File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -84,7 +84,7 @@ public function login(Request $request): Response
8484 $ this ->removeLoginLimit ($ username );
8585 $ admin = $ admin ->toArray ();
8686 $ session = $ request ->session ();
87- unset ($ admin ['password ' ]);
87+ $ admin [ ' password ' ] = md5 ($ admin ['password ' ]);
8888 $ session ->set ('admin ' , $ admin );
8989 return $ this ->json (0 , '登录成功 ' , [
9090 'nickname ' => $ admin ['nickname ' ],
Original file line number Diff line number Diff line change @@ -80,9 +80,11 @@ function user($fields = null)
8080 */
8181function refresh_admin_session (bool $ force = false )
8282{
83- if (!$ admin_id = admin_id ()) {
83+ $ admin_session = session ('admin ' );
84+ if (!$ admin_session ) {
8485 return null ;
8586 }
87+ $ admin_id = $ admin_session ['id ' ];
8688 $ time_now = time ();
8789 // session在2秒内不刷新
8890 $ session_ttl = 2 ;
@@ -97,7 +99,12 @@ function refresh_admin_session(bool $force = false)
9799 return null ;
98100 }
99101 $ admin = $ admin ->toArray ();
100- unset($ admin ['password ' ]);
102+ $ admin ['password ' ] = md5 ($ admin ['password ' ]);
103+ $ admin_session ['password ' ] = $ admin_session ['password ' ] ?? '' ;
104+ if ($ admin ['password ' ] != $ admin_session ['password ' ]) {
105+ $ session ->forget ('admin ' );
106+ return null ;
107+ }
101108 // 账户被禁用
102109 if ($ admin ['status ' ] != 0 ) {
103110 $ session ->forget ('admin ' );
Original file line number Diff line number Diff line change 1717 'controller_suffix ' => 'Controller ' ,
1818 'controller_reuse ' => false ,
1919 'plugin_market_host ' => 'https://www.workerman.net ' ,
20- 'version ' => '0.6.19 '
20+ 'version ' => '0.6.20 '
2121];
You can’t perform that action at this time.
0 commit comments