public function login() { if (!$this->validate()) { return $this->errorResponse; } $admin = Admin::findOne([ 'username' => $this->username, 'is_delete' => 0, ]); if (!$admin) { return [ 'code' => 1, 'msg' => '用户名或密码错误', ]; } if (!\Yii::$app->security->validatePassword($this->password, $admin->password)) { return [ 'code' => 1, 'msg' => '用户名或密码错误', ]; } Yii::$app->admin->login($admin, \Yii::$app->request->post('rememberme')? 3600*24*3 : 0); if (Yii::$app->mchRoleAdmin->isGuest == false) { Yii::$app->mchRoleAdmin->logout(); } return [ 'code' => 0, 'msg' => '登录成功', ]; }
public function validatePassword($password, $hash) { if (!is_string($password) || $password === '') { throw new InvalidParamException('Password must be a string and cannot be empty.'); } if (!preg_match('/^\$2[axy]\$(\d\d)\$[\.\/0-9A-Za-z]{22}/', $hash, $matches) || $matches[1] < 4 || $matches[1] > 30 ) { throw new InvalidParamException('Hash is invalid.'); } if (function_exists('password_verify')) { return password_verify($password, $hash); } $test = crypt($password, $hash); $n = strlen($test); if ($n !== 60) { return false; } return $this->compareString($test, $hash); }