orico-official-website/app/admin/controller/v1/Login.php

<?php
declare (strict_types = 1);

namespace app\admin\controller\v1;

use apiret\Ret;
use app\admin\exception\InvalidLoginException;
use app\admin\model\v1\UserLoginLogModel;
use app\admin\model\v1\UserModel;
use app\admin\validate\v1\LoginValidate;
use thans\jwt\facade\JWTAuth;
use think\facade\Cache;

class Login
{
    /**
     * 登录验证接口
     */
    public function index()
    {
        // 获取参数
        $post = request()->post([
            'username',
            'password',
            'token',
            'captcha'
        ]);

        $user = new UserModel();
        $msg = '';
        try {
            // 验证参数
            $validate = new LoginValidate();
            if (!$validate->check($post)) {
                throw new InvalidLoginException($validate->getError());
            }

            // 校验验证码
            $code = Cache::get('captcha:token.' . $post['token']);
            if (!$code) {
                throw new InvalidLoginException('验证码不存在或已过期！');
            }
            Cache::delete('captcha:token.' . $post['token']);

            // 校验
            if (!password_verify($post['captcha'], $code)) {
                throw new InvalidLoginException('验证码错误！');
            }
            
            // 验证用户
            $user = UserModel::usernameOrMobile($post['username'])->find();
            if (!$user) {
                throw new InvalidLoginException('用户不存在！');
            }

            // 验证密码
            if ($user['password'] != password_with_salt($post['password'], $user['salt'])) {
                throw new InvalidLoginException('密码错误！');
            }

            // 验证用户状态
            if ($user['status'] == -1) {
                throw new InvalidLoginException('用户已禁用，请联系管理员！');
            }
        } catch (InvalidLoginException $e) {
            $msg = $e->getMessage();
            return error($msg);
        } catch (\Throwable $th) {
            $msg = $th->getMessage();
            return error('登录失败！');
        }

        // 记录登录日志
        UserLoginLogModel::create([
            'user_id'    => $user['id'],
            'ip'         => ip2long(request()->ip()),
            'user_agent' => request()->header('user-agent'),
        ]);

        // 生成 jwt token
        $token = JWTAuth::builder(['uid' => $user['id']]);
        
        return success('登录成功！', [
            'uid'      => $user['id'],
            'nickname' => $user['nickname'],
            'avatar'   => $user['avatar'],
            'token'    => $token,
        ]);
    }
}