Home Esplora Aiuto
Registrati Accedi
ushio
/
video_system
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): edf0417a31
Rami (Branch) Tag
video_system
/
Modules
/
Admin
/
Http
/
Controllers
/
LoginController.php

LoginController.php 4.4 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143 
  1. <?php
    2. 

  2. 

  3. namespace Modules\Admin\Http\Controllers;
    4. 

  4. 

  5. use Illuminate\Foundation\Auth\AuthenticatesUsers;
    6. 

  6. use Illuminate\Http\Request;
    7. 

  7. use Illuminate\Routing\Controller;
    8. 

  8. use Illuminate\Support\Facades\Auth;
    9. 

  9. use Illuminate\Support\Facades\Log;
    10. 

  10. use Modules\Admin\Services\FilterService;
    11. 

  11. use Modules\Admin\Services\SettingService;
    12. 

  12. use DB;
    13. 

  13. class LoginController extends Controller
    14. 

  14. {
    15. 

  15.     use AuthenticatesUsers;
    16. 

  16. 

  17.     /**
    18. 

  18.      * 登陆后的跳转页面
    19. 

  19.      *
    20. 

  20.      * @var string
    21. 

  21.      */
    22. 

  22.     protected $redirectTo = '/admin';
    23. 

  23. 

  24.     /**
    25. 

  25.      * Create a new controller instance.
    26. 

  26.      *
    27. 

  27.      * @return void
    28. 

  28.      */
    29. 

  29.     public function __construct()
    30. 

  30.     {
    31. 

  31.         $this->middleware('guest')->except('logout');
    32. 

  32.     }
    33. 

  33. 

  34.     //登录页面
    35. 

  35.     public function loginView(Request $request)
    36. 

  36.     {
    37. 

  37.         $filter = FilterService::check_ip();
    38. 

  38.         if (Auth::guard('web')->check()) {
    39. 

  39.             return redirect('/admin');
    40. 

  40.         }
    41. 

  41. 

  42.         // 获取当前访问者的 IP 地址
    43. 

  43.         $ipAddress = $_SERVER['REMOTE_ADDR'];
    44. 

  44. 

  45.         // 定义私有 IP 段
    46. 

  46.         $privateRanges = [
    47. 

  47.             ['10.0.0.0', '10.255.255.255'],
    48. 

  48.             ['172.16.0.0', '172.31.255.255'],
    49. 

  49.             ['192.168.0.0', '192.168.255.255']
    50. 

  50.         ];
    51. 

  51. 

  52.         $ipInPrivateRange = false;
    53. 

  53. 

  54.         // 判断 IP 是否在任何一个私有 IP 段内
    55. 

  55.         foreach ($privateRanges as $range) {
    56. 

  56.             if ($this->isIpInRange($ipAddress, $range[0], $range[1])) {
    57. 

  57.                 $ipInPrivateRange = true;
    58. 

  58.                 break;
    59. 

  59.             }
    60. 

  60.         }
    61. 

  61. 

  62.         if (!$ipInPrivateRange) {
    63. 

  63.             http_response_code(404);
    64. 

  64.             exit;
    65. 

  65.         }
    66. 

  66. 

  67.         return view('admin::login');
    68. 

  68.     }
    69. 

  69. 

  70.     function isIpInRange($ip, $rangeStart, $rangeEnd) {
    71. 

  71.         $ipLong = ip2long($ip);
    72. 

  72.         $startLong = ip2long($rangeStart);
    73. 

  73.         $endLong = ip2long($rangeEnd);
    74. 

  74.         return ($ipLong >= $startLong && $ipLong <= $endLong);
    75. 

  75.     }
    76. 

  76. 

  77.     //登录动作
    78. 

  78.     public function doLogin(Request $request)
    79. 

  79.     {
    80. 

  80.         $request['password'] = base64_decode($request->input('password'));
    81. 

  81.         $this->validateLogin($request);
    82. 

  82. 

  83.         // If the class is using the ThrottlesLogins trait, we can automatically throttle
    84. 

  84.         // the login attempts for this application. We'll key this by the username and
    85. 

  85.         // the IP address of the client making these requests into this application.
    86. 

  86.         if (method_exists($this, 'hasTooManyLoginAttempts') &&
    87. 

  87.             $this->hasTooManyLoginAttempts($request)) {
    88. 

  88.             $this->fireLockoutEvent($request);
    89. 

  89.             return $this->sendLockoutResponse($request);
    90. 

  90.         }
    91. 

  91. 

  92.         $valid = validPass($request['password']);
    93. 

  93.         if (is_string($valid)) {
    94. 

  94.             $this->guard()->logout();
    95. 

  95.             $request->session()->invalidate();
    96. 

  96.             return [
    97. 

  97.                 'code'    => 1,
    98. 

  98.                 'message' => '密码限制:' . $valid . ',请找管理员修改',
    99. 

  99.             ];
    100. 

  100.         }
    101. 

  101. 

  102.         if ($this->attemptLogin($request)) {
    103. 

  103. //            $roles = $this->guard()->user()->getRoleNames()->toArray();
    104. 

  104. //            if (count($roles) == 0 || (count($roles) == 1 && $roles[0] == 'PuTongZhiYuan')) {
    105. 

  105. //                $this->guard()->logout();
    106. 

  106. //                $request->session()->invalidate();
    107. 

  107. //                return [
    108. 

  108. //                    'code'    => 1,
    109. 

  109. //                    'message' => '没有登录权限',
    110. 

  110. //                ];
    111. 

  111. //            }
    112. 

  112.             $token = $request->input('staff_num') . "," . $request->input('password') . "," . $request->getClientIp();
    113. 

  113.             $token = base64_encode($token);
    114. 

  114.             setcookie("token", $token, time() + 7200, "/", ".nxjiewei.com");
    115. 

  115.             return $this->sendLoginResponse($request);
    116. 

  116.         }
    117. 

  117. 

  118.         // If the login attempt was unsuccessful we will increment the number of attempts
    119. 

  119.         // to login and redirect the user back to the login form. Of course, when this
    120. 

  120.         // user surpasses their maximum number of attempts they will get locked out.
    121. 

  121.         $this->incrementLoginAttempts($request);
    122. 

  122.         return $this->sendFailedLoginResponse($request);
    123. 

  123.     }
    124. 

  124. 

  125.     protected function sendLoginResponse(Request $request)
    126. 

  126.     {
    127. 

  127.         $request->session()->regenerate();
    128. 

  128.         $this->clearLoginAttempts($request);
    129. 

  129.         return [
    130. 

  130.             'code'    => 0,
    131. 

  131.             'message' => '登录成功',
    132. 

  132.         ];
    133. 

  133.     }
    134. 

  134. 

  135.     /**
    136. 

  136.      * 用户名验证字段
    137. 

  137.      * @return string
    138. 

  138.      */
    139. 

  139.     public function username()
    140. 

  140.     {
    141. 

  141.         return 'staff_num';
    142. 

  142.     }
    143. 

  143. }
    144.