Auth.php 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576
  1. <?php
  2. namespace app\common\library;
  3. use app\common\model\User;
  4. use app\common\model\UserRule;
  5. use fast\Random;
  6. use think\Config;
  7. use think\Db;
  8. use think\Exception;
  9. use think\Hook;
  10. use think\Request;
  11. use think\Validate;
  12. class Auth
  13. {
  14. protected static $instance = null;
  15. protected $_error = '';
  16. protected $_logined = false;
  17. protected $_user = null;
  18. protected $_token = '';
  19. //Token默认有效时长
  20. protected $keeptime = 2592000;
  21. protected $requestUri = '';
  22. protected $rules = [];
  23. //默认配置
  24. protected $config = [];
  25. protected $options = [];
  26. protected $allowFields = ['id', 'username', 'nickname', 'mobile', 'avatar', 'score'];
  27. public function __construct($options = [])
  28. {
  29. if ($config = Config::get('user')) {
  30. $this->config = array_merge($this->config, $config);
  31. }
  32. $this->options = array_merge($this->config, $options);
  33. }
  34. /**
  35. *
  36. * @param array $options 参数
  37. * @return Auth
  38. */
  39. public static function instance($options = [])
  40. {
  41. if (is_null(self::$instance)) {
  42. self::$instance = new static($options);
  43. }
  44. return self::$instance;
  45. }
  46. /**
  47. * 获取User模型
  48. * @return User
  49. */
  50. public function getUser()
  51. {
  52. return $this->_user;
  53. }
  54. /**
  55. * 兼容调用user模型的属性
  56. *
  57. * @param string $name
  58. * @return mixed
  59. */
  60. public function __get($name)
  61. {
  62. return $this->_user ? $this->_user->$name : null;
  63. }
  64. /**
  65. * 兼容调用user模型的属性
  66. */
  67. public function __isset($name)
  68. {
  69. return isset($this->_user) ? isset($this->_user->$name) : false;
  70. }
  71. /**
  72. * 根据Token初始化
  73. *
  74. * @param string $token Token
  75. * @return boolean
  76. */
  77. public function init($token)
  78. {
  79. if ($this->_logined) {
  80. return true;
  81. }
  82. if ($this->_error) {
  83. return false;
  84. }
  85. $data = Token::get($token);
  86. if (!$data) {
  87. return false;
  88. }
  89. $user_id = intval($data['user_id']);
  90. if ($user_id > 0) {
  91. $user = User::get($user_id);
  92. if (!$user) {
  93. $this->setError('Account not exist');
  94. return false;
  95. }
  96. if ($user['status'] != 'normal') {
  97. $this->setError('Account is locked');
  98. return false;
  99. }
  100. $this->_user = $user;
  101. $this->_logined = true;
  102. $this->_token = $token;
  103. //初始化成功的事件
  104. Hook::listen("user_init_successed", $this->_user);
  105. return true;
  106. } else {
  107. $this->setError('You are not logged in');
  108. return false;
  109. }
  110. }
  111. /**
  112. * 注册用户
  113. *
  114. * @param string $username 用户名
  115. * @param string $password 密码
  116. * @param string $email 邮箱
  117. * @param string $mobile 手机号
  118. * @param array $extend 扩展参数
  119. * @return boolean
  120. */
  121. public function register($username, $password, $email = '', $mobile = '', $extend = [])
  122. {
  123. // 检测用户名、昵称、邮箱、手机号是否存在
  124. if (User::getByUsername($username)) {
  125. $this->setError('Username already exist');
  126. return false;
  127. }
  128. if (User::getByNickname($username)) {
  129. $this->setError('Nickname already exist');
  130. return false;
  131. }
  132. if ($email && User::getByEmail($email)) {
  133. $this->setError('Email already exist');
  134. return false;
  135. }
  136. if ($mobile && User::getByMobile($mobile)) {
  137. $this->setError('Mobile already exist');
  138. return false;
  139. }
  140. $ip = request()->ip();
  141. $time = time();
  142. $data = [
  143. 'username' => $username,
  144. 'password' => $password,
  145. 'email' => $email,
  146. 'mobile' => $mobile,
  147. 'level' => 1,
  148. 'score' => 0,
  149. 'avatar' => '',
  150. ];
  151. $params = array_merge($data, [
  152. 'nickname' => preg_match("/^1[3-9]{1}\d{9}$/", $username) ? substr_replace($username, '****', 3, 4) : $username,
  153. 'salt' => Random::alnum(),
  154. 'jointime' => $time,
  155. 'joinip' => $ip,
  156. 'logintime' => $time,
  157. 'loginip' => $ip,
  158. 'prevtime' => $time,
  159. 'status' => 'normal'
  160. ]);
  161. $params['password'] = $this->getEncryptPassword($password, $params['salt']);
  162. $params = array_merge($params, $extend);
  163. //账号注册时需要开启事务,避免出现垃圾数据
  164. Db::startTrans();
  165. try {
  166. $user = User::create($params, true);
  167. $this->_user = User::get($user->id);
  168. //设置Token
  169. $this->_token = Random::uuid();
  170. Token::set($this->_token, $user->id, $this->keeptime);
  171. //设置登录状态
  172. $this->_logined = true;
  173. //注册成功的事件
  174. Hook::listen("user_register_successed", $this->_user, $data);
  175. Db::commit();
  176. } catch (Exception $e) {
  177. $this->setError($e->getMessage());
  178. Db::rollback();
  179. return false;
  180. }
  181. return true;
  182. }
  183. /**
  184. * 用户登录
  185. *
  186. * @param string $account 账号,用户名、邮箱、手机号
  187. * @param string $password 密码
  188. * @return boolean
  189. */
  190. public function login($account, $password)
  191. {
  192. $field = Validate::is($account, 'email') ? 'email' : (Validate::regex($account, '/^1\d{10}$/') ? 'mobile' : 'username');
  193. $user = User::get([$field => $account]);
  194. if (!$user) {
  195. $this->setError('Account is incorrect');
  196. return false;
  197. }
  198. if ($user->status != 'normal') {
  199. $this->setError('Account is locked');
  200. return false;
  201. }
  202. if ($user->password != $this->getEncryptPassword($password, $user->salt)) {
  203. $this->setError('Password is incorrect');
  204. return false;
  205. }
  206. //直接登录会员
  207. return $this->direct($user->id);
  208. }
  209. /**
  210. * 退出
  211. *
  212. * @return boolean
  213. */
  214. public function logout()
  215. {
  216. if (!$this->_logined) {
  217. $this->setError('You are not logged in');
  218. return false;
  219. }
  220. //设置登录标识
  221. $this->_logined = false;
  222. //删除Token
  223. Token::delete($this->_token);
  224. //退出成功的事件
  225. Hook::listen("user_logout_successed", $this->_user);
  226. return true;
  227. }
  228. /**
  229. * 修改密码
  230. * @param string $newpassword 新密码
  231. * @param string $oldpassword 旧密码
  232. * @param bool $ignoreoldpassword 忽略旧密码
  233. * @return boolean
  234. */
  235. public function changepwd($newpassword, $oldpassword = '', $ignoreoldpassword = false)
  236. {
  237. if (!$this->_logined) {
  238. $this->setError('You are not logged in');
  239. return false;
  240. }
  241. //判断旧密码是否正确
  242. if ($this->_user->password == $this->getEncryptPassword($oldpassword, $this->_user->salt) || $ignoreoldpassword) {
  243. Db::startTrans();
  244. try {
  245. $salt = Random::alnum();
  246. $newpassword = $this->getEncryptPassword($newpassword, $salt);
  247. $this->_user->save(['loginfailure' => 0, 'password' => $newpassword, 'salt' => $salt]);
  248. Token::delete($this->_token);
  249. //修改密码成功的事件
  250. Hook::listen("user_changepwd_successed", $this->_user);
  251. Db::commit();
  252. } catch (Exception $e) {
  253. Db::rollback();
  254. $this->setError($e->getMessage());
  255. return false;
  256. }
  257. return true;
  258. } else {
  259. $this->setError('Password is incorrect');
  260. return false;
  261. }
  262. }
  263. /**
  264. * 直接登录账号
  265. * @param int $user_id
  266. * @return boolean
  267. */
  268. public function direct($user_id)
  269. {
  270. $user = User::get($user_id);
  271. if ($user) {
  272. Db::startTrans();
  273. try {
  274. $ip = request()->ip();
  275. $time = time();
  276. //判断连续登录和最大连续登录
  277. if ($user->logintime < \fast\Date::unixtime('day')) {
  278. $user->successions = $user->logintime < \fast\Date::unixtime('day', -1) ? 1 : $user->successions + 1;
  279. $user->maxsuccessions = max($user->successions, $user->maxsuccessions);
  280. }
  281. $user->prevtime = $user->logintime;
  282. //记录本次登录的IP和时间
  283. $user->loginip = $ip;
  284. $user->logintime = $time;
  285. //重置登录失败次数
  286. $user->loginfailure = 0;
  287. $user->save();
  288. $this->_user = $user;
  289. $this->_token = Random::uuid();
  290. Token::set($this->_token, $user->id, $this->keeptime);
  291. $this->_logined = true;
  292. //登录成功的事件
  293. Hook::listen("user_login_successed", $this->_user);
  294. Db::commit();
  295. } catch (Exception $e) {
  296. Db::rollback();
  297. $this->setError($e->getMessage());
  298. return false;
  299. }
  300. return true;
  301. } else {
  302. return false;
  303. }
  304. }
  305. /**
  306. * 检测是否是否有对应权限
  307. * @param string $path 控制器/方法
  308. * @param string $module 模块 默认为当前模块
  309. * @return boolean
  310. */
  311. public function check($path = null, $module = null)
  312. {
  313. if (!$this->_logined) {
  314. return false;
  315. }
  316. $ruleList = $this->getRuleList();
  317. $rules = [];
  318. foreach ($ruleList as $k => $v) {
  319. $rules[] = $v['name'];
  320. }
  321. $url = ($module ? $module : request()->module()) . '/' . (is_null($path) ? $this->getRequestUri() : $path);
  322. $url = strtolower(str_replace('.', '/', $url));
  323. return in_array($url, $rules);
  324. }
  325. /**
  326. * 判断是否登录
  327. * @return boolean
  328. */
  329. public function isLogin()
  330. {
  331. if ($this->_logined) {
  332. return true;
  333. }
  334. return false;
  335. }
  336. /**
  337. * 获取当前Token
  338. * @return string
  339. */
  340. public function getToken()
  341. {
  342. return $this->_token;
  343. }
  344. /**
  345. * 获取会员基本信息
  346. */
  347. public function getUserinfo()
  348. {
  349. $data = $this->_user->toArray();
  350. $allowFields = $this->getAllowFields();
  351. $userinfo = array_intersect_key($data, array_flip($allowFields));
  352. $userinfo = array_merge($userinfo, Token::get($this->_token));
  353. return $userinfo;
  354. }
  355. /**
  356. * 获取会员组别规则列表
  357. * @return array|bool|\PDOStatement|string|\think\Collection
  358. */
  359. public function getRuleList()
  360. {
  361. if ($this->rules) {
  362. return $this->rules;
  363. }
  364. $group = $this->_user->group;
  365. if (!$group) {
  366. return [];
  367. }
  368. $rules = explode(',', $group->rules);
  369. $this->rules = UserRule::where('status', 'normal')->where('id', 'in', $rules)->field('id,pid,name,title,ismenu')->select();
  370. return $this->rules;
  371. }
  372. /**
  373. * 获取当前请求的URI
  374. * @return string
  375. */
  376. public function getRequestUri()
  377. {
  378. return $this->requestUri;
  379. }
  380. /**
  381. * 设置当前请求的URI
  382. * @param string $uri
  383. */
  384. public function setRequestUri($uri)
  385. {
  386. $this->requestUri = $uri;
  387. }
  388. /**
  389. * 获取允许输出的字段
  390. * @return array
  391. */
  392. public function getAllowFields()
  393. {
  394. return $this->allowFields;
  395. }
  396. /**
  397. * 设置允许输出的字段
  398. * @param array $fields
  399. */
  400. public function setAllowFields($fields)
  401. {
  402. $this->allowFields = $fields;
  403. }
  404. /**
  405. * 删除一个指定会员
  406. * @param int $user_id 会员ID
  407. * @return boolean
  408. */
  409. public function delete($user_id)
  410. {
  411. $user = User::get($user_id);
  412. if (!$user) {
  413. return false;
  414. }
  415. Db::startTrans();
  416. try {
  417. // 删除会员
  418. User::destroy($user_id);
  419. // 删除会员指定的所有Token
  420. Token::clear($user_id);
  421. Hook::listen("user_delete_successed", $user);
  422. Db::commit();
  423. } catch (Exception $e) {
  424. Db::rollback();
  425. $this->setError($e->getMessage());
  426. return false;
  427. }
  428. return true;
  429. }
  430. /**
  431. * 获取密码加密后的字符串
  432. * @param string $password 密码
  433. * @param string $salt 密码盐
  434. * @return string
  435. */
  436. public function getEncryptPassword($password, $salt = '')
  437. {
  438. return md5(md5($password) . $salt);
  439. }
  440. /**
  441. * 检测当前控制器和方法是否匹配传递的数组
  442. *
  443. * @param array $arr 需要验证权限的数组
  444. * @return boolean
  445. */
  446. public function match($arr = [])
  447. {
  448. $request = Request::instance();
  449. $arr = is_array($arr) ? $arr : explode(',', $arr);
  450. if (!$arr) {
  451. return false;
  452. }
  453. $arr = array_map('strtolower', $arr);
  454. // 是否存在
  455. if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr)) {
  456. return true;
  457. }
  458. // 没找到匹配
  459. return false;
  460. }
  461. /**
  462. * 设置会话有效时间
  463. * @param int $keeptime 默认为永久
  464. */
  465. public function keeptime($keeptime = 0)
  466. {
  467. $this->keeptime = $keeptime;
  468. }
  469. /**
  470. * 渲染用户数据
  471. * @param array $datalist 二维数组
  472. * @param mixed $fields 加载的字段列表
  473. * @param string $fieldkey 渲染的字段
  474. * @param string $renderkey 结果字段
  475. * @return array
  476. */
  477. public function render(&$datalist, $fields = [], $fieldkey = 'user_id', $renderkey = 'userinfo')
  478. {
  479. $fields = !$fields ? ['id', 'nickname', 'level', 'avatar'] : (is_array($fields) ? $fields : explode(',', $fields));
  480. $ids = [];
  481. foreach ($datalist as $k => $v) {
  482. if (!isset($v[$fieldkey])) {
  483. continue;
  484. }
  485. $ids[] = $v[$fieldkey];
  486. }
  487. $list = [];
  488. if ($ids) {
  489. if (!in_array('id', $fields)) {
  490. $fields[] = 'id';
  491. }
  492. $ids = array_unique($ids);
  493. $selectlist = User::where('id', 'in', $ids)->column($fields);
  494. foreach ($selectlist as $k => $v) {
  495. $list[$v['id']] = $v;
  496. }
  497. }
  498. foreach ($datalist as $k => &$v) {
  499. $v[$renderkey] = $list[$v[$fieldkey]] ?? null;
  500. }
  501. unset($v);
  502. return $datalist;
  503. }
  504. /**
  505. * 设置错误信息
  506. *
  507. * @param string $error 错误信息
  508. * @return Auth
  509. */
  510. public function setError($error)
  511. {
  512. $this->_error = $error;
  513. return $this;
  514. }
  515. /**
  516. * 获取错误信息
  517. * @return string
  518. */
  519. public function getError()
  520. {
  521. return $this->_error ? __($this->_error) : '';
  522. }
  523. }