登录时常以及多设备登录

amihh 8小时前

问题描述

不太懂是什么情况，就是单设备的时候，有时候随便刷新一下页面就会掉登录，然后无法支持多设备登

<?php

namespace plugin\user\app\controller;

use plugin\user\api\Captcha;
use plugin\user\api\Limit;
use plugin\user\app\model\User;
use plugin\user\app\service\Register;
use support\exception\BusinessException;
use support\Request;
use support\Response;
use Webman\Event\Event;

class LoginController
{
    /**
     * 不需要登录验证的方法
     * @var string[]
     */
    protected $noNeedLogin = ['index', 'logout'];

    /**
     * 登录
     * @param Request $request
     * @return Response
     * @throws BusinessException
     */
    public function index(Request $request): Response
    {
        if ($request->method() === 'POST') {

            // 每个ip每分钟只能调用10次
            Limit::perMinute($request->getRealIp(), 10);

            $username = $request->post('username');
            $password = $request->post('password');

            if (empty($username)) {
                return json(['code' => 1, 'msg' => '用户名不能为空', 'data' => [
                    'field' => 'username'
                ]]);
            }

            $users = User::where('username', $username);
            // 如果是邮箱
            if (filter_var($username, FILTER_VALIDATE_EMAIL)) {
                $users->orWhere('email', $username);
            }
            // 如果是纯数字
            if (is_numeric($username)) {
                $users->orWhere('phone', $username);
            }
            $users = $users->get();

            foreach ($users as $user) {
                if (password_verify($password, $user->password)) {
                    if ($user->status != 1) {
                        return json(['code' => 1, 'msg' => '当前账户已经被禁用']);
                    }
                    $request->session()->set('user', [
                        'uid' => $user->uid,
                        'email' => $user->email,
                        'phone' => $user->phone,
                    ]);
                    // 发布登录事件
                    Event::emit('user.login', $user);
                    $user->last_ip = $request->getRealIp();
                    $user->last_time = date('Y-m-d H:i:s');
                    $user->timestamps = false;
                    $user->save();
                    return json(['code' => 0, 'msg' => 'ok']);
                }
            }

            return json(['code' => 1, 'msg' => '用户名或密码错误']);
        }

        return view('login/login', ['name' => 'user', 'setting' => Register::getSetting()]);
    }

    /**
     * 退出
     * @param Request $request
     * @return Response
     */
    public function logout(Request $request): Response
    {
        $session = $request->session();
        $userId = session('user.id');
        if ($userId && $user = User::find($userId)) {
            // 发布退出事件
            Event::emit('user.logout', $user);
        }
        $session->delete('user');
        return redirect('/app/user/login');
    }

}

 13  0 0