Compare commits
7 Commits
91f7b524fe
...
f0dc08c21c
| Author | SHA1 | Date |
|---|---|---|
 Jing Li
|
f0dc08c21c | |
|
Jing Li
|
e41303ccb4 | |
|
Jing Li
|
25caa2088e | |
|
Jing Li
|
071802c0fd | |
|
Jing Li
|
9b50c5b301 | |
|
Jing Li
|
0d211f26b8 | |
|
Jing Li
|
fac1dbdb63 |
|
|
@ -17,7 +17,7 @@ class AdminUserController extends Controller
|
|||
{
|
||||
public function index(Request $request)
|
||||
{
|
||||
$query = AdminUser::filter($request->all())->where('id', '>', 1);
|
||||
$query = AdminUser::with(['roles'])->filter($request->all())->where('id', '>', 1);
|
||||
$list = $query->paginate(Paginator::resolvePerPage('per_page', 20, 50));
|
||||
|
||||
return $this->json(AdminUserResource::collection($list));
|
||||
|
|
@ -163,4 +163,22 @@ class AdminUserController extends Controller
|
|||
|
||||
return $this->success('修改成功!');
|
||||
}
|
||||
|
||||
public function unban(AdminUser $adminUser, Request $request)
|
||||
{
|
||||
if (! $request->user()->isAdministrator()) {
|
||||
return $this->error('无操作权限');
|
||||
}
|
||||
|
||||
if ($adminUser->banned_at) {
|
||||
$adminUser->update([
|
||||
'banned_reason' => '',
|
||||
'banned_at' => null,
|
||||
]);
|
||||
|
||||
(new OperationLogService())->inLog(OperationType::Update, '解封-用户【'.$adminUser->name.'】');
|
||||
}
|
||||
|
||||
return $this->success('操作成功!');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,13 +2,19 @@
|
|||
|
||||
namespace App\Http\Controllers;
|
||||
|
||||
use App\Models\AdminUser;
|
||||
use App\Models\AdminPermission;
|
||||
use App\Models\AdminUser;
|
||||
use Illuminate\Contracts\Cache\Repository as Cache;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
|
||||
class AuthController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
protected Cache $cache,
|
||||
) {
|
||||
}
|
||||
|
||||
public function login(Request $request)
|
||||
{
|
||||
$request->validate([
|
||||
|
|
@ -16,14 +22,44 @@ class AuthController extends Controller
|
|||
'password' => 'required',
|
||||
]);
|
||||
|
||||
$user = AdminUser::where(['username' => $request->input('username')])->first();
|
||||
if (! $user) {
|
||||
return $this->error('用户名或密码错误');
|
||||
}
|
||||
if (! Hash::check($request->input('password'), $user->password)) {
|
||||
$username = $request->input('username');
|
||||
|
||||
$user = AdminUser::where(['username' => $username])->first();
|
||||
|
||||
if ($user?->banned_at) {
|
||||
return $this->error('账号已封禁,请联系管理员');
|
||||
}
|
||||
|
||||
$cacheKey = "admin_user_ban:{$username}";
|
||||
|
||||
if (! Hash::check($request->input('password'), (string) $user?->password)) {
|
||||
$this->cache->add($cacheKey, 0, 86400);
|
||||
|
||||
$hits = $this->cache->increment($cacheKey, 1);
|
||||
|
||||
if ($hits >= 3) {
|
||||
if ($user) {
|
||||
// 锁定账号
|
||||
$user->update([
|
||||
'banned_reason' => '24小时内密码连续错误3次',
|
||||
'banned_at' => now(),
|
||||
]);
|
||||
|
||||
// 清空登录失败尝试次数
|
||||
$this->cache->forget($cacheKey);
|
||||
}
|
||||
|
||||
if ($hits > 3) {
|
||||
return $this->error('账号已封禁,请联系管理员');
|
||||
}
|
||||
}
|
||||
|
||||
return $this->error('用户名或密码错误');
|
||||
}
|
||||
|
||||
// 清空登录失败尝试次数
|
||||
$this->cache->forget($cacheKey);
|
||||
|
||||
if ($user->is_enable !== 1) {
|
||||
return $this->error('用户状态异常请联系管理员');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,6 +25,8 @@ class AdminUserResource extends JsonResource
|
|||
'status' => $this->status,
|
||||
'is_enable' => $this->is_enable,
|
||||
'view_all_bases' => (int) $this->view_all_bases,
|
||||
'banned_reason' => $this->banned_reason,
|
||||
'banned_at' => $this->banned_at,
|
||||
'bases' => AgriculturalBaseResource::collection($this->whenloaded('bases')),
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,6 +10,10 @@ class AdminUser extends BaseAdminModel
|
|||
{
|
||||
use HasApiTokens, Filterable;
|
||||
|
||||
protected $casts = [
|
||||
'banned_at' => 'datetime',
|
||||
];
|
||||
|
||||
protected $fillable = [
|
||||
'name',
|
||||
'username',
|
||||
|
|
@ -20,6 +24,8 @@ class AdminUser extends BaseAdminModel
|
|||
'status',
|
||||
'is_enable',
|
||||
'view_all_bases',
|
||||
'banned_reason',
|
||||
'banned_at',
|
||||
];
|
||||
|
||||
protected $hidden = [
|
||||
|
|
|
|||
|
|
@ -6,6 +6,16 @@ use Illuminate\Support\Facades\Schema;
|
|||
|
||||
return new class extends Migration
|
||||
{
|
||||
public function getConnection()
|
||||
{
|
||||
return $this->config('database.connection') ?: config('database.default');
|
||||
}
|
||||
|
||||
public function config($key)
|
||||
{
|
||||
return config('admin.'.$key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Run the migrations.
|
||||
*
|
||||
|
|
@ -13,7 +23,7 @@ return new class extends Migration
|
|||
*/
|
||||
public function up()
|
||||
{
|
||||
Schema::table('admin_users', function (Blueprint $table) {
|
||||
Schema::table($this->config('database.users_table'), function (Blueprint $table) {
|
||||
$table->boolean('view_all_bases')->default(false)->comment('是否可查看所有基地');
|
||||
});
|
||||
}
|
||||
|
|
@ -25,7 +35,7 @@ return new class extends Migration
|
|||
*/
|
||||
public function down()
|
||||
{
|
||||
Schema::table('admin_users', function (Blueprint $table) {
|
||||
Schema::table($this->config('database.users_table'), function (Blueprint $table) {
|
||||
$table->dropColumn(['view_all_bases']);
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,43 @@
|
|||
<?php
|
||||
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
|
||||
return new class extends Migration
|
||||
{
|
||||
public function getConnection()
|
||||
{
|
||||
return $this->config('database.connection') ?: config('database.default');
|
||||
}
|
||||
|
||||
public function config($key)
|
||||
{
|
||||
return config('admin.'.$key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Run the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function up()
|
||||
{
|
||||
Schema::table($this->config('database.users_table'), function (Blueprint $table) {
|
||||
$table->string('banned_reason')->nullable()->comment('封禁原因');
|
||||
$table->timestamp('banned_at')->nullable()->comment('封禁时间');
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function down()
|
||||
{
|
||||
Schema::table($this->config('database.users_table'), function (Blueprint $table) {
|
||||
$table->timestamp(['banned_reason', 'banned_at']);
|
||||
});
|
||||
}
|
||||
};
|
||||
|
|
@ -88,6 +88,7 @@ Route::group([
|
|||
Route::apiResource('admin-users', AdminUserController::class)->names('admin_users');
|
||||
Route::put('admin-users/{admin_user}/enable', [AdminUserController::class, 'endable'])->name('admin_users.enable');
|
||||
Route::put('admin-users/{admin_user}/edit-password', [AdminUserController::class, 'editPassword'])->name('admin_users.edit_password');
|
||||
Route::put('admin-users/{admin_user}/unban', [AdminUserController::class, 'unban'])->name('admin_users.unban');
|
||||
Route::apiResource('admin-roles', AdminRoleController::class)->names('admin_roles');
|
||||
|
||||
Route::get('weeks-per-year', WeeksPerYearController::class);
|
||||
|
|
|
|||
Loading…
Reference in New Issue