Auth.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531
  1. <?php
  2. namespace store\Admin;
  3. use Dever;
  4. use Dever\Routing\Uri;
  5. use Dever\Session\Oper;
  6. use Dever\String\Encrypt;
  7. class Auth
  8. {
  9. /**
  10. * 后台的session名
  11. *
  12. * @var string
  13. */
  14. private $name;
  15. /**
  16. * save
  17. *
  18. * @var Dever\Plad\Save
  19. */
  20. private $save;
  21. /**
  22. * __construct
  23. *
  24. * @return mixed
  25. */
  26. public function __construct()
  27. {
  28. $this->save = new Oper(false, 'session');
  29. $this->name = 'store';
  30. }
  31. /**
  32. * 获取当前登录的管理员信息
  33. *
  34. * @return mixed
  35. */
  36. public function info()
  37. {
  38. $info = $this->save->get($this->name);
  39. return $info;
  40. }
  41. public function check()
  42. {
  43. $sign = Dever::input('sign');
  44. if ($sign) {
  45. $sign = Dever::checkLogin($sign);
  46. if ($sign && isset($sign['uid']) && $sign['uid'] > 0) {
  47. $user = Dever::db('store/member')->getManage(array('store_id' => $sign['uid'], 'role_id' => '1'));
  48. if ($user) {
  49. $this->save($user);
  50. Dever::location('home', 'store');
  51. }
  52. }
  53. }
  54. $admin = $this->info();
  55. if (!$admin) {
  56. return $this->location_login();
  57. }
  58. return $admin;
  59. }
  60. /**
  61. * 只获取中间的内容部分
  62. *
  63. * @return mixed
  64. */
  65. public function loading()
  66. {
  67. $set = Dever::input('loading');
  68. if ($set) {
  69. Dever::config('base')->url = 'loading=' . $set;
  70. }
  71. return $set;
  72. }
  73. public function config()
  74. {
  75. $config = Dever::db('main/factory_config')->find();
  76. $config['refer'] = Dever::input('refer');
  77. $config['login_url'] = Dever::url("store/admin/auth.login");
  78. $config['mcode_url'] = Dever::url("store/admin/auth.getMcode?json=1");
  79. return $config;
  80. }
  81. /**
  82. * 获取当前登录的管理员信息
  83. *
  84. * @return mixed
  85. */
  86. public function manage()
  87. {
  88. $admin = $this->info();
  89. if ($admin && $admin['id'] == 1) {
  90. return '';
  91. }
  92. return 'display:none;';
  93. }
  94. /**
  95. * 获取手机随机验证码
  96. * @return mixed
  97. */
  98. public function getMcode_api()
  99. {
  100. $mobile = $this->checkMobile();
  101. $user = Dever::db('store/member')->find(array('mobile' => $mobile));
  102. if (!$user) {
  103. Dever::alert('该手机号还未注册');
  104. }
  105. $code = Dever::load('passport/reg')->mcode($mobile);
  106. $msg = '验证码已发送至您的手机,请注意查收,十分钟之内有效';
  107. $debug = Dever::config('base', 'project')->mobileCode['debug'];
  108. if ($debug) {
  109. $msg .= '::' . $code;
  110. }
  111. return $msg;
  112. }
  113. /**
  114. * 退出登录
  115. *
  116. * @return mixed
  117. */
  118. public function quit_api()
  119. {
  120. if ($this->info()) {
  121. $this->save->un($this->name);
  122. }
  123. Dever::location('login');
  124. }
  125. /**
  126. * 登录
  127. *
  128. * @return mixed
  129. */
  130. public function login_api()
  131. {
  132. $where['mobile'] = $this->checkMobile();
  133. $this->checkMcode($where['mobile']);
  134. $user = Dever::db('store/member')->find($where);
  135. if (!$user) {
  136. Dever::alert('登录失败,手机号错误,请重新输入');
  137. }
  138. if ($user) {
  139. $this->save($user);
  140. $refer = Dever::input('refer');
  141. if ($refer) {
  142. $refer = Encrypt::decode($refer);
  143. Dever::out($refer);
  144. } else {
  145. Dever::out(Dever::url('home'));
  146. }
  147. } else {
  148. Dever::alert('登录失败');
  149. }
  150. }
  151. /**
  152. * 验证手机号
  153. * @return mixed
  154. */
  155. private function checkMobile()
  156. {
  157. $rule = Dever::rule('mobile');
  158. $mobile = Dever::input('mobile');
  159. if (!$mobile) {
  160. Dever::alert('手机号不能为空');
  161. }
  162. if (!preg_match($rule, $mobile)) {
  163. Dever::alert('手机号码格式错误');
  164. }
  165. return $mobile;
  166. }
  167. /**
  168. * 验证验证码
  169. * @return mixed
  170. */
  171. private function checkMcode($mobile)
  172. {
  173. $code = Dever::input('mcode');
  174. if (!$code) {
  175. Dever::alert('请输入验证码');
  176. }
  177. $code = Dever::load('passport/reg')->mcode($mobile, $code);
  178. if (!$code) {
  179. Dever::alert('验证码输入错误');
  180. }
  181. }
  182. public function save(&$user)
  183. {
  184. $this->save->add($this->name, $user, 3600 * 24 * 7);
  185. }
  186. /**
  187. * cookie 处理cookie
  188. *
  189. * @return array
  190. */
  191. public function cookie()
  192. {
  193. $cookie = $_COOKIE;
  194. $array = array();
  195. # 判断手机版
  196. $mobile = Dever::mobile();
  197. if ((isset($cookie['left_menu']) && $cookie['left_menu'] == 'close') || $mobile) {
  198. $array['wrapper'] = 'enlarged forced';
  199. } else {
  200. $array['wrapper'] = 'forced';
  201. }
  202. return $array;
  203. }
  204. /**
  205. * menu 对一些固定的菜单,生成其链接
  206. *
  207. * @return array
  208. */
  209. public function link()
  210. {
  211. return array
  212. (
  213. 'project' => Dever::url('project/list?menu=manage&table=manage_project'),
  214. 'log' => Dever::url('log/list?menu=manage&table=manage_log'),
  215. 'logout' => Dever::url('admin/auth.quit'),
  216. 'index' => Dever::url('home'),
  217. 'console' => Dever::url('console'),
  218. );
  219. }
  220. /**
  221. * location_login
  222. *
  223. * @return mixed
  224. */
  225. public function location_login()
  226. {
  227. $refer = Encrypt::encode(Dever::url());
  228. $admin = $this->info();
  229. if ($admin) {
  230. Dever::location('home', 'store');
  231. }
  232. return Dever::location('store/login?refer=' . $refer);
  233. }
  234. # 编辑员工
  235. public function edit_api()
  236. {
  237. $admin = $this->info();
  238. if (!$admin) {
  239. Dever::alert('您没有权限修改');
  240. }
  241. $id = $admin['id'];
  242. $name = Dever::input('name');
  243. $mobile = Dever::input('mobile');
  244. if ($name) {
  245. $update['name'] = $name;
  246. } else {
  247. Dever::alert('姓名不能为空');
  248. }
  249. if ($mobile) {
  250. $update['mobile'] = $mobile;
  251. $check = Dever::db('store/member')->find(array('mobile' => $mobile, 'store_id' => $admin['store_id']));
  252. if ($check && $id && $id != $check['id']) {
  253. Dever::alert('电话已存在');
  254. } elseif ($check && !$id) {
  255. Dever::alert('电话已存在');
  256. }
  257. } else {
  258. Dever::alert('电话不能为空');
  259. }
  260. $update['store_id'] = $admin['store_id'];
  261. if ($id) {
  262. $update['where_id'] = $id;
  263. Dever::db('store/member')->update($update);
  264. } else {
  265. $id = Dever::db('store/member')->insert($update);
  266. }
  267. $user = Dever::db('store/member')->find($id);
  268. $this->save($user);
  269. return '操作成功';
  270. }
  271. public function menu()
  272. {
  273. $info = $this->info();
  274. $data = array
  275. (
  276. 'console' => array
  277. (
  278. 'icon' => 'home',
  279. 'name' => '概况',
  280. 'link' => Dever::url('console', 'store'),
  281. ),
  282. 'order' => array
  283. (
  284. 'icon' => 'app',
  285. 'name' => '订单处理',
  286. 'child' => array
  287. (
  288. 'order' => array
  289. (
  290. 'name' => '门店订单发货',
  291. 'link' => Dever::url('order?type=1&parent_type=1', 'store'),
  292. ),
  293. 'order_1' => array
  294. (
  295. 'name' => '平台商城订单发货',
  296. 'link' => Dever::url('order?type=1&parent_type=2,3', 'store'),
  297. ),
  298. 'order_2' => array
  299. (
  300. 'name' => '库存调拨发货',
  301. 'link' => Dever::url('order?type=2&source_type=2', 'store'),
  302. ),
  303. 'factory_order' => array
  304. (
  305. 'name' => '入库订单确认',
  306. 'link' => Dever::url('factory_order', 'store'),
  307. ),
  308. 'ku' => array
  309. (
  310. 'name' => '库存清单',
  311. 'link' => Dever::url('goods', 'store'),
  312. ),
  313. 'out' => array
  314. (
  315. 'name' => '出库单管理',
  316. 'link' => Dever::url('out', 'store'),
  317. ),
  318. ),
  319. ),
  320. 'stat' => array
  321. (
  322. 'icon' => 'date',
  323. 'name' => '结算对账',
  324. 'child' => array
  325. (
  326. 'stat' => array
  327. (
  328. 'name' => '对账单',
  329. 'link' => Dever::url('stat', 'store'),
  330. ),
  331. ),
  332. ),
  333. 'set' => array
  334. (
  335. 'icon' => 'set',
  336. 'name' => '基础设置',
  337. 'child' => array
  338. (
  339. 'set' => array
  340. (
  341. 'name' => '企业资质',
  342. 'link' => Dever::url('set', 'store'),
  343. ),
  344. 'msg' => array
  345. (
  346. 'name' => '消息通知',
  347. 'link' => Dever::url('msg', 'store'),
  348. ),
  349. 'user' => array
  350. (
  351. 'name' => '账号管理',
  352. 'link' => Dever::url('user', 'store'),
  353. ),
  354. 'help' => array
  355. (
  356. 'name' => '帮助文档',
  357. 'link' => Dever::url('help', 'store'),
  358. ),
  359. ),
  360. ),
  361. );
  362. $role = explode(',', $info['role_id']);
  363. $type = false;
  364. if (!in_array(1, $role)) {
  365. $type = array(1,2,6,7);
  366. unset($data['set']['child']['set']);
  367. unset($data['set']['child']['user']);
  368. if (!in_array(2, $role)) {
  369. unset($data['order']['child']['order']);
  370. unset($data['order']['child']['order_1']);
  371. unset($data['order']['child']['order_2']);
  372. unset($type[1]);
  373. }
  374. if (!in_array(4, $role)) {
  375. unset($data['stat']);
  376. unset($type[2]);
  377. }
  378. if (!in_array(3, $role)) {
  379. unset($data['order']['child']['factory_order']);
  380. unset($data['order']['child']['ku']);
  381. unset($data['order']['child']['out']);
  382. unset($type[3]);
  383. }
  384. $type = implode(',', $type);
  385. }
  386. if (!$data['order']['child']) {
  387. unset($data['order']);
  388. }
  389. $this->msg = 0;
  390. /*
  391. if ($info && Dever::project('message')) {
  392. $this->msg = Dever::load('message/lib/data')->num($info['store_id'], 3, $type);
  393. } else {
  394. $this->msg = 0;
  395. }
  396. */
  397. return $data;
  398. }
  399. /**
  400. * menu 生成左侧的菜单 此处应加上权限来显示是否管理员有该菜单的权限
  401. *
  402. * @return array
  403. */
  404. public function getMenu($state = false)
  405. {
  406. $data = $this->menu();
  407. $html = '';
  408. foreach ($data as $k => $v) {
  409. if (!isset($v['key'])) {
  410. $v['key'] = $k;
  411. }
  412. $v['icon'] = $v['icon'] ? "layui-icon layui-icon-" . $v['icon'] : "layui-icon layui-icon-home";
  413. $cur = 'layui-nav-itemed';
  414. if ($k == 'console') {
  415. $cur = 'layui-this';
  416. }
  417. $html .= '<li data-name="'.$v['key'].'" class="layui-nav-item menu_group '.$cur.'">';
  418. if (isset($v['child']) && $v['child']) {
  419. $link = 'href="javascript:;"';
  420. } elseif (isset($v['link'])) {
  421. $link = 'lay-href="'.$v['link'].'"';
  422. } else {
  423. $link = '';
  424. }
  425. $html .= '<a '.$link.' lay-tips="'.$v['name'].'" lay-direction="2">';
  426. $html .= '<i class="'.$v['icon'].'"></i><cite>'.$v['name'].'</cite></a>';
  427. $html .= $this->getMenuChild($v);
  428. $html .= '</li>';
  429. }
  430. $html .= '';
  431. return $html;
  432. }
  433. public function getMenuChild($v)
  434. {
  435. $html = '';
  436. if (isset($v['child']) && $v['child']) {
  437. $html .= '<dl class="layui-nav-child">';
  438. foreach ($v['child'] as $k1 => $v1) {
  439. if (!isset($v1['key'])) {
  440. $v1['key'] = $k1;
  441. }
  442. $html .= '<dd data-name="'.$v1['key'].'">';
  443. if (isset($v1['child']) && $v1['child']) {
  444. $html .= '<a href="javascript:;">'.$v1['name'].'</a><dl class="layui-nav-child">';
  445. foreach ($v1['child'] as $k2 => $v2) {
  446. if (!isset($v2['key'])) {
  447. $v2['key'] = $k2;
  448. }
  449. $html .= '<dd data-name="'.$v2['key'].'"><a lay-href="'.$v2['link'].'">'.$v2['name'].'</a></dd>';
  450. }
  451. $html .= '</dl>';
  452. } else {
  453. if ($k1 == 'msg' && $this->msg) {
  454. $v1['name'] .= '<span class="layui-badge">'.$this->msg.'</span>';
  455. }
  456. $html .= '<a lay-href="'.$v1['link'].'">'.$v1['name'].'</a>';
  457. }
  458. $html .= '</dd>';
  459. }
  460. $html .= '</dl>';
  461. }
  462. return $html;
  463. }
  464. }