LiuZhengYu/KunWeb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
KunWeb/web/admin/login.go
2025-05-16 01:00:48 +08:00

164 lines
4.8 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package admin
import (
"fmt"
"math"
"net/http"
. "ciyon/zciyon"
)
func Login_login(w http.ResponseWriter, r *http.Request) bool {
post := NewCiyPost(w, r)
targettype := post.Getint("targettype", 10)
user := post.Get("user")
if user == "" {
return ErrJSON(w, "请填写用户名")
}
csql := NewCiySQL("zc_admin")
csql.Where("mobile", user)
userrow, err := CiyDB.Getone(csql)
if err != nil {
return ErrJSON(w, "遇到读取错误", err)
}
if userrow == nil {
SaveLog(CiyDB, "LOGINERR", "用户["+user+"]不存在,在尝试登录")
return ErrJSON(w, "用户不存在", fmt.Errorf("用户[%v]在尝试登录,ip=", user))
}
if Toint(userrow["trytime"]) > 10 {
if Tostamp()-Toint(userrow["logintimes"]) < 600 {
SaveLog(CiyDB, "LOGINERR", "用户["+user+"]登录连续失败")
return ErrJSON(w, "连续输入密码错误10分钟后再来登录.", fmt.Errorf("用户[%v]在撞库,ip=", user))
}
}
if Toint(userrow["stpstatus"]) != 10 {
SaveLog(CiyDB, "LOGINERR", "用户["+user+"]被禁用,在尝试登录")
return ErrJSON(w, "您的账户已经被禁用.")
}
authtime := post.Getint("auth")
if math.Abs(Tofloat(authtime/1000-Tostamp())) > 300 {
return ErrJSON(w, "您的本地时间与服务器时间相差超过5分钟请调整本机时间.<br/>服务器时间: "+Todate(-1, "Y-m-d H:i:s")+"<br/>您本机时间: "+Todate(authtime/1000, "Y-m-d H:i:s"))
}
if post.Get("pass") != MD5(Tostr(userrow["password"])+fmt.Sprintf("%d", authtime)) {
updata := map[string]any{}
updata["trytime"] = []string{"trytime+1"}
updata["logintimes"] = Tostamp()
csql = NewCiySQL("zc_admin")
csql.Where("id", userrow["id"])
CiyDB.Update(csql, updata)
SaveLog(CiyDB, "LOGINERR", "用户["+user+"]登录密码错误 "+Gdefpass+" ["+MD5(Gdefpass+Gtokensalt)+"]")
return ErrJSON(w, "用户["+user+"]登录密码错误")
}
syncdict, err := getsync(userrow)
if err != nil {
return ErrJSON(w, "遇到同步错误", err)
}
userid := Toint(userrow["id"])
CiyDB.Execute("delete from zc_online where exptimes<? and user=?", Tostamp(), userid)
sid := Randstr(10)
exptimes := Tostamp() + 86400
updata := map[string]any{}
updata["user"] = userid
updata["targettype"] = targettype
updata["sid"] = sid
updata["addtimes"] = Tostamp()
updata["exptimes"] = exptimes
updata["ip"] = post.GetIP()
csql = NewCiySQL("zc_online")
oid, err := CiyDB.Insert(csql, updata)
if err != nil {
return ErrJSON(w, "online数据库更新失败", err)
}
updata = map[string]any{}
updata["logintimes"] = Tostamp()
updata["trytime"] = 0
csql = NewCiySQL("zc_admin")
csql.Where("id", userid)
_, err = CiyDB.Update(csql, updata)
if err != nil {
return ErrJSON(w, "user数据库更新失败", err)
}
auth := map[string]any{}
auth["id"] = userid
auth["_o"] = oid
auth["_s"] = sid
authstr := JSON_Str(auth)
newauth := Encrypt(authstr, "E", Gtokensalt)
post.W.Header().Set(Gtokenfield, newauth)
SaveLog(CiyDB, "LOGIN", "登录成功")
return SuccJSON(w, syncdict)
}
func Login_restorage(w http.ResponseWriter, r *http.Request) bool {
post := NewCiyPost(w, r)
rsuser, _ := Verifyfast(CiyDB, post)
csql := NewCiySQL("zc_admin")
csql.Where("id", rsuser["id"])
userrow, err := CiyDB.Getone(csql)
if err != nil {
return ErrJSON(w, "遇到读取错误", err)
}
syncdict, err := getsync(userrow)
if err != nil {
return ErrJSON(w, "遇到同步错误", err)
}
CiyDB.Execute("update zc_online set usrchg=0 where id=?", rsuser["_o"])
return SuccJSON(w, syncdict)
}
func getsync(userrow map[string]any) (map[string]any, error) {
var err error
storage := map[string]any{}
csql := NewCiySQL("zc_admin")
csql.Column("id,name")
storage["adminuser"], _, err = CiyDB.Get(csql)
if err != nil {
return nil, err
}
csql = NewCiySQL("zc_cata")
csql.Order("csort")
storage["cata"], _, err = CiyDB.Get(csql)
if err != nil {
return nil, err
}
departid := Toint(userrow["departid"])
var departname string
if departid > 0 {
csql := NewCiySQL("zc_depart")
csql.Where("id", departid)
csql.Column("name")
departname = Tostr(CiyDB.Get1(csql))
}
me := map[string]any{}
me["id"] = userrow["id"]
me["mobile"] = userrow["mobile"]
me["icon"] = userrow["icon"]
me["name"] = userrow["name"]
me["sex"] = userrow["sex"]
me["depart"] = departname
me["addtimes"] = userrow["addtimes"]
power := userrow["power"]
if Toint(userrow["id"]) == 10 {
power = ".*."
}
me["power"] = power
me["needpass"] = (userrow["password"] == MD5(Gdefpass+Gtokensalt))
syncdict := map[string]any{}
syncdict["storage"] = storage
syncdict["me"] = me
return syncdict, nil
}
func Login_logout(w http.ResponseWriter, r *http.Request) bool {
post := NewCiyPost(w, r)
rsuser, err := Verifyuser(CiyDB, post)
if err == nil {
csql := NewCiySQL("zc_online")
csql.Where("id", rsuser["_o"])
CiyDB.Delete(csql)
}
SaveLog(CiyDB, "LOGIN", "退出登录")
return SuccJSON(w)
}
Reference in New Issue View Git Blame Copy Permalink