store-manage/app/Admin/Controllers/AuthController.php

<?php

namespace App\Admin\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use Slowlyo\OwlAdmin\Admin;
use Slowlyo\OwlAdmin\Controllers\AuthController as AdminAuthController;
use Symfony\Component\HttpFoundation\Response;

class AuthController extends AdminAuthController
{
    public function login(Request $request)
    {
        if (Admin::config('admin.auth.login_captcha')) {
            if (! $request->has('captcha')) {
                return $this->response()->fail(__('admin.required', ['attribute' => __('admin.captcha')]));
            }

            if (strtolower(cache()->pull($request->sys_captcha)) != strtolower($request->captcha)) {
                return $this->response()->fail(__('admin.captcha_error'));
            }
        }

        try {
            $validator = Validator::make($request->all(), [
                'username' => 'required',
                'password' => 'required',
            ], [
                'username'.'.required' => __('admin.required', ['attribute' => __('admin.username')]),
                'password.required' => __('admin.required', ['attribute' => __('admin.password')]),
            ]);

            if ($validator->fails()) {
                abort(Response::HTTP_BAD_REQUEST, $validator->errors()->first());
            }

            $adminModel = Admin::adminUserModel();
            $user = $adminModel::query()->where('username', $request->username)->first();

            if ($user && $user->lock) {
                abort(Response::HTTP_BAD_REQUEST, '您的账号已被锁定，需要联系超级管理员解锁。');
            } else {
                if ($user && Hash::check($request->password, $user->password)) {
                    $module = Admin::currentModule(true);
                    $prefix = $module ? $module . '.' : '';
                    $token  = $user->createToken($prefix . 'admin')->plainTextToken;
    
                    return $this->response()->success(compact('token'), __('admin.login_successful'));
                }

                abort(Response::HTTP_BAD_REQUEST, __('admin.login_failed'));
            }
        } catch (\Exception $e) {
            return $this->response()->fail($e->getMessage());
        }
    }
}