``` <?php namespace app\common\library; use app\common\model\User; use app\common\model\UserRule; use fast\Random; use think\Config; use think\Db; use think\Exception; use think\Hook; use think\Request; use think\Validate; class Auth { protected static $instance = null; protected $_error = ''; protected $_logined = false; protected $_user = null; protected $_token = ''; //Token默認有效時長 protected $keeptime = 2592000; protected $requestUri = ''; protected $rules = []; //默認配置 protected $config = []; protected $options = []; protected $allowFields = ['id', 'username', 'nickname', 'mobile', 'avatar', 'score']; public function __construct($options = []) { if ($config = Config::get('user')) { $this->config = array_merge($this->config, $config); } $this->options = array_merge($this->config, $options); } /** * * @param array $options 參數 * @return Auth */ public static function instance($options = []) { if (is_null(self::$instance)) { self::$instance = new static($options); } return self::$instance; } /** * 獲取User模型 * @return User */ public function getUser() { return $this->_user; } /** * 兼容調用user模型的屬性 * * @param string $name * @return mixed */ public function __get($name) { return $this->_user ? $this->_user->$name : null; } /** * 根據Token初始化 * * @param string $token Token * @return boolean */ public function init($token) { if ($this->_logined) { return true; } if ($this->_error) { return false; } $data = Token::get($token); if (!$data) { return false; } $user_id = intval($data['user_id']); if ($user_id > 0) { $user = User::get($user_id); if (!$user) { $this->setError('Account not exist'); return false; } if ($user['status'] != 'normal') { $this->setError('Account is locked'); return false; } $this->_user = $user; $this->_logined = true; $this->_token = $token; //初始化成功的事件 Hook::listen("user_init_successed", $this->_user); return true; } else { $this->setError('You are not logged in'); return false; } } /** * 注冊用戶 * * @param string $username 用戶名 * @param string $password 密碼 * @param string $email 郵箱 * @param string $mobile 手機號 * @param array $extend 擴展參數 * @return boolean */ public function register($username, $password, $email = '', $mobile = '', $extend = []) { // 檢測用戶名或郵箱、手機號是否存在 if (User::getByUsername($username)) { $this->setError('Username already exist'); return false; } if ($email && User::getByEmail($email)) { $this->setError('Email already exist'); return false; } if ($mobile && User::getByMobile($mobile)) { $this->setError('Mobile already exist'); return false; } $ip = request()->ip(); $time = time(); $data = [ 'username' => $username, 'password' => $password, 'email' => $email, 'mobile' => $mobile, 'level' => 1, 'score' => 0, 'avatar' => '', ]; $params = array_merge($data, [ 'nickname' => $username, 'salt' => Random::alnum(), 'jointime' => $time, 'joinip' => $ip, 'logintime' => $time, 'loginip' => $ip, 'prevtime' => $time, 'status' => 'normal' ]); $params['password'] = $this->getEncryptPassword($password, $params['salt']); $params = array_merge($params, $extend); //賬號注冊時需要開啟事務,避免出現垃圾數據 Db::startTrans(); try { $user = User::create($params, true); $this->_user = User::get($user->id); //設置Token $this->_token = Random::uuid(); Token::set($this->_token, $user->id, $this->keeptime); //注冊成功的事件 Hook::listen("user_register_successed", $this->_user, $data); Db::commit(); } catch (Exception $e) { $this->setError($e->getMessage()); Db::rollback(); return false; } return true; } /** * 用戶登錄 * * @param string $account 賬號,用戶名、郵箱、手機號 * @param string $password 密碼 * @return boolean */ public function login($account, $password) { $field = Validate::is($account, 'email') ? 'email' : (Validate::regex($account, '/^1\d{10}$/') ? 'mobile' : 'username'); $user = User::get([$field => $account]); if (!$user) { $this->setError('Account is incorrect'); return false; } if ($user->status != 'normal') { $this->setError('Account is locked'); return false; } if ($user->password != $this->getEncryptPassword($password, $user->salt)) { $this->setError('Password is incorrect'); return false; } //直接登錄會員 $this->direct($user->id); return true; } /** * 注銷 * * @return boolean */ public function logout() { if (!$this->_logined) { $this->setError('You are not logged in'); return false; } //設置登錄標識 $this->_logined = false; //刪除Token Token::delete($this->_token); //注銷成功的事件 Hook::listen("user_logout_successed", $this->_user); return true; } /** * 修改密碼 * @param string $newpassword 新密碼 * @param string $oldpassword 舊密碼 * @param bool $ignoreoldpassword 忽略舊密碼 * @return boolean */ public function changepwd($newpassword, $oldpassword = '', $ignoreoldpassword = false) { if (!$this->_logined) { $this->setError('You are not logged in'); return false; } //判斷舊密碼是否正確 if ($this->_user->password == $this->getEncryptPassword($oldpassword, $this->_user->salt) || $ignoreoldpassword) { Db::startTrans(); try { $salt = Random::alnum(); $newpassword = $this->getEncryptPassword($newpassword, $salt); $this->_user->save(['loginfailure' => 0, 'password' => $newpassword, 'salt' => $salt]); Token::delete($this->_token); //修改密碼成功的事件 Hook::listen("user_changepwd_successed", $this->_user); Db::commit(); } catch (Exception $e) { Db::rollback(); $this->setError($e->getMessage()); return false; } return true; } else { $this->setError('Password is incorrect'); return false; } } /** * 直接登錄賬號 * @param int $user_id * @return boolean */ public function direct($user_id) { $user = User::get($user_id); if ($user) { Db::startTrans(); try { $ip = request()->ip(); $time = time(); //判斷連續登錄和最大連續登錄 if ($user->logintime < \fast\Date::unixtime('day')) { $user->successions = $user->logintime < \fast\Date::unixtime('day', -1) ? 1 : $user->successions + 1; $user->maxsuccessions = max($user->successions, $user->maxsuccessions); } $user->prevtime = $user->logintime; //記錄本次登錄的IP和時間 $user->loginip = $ip; $user->logintime = $time; //重置登錄失敗次數 $user->loginfailure = 0; $user->save(); $this->_user = $user; $this->_token = Random::uuid(); Token::set($this->_token, $user->id, $this->keeptime); $this->_logined = true; //登錄成功的事件 Hook::listen("user_login_successed", $this->_user); Db::commit(); } catch (Exception $e) { Db::rollback(); $this->setError($e->getMessage()); return false; } return true; } else { return false; } } /** * 檢測是否是否有對應權限 * @param string $path 控制器/方法 * @param string $module 模塊 默認為當前模塊 * @return boolean */ public function check($path = null, $module = null) { if (!$this->_logined) { return false; } $ruleList = $this->getRuleList(); $rules = []; foreach ($ruleList as $k => $v) { $rules[] = $v['name']; } $url = ($module ? $module : request()->module()) . '/' . (is_null($path) ? $this->getRequestUri() : $path); $url = strtolower(str_replace('.', '/', $url)); return in_array($url, $rules) ? true : false; } /** * 判斷是否登錄 * @return boolean */ public function isLogin() { if ($this->_logined) { return true; } return false; } /** * 獲取當前Token * @return string */ public function getToken() { return $this->_token; } /** * 獲取會員基本信息 */ public function getUserinfo() { $data = $this->_user->toArray(); $allowFields = $this->getAllowFields(); $userinfo = array_intersect_key($data, array_flip($allowFields)); $userinfo = array_merge($userinfo, Token::get($this->_token)); return $userinfo; } /** * 獲取會員組別規則列表 * @return array */ public function getRuleList() { if ($this->rules) { return $this->rules; } $group = $this->_user->group; if (!$group) { return []; } $rules = explode(',', $group->rules); $this->rules = UserRule::where('status', 'normal')->where('id', 'in', $rules)->field('id,pid,name,title,ismenu')->select(); return $this->rules; } /** * 獲取當前請求的URI * @return string */ public function getRequestUri() { return $this->requestUri; } /** * 設置當前請求的URI * @param string $uri */ public function setRequestUri($uri) { $this->requestUri = $uri; } /** * 獲取允許輸出的字段 * @return array */ public function getAllowFields() { return $this->allowFields; } /** * 設置允許輸出的字段 * @param array $fields */ public function setAllowFields($fields) { $this->allowFields = $fields; } /** * 刪除一個指定會員 * @param int $user_id 會員ID * @return boolean */ public function delete($user_id) { $user = User::get($user_id); if (!$user) { return false; } Db::startTrans(); try { // 刪除會員 User::destroy($user_id); // 刪除會員指定的所有Token Token::clear($user_id); Hook::listen("user_delete_successed", $user); Db::commit(); } catch (Exception $e) { Db::rollback(); $this->setError($e->getMessage()); return false; } return true; } /** * 獲取密碼加密后的字符串 * @param string $password 密碼 * @param string $salt 密碼鹽 * @return string */ public function getEncryptPassword($password, $salt = '') { return md5(md5($password) . $salt); } /** * 檢測當前控制器和方法是否匹配傳遞的數組 * * @param array $arr 需要驗證權限的數組 * @return boolean */ public function match($arr = []) { $request = Request::instance(); $arr = is_array($arr) ? $arr : explode(',', $arr); if (!$arr) { return false; } $arr = array_map('strtolower', $arr); // 是否存在 if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr)) { return true; } // 沒找到匹配 return false; } /** * 設置會話有效時間 * @param int $keeptime 默認為永久 */ public function keeptime($keeptime = 0) { $this->keeptime = $keeptime; } /** * 渲染用戶數據 * @param array $datalist 二維數組 * @param mixed $fields 加載的字段列表 * @param string $fieldkey 渲染的字段 * @param string $renderkey 結果字段 * @return array */ public function render(&$datalist, $fields = [], $fieldkey = 'user_id', $renderkey = 'userinfo') { $fields = !$fields ? ['id', 'nickname', 'level', 'avatar'] : (is_array($fields) ? $fields : explode(',', $fields)); $ids = []; foreach ($datalist as $k => $v) { if (!isset($v[$fieldkey])) { continue; } $ids[] = $v[$fieldkey]; } $list = []; if ($ids) { if (!in_array('id', $fields)) { $fields[] = 'id'; } $ids = array_unique($ids); $selectlist = User::where('id', 'in', $ids)->column($fields); foreach ($selectlist as $k => $v) { $list[$v['id']] = $v; } } foreach ($datalist as $k => &$v) { $v[$renderkey] = isset($list[$v[$fieldkey]]) ? $list[$v[$fieldkey]] : null; } unset($v); return $datalist; } /** * 設置錯誤信息 * * @param $error 錯誤信息 * @return Auth */ public function setError($error) { $this->_error = $error; return $this; } /** * 獲取錯誤信息 * @return string */ public function getError() { return $this->_error ? __($this->_error) : ''; } } ```