$username]); if (!$manystore) { $this->setError('Username is incorrect'); return false; } if ($manystore['status'] == 'hidden') { $this->setError('Admin is forbidden'); return false; } if (Config::get('fastadmin.login_failure_retry') && $manystore->loginfailure >= 10 && time() - $manystore->updatetime < 86400) { $this->setError('Please try again after 1 day'); return false; } if ($manystore->password != md5(md5($password) . $manystore->salt)) { $manystore->loginfailure++; $manystore->save(); $this->setError('Password is incorrect'); return false; } $manystore->loginfailure = 0; $manystore->logintime = time(); $manystore->loginip = request()->ip(); $manystore->token = Random::uuid(); $manystore->save(); Session::set("manystore", $manystore->toArray()); $this->keeplogin($keeptime); return true; } /** * 注销登录 */ public function logout() { $manystore = Manystore::get(intval($this->id)); //2022-08-27 修复无法退出登录 if ($manystore) { $manystore->token = ''; $manystore->save(); } $this->logined = false; //重置登录状态 Session::delete("manystore"); Cookie::delete("keeplogin"); return true; } /** * 自动登录 * @return boolean */ public function autologin() { $keeplogin = Cookie::get('manystorekeeplogin'); if (!$keeplogin) { return false; } list($id, $keeptime, $expiretime, $key) = explode('|', $keeplogin); if ($id && $keeptime && $expiretime && $key && $expiretime > time()) { $manystore = Manystore::get($id); if (!$manystore || !$manystore->token) { return false; } //token有变更 if ($key != md5(md5($id) . md5($keeptime) . md5($expiretime) . $manystore->token)) { return false; } $ip = request()->ip(); //IP有变动 if ($manystore->loginip != $ip) { return false; } Session::set("manystore", $manystore->toArray()); //刷新自动登录的时效 $this->keeplogin($keeptime); return true; } else { return false; } } /** * 刷新保持登录的Cookie * * @param int $keeptime * @return boolean */ protected function keeplogin($keeptime = 0) { if ($keeptime) { $expiretime = time() + $keeptime; $key = md5(md5($this->id) . md5($keeptime) . md5($expiretime) . $this->token); $data = [$this->id, $keeptime, $expiretime, $key]; Cookie::set('manystorekeeplogin', implode('|', $data), 86400 * 30); return true; } return false; } public function check($name, $uid = '', $relation = 'or', $mode = 'url') { $uid = $uid ? $uid : $this->id; return parent::check($name, $uid, $relation, $mode); } /** * 检测当前控制器和方法是否匹配传递的数组 * * @param array $arr 需要验证权限的数组 * @return bool */ public function match($arr = []) { $request = Request::instance(); $arr = is_array($arr) ? $arr : explode(',', $arr); if (!$arr) { return false; } $arr = array_map('strtolower', $arr); // 是否存在 if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr)) { return true; } // 没找到匹配 return false; } /** * 检测是否登录 * * @return boolean */ public function isLogin() { if ($this->logined) { return true; } $manystore = Session::get('manystore'); if (!$manystore) { return false; } //判断是否同一时间同一账号只能在一个地方登录 if (Config::get('fastadmin.login_unique')) { $my = Manystore::get($manystore['id']); if (!$my || $my['token'] != $manystore['token']) { $this->logout(); return false; } } //判断管理员IP是否变动 if (Config::get('fastadmin.loginip_check')) { if (!isset($manystore['loginip']) || $manystore['loginip'] != request()->ip()) { $this->logout(); return false; } } $this->logined = true; return true; } /** * 获取当前请求的URI * @return string */ public function getRequestUri() { return $this->requestUri; } /** * 设置当前请求的URI * @param string $uri */ public function setRequestUri($uri) { $this->requestUri = $uri; } public function getGroups($uid = null) { $uid = is_null($uid) ? $this->id : $uid; return parent::getGroups($uid); } public function getRuleList($uid = null) { $uid = is_null($uid) ? $this->id : $uid; return parent::getRuleList($uid); } public function getUserInfo($uid = null) { $uid = is_null($uid) ? $this->id : $uid; return $uid != $this->id ? Manystore::get(intval($uid)) : Session::get('manystore'); } public function getRuleIds($uid = null) { $uid = is_null($uid) ? $this->id : $uid; return parent::getRuleIds($uid); } public function isSuperAdmin() { return in_array('*', $this->getRuleIds()) ? true : false; } /** * 获取管理员所属于的分组ID * @param int $uid * @return array */ public function getGroupIds($uid = null) { $groups = $this->getGroups($uid); $groupIds = []; foreach ($groups as $K => $v) { $groupIds[] = (int)$v['group_id']; } return $groupIds; } /** * 取出当前管理员所拥有权限的分组 * @param boolean $withself 是否包含当前所在的分组 * @return array */ public function getChildrenGroupIds($withself = false) { //取出当前管理员所有的分组 $groups = $this->getGroups(); $groupIds = []; foreach ($groups as $k => $v) { $groupIds[] = $v['id']; } $originGroupIds = $groupIds; foreach ($groups as $k => $v) { if (in_array($v['pid'], $originGroupIds)) { $groupIds = array_diff($groupIds, [$v['id']]); unset($groups[$k]); } } // 取出所有分组 $groupList = \app\manystore\model\ManystoreAuthGroup::where(['shop_id'=>SHOP_ID,'status' => 'normal'])->select(); $objList = []; foreach ($groups as $k => $v) { if ($v['rules'] === '*') { $objList = $groupList; break; } // 取出包含自己的所有子节点 $childrenList = Tree::instance()->init($groupList)->getChildren($v['id'], true); $obj = Tree::instance()->init($childrenList)->getTreeArray($v['pid']); $objList = array_merge($objList, Tree::instance()->getTreeList($obj)); } $childrenGroupIds = []; foreach ($objList as $k => $v) { $childrenGroupIds[] = $v['id']; } if (!$withself) { $childrenGroupIds = array_diff($childrenGroupIds, $groupIds); } return $childrenGroupIds; } /** * 取出当前管理员所拥有权限的管理员 * @param boolean $withself 是否包含自身 * @return array */ public function getChildrenAdminIds($withself = false) { $childrenAdminIds = []; if (!$this->isSuperAdmin()) { $groupIds = $this->getChildrenGroupIds(false); $authGroupList = \app\manystore\model\ManystoreAuthGroupAccess:: field('uid,group_id') ->where('group_id', 'in', $groupIds) ->select(); foreach ($authGroupList as $k => $v) { $childrenAdminIds[] = $v['uid']; } } else { //超级管理员拥有所有人的权限 $where = []; $where['shop_id'] = SHOP_ID; if($this->getUserInfo()['is_main'] == 0){ $where['is_main'] = 0; } $childrenAdminIds = Manystore::where($where)->column('id'); } if ($withself) { if (!in_array($this->id, $childrenAdminIds)) { $childrenAdminIds[] = $this->id; } } else { $childrenAdminIds = array_diff($childrenAdminIds, [$this->id]); } return $childrenAdminIds; } /** * 获得面包屑导航 * @param string $path * @return array */ public function getBreadCrumb($path = '') { if ($this->breadcrumb || !$path) { return $this->breadcrumb; } $path_rule_id = 0; foreach ($this->rules as $rule) { $path_rule_id = $rule['name'] == $path ? $rule['id'] : $path_rule_id; } if ($path_rule_id) { $this->breadcrumb = Tree::instance()->init($this->rules)->getParents($path_rule_id, true); foreach ($this->breadcrumb as $k => &$v) { $v['url'] = url($v['name']); $v['title'] = __($v['title']); } } return $this->breadcrumb; } /** * 获取左侧和顶部菜单栏 * * @param array $params URL对应的badge数据 * @param string $fixedPage 默认页 * @return array */ public function getSidebar($params = [], $fixedPage = 'dashboard') { // 边栏开始 Hook::listen("admin_sidebar_begin", $params); $colorArr = ['red', 'green', 'yellow', 'blue', 'teal', 'orange', 'purple']; $colorNums = count($colorArr); $badgeList = []; $module = request()->module(); // 生成菜单的badge foreach ($params as $k => $v) { $url = $k; if (is_array($v)) { $nums = isset($v[0]) ? $v[0] : 0; $color = isset($v[1]) ? $v[1] : $colorArr[(is_numeric($nums) ? $nums : strlen($nums)) % $colorNums]; $class = isset($v[2]) ? $v[2] : 'label'; } else { $nums = $v; $color = $colorArr[(is_numeric($nums) ? $nums : strlen($nums)) % $colorNums]; $class = 'label'; } //必须nums大于0才显示 if ($nums) { $badgeList[$url] = '' . $nums . ''; } } // 读取管理员当前拥有的权限节点 $userRule = $this->getRuleList(); $selected = $referer = []; $refererUrl = Session::get('referer'); $pinyin = new \Overtrue\Pinyin\Pinyin('Overtrue\Pinyin\MemoryFileDictLoader'); // 必须将结果集转换为数组 $ruleList = collection(\app\manystore\model\ManystoreAuthRule::where('status', 'normal') ->where('ismenu', 1) ->order('weigh', 'desc') ->cache("__manystore_menu__") ->select())->toArray(); $indexRuleList = \app\manystore\model\ManystoreAuthRule::where('status', 'normal') ->where('ismenu', 0) ->where('name', 'like', '%/index') ->column('name,pid'); $pidArr = array_filter(array_unique(array_map(function ($item) { return $item['pid']; }, $ruleList))); foreach ($ruleList as $k => &$v) { if (!in_array($v['name'], $userRule)) { unset($ruleList[$k]); continue; } $indexRuleName = $v['name'] . '/index'; if (isset($indexRuleList[$indexRuleName]) && !in_array($indexRuleName, $userRule)) { unset($ruleList[$k]); continue; } $v['icon'] = $v['icon'] . ' fa-fw'; $v['url'] = '/' . $module . '/' . $v['name']; $v['badge'] = isset($badgeList[$v['name']]) ? $badgeList[$v['name']] : ''; $v['py'] = $pinyin->abbr($v['title'], ''); $v['pinyin'] = $pinyin->permalink($v['title'], ''); $v['title'] = __($v['title']); $selected = $v['name'] == $fixedPage ? $v : $selected; $referer = url($v['url']) == $refererUrl ? $v : $referer; } $lastArr = array_diff($pidArr, array_filter(array_unique(array_map(function ($item) { return $item['pid']; }, $ruleList)))); foreach ($ruleList as $index => $item) { if (in_array($item['id'], $lastArr)) { unset($ruleList[$index]); } } if ($selected == $referer) { $referer = []; } $selected && $selected['url'] = url($selected['url']); $referer && $referer['url'] = url($referer['url']); $select_id = $selected ? $selected['id'] : 0; $menu = $nav = ''; if (Config::get('fastadmin.multiplenav')) { $topList = []; foreach ($ruleList as $index => $item) { if (!$item['pid']) { $topList[] = $item; } } $selectParentIds = []; $tree = Tree::instance(); $tree->init($ruleList); if ($select_id) { $selectParentIds = $tree->getParentsIds($select_id, true); } foreach ($topList as $index => $item) { $childList = Tree::instance()->getTreeMenu( $item['id'], '