修改后台用户登录逻辑

eff99bde · 杨昕 · e7dec889 · eff99bde · eff99bde · eff99bde
Commit eff99bde authored Aug 27, 2020 by 杨昕
Showing with 127 additions and 55 deletions

LoginController.php app/Http/Controllers/Web/LoginController.php +92 -52

PrivilegeController.php app/Http/Controllers/Web/PrivilegeController.php +0 -2

UserModel.php app/Model/UserModel.php +35 -1

No files found.
--- a/app/Http/Controllers/Web/LoginController.php
+++ b/app/Http/Controllers/Web/LoginController.php
@@ -24,6 +24,7 @@ use Illuminate\Support\Facades\Session;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\DB;
+use MongoDB\BSON\UTCDateTime;
 class LoginController extends Controller
 {
@@ -62,26 +63,9 @@ class LoginController extends Controller
                        /**
                         * 获取mis用户信息
                         */
-                        $request->replace(array_merge($request->all(),['mis_uid'=>'000000']));
+                        $userInfo = UserModel::getMisInfo($request);
-                        $url = getRbac($request,"api/mis/userinfo",'','mis_user');
-                        $result = http_request_code($url,
-                            null,
-                            'GET'
-                        );
-                        $userInfo = json_decode($result,true);
-                        if (!isset($userInfo['data'])){
-                            LogModel::addlog(["获取用户信息失败",$request->all(),'userInfo'=>$userInfo]);
-                            throw new \Exception("获取用户信息失败");
-                        }
-                        $userid = $userInfo['data']['userId'];
-                        $mis_uid = $userid;
+                        $userid = $userInfo['userId'];
                        $flag = UserModel::where("_id",$user->_id)->update(['mis_uid'=>$userid]);
                        if (!$flag){
@@ -89,64 +73,120 @@ class LoginController extends Controller
                            throw new \Exception("更新用户mis_uid失败");
                        }
+                    }
-                    }else{
+                }else{
-                        $mis_uid = $user->mis_uid;
+                    $userInfo = UserModel::getMisInfo($request);
+                    $mis_uid = $userInfo["userId"];
+                    $shops = UserModel::getUserPrivilege($request,['mis_uid'=>$mis_uid]);
+                    if (empty($shops)){
+                        LogModel::addlog(["用户不存在业务线，请联系管理员","params"=>$request->all()]);
+                        throw new \Exception("用户不存在业务线，请联系管理员");
                    }
+                    $data_arr = [
+                        'name'      => $userInfo['nickName'],
+                        'password'  => md5($request->password),
+                        'organization_id'   => 0,
+                        'status'    => 0,
+                        'mis_uid'        => $mis_uid,
+                        'user_type' => 0,
+                        'create_time' => new UTCDateTime(time() * 1000),
+                    ];
+                    $_id = UserModel::insertGetId($data_arr);
+                    if (!$_id){
+                        LogModel::addlog(['添加用户失败'=>json_decode($data_arr)]);
+                        throw new \Exception("添加用户失败");
+                    }
+                    $user = UserModel::where("_id",$_id)->first();
-                    $request->replace(array_merge($request->all(),['mis_uid' => $mis_uid]));
+                }
-                    $catgList = MediaCategoryModel::get()->toArray();
+                Auth::login($user);
+                return $user;
+            });
-                    $tmp = [];
+            return success($user);
-                    foreach ($catgList as $key => $catg){
-                        $request->replace(array_merge($request->all(),['category_id'=>$catg['media_category_id']]));
+        } else {
+            return view('admin.login');
+        }
+    }
+    private function getUserInfo($request){
+        $password = strtolower($request->password);
+        $username = $request->username;
-                        $url = getRbac($request,'api/open/check',$catg['media_category_id']);
+        /**
+         * 陈腾飞-ctf37800-ctf88614-89043
+         * 用户名称是有四部分组成，姓名-新账号-旧账号-mis_uid
+         */
+        $user = UserModel::where('name', 'regexp', '/^.*?'.$username.'/')->first();
-                        $data['appid'] = $catg['media_category_id'];
-                        $data['uid'] = $request->mis_uid;
-                        $data['tree'] = 1;
-                        $result = http_request_code($url,
+        if (empty($user)|| !isset($user['mis_uid'])){
-                            null,
+            /**
-                            'GET',
+             * 获取mis用户基本信息
-                            $data
+             */
-                        );
-                        $privilege = json_decode($result,true);
+            $userInfo = UserModel::getMisInfo($request);
+            $userid = $userInfo['userId'];
+            //$result = self::getUserPrivilege($request,['mis_uid'=>$userid]);
-                        if (!empty($privilege['data'])){
-                            array_push($tmp,$catg);
-                        }
-                    }
+            if (empty($user)){
-                    if (empty($tmp)){
-                        LogModel::addlog(["暂无业务权限，请联系管理员",$request->all()]);
-                        throw new \Exception("暂无业务权限，请联系管理员");
-                    }
-                    Auth::login($user);
+                //杨帆-yf18512-yf60144-8086
+                $data_arr = [
+                    'name'          => $userInfo['nickName'],
+                    'password'      => md5($password),
+                    'organization_id'=> 0,
+                    'status'        => 0,
+                    'mis_uid'       => $userid,
+                    'user_type'     => 0,
+                    'create_time'   => new UTCDateTime(time() * 1000),
+                ];
-                    return $user;
-                }else{
+                $_id = UserModel::insertGetId($data_arr);
-                    throw new \Exception('用户名或者密码有误');
+                if (!$_id){
+                    LogModel::addlog(['添加用户失败'=>json_decode($userInfo)]);
+                    throw new \Exception("添加用户失败");
+                }
+            }else{
+                $_id = $user->_id;
+                $flag = UserModel::where("_id",$_id)->update(['mis_uid'=>$userid]);
+                if (!$flag){
+                    LogModel::addlog(['更新用户mis_uid失败'=>json_encode(['mis_uid'=>$userid])]);
+                    throw new \Exception("更新用户mis_uid失败");
                }
+            }
-            });
+        }else{
-            return success($user);
+            if ($user['password'] != md5($password)){
+                throw new \Exception("用户名称或者密码错误");
+            }
+            if ($user['status']){
+                throw new \Exception("用户已被限制，请联系管理员");
+            }
+            $_id = $user->_id;
-        } else {
-            return view('admin.login');
        }
+        return  UserModel::where("_id",$_id)->first();
    }
    /**

--- a/app/Http/Controllers/Web/PrivilegeController.php
+++ b/app/Http/Controllers/Web/PrivilegeController.php
@@ -20,8 +20,6 @@ class PrivilegeController extends Controller
    {
        $url = getRbac($request,'api/open/check');
-        var_dump(Auth::user());
        $data['appid'] = $request->appid;
        $data['uid'] = Auth::user()->mis_uid;
        $data['tree'] = 1;

--- a/app/Model/UserModel.php
+++ b/app/Model/UserModel.php
@@ -341,7 +341,7 @@ class UserModel extends Authenticatable
     * @return array
     * @throws DatabaseException
     */
-    private static function getUserPrivilege($request,$params){
+    public static function getUserPrivilege($request,$params){
        try{
@@ -382,14 +382,48 @@ class UserModel extends Authenticatable
        return $tmp;
    }
+    /**
+     * 获取mis系统用户信息
+     * @param $request
+     * @return mixed
+     * @throws \Exception
+     */
+    public static function getMisInfo($request){
+        try{
+            /**
+             * 获取mis用户基本信息
+             */
+            /*$staffNo = $username; //工号
+            $url = 'http://api-mis.offcn.com/index.php/applogin/isworking';
+            $data = sign($staffNo);
+            $data['type'] = 6;
+            $data['username'] = $staffNo;*/
+            $request->replace(array_merge($request->all(),['mis_uid'=>'000000']));
+            $url = getRbac($request,"api/mis/userinfo",'','mis_user');
+            $result = http_request_code($url,
+                null,
+                'GET'
+            );
+            $userInfo = json_decode($result,true);
+            if (empty($userInfo['data']['userId'])){
+                LogModel::addlog(["用户不存在",$request->all()]);
+                throw new \Exception("用户不存在");
+            }
+            $userInfo = $userInfo['data'];
+        }catch (\Exception $exception){
+            throw new \Exception($exception->getMessage());
+        }
+        return $userInfo;
+    }
 }