Merge branch 'master' into cs
This commit is contained in:
@@ -11,7 +11,7 @@ class ConversionController extends BaseAdminController
|
||||
{
|
||||
public function overview()
|
||||
{
|
||||
$result = ConversionLogic::overview($this->request->get());
|
||||
$result = ConversionLogic::overview($this->request->get(), $this->adminId, $this->adminInfo);
|
||||
|
||||
return $this->data($result);
|
||||
}
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -22,6 +22,7 @@ use app\common\cache\AdminAccountSafeCache;
|
||||
use app\common\service\ConfigService;
|
||||
use app\common\validate\BaseValidate;
|
||||
use think\facade\Config;
|
||||
use think\facade\Log;
|
||||
|
||||
/**
|
||||
* 登录验证
|
||||
@@ -55,6 +56,27 @@ class LoginValidate extends BaseValidate
|
||||
*/
|
||||
public function password($password, $other, $data)
|
||||
{
|
||||
// 本地调试:免密登录开关。须同时满足 APP_DEBUG=1 + LOCAL_DEBUG.LOGIN_SKIP_PASSWORD=true,
|
||||
// 任一不满足都走原始密码校验。每次免密登录都会记一条 warning 日志,便于发现误开。
|
||||
if (self::isLocalDebugLoginBypassEnabled()) {
|
||||
$adminInfo = Admin::where('account', '=', $data['account'])
|
||||
->field(['password,disable'])
|
||||
->findOrEmpty();
|
||||
if ($adminInfo->isEmpty()) {
|
||||
return '账号不存在';
|
||||
}
|
||||
if ((int)($adminInfo['disable'] ?? 0) === 1) {
|
||||
return '账号已禁用';
|
||||
}
|
||||
Log::warning(sprintf(
|
||||
'[LOCAL_DEBUG] login bypass password: account=%s, ip=%s',
|
||||
(string)($data['account'] ?? ''),
|
||||
(string)request()->ip()
|
||||
));
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
// 登录限制
|
||||
$config = [
|
||||
'login_restrictions' => ConfigService::get('admin_login', 'login_restrictions'),
|
||||
@@ -100,4 +122,25 @@ class LoginValidate extends BaseValidate
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* 是否启用"本地调试免密登录"。
|
||||
*
|
||||
* 双重闸门:
|
||||
* 1. APP_DEBUG 必须为 true(即应用本身处于调试模式)
|
||||
* 2. LOCAL_DEBUG.LOGIN_SKIP_PASSWORD 必须显式为 true / 1 / yes / on
|
||||
*
|
||||
* 任何一条不满足都返回 false,强制走原始密码校验。这样即使误把
|
||||
* LOGIN_SKIP_PASSWORD 配进生产,只要 APP_DEBUG=0 仍然安全。
|
||||
*/
|
||||
private static function isLocalDebugLoginBypassEnabled(): bool
|
||||
{
|
||||
$appDebug = strtolower((string) env('app_debug', '0'));
|
||||
if (!in_array($appDebug, ['1', 'true', 'yes', 'on'], true)) {
|
||||
return false;
|
||||
}
|
||||
$flag = strtolower((string) env('local_debug.login_skip_password', ''));
|
||||
|
||||
return in_array($flag, ['1', 'true', 'yes', 'on'], true);
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user