65 lines
1.9 KiB
PHP
65 lines
1.9 KiB
PHP
<?php
|
|
namespace app\admin\controller;
|
|
|
|
use support\Request;
|
|
use app\common\model\AdminUser;
|
|
use app\common\service\AuthService;
|
|
|
|
class AuthController
|
|
{
|
|
public function login(Request $request)
|
|
{
|
|
$username = trim((string)$request->post('username', ''));
|
|
$password = (string)$request->post('password', '');
|
|
if ($username === '' || $password === '') {
|
|
return jsonResponse(null, '参数错误', 400);
|
|
}
|
|
|
|
$admin = AdminUser::where('username', $username)->first();
|
|
if (!$admin) {
|
|
return jsonResponse(null, '账号或密码错误', 401);
|
|
}
|
|
if (intval($admin->status) !== 1) {
|
|
return jsonResponse(null, '账号已禁用', 403);
|
|
}
|
|
if (!password_verify($password, $admin->password_hash)) {
|
|
return jsonResponse(null, '账号或密码错误', 401);
|
|
}
|
|
|
|
$token = AuthService::issueAdminToken($admin);
|
|
return jsonResponse([
|
|
'token' => $token,
|
|
'admin' => $admin
|
|
], '登录成功');
|
|
}
|
|
|
|
public function me(Request $request)
|
|
{
|
|
$admin = $request->admin;
|
|
$permissions = [];
|
|
if (intval($admin->is_super) === 1) {
|
|
$permissions = ['*'];
|
|
} else {
|
|
$admin->loadMissing(['roles.permissions']);
|
|
$map = [];
|
|
foreach ($admin->roles as $role) {
|
|
foreach ($role->permissions as $permission) {
|
|
$map[$permission->code] = true;
|
|
}
|
|
}
|
|
$permissions = array_keys($map);
|
|
}
|
|
return jsonResponse([
|
|
'admin' => $admin,
|
|
'permissions' => $permissions
|
|
]);
|
|
}
|
|
|
|
public function logout(Request $request)
|
|
{
|
|
AuthService::revokeAdminToken($request->token ?? null);
|
|
return jsonResponse(null, '已退出登录');
|
|
}
|
|
}
|
|
|