token()]);
|
|
|
|
}
|
|
|
|
//根据email获取商户信息
|
|
|
|
$admin = Db::name('admin')->where(['email'=>$email])->find();
|
|
|
|
if(empty($admin)){
|
|
|
|
$this->error('当前email尚未绑定');
|
|
|
|
}
|
|
|
|
if(empty($admin['user_id'])){
|
|
|
|
$this->error('平台管理员忘记密码请联系总管理员');
|
|
|
|
}
|
|
|
|
if($admin['status'] != 'normal'){
|
|
|
|
$this->error('您已被拉黑,请联系客服');
|
|
|
|
}
|
|
|
|
//生成验证码
|
|
|
|
$code = generateCode(6);
|
|
|
|
//储存验证码
|
|
|
|
$admin_code = Db::name('admin_code')->where(['email'=>$email])->find();
|
|
|
|
$arr['code'] = $code;
|
|
|
|
$arr['pasttime'] = time()+600;
|
|
|
|
$arr['is_use'] = 0;
|
|
|
|
if(empty($admin_code)){
|
|
|
|
$arr['email'] = $email;
|
|
|
|
$arr['createtime'] = time();
|
|
|
|
$result1 = Db::name('admin_code')->insert($arr);
|
|
|
|
}else{
|
|
|
|
$arr['updatetime'] = time();
|
|
|
|
$result1 = Db::name('admin_code')->where(['id'=>$admin_code['id']])->update($arr);
|
|
|
|
}
|
|
|
|
if(empty($result1)){
|
|
|
|
$this->error('sql执行失败');
|
|
|
|
}
|
|
|
|
//发送验证码
|
|
|
|
$this->send_ems($admin['email'],$code);
|
|
|
|
if ($result) {
|
|
|
|
$this->success('发送成功');
|
|
|
|
} else {
|
|
|
|
$this->error('发送失败');
|
|
|
|
}
|
|
|
|
/*AdminLog::setTitle(__('Login'));
|
|
|
|
$result = $this->auth->login($username, $password, $keeplogin ? 86400 : 0);
|
|
|
|
if ($result === true) {
|
|
|
|
Hook::listen("admin_login_after", $this->request);
|
|
|
|
$this->success(__('Login successful'), $url, ['url' => $url, 'id' => $this->auth->id, 'username' => $username, 'avatar' => $this->auth->avatar]);
|
|
|
|
} else {
|
|
|
|
$msg = $this->auth->getError();
|
|
|
|
$msg = $msg ? $msg : __('Username or password is incorrect');
|
|
|
|
$this->error($msg, $url, ['token' => $this->request->token()]);
|
|
|
|
}*/
|
|
|
|
}
|
|
|
|
$background = Config::get('fastadmin.login_background');
|
|
|
|
$background = stripos($background, 'http') === 0 ? $background : config('site.cdnurl') . $background;
|
|
|
|
$this->view->assign('background', $background);
|
|
|
|
$this->view->assign('title', __('忘记密码'));
|
|
|
|
Hook::listen("admin_login_init", $this->request);
|
|
|
|
return $this->view->fetch();
|
|
|
|
}
|
|
|
|
|
|
|
|
public function send_ems($receiver,$code){
|
|
|
|
\think\Config::set('site', \think\Config::get('site'));
|
|
|
|
$email = new Email();
|
|
|
|
$str = "验证码:$code,10分钟内有效。";
|
|
|
|
$result = $email
|
|
|
|
->to($receiver)
|
|
|
|
->subject("金点网-找回密码")
|
|
|
|
->message($str)
|
|
|
|
->send();
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 验证验证码是否正确
|
|
|
|
*/
|
|
|
|
public function verify_code(){
|
|
|
|
if ($this->request->isPost()) {
|
|
|
|
$url = $this->request->get('url', 'index/forget');
|
|
|
|
$email = $this->request->post('email');
|
|
|
|
$code = $this->request->post('code');
|
|
|
|
$rule = [
|
|
|
|
'email' => 'require|email',
|
|
|
|
'code' => 'require',
|
|
|
|
// '__token__' => 'require|token',
|
|
|
|
];
|
|
|
|
$data = [
|
|
|
|
'email' => $email,
|
|
|
|
'code' => $code,
|
|
|
|
// '__token__' => $token,
|
|
|
|
];
|
|
|
|
$validate = new Validate($rule, [], ['email' => __('email'), 'code' => '请输入验证码']);
|
|
|
|
$result = $validate->check($data);
|
|
|
|
if (!$result) {
|
|
|
|
$this->error($validate->getError(), $url, ['token' => $this->request->token()]);
|
|
|
|
}
|
|
|
|
$admin_code = Db::name('admin_code')->where(['email'=>$email])->find();
|
|
|
|
if(empty($admin_code)){
|
|
|
|
$this->error('404');
|
|
|
|
}
|
|
|
|
if(!empty($admin_code['is_use'])){
|
|
|
|
$this->error('验证码已被使用');
|
|
|
|
}
|
|
|
|
if($admin_code['pasttime'] < time()){
|
|
|
|
$this->error('验证码已过期');
|
|
|
|
}
|
|
|
|
if($admin_code['code'] != $code){
|
|
|
|
$this->error('验证码错误');
|
|
|
|
}
|
|
|
|
$result = Db::name('admin_code')->where(['id'=>$admin_code['id']])->update(['is_use'=>1]);
|
|
|
|
if(empty($result)){
|
|
|
|
$this->error('sql执行失败');
|
|
|
|
}
|
|
|
|
//生成令牌(为了安全)
|
|
|
|
$str = "Bronet";
|
|
|
|
$auth_code = config('auth_code');
|
|
|
|
$token = rawurlencode(sha1(md5($str.$auth_code).md5($email)));
|
|
|
|
$this->success('验证通过',url('reset_password',['token'=>$token,'email'=>$email],false,true));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 重置密码页面
|
|
|
|
*/
|
|
|
|
public function reset_password(){
|
|
|
|
$url = $this->request->get('url', 'index/index');
|
|
|
|
if ($this->auth->isLogin()) {
|
|
|
|
$this->success(__("You've logged in, do not login again"), $url);
|
|
|
|
}
|
|
|
|
if($this->request->isPost()){
|
|
|
|
$password = $this->request->param('password');
|
|
|
|
$affirm_password = $this->request->param('affirm_password');
|
|
|
|
$email = $this->request->param('email');
|
|
|
|
$token = $this->request->param('token');
|
|
|
|
$rule = [
|
|
|
|
'password' => 'require|length:3,30',
|
|
|
|
'affirm_password' => 'require|length:3,30',
|
|
|
|
'email' => 'require|email',
|
|
|
|
'token' => 'require',
|
|
|
|
];
|
|
|
|
$data = [
|
|
|
|
'password' => $password,
|
|
|
|
'affirm_password' => $affirm_password,
|
|
|
|
'email' => $email,
|
|
|
|
'token' => $token,
|
|
|
|
];
|
|
|
|
$validate = new Validate($rule, [], ['password' => __('password'), 'affirm_password' => __('Password'), 'email' => __('email')]);
|
|
|
|
$result = $validate->check($data);
|
|
|
|
if (!$result) {
|
|
|
|
$this->error($validate->getError(), $url, ['token' => $this->request->token()]);
|
|
|
|
}
|
|
|
|
if($password != $affirm_password){
|
|
|
|
$this->error('两次密码不一致');
|
|
|
|
}
|
|
|
|
$str = "Bronet";
|
|
|
|
$auth_code = config('auth_code');
|
|
|
|
$token2 = rawurlencode(sha1(md5($str.$auth_code).md5($email)));
|
|
|
|
if($token != $token2){
|
|
|
|
$this->error('令牌错误','','','');
|
|
|
|
}
|
|
|
|
$admin = Db::name('admin')->where(['email'=>$email])->find();
|
|
|
|
$password = md5(md5($password) . $admin['salt']);
|
|
|
|
$result = Db::name('admin')->where(['id'=>$admin['id']])->update(['password'=>$password]);
|
|
|
|
if(empty($result)){
|
|
|
|
$this->error('sql执行失败');
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->success('重置成功',$url);
|
|
|
|
}else{
|
|
|
|
$token = $this->request->param('token');
|
|
|
|
$email = $this->request->param('email');
|
|
|
|
$str = "Bronet";
|
|
|
|
$auth_code = config('auth_code');
|
|
|
|
$token2 = rawurlencode(sha1(md5($str.$auth_code).md5($email)));
|
|
|
|
if($token != $token2){
|
|
|
|
$this->error('令牌错误','','','');
|
|
|
|
}
|
|
|
|
$background = Config::get('fastadmin.login_background');
|
|
|
|
$background = stripos($background, 'http') === 0 ? $background : config('site.cdnurl') . $background;
|
|
|
|
$this->view->assign('background', $background);
|
|
|
|
$this->view->assign('title', __('重置密码'));
|
|
|
|
Hook::listen("admin_login_init", $this->request);
|
|
|
|
return $this->view->fetch();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
} |
...
|
...
|
|
