with(['userRelation' => function($query) { $query->where('status', UserRelation::STATUS_ACTIVE); }])->find(); if (empty($user) || $user->password != md5(md5($password . $user->salt) . $web_salt)) { throw new ServiceException('账号不存在或密码错误！'); } if ($user->status == User::STATUS_INVALID) { throw new ServiceException('账号不可用！'); } $user->login_time = time(); $user->login_ip = Request::ip(); $user->save(); $user_data = $user->toArray(); unset($user_data['password']); unset($user_data['salt']); unset($user_data['fd']); $token = hash_hmac('sha256', json_encode($user_data), $web_salt); Cache::set($token, $user); $user_token = UserToken::where('uid', $user['id'])->find(); $user_token = $user_token ?: new UserToken(); $user_token->uid = $user['id']; $user_token->token = $token; $user_token->expire = time() + 3600 * 24; // 一天有效期 $user_token->save(); return JsonReturn::success('登录成功！', ['token' => $token]); } } }