超级总管 - 登录返工

Server/application/common/model/Administrator.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace app\common\model;
+
+use think\Model;
+
+/**
+ * 超级管理员模型类
+ */
+class Administrator extends Model
+{
+    // 设置数据表名
+    protected $name = 'administrators';
+
+    // 隐藏字段
+    protected $hidden = [
+        'password'
+    ];
+} 

Server/application/superadmin/config/route.php

@@ -2,7 +2,7 @@
 use think\facade\Route;
 
 // 超级管理员认证相关路由（不需要鉴权）
-Route::post('auth/login', 'app\superadmin\controller\AuthController@login');
+Route::post('auth/login', 'app\superadmin\controller\auth\AuthLoginController@index');
 
 // 需要登录认证的路由组
 Route::group('', function () {

Server/application/superadmin/controller/auth/AuthLoginController.php

@@ -0,0 +1,130 @@
+<?php
+
+namespace app\superadmin\controller\auth;
+
+use app\superadmin\controller\AdministratorController;
+use app\common\model\Administrator as AdministratorModel;
+use think\Controller;
+use think\Db;
+use think\Validate;
+
+class AuthLoginController extends Controller
+{
+    /**
+     * 创建登录令牌
+     * @param AdministratorController $admin
+     * @return string
+     */
+    protected function createToken($admin): string
+    {
+        return md5($admin->id . '|' . $admin->account . 'cunkebao_admin_secret');
+    }
+
+    /**
+     * 数据验证
+     *
+     * @param array $params
+     * @return $this
+     * @throws \Exception
+     */
+    protected function dataValidate(array $params): self
+    {
+        $validate = Validate::make([
+            'account' => 'require|/\S+/',
+            'password' => 'require|/\S+/',
+        ]);
+
+        if (!$validate->check($params)) {
+            throw new \Exception($validate->getError(), 400);
+        }
+
+        return $this;
+    }
+
+
+    /**
+     * @param array $params
+     * @return object|AdministratorModel
+     * @throws \Exception
+     */
+    protected function getAdministrator(array $params): AdministratorModel
+    {
+        extract($params);
+
+        $admin = AdministratorModel::where(['account' => $account])->find();
+
+        if (!$admin ||
+            $admin->password !== $password ||
+            $admin->deleteTime
+        ) {
+            throw new \Exception('账号不存在或密码错误', 404);
+        }
+
+        if (!$admin->status) {
+            throw new \Exception('账号已禁用', 404);
+        }
+
+        return $admin;
+    }
+
+    /**
+     * 更新登录信息
+     *
+     * @param AdministratorModel $admin
+     * @return void
+     */
+    protected function saveLoginInfo(AdministratorModel $admin): void
+    {
+        $admin->lastLoginTime = time();
+        $admin->lastLoginIp = $this->request->ip();
+
+        if (!$admin->save()) {
+            throw new \Exception('拒绝登录', 403);
+        }
+    }
+
+    /**
+     * 设置登录Cookie，有效期24小时
+     *
+     * @param AdministratorModel $admin
+     * @return void
+     */
+    protected function setCookie(AdministratorModel $admin): void
+    {
+        cookie('admin_id', $admin->id, 86400);
+        cookie('admin_token', $this->createToken($admin), 86400);
+    }
+
+    /**
+     * 管理员登录
+     *
+     * @return \think\response\Json
+     */
+    public function index()
+    {
+        try {
+            $params = $this->request->only(['account', 'password']);
+
+            $admin = $this->dataValidate($params)->getAdministrator($params);
+
+            $this->saveLoginInfo($admin);
+            $this->setCookie($admin);
+
+            return json([
+                'code' => 200,
+                'msg' => '登录成功',
+                'data' => [
+                    'id' => $admin->id,
+                    'name' => $admin->name,
+                    'account' => $admin->account,
+                    'token' => cookie('admin_token')
+                ]
+            ]);
+        } catch (\Exception $e) {
+            return json([
+                'code' => $e->getCode(),
+                'msg' => $e->getMessage()
+            ]);
+        }
+    }
+}

Server/application/superadmin/controller/company/CreateCompanyController.php

@@ -74,10 +74,11 @@ class CreateCompanyController extends BaseController
     /**
      * 数据验证
      *
+     * @param array $params
      * @return $this
      * @throws \Exception
      */
-    protected function dataValidate(): self
+    protected function dataValidate(array $params): self
     {
         $validate = Validate::make([
             'name' => 'require|max:50|/\S+/',
@@ -88,7 +89,7 @@ class CreateCompanyController extends BaseController
             'description' => 'require|/\S+/',
         ]);
 
-        if (!$validate->check($this->request->post())) {
+        if (!$validate->check($params)) {
             throw new \Exception($validate->getError(), 400);
         }
 
@@ -181,8 +182,6 @@ class CreateCompanyController extends BaseController
         try {
             $params = $this->request->only(['name', 'nickname', 'account', 'password', 'realName', 'description']);
 
-            var_dump($params);
-            die;
             $department = $this->dataValidate($params)->creatS2About($params);
 
             Db::startTrans();