Головна сторінка Огляд Довідка
Реєстрація Увійти
ushio
/
video_system
1
0
Відгалуження 0
Файли Проблеми 0 Запити на злиття 0 Wiki
Дерево: 883e0093f9
Гілки Теги
video_system
/
Modules
/
Admin
/
Http
/
Controllers
/
LoginController.php

LoginController.php 4.4 KB
Історія Запис

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144 
  1. <?php
    2. 

  2. 

  3. namespace Modules\Admin\Http\Controllers;
    4. 

  4. 

  5. use Illuminate\Foundation\Auth\AuthenticatesUsers;
    6. 

  6. use Illuminate\Http\Request;
    7. 

  7. use Illuminate\Routing\Controller;
    8. 

  8. use Illuminate\Support\Facades\Auth;
    9. 

  9. use Illuminate\Support\Facades\Log;
    10. 

  10. use Modules\Admin\Services\FilterService;
    11. 

  11. use Modules\Admin\Services\SettingService;
    12. 

  12. use DB;
    13. 

  13. class LoginController extends Controller
    14. 

  14. {
    15. 

  15.     use AuthenticatesUsers;
    16. 

  16. 

  17.     /**
    18. 

  18.      * 登陆后的跳转页面
    19. 

  19.      *
    20. 

  20.      * @var string
    21. 

  21.      */
    22. 

  22.     protected $redirectTo = '/admin';
    23. 

  23. 

  24.     /**
    25. 

  25.      * Create a new controller instance.
    26. 

  26.      *
    27. 

  27.      * @return void
    28. 

  28.      */
    29. 

  29.     public function __construct()
    30. 

  30.     {
    31. 

  31.         $this->middleware('guest')->except('logout');
    32. 

  32.     }
    33. 

  33. 

  34.     //登录页面
    35. 

  35.     public function loginView(Request $request)
    36. 

  36.     {
    37. 

  37.         $filter = FilterService::check_ip();
    38. 

  38.         if (Auth::guard('web')->check()) {
    39. 

  39.             return redirect('/admin');
    40. 

  40.         }
    41. 

  41. 

  42.         // 获取当前访问者的 IP 地址
    43. 

  43.         $ipAddress = $_SERVER['REMOTE_ADDR'];
    44. 

  44. 

  45.         // 定义私有 IP 段
    46. 

  46.         $privateRanges = [
    47. 

  47.             ['127.0.0.0', '127.255.255.255'],
    48. 

  48.             ['10.0.0.0', '10.255.255.255'],
    49. 

  49.             ['172.16.0.0', '172.31.255.255'],
    50. 

  50.             ['192.168.0.0', '192.168.255.255']
    51. 

  51.         ];
    52. 

  52. 

  53.         $ipInPrivateRange = false;
    54. 

  54. 

  55.         // 判断 IP 是否在任何一个私有 IP 段内
    56. 

  56.         foreach ($privateRanges as $range) {
    57. 

  57.             if ($this->isIpInRange($ipAddress, $range[0], $range[1])) {
    58. 

  58.                 $ipInPrivateRange = true;
    59. 

  59.                 break;
    60. 

  60.             }
    61. 

  61.         }
    62. 

  62. 

  63.         if (!$ipInPrivateRange) {
    64. 

  64.             http_response_code(404);
    65. 

  65.             exit;
    66. 

  66.         }
    67. 

  67. 

  68.         return view('admin::login');
    69. 

  69.     }
    70. 

  70. 

  71.     function isIpInRange($ip, $rangeStart, $rangeEnd) {
    72. 

  72.         $ipLong = ip2long($ip);
    73. 

  73.         $startLong = ip2long($rangeStart);
    74. 

  74.         $endLong = ip2long($rangeEnd);
    75. 

  75.         return ($ipLong >= $startLong && $ipLong <= $endLong);
    76. 

  76.     }
    77. 

  77. 

  78.     //登录动作
    79. 

  79.     public function doLogin(Request $request)
    80. 

  80.     {
    81. 

  81.         $request['password'] = base64_decode($request->input('password'));
    82. 

  82.         $this->validateLogin($request);
    83. 

  83. 

  84.         // If the class is using the ThrottlesLogins trait, we can automatically throttle
    85. 

  85.         // the login attempts for this application. We'll key this by the username and
    86. 

  86.         // the IP address of the client making these requests into this application.
    87. 

  87.         if (method_exists($this, 'hasTooManyLoginAttempts') &&
    88. 

  88.             $this->hasTooManyLoginAttempts($request)) {
    89. 

  89.             $this->fireLockoutEvent($request);
    90. 

  90.             return $this->sendLockoutResponse($request);
    91. 

  91.         }
    92. 

  92. 

  93.         $valid = validPass($request['password']);
    94. 

  94.         if (is_string($valid)) {
    95. 

  95.             $this->guard()->logout();
    96. 

  96.             $request->session()->invalidate();
    97. 

  97.             return [
    98. 

  98.                 'code'    => 1,
    99. 

  99.                 'message' => '密码限制:' . $valid . ',请找管理员修改',
    100. 

  100.             ];
    101. 

  101.         }
    102. 

  102. 

  103.         if ($this->attemptLogin($request)) {
    104. 

  104. //            $roles = $this->guard()->user()->getRoleNames()->toArray();
    105. 

  105. //            if (count($roles) == 0 || (count($roles) == 1 && $roles[0] == 'PuTongZhiYuan')) {
    106. 

  106. //                $this->guard()->logout();
    107. 

  107. //                $request->session()->invalidate();
    108. 

  108. //                return [
    109. 

  109. //                    'code'    => 1,
    110. 

  110. //                    'message' => '没有登录权限',
    111. 

  111. //                ];
    112. 

  112. //            }
    113. 

  113.             $token = $request->input('staff_num') . "," . $request->input('password') . "," . $request->getClientIp();
    114. 

  114.             $token = base64_encode($token);
    115. 

  115.             setcookie("token", $token, time() + 7200, "/", ".nxjiewei.com");
    116. 

  116.             return $this->sendLoginResponse($request);
    117. 

  117.         }
    118. 

  118. 

  119.         // If the login attempt was unsuccessful we will increment the number of attempts
    120. 

  120.         // to login and redirect the user back to the login form. Of course, when this
    121. 

  121.         // user surpasses their maximum number of attempts they will get locked out.
    122. 

  122.         $this->incrementLoginAttempts($request);
    123. 

  123.         return $this->sendFailedLoginResponse($request);
    124. 

  124.     }
    125. 

  125. 

  126.     protected function sendLoginResponse(Request $request)
    127. 

  127.     {
    128. 

  128.         $request->session()->regenerate();
    129. 

  129.         $this->clearLoginAttempts($request);
    130. 

  130.         return [
    131. 

  131.             'code'    => 0,
    132. 

  132.             'message' => '登录成功',
    133. 

  133.         ];
    134. 

  134.     }
    135. 

  135. 

  136.     /**
    137. 

  137.      * 用户名验证字段
    138. 

  138.      * @return string
    139. 

  139.      */
    140. 

  140.     public function username()
    141. 

  141.     {
    142. 

  142.         return 'staff_num';
    143. 

  143.     }
    144. 

  144. }
    145.