zhijiayun/app/Http/Controllers/Manager/Login.php

<?php

namespace App\Http\Controllers\Manager;

use App\Models\Manager\AdminUser;
use App\Http\Requests\Manager\Login as Request;
use App\Models\Manager\AuthRule;
use App\Facades\Servers\Encrypts\AccessToken;
use App\Models\Manager\Personnel\Employee as EmployeeModel;
use App\Facades\Servers\Sms\VerifyCode as Sms;
use App\Models\Manager\Personnel\EmployeeOpenid as EmployeeOpenidModel;
use App\Servers\Wechat\WeChatWebApp;

/**
 * 管理后台登录控制器
 * @author 唐远望
 * @version   1.0
 * @date      2025-12-02
 *
 * */
class Login extends Manager
{

	/**
	 * 登录方法				/manager/login/index
	 * @author 唐远望
	 * @version   1.0
	 * @date      2025-12-02
	 * @param string 	username	登录账号
	 * @param string 	password	登录密码
	 * 
	 * */
	public function index(Request $Request, AdminUser $AdminUser, AuthRule $AuthRule, EmployeeModel $EmployeeModel)
	{
		// 验证规则
		$Request->scene('login')->validate();
		// 接收数据
		$username    = $Request->input('username', '');
		// 接收数据
		$password    = $Request->input('password', '');
		if (strtolower($username) == 'admin') {
			// 查询用户
			$admin    	= $AdminUser->orWhere('username', $username)->first(['uid', 'username', 'phone', 'status', 'password', 'insert_time', 'update_time']);
			// 用户不存在
			if (!$admin)	return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']);
			// 用户不存在
			if ($admin['status']) 				return json_send(['code' => 'error', 'msg' => '该账号已停用']);
			// 转数组
			$admin    	= $admin->toArray();
			// 比对密码
			if (md5($password) != $admin['password']) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']);
			// 登录
			$accessToken 						= $AdminUser->Login($admin['uid'], 'manager');
			// 比对密码
			if (isset($accessToken['error'])) 	return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]);
			// 获取权限列表
			$accessToken['username']			= $admin['username'];
			// 获取权限列表
			$accessToken['auth_rules']			= $AuthRule->getAuthList($admin['uid'], '1', 'manager');
		} else {
			$admin    	= $EmployeeModel->where('employee_code', $username)->first(['id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']);
			// 用户不存在
			if (!$admin)	return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']);
			// 用户不存在
			if ($admin['status']) 				return json_send(['code' => 'error', 'msg' => '该账号已停用']);
			// 转数组
			$admin    	= $admin->toArray();
			// 比对密码
			if (md5($password) != $admin['password']) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']);
			// 登录
			$accessToken 						= $EmployeeModel->Login($admin['uid'], 'manager');
			// 比对密码
			if (isset($accessToken['error'])) 	return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]);
			// 获取权限列表
			$accessToken['username']			= $admin['username'];
			$accessToken['auth_rules']			= $AuthRule->getAuthList($admin['uid'], '0', 'manager');
		}

		// 表单令牌
		return    	json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]);
	}



	/**
	 * 登录方法				/manager/login/out
	 * @author 唐远望
	 * @version   1.0
	 * @date      2025-12-02
	 * @param string 	username	登录账号
	 * @param string 	password	登录密码
	 * 
	 * */
	public function out(Request $Request, AdminUser $AdminUser, EmployeeModel $EmployeeModel)
	{
		$token  = $Request->input('access_token_manager', '');
		// 解码
		$userInfo                       = AccessToken::decode($token);
		// 验证规则
		$uid     	= $userInfo['uid'];
		$is_admin   = $userInfo['is_admin'];
		if ($is_admin == '1') {
			// 退出登录
			$AdminUser->LoginOut($uid, 'manager');
		} else {
			$EmployeeModel->LoginOut($uid, 'manager');
		}

		// 表单令牌
		return    	json_send(['code' => 'success', 'msg' => '退出成功', 'data' => '']);
	}


	/**
	 * 手机号码登录			/manager/login/mobile
	 * @author 唐远望
	 * @version   1.0
	 * @date      2025-12-04
	 * @param string 	mobile		手机号码
	 * @param string 	password	登录密码
	 * 
	 */
	public function mobile(Request $Request, AuthRule $AuthRule, EmployeeModel $EmployeeModel)
	{
		// 验证规则
		$Request->scene('mobile')->validate();
		// 接收数据
		$phone    = $Request->input('phone', '');
		// 接收数据
		$password    = $Request->input('password', '');
		// 查询用户
		$admin    	= $EmployeeModel->where('mobile', $phone)->first(['id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']);
		// 用户不存在
		if (!$admin)	return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']);
		// 用户不存在
		if ($admin['status']) 				return json_send(['code' => 'error', 'msg' => '该账号已停用']);
		// 转数组
		$admin    	= $admin->toArray();
		// 比对密码
		if (md5($password) != $admin['password']) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']);
		// 登录
		$accessToken 						= $EmployeeModel->Login($admin['uid'], 'manager');
		// 比对密码
		if (isset($accessToken['error'])) 	return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]);
		// 获取权限列表
		$accessToken['username']			= $admin['username'];
		// 获取权限列表
		$accessToken['auth_rules']			= $AuthRule->getAuthList($admin['uid'], 'manager');;
		// 表单令牌
		return    	json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]);
	}

	/**
	 * 发送验证码
	 * @author 唐远望
	 * @version   1.0
	 * @date      2026-01-15
	 * @param string 	phone		手机号码
	 * 
	 */
	public function send_code(Request $Request, EmployeeModel $EmployeeModel)
	{
		// 验证规则
		$Request->scene('send_code')->validate();
		// 接收数据
		$mobile		 = request('phone', '');
		if (!$mobile)	return json_send(['code' => 'error', 'msg' => '请先填写手机号']);
		// 获取数据
		$session	= session('loginSmsCode');
		// 如果有数据，并且验证码创建的时间在一分钟之内
		if ($session && time() - $session['create_time'] < 60) return json_send(['code' => 'error', 'msg' => '请稍后再试']);
		// 查询用户
		$admin		= $EmployeeModel->query()->where('mobile', $mobile)->first(['status']);
		if ($admin && $admin['status'])    return json_send(['code' => 'error', 'msg' => '用户已被停用']);
		$code 		= strval(rand(100000, 999999));
		$result    = Sms::sendCode($mobile, $code);
		if (isset($result['error']))	return json_send(['code' => 'error', 'msg' => $result['error']]);
		$session 	= ['code' => $code, 'mobile' => $mobile, 'create_time' => time()];
		session(['loginSmsCode' => $session]);
		return							json_send(['code' => 'success', 'msg' => '发送成功', 'data' => $code]);
	}

	/**
	 * 邮箱登录			/manager/login/email
	 * @author 唐远望
	 * @version   1.0
	 * @date      2025-12-04
	 * @param string 	email		邮箱号码
	 * @param string 	password	登录密码
	 * 
	 */
	public function email(Request $Request, AuthRule $AuthRule, EmployeeModel $EmployeeModel)
	{
		// 验证规则
		$Request->scene('email')->validate();
		// 接收数据
		$email    = $Request->input('email', '');
		// 接收数据
		$password    = $Request->input('password', '');
		// 查询用户
		$admin    	= $EmployeeModel->where('email', $email)->first(['id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']);
		// 用户不存在
		if (!$admin)	return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']);
		// 用户不存在
		if ($admin['status']) 				return json_send(['code' => 'error', 'msg' => '该账号已停用']);
		// 转数组
		$admin    	= $admin->toArray();
		// 比对密码
		if (md5($password) != $admin['password']) return json_send(['code' => 'error', 'msg' => '密码错误或账号不存在']);
		// 登录
		$accessToken 						= $EmployeeModel->Login($admin['uid'], 'manager');
		// 比对密码
		if (isset($accessToken['error'])) 	return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]);
		// 获取权限列表
		$accessToken['username']			= $admin['username'];
		// 获取权限列表
		$accessToken['auth_rules']			= $AuthRule->getAuthList($admin['uid'], 'manager');;
		// 表单令牌
		return    	json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]);
	}

	/**
	 * 手机验证码登录			/manager/login/mobile_code
	 * @author 唐远望
	 * @version   1.0
	 * @date      2026-01-15
	 * @param string 	mobile		手机号码
	 * @param string 	code	验证码
	 * 
	 */
	public function mobile_code(Request $Request, AuthRule $AuthRule, EmployeeModel $EmployeeModel)
	{
		// 验证规则
		$Request->scene('mobile_code')->validate();
		// 接收数据
		$phone    = $Request->input('phone', '');
		// 接收数据
		$code    = $Request->input('code', '');
		// 获取数据
		$session						    = session('loginSmsCode');
		if (!$session)                     return json_send(['code' => 'error', 'msg' => '请先获取手机号验证码']);
		if ($session['code'] != $code || $session['phone'] != $phone) return json_send(['code' => 'error', 'msg' => '验证码错误']);
		// 查询用户
		$admin    	= $EmployeeModel->where('mobile', $phone)->first(['id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']);
		// 用户不存在
		if (!$admin)	return json_send(['code' => 'error', 'msg' => '账号不存在']);
		// 用户不存在
		if ($admin['status']) 				return json_send(['code' => 'error', 'msg' => '该账号已停用']);
		// 转数组
		$admin    	= $admin->toArray();
		// 登录
		$accessToken 						= $EmployeeModel->Login($admin['uid'], 'manager');
		// 比对密码
		if (isset($accessToken['error'])) 	return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]);
		// 获取权限列表
		$accessToken['username']			= $admin['username'];
		// 获取权限列表
		$accessToken['auth_rules']			= $AuthRule->getAuthList($admin['uid'], 'manager');;
		// 表单令牌
		return    	json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]);
	}


	/**
	 * 微信扫码登录			/manager/login/wechat
	 * @author 唐远望
	 * @version   1.0
	 * @date      2026-01-19
	 * @param string 	open_code		微信扫码登录的code
	 * 
	 */
	public function wechat(Request $Request, AuthRule $AuthRule, EmployeeModel $EmployeeModel, EmployeeOpenidModel $EmployeeOpenidModel)
	{
		// 验证规则
		$Request->scene('wechat')->validate();
		// 接收数据
		$open_code    = $Request->input('open_code', '');
		$wechatApp = new WeChatWebApp();
		$tokenData = $wechatApp->getAccessTokenByCode($open_code);
		if (!$tokenData) return json_send(['code' => 'error', 'msg' => '获取微信用户信息失败']);
		$user_open_data = $EmployeeOpenidModel->where(['openid' => $tokenData['openid']])->first();
		if (!$user_open_data)   return json_send(['code' => 'error', 'msg' => '未绑定账号，请登录后在绑定']);
		// 查询用户
		$admin    	= $EmployeeModel->where('id', $user_open_data->employee_id)->first(['id as uid', 'name as username', 'mobile as phone', 'status', 'password', 'insert_time', 'update_time']);
		// 用户不存在
		if (!$admin)	return json_send(['code' => 'error', 'msg' => '账号不存在']);
		// 用户不存在
		if ($admin['status']) 				return json_send(['code' => 'error', 'msg' => '该账号已停用']);
		// 转数组
		$admin    	= $admin->toArray();
		// 登录
		$accessToken 						= $EmployeeModel->Login($admin['uid'], 'manager');
		// 比对密码
		if (isset($accessToken['error'])) 	return json_send(['code' => 'error', 'msg' => '登录失败', 'data' => $accessToken['data']]);
		// 获取权限列表
		$accessToken['username']			= $admin['username'];
		// 获取权限列表
		$accessToken['auth_rules']			= $AuthRule->getAuthList($admin['uid'], 'manager');;
		// 表单令牌
		return    	json_send(['code' => 'success', 'msg' => '登录成功', 'data' => $accessToken]);
	}

	/**
	 * 微信扫码授权绑定			/manager/login/wechat_bind
	 * @author 唐远望
	 * @version   1.0
	 * @date      2026-01-19
	 * @param string 	open_code		微信扫码登录的code
	 * 
	 */
	public function wechat_bind(Request $Request,EmployeeOpenidModel $EmployeeOpenidModel)
	{
		// 验证规则
		$Request->scene('wechat_bind')->validate();
		$uid             = request('access_token.uid', 0);
		// 接收数据
		$open_code    = $Request->input('open_code', '');
		$wechatApp = new WeChatWebApp();
		$tokenData = $wechatApp->getAccessTokenByCode($open_code);
		if (!$tokenData) return json_send(['code' => 'error', 'msg' => '获取微信用户信息失败']);
		$user_open_data = $EmployeeOpenidModel->where(['openid' => $tokenData['openid'],'employee_id'=> $uid])->first();
		if ($user_open_data)   return json_send(['code' => 'error', 'msg' => '微信已绑定，无需重复绑定']);
		//新增绑定记录
		$EmployeeOpenidModel->create([
			'openid' => $tokenData['openid'],
			'unionid' => isset($tokenData['unionid']) ? $tokenData['unionid'] : '',
			'employee_id' => $uid,
			'insert_time' => time(),
		]);
		return json_send(['code' => 'success', 'msg' => '绑定成功','data'=>'']);
	}
}