scene('login')->validate(); // 接收数据 $username = $Request->input('username', ''); // 接收数据 $password = $Request->input('password', ''); if (strtolower($username) == 'admin') { // 查询用户 $admin = $AdminUser->orWhere('username', $username)->first(['uid', 'username', 'phone', 'status', 'password', 'insert_time', 'update_time']); // 用户不存在 if (!$admin) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']); // 用户不存在 if ($admin['status']) return json_send(['code' => 'error', 'msg' => '该账号已停用']); // 转数组 $admin = $admin->toArray(); // 比对密码 if (md5($password) != $admin['password']) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']); // 登录 $accessToken = $AdminUser->Login($admin['uid'], 'manager'); // 比对密码 if (isset($accessToken['error'])) return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]); // 获取权限列表 $accessToken['username'] = $admin['username']; $accessToken['is_system_admin'] = 1; // 获取权限列表 } else { $admin = $EmployeeModel->where('employee_code', $username)->first(['company_id', 'id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']); // 用户不存在 if (!$admin) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']); // 用户不存在 if ($admin['status']) return json_send(['code' => 'error', 'msg' => '该账号已停用']); // 转数组 $admin = $admin->toArray(); // 比对密码 if (md5($password) != $admin['password']) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']); // 登录 $accessToken = $EmployeeModel->Login($admin['uid'], $admin['company_id'], 'manager'); // 比对密码 if (isset($accessToken['error'])) return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]); // 获取权限列表 $accessToken['username'] = $admin['username']; $accessToken['is_system_admin'] = 0; } // 表单令牌 return json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]); } /** * 获取用户页面权限 /manager/login/auth_rules' * @author 唐远望 * @version 1.0 * @date 2026-01-30 * @param string username 登录账号 * @param string password 登录密码 * */ public function auth_rules(Request $Request, AuthRule $AuthRule, RolesAuthRuleModel $RolesAuthRuleModel) { $access_token = $Request->input('access_token', ''); if (!isset($access_token)) return json_send(['code' => 'error', 'msg' => '缺少参数']); $auth_rules = []; if ($access_token['is_admin'] == 0) { $auth_rules = $RolesAuthRuleModel->getAuthList($access_token['uid'], '0', 'manager'); } else { $auth_rules = $AuthRule->getAuthList($access_token['uid'], '1', 'manager'); } return json_send(['code' => 'success', 'msg' => '获取成功', 'data' => $auth_rules]); } /** * 登录方法 /manager/login/out * @author 唐远望 * @version 1.0 * @date 2025-12-02 * @param string username 登录账号 * @param string password 登录密码 * * */ public function out(Request $Request, AdminUser $AdminUser, EmployeeModel $EmployeeModel) { $token = $Request->input('access_token_manager', ''); // 解码 $userInfo = AccessToken::decode($token); // 验证规则 $uid = $userInfo['uid']; $is_admin = $userInfo['is_admin']; if ($is_admin == '1') { // 退出登录 $AdminUser->LoginOut($uid, 'manager'); } else { $EmployeeModel->LoginOut($uid, 'manager'); } // 表单令牌 return json_send(['code' => 'success', 'msg' => '退出成功', 'data' => '']); } /** * 手机号码登录 /manager/login/mobile * @author 唐远望 * @version 1.0 * @date 2025-12-04 * @param string mobile 手机号码 * @param string password 登录密码 * */ public function mobile(Request $Request, AuthRule $AuthRule, EmployeeModel $EmployeeModel) { // 验证规则 $Request->scene('mobile')->validate(); // 接收数据 $phone = $Request->input('phone', ''); // 接收数据 $password = $Request->input('password', ''); // 查询用户 $admin = $EmployeeModel->where('mobile', $phone)->first(['company_id', 'id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']); // 用户不存在 if (!$admin) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']); // 用户不存在 if ($admin['status']) return json_send(['code' => 'error', 'msg' => '该账号已停用']); // 转数组 $admin = $admin->toArray(); // 比对密码 if (md5($password) != $admin['password']) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']); // 登录 $accessToken = $EmployeeModel->Login($admin['uid'], $admin['company_id'], 'manager'); // 比对密码 if (isset($accessToken['error'])) return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]); // 获取权限列表 $accessToken['username'] = $admin['username']; $accessToken['is_system_admin'] = 0; // 表单令牌 return json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]); } /** * 发送验证码 * @author 唐远望 * @version 1.0 * @date 2026-01-15 * @param string phone 手机号码 * */ public function send_code(Request $Request, EmployeeModel $EmployeeModel) { // 验证规则 $Request->scene('send_code')->validate(); // 接收数据 $mobile = request('phone', ''); if (!$mobile) return json_send(['code' => 'error', 'msg' => '请先填写手机号']); // 获取数据 $session = Cache::get('loginSmsCode_' . $mobile); // 如果有数据，并且验证码创建的时间在一分钟之内 if ($session && time() - $session['create_time'] < 60) return json_send(['code' => 'error', 'msg' => '请稍后再试']); // 查询用户 $admin = $EmployeeModel->query()->where('mobile', $mobile)->first(['status']); if ($admin && $admin['status']) return json_send(['code' => 'error', 'msg' => '用户已被停用']); $code = strval(rand(100000, 999999)); $result = Sms::sendCode($mobile, $code); if (isset($result['error'])) return json_send(['code' => 'error', 'msg' => $result['error']]); $session = ['code' => $code, 'mobile' => $mobile, 'create_time' => time()]; Cache::put('loginSmsCode_' . $mobile, $session, 120); return json_send(['code' => 'success', 'msg' => '发送成功', 'data' => '']); } /** * 邮箱登录 /manager/login/email * @author 唐远望 * @version 1.0 * @date 2025-12-04 * @param string email 邮箱号码 * @param string password 登录密码 * */ public function email(Request $Request, AuthRule $AuthRule, EmployeeModel $EmployeeModel) { // 验证规则 $Request->scene('email')->validate(); // 接收数据 $email = $Request->input('email', ''); // 接收数据 $password = $Request->input('password', ''); // 查询用户 $admin = $EmployeeModel->where('email', $email)->first(['company_id', 'id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']); // 用户不存在 if (!$admin) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']); // 用户不存在 if ($admin['status']) return json_send(['code' => 'error', 'msg' => '该账号已停用']); // 转数组 $admin = $admin->toArray(); // 比对密码 if (md5($password) != $admin['password']) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']); // 登录 $accessToken = $EmployeeModel->Login($admin['uid'], $admin['company_id'], 'manager'); // 比对密码 if (isset($accessToken['error'])) return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]); // 获取权限列表 $accessToken['username'] = $admin['username']; $accessToken['is_system_admin'] = 0; // 表单令牌 return json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]); } /** * 手机验证码登录 /manager/login/mobile_code * @author 唐远望 * @version 1.0 * @date 2026-01-15 * @param string mobile 手机号码 * @param string code 验证码 * */ public function mobile_code(Request $Request, AuthRule $AuthRule, EmployeeModel $EmployeeModel) { // 验证规则 $Request->scene('mobile_code')->validate(); // 接收数据 $phone = $Request->input('phone', ''); // 接收数据 $code = $Request->input('code', ''); // 获取数据 $session = Cache::get('loginSmsCode_' . $phone); if (!$session) return json_send(['code' => 'error', 'msg' => '请先获取手机号验证码']); if ($session['code'] != $code || $session['mobile'] != $phone) return json_send(['code' => 'error', 'msg' => '验证码错误']); // 查询用户 $admin = $EmployeeModel->where('mobile', $phone)->first(['company_id', 'id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']); // 用户不存在 if (!$admin) return json_send(['code' => 'error', 'msg' => '账号不存在']); // 用户不存在 if ($admin['status']) return json_send(['code' => 'error', 'msg' => '该账号已停用']); // 转数组 $admin = $admin->toArray(); // 登录 $accessToken = $EmployeeModel->Login($admin['uid'], $admin['company_id'], 'manager'); // 比对密码 if (isset($accessToken['error'])) return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]); // 获取权限列表 $accessToken['username'] = $admin['username']; $accessToken['is_system_admin'] = 0; // 表单令牌 return json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]); } /** * 微信扫码登录 /manager/login/wechat * @author 唐远望 * @version 1.0 * @date 2026-01-19 * @param string open_code 微信扫码登录的code * */ public function wechat(Request $Request, AuthRule $AuthRule, EmployeeModel $EmployeeModel, EmployeeOpenidModel $EmployeeOpenidModel) { // 验证规则 $Request->scene('wechat')->validate(); // 接收数据 $open_code = $Request->input('open_code', ''); $wechatApp = new WeChatWebApp(); $tokenData = $wechatApp->getAccessTokenByCode($open_code); if (!$tokenData) return json_send(['code' => 'error', 'msg' => '获取微信用户信息失败']); $user_open_data = $EmployeeOpenidModel->where(['openid' => $tokenData['openid']])->first(); if (!$user_open_data) return json_send(['code' => 'error', 'msg' => '未绑定账号']); // 查询用户 $admin = $EmployeeModel->where('id', $user_open_data->employee_id)->first(['company_id', 'id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']); // 用户不存在 if (!$admin) return json_send(['code' => 'error', 'msg' => '账号不存在']); // 用户不存在 if ($admin['status']) return json_send(['code' => 'error', 'msg' => '该账号已停用']); // 转数组 $admin = $admin->toArray(); // 登录 $accessToken = $EmployeeModel->Login($admin['uid'], $admin['company_id'], 'manager'); // 比对密码 if (isset($accessToken['error'])) return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]); // 获取权限列表 $accessToken['username'] = $admin['username']; $accessToken['is_system_admin'] = 0; // 表单令牌 return json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]); } /** * 微信扫码授权绑定 /manager/login/wechat_bind * @author 唐远望 * @version 1.0 * @date 2026-01-19 * @param string open_code 微信扫码登录的code * */ public function wechat_bind(Request $Request, EmployeeModel $EmployeeModel, EmployeeOpenidModel $EmployeeOpenidModel) { // 验证规则 $Request->scene('wechat_bind')->validate(); $uid = request('access_token.uid', 0); $company_id = request('access_token.company_id', '0'); // 接收数据 $open_code = $Request->input('open_code', ''); $wechatApp = new WeChatWebApp(); $tokenData = $wechatApp->getAccessTokenByCode($open_code); if (!$tokenData) return json_send(['code' => 'error', 'msg' => '获取微信用户信息失败']); // $user_open_data = $EmployeeOpenidModel->where(['openid' => $tokenData['openid']])->first(); // if ($user_open_data) return json_send(['code' => 'error', 'msg' => '微信已绑定，无需重复绑定']); //新增绑定记录 $user_info = $EmployeeModel->where(['id' => $uid])->first(); if (!$user_info) return json_send(['code' => 'error', 'msg' => '未找到用户信息']); //查询openid是否绑定其它用户 $openid_user_info = $EmployeeOpenidModel->where(['openid' => $tokenData['openid']])->first(); if ($openid_user_info && $openid_user_info->employee_id != $uid) { return json_send(['code' => 'error', 'msg' => '该微信已绑定其它账号']); } DB::beginTransaction(); try { $user_info->band_wechat = 1; //绑定微信0=未绑定1=已绑定 $user_info->save(); //查询是否存在绑定记录 $band_wechat_data = $EmployeeOpenidModel->where(['employee_id' => $uid])->first(); if (!$band_wechat_data) { //查询关注公众号记录 $unionid = $tokenData['unionid'] ?? ''; $official_user_info = $EmployeeOpenidModel->where(['unionid' => $unionid])->first(); if ($official_user_info) { $official_user_info->company_id = $company_id; $official_user_info->employee_id = $uid; $official_user_info->openid = $tokenData['openid']; $official_user_info->update_time = time(); $official_user_info->save(); } else { $EmployeeOpenidModel->insertGetId([ 'company_id' => $company_id, 'employee_id' => $uid, 'unionid' => $tokenData['unionid'] ?? '', 'openid' => $tokenData['openid'], 'insert_time' => time() ]); } } else { $band_wechat_data->unionid = $tokenData['unionid'] ?? ''; $band_wechat_data->openid = $tokenData['openid']; $band_wechat_data->update_time = time(); $band_wechat_data->save(); } DB::commit(); return json_send(['code' => 'success', 'msg' => '绑定成功', 'data' => '']); } catch (\Exception $e) { DB::rollBack(); return json_send(['code' => 'error', 'msg' => '绑定失败', 'data' => $e->getMessage()]); } } }