where('account_number', $data['account_number']) ->field('id,account_number,avatar,password,salt,status') ->find(); try { if (!$user) throw new \Exception('管理员账号不存在'); if ($user['status'] != 1) throw new \Exception('账号已被停用'); // 使用相同的盐值对输入密码进行哈希验证 $hashedPassword = $AdminUser->generateHashedPassword($data['password'], $user->salt); if ($user->password !== $hashedPassword) throw new \Exception('密码错误'); # 缓存用户信息 $login_user_data = $user->toArray(); unset($login_user_data['password'],$login_user_data['salt'],$login_user_data['status']); #Session::set('login_admin_user_data',$login_user_data); Cache::store('redis')->set('login_admin_user_data',serialize($login_user_data),7200); return ['status' => 1, 'msg' => '登陆成功', 'data' => $login_user_data]; } catch (\Exception $e) { return ['status' => 0, 'msg' => $e->getMessage()]; } } public static function createAdmin($account_number = 'root', $password = 'guaguale@2023') { $AdminUser = new AdminUser(); $query = $AdminUser->where('account_number',$account_number)->find(); if ($query) return 0; $salt = generate_random_str(6); $AdminUser->save([ 'account_number' => $account_number, 'password' => $AdminUser->generateHashedPassword($password,$salt), 'salt' => $salt, 'avatar' => rand_avatar(), 'create_time' => date("Y-m-d H:i:s",time()) ]); return $AdminUser->id; } /** * 生成密码 * @param $password * @param $salt * @return string */ private function generateHashedPassword($password,$salt) { return md5(md5($password) . md5($salt)); } }