'退出成功', 'login' => '登录成功', 'error' => '账号或密码错误', 'param' => '参数错误', 'duplicate' => '用户账号已存在', 'create_suc' => '创建用户成功', 'empty' => '用户不存在', 'suc' => '操作成功', 'res' => '获取成功' ]; /** * 登录 */ public function login() { // 获取输入数据 $userName = trim(Request::post('user_name')); $password = trim(Request::post('password')); // 验证输入数据 $checkMessage = $this->validateInput([ 'user_name' => $userName, 'password' => $password, ], 'login'); if(!empty($checkMessage)) { return json_error([], $checkMessage); } // 查询用户 $user = UserModel::where('user_name', $userName)->find(); if ($user && password_verify($password, $user->password)) { $token = generateToken([ 'user_id' => $user->user_id, 'merchant_id' => $user->merchant_id, 'user_role' => $user->user_role ]); Cookie::set('auth_token', $token, ['expire' => $GLOBALS['cookieExpire'], 'httponly' => true]); // 更新登录时间 $user->login_time = time(); $user->save(); return json_success([ 'user_name' => $user->user_name, 'nick_name' => $user->nick_name, 'user_role' => $user->user_role, 'login_time' => $user->login_time, 'token' => $token ], $this->message['login']); } else { return json_error([], $this->message['error']); } } /** * 用户注销 */ public function logout() { Cookie::delete('auth_token'); return json_success([], '退出成功'); } /** * 创建用户 */ public function createUser() { // 获取当前登录用户信息 $loginInfo = $this->checkUserLogin(); if (!$loginInfo) { return json_error([], '请先登录'); } // 检查是否有创建用户权限 if (!$this->checkPermission($loginInfo, 'user', 'create')) { return json_error([], '没有创建用户的权限'); } // 获取输入数据 $data = Request::only([ 'user_name', 'nick_name', 'password', 'phone', 'user_role', 'white_list_ip' ]); $data['merchant_id'] = $loginInfo['merchant_id']; try { // 验证数据 $this->validate($data, UserValidate::class . '.create'); } catch (\think\exception\ValidateException $e) { return json_error($e->getError()); } // 验证角色是否存在 if ($data['user_role'] > 0) { $role = UserRoleModel::getRoleById($data['user_role'], $loginInfo['merchant_id']); if (!$role) { return json_error([], '选择的角色不存在'); } } // 检查用户名是否已存在 if (UserModel::where('user_name', $data['user_name'])->find()) { return json_error($this->message['duplicate']); } // 创建新用户 $data['password'] = password_hash($data['password'], PASSWORD_DEFAULT); try { $user = UserModel::create($data); return json_success(['user_id' => $user->user_id], $this->message['create_suc']); } catch (\Exception $e) { return json_error([], '创建用户失败：' . $e->getMessage()); } } /** * 获取用户列表 */ public function list() { $loginInfo = $this->checkUserLogin(); if (!$loginInfo) { return json_error([], '请先登录'); } if (!$this->checkPermission($loginInfo, 'user', 'list')) { return json_error([], '没有查看用户列表的权限'); } $page = Request::get('page', 1, 'intval'); $limit = Request::get('limit', 10, 'intval'); $userName = Request::get('user_name', '', 'trim'); $nickName = Request::get('nick_name', '', 'trim'); $userRole = Request::get('user_role', 0, 'intval'); $where = [ ['merchant_id', '=', $loginInfo['merchant_id']] ]; if ($userName) { $where[] = ['user_name', 'like', '%' . $userName . '%']; } if ($nickName) { $where[] = ['nick_name', 'like', '%' . $nickName . '%']; } if ($userRole > 0) { $where[] = ['user_role', '=', $userRole]; } $total = UserModel::where($where)->count(); $list = UserModel::where($where) ->field('user_id, user_name, nick_name, phone, user_role, merchant_id, white_list_ip, create_time, login_time, update_time') ->order('user_id', 'desc') ->page($page, $limit) ->select(); // 获取角色信息 $roleIds = array_unique(array_column($list->toArray(), 'user_role')); $roles = []; if ($roleIds) { $roleList = UserRoleModel::whereIn('id', $roleIds)->select(); foreach ($roleList as $role) { $roles[$role->id] = $role->role_name; } } // 添加角色名称 foreach ($list as $user) { $user->role_name = $roles[$user->user_role] ?? '未分配角色'; } return json_success([ 'list' => $list, 'total' => $total, 'page' => $page, 'limit' => $limit ]); } /** * 获取用户详情 */ public function detail() { $loginInfo = $this->checkUserLogin(); if (!$loginInfo) { return json_error([], '请先登录'); } if (!$this->checkPermission($loginInfo, 'user', 'detail')) { return json_error([], '没有查看用户详情的权限'); } $userId = $this->request->param('user_id', 0, 'intval'); if (!$userId) { return json_error([], '用户ID不能为空'); } $user = UserModel::where('user_id', $userId) ->where('merchant_id', $loginInfo['merchant_id']) ->field('user_id, user_name, nick_name, phone, user_role, merchant_id, white_list_ip, create_time, login_time, update_time') ->find(); if (!$user) { return json_error($this->message['empty']); } // 获取角色信息 if ($user->user_role > 0) { $role = UserRoleModel::getRoleById($user->user_role, $loginInfo['merchant_id']); $user->role_name = $role ? $role->role_name : '未分配角色'; $user->role_privileges = $role ? $role->privileges : []; } else { $user->role_name = '未分配角色'; $user->role_privileges = []; } return json_success($user); } /** * 更新用户 */ public function update() { $loginInfo = $this->checkUserLogin(); if (!$loginInfo) { return json_error([], '请先登录'); } if (!$this->checkPermission($loginInfo, 'user', 'update')) { return json_error([], '没有编辑用户的权限'); } $userId = $this->request->post('user_id', 0, 'intval'); if (!$userId) { return json_error([], '用户ID不能为空'); } $user = UserModel::where('user_id', $userId) ->where('merchant_id', $loginInfo['merchant_id']) ->find(); if (!$user) { return json_error($this->message['empty']); } // 获取更新数据 $data = $this->request->only([ 'nick_name', 'phone', 'password', 'user_role', 'white_list_ip' ]); // 过滤空值 $data = array_filter($data, function($value, $key) { return $key !== 'password' || !empty($value); }, ARRAY_FILTER_USE_BOTH); if (empty($data)) { return json_error([], '没有要更新的数据'); } // 验证角色是否存在 if (isset($data['user_role']) && $data['user_role'] > 0) { $role = UserRoleModel::getRoleById($data['user_role'], $loginInfo['merchant_id']); if (!$role) { return json_error([], '选择的角色不存在'); } } // 密码加密 if (isset($data['password'])) { $data['password'] = password_hash($data['password'], PASSWORD_DEFAULT); } try { $user->save($data); return json_success([], $this->message['suc']); } catch (\Exception $e) { return json_error([], '更新失败：' . $e->getMessage()); } } /** * 删除用户 */ public function delete() { $loginInfo = $this->checkUserLogin(); if (!$loginInfo) { return json_error([], '请先登录'); } if (!$this->checkPermission($loginInfo, 'user', 'delete')) { return json_error([], '没有删除用户的权限'); } $userId = $this->request->post('user_id', 0, 'intval'); if (!$userId) { return json_error([], '用户ID不能为空'); } if ($userId == $loginInfo['user_id']) { return json_error([], '不能删除自己'); } $user = UserModel::where('user_id', $userId) ->where('merchant_id', $loginInfo['merchant_id']) ->find(); if (!$user) { return json_error($this->message['empty']); } try { $user->delete(); return json_success([], '删除成功'); } catch (\Exception $e) { return json_error([], '删除失败：' . $e->getMessage()); } } /** * 获取当前登录用户信息 */ private function checkUserLogin() { $token = Cookie::get('auth_token'); if (!$token) { return null; } return $this->verifyToken($token); } /** * 验证Token */ private function verifyToken($token) { try { $parts = explode('.', $token); if (count($parts) != 3) { return null; } $payload = json_decode(base64_decode($parts[1]), true); if ($payload['exp'] < time()) { return null; } return $payload; } catch (\Exception $e) { return null; } } /** * 检查权限 */ private function checkPermission($user, $controller, $action) { // 超级管理员拥有所有权限 $superAdminRoleId = Config::get('permission.super_admin_role_id', 1); if ($user['user_role'] == $superAdminRoleId) { return true; } // 获取用户角色权限 $role = UserRoleModel::getRoleById($user['user_role'], $user['merchant_id']); if (!$role) { return false; } $privileges = $role->privileges; // 检查是否有对应权限 return isset($privileges[$controller]) && is_array($privileges[$controller]) && in_array($action, $privileges[$controller]); } /** * 验证输入数据 */ protected function validateInput(array $data, $scene = '') { $validate = new UserValidate(); // 执行场景验证 if (!$validate->scene($scene)->check($data)) { return $validate->getError(); } return ""; } }