fnvtk/cunkebao_v3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改登录逻辑

Browse Source
This commit is contained in:
柳清爽
2025-03-27 15:28:38 +08:00
parent 80b239c1ea
commit aa59dd79c1
6 changed files with 112 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

138
Server/application/common/model/User.php
View File

@@ -30,122 +30,108 @@ class User extends Model
* 创建时间字段
* @var string
*/
protected $createTime = 'create_at';
protected $createTime = 'createTime';
/**
* 更新时间字段
* @var string
*/
protected $updateTime = 'update_at';
protected $updateTime = 'updateTime';
/**
* 软删除字段
* @var string
*/
protected $deleteTime = 'delete_at';
protected $deleteTime = 'deleteTime';
/**
* 隐藏属性
* @var array
*/
protected $hidden = ['password', 'delete_at'];
protected $hidden = ['passwordMd5', 'passwordLocal', 'deleteTime'];
/**
* 字段类型
* @var array
*/
protected $type = [
'id' => 'integer',
'isAdmin' => 'integer',
'companyId' => 'integer',
'typeId' => 'integer',
'lastLoginTime' => 'integer',
'status' => 'integer',
'createTime' => 'integer',
'updateTime' => 'integer',
'deleteTime' => 'integer'
];
/**
* 获取管理员用户信息
* @param string $username 用户名
* @param string $account 账号(手机号)
* @param string $password 密码(可能是加密后的)
* @param bool $isEncrypted 密码是否已加密
* @param int $typeId 身份信息
* @return array|null
*/
public static function getAdminUser($username, $password, $isEncrypted = false)
public static function getAdminUser($account, $password, $typeId)
{
// 查询用户
$user = self::where('username', $username)->find();
$user = self::where('account', $account)
->where('typeId', $typeId)
->where('status', 1)
->find();
if (!$user) {
// 记录日志
\think\facade\Log::info('用户不存在', ['username' => $username]);
\think\facade\Log::info('用户不存在或已禁用', ['account' => $account]);
return null;
}
// 记录密码验证信息
\think\facade\Log::info('密码验证', [
'username' => $username,
'account' => $account,
'input_password' => $password,
'stored_hash' => $user->password,
'is_encrypted' => $isEncrypted,
'password_info' => password_get_info($user->password)
'stored_hash' => $user->passwordMd5,
]);
// 验证密码
$isValid = false;
if ($isEncrypted) {
// 前端已加密,直接比较哈希值
// 注意:这里需要确保前端和后端使用相同的加密算法和盐值
$storedHash = self::getStoredHash($user->password);
$isValid = hash_equals($storedHash, $password);
\think\facade\Log::info('加密密码验证', [
'username' => $username,
'stored_hash' => $storedHash,
'input_hash' => $password,
'is_valid' => $isValid
]);
} else {
// 未加密使用password_verify验证
$isValid = password_verify($password, $user->password);
}
$isValid = password_verify($password, $user->passwordMd5);
\think\facade\Log::info('密码验证结果', [
'username' => $username,
'account' => $account,
'is_valid' => $isValid,
'is_encrypted' => $isEncrypted
]);
if (!$isValid) {
return null;
}
// 更新登录信息
$user->lastLoginIp = request()->ip();
$user->lastLoginTime = time();
$user->save();
return [
'id' => $user->id,
'username' => $user->username,
'name' => $user->username, // 暂时使用username作为name
'role' => 'admin', // 暂时固定为admin角色
'permissions' => ['*'], // 暂时拥有所有权限
'account' => $user->account,
'isAdmin' => $user->isAdmin,
'companyId' => $user->companyId,
'typeId' => $user->typeId,
'lastLoginIp' => $user->lastLoginIp,
'lastLoginTime' => $user->lastLoginTime
];
}
/**
* 获取存储的哈希值
* 用于前端加密密码的验证
* @param string $bcryptHash 数据库中存储的bcrypt哈希值
* @return string 用于前端验证的哈希值
*/
protected static function getStoredHash($bcryptHash)
{
// 这里需要实现与前端相同的加密算法
// 例如如果前端使用SHA256加盐这里需要提取原始密码并进行相同的处理
// 注意:这只是一个示例,实际实现可能需要根据您的具体需求调整
// 假设我们能够从bcrypt哈希中提取原始密码实际上这是不可能的这里只是示例
// 在实际应用中,您需要在用户注册或修改密码时同时存储前端加密的哈希值
$originalPassword = '123456'; // 这里应该是从数据库中获取的原始密码
$salt = 'yishi_salt_2024'; // 与前端相同的盐值
// 使用与前端相同的算法
return hash('sha256', $originalPassword . $salt);
}
/**
* 通过手机号获取用户信息
* @param string $mobile 手机号
* @param string $account 手机号
* @return array|null
*/
public static function getUserByMobile($mobile)
public static function getUserByMobile($account)
{
// 查询用户
$user = self::where('mobile', $mobile)->find();
$user = self::where('account', $account)
->where('status', 1)
->find();
if (!$user) {
return null;
@@ -153,11 +139,27 @@ class User extends Model
return [
'id' => $user->id,
'username' => $user->username,
'name' => $user->username, // 暂时使用username作为name
'mobile' => $user->mobile,
'role' => 'user', // 暂时固定为user角色
'permissions' => ['user'], // 暂时拥有用户权限
'account' => $user->account,
'isAdmin' => $user->isAdmin,
'companyId' => $user->companyId,
'typeId' => $user->typeId,
'role' => $user->isAdmin ? 'admin' : 'user',
'permissions' => $user->isAdmin ? ['*'] : ['user']
];
}
/**
* 验证用户密码
* @param string $password 密码
* @param bool $isEncrypted 是否已加密
* @return bool
*/
public function verifyPassword($password, $isEncrypted = false)
{
if ($isEncrypted) {
return hash_equals($this->passwordMd5, $password);
} else {
return $this->passwordMd5 === md5($password);
}
}
}