public function login()
{
$account = $this->request->post('account');
$password = $this->request->post('password');
if (!$account || !$password) {
$this->error(__('Invalid parameters'));
}
$ret = $this->auth->login($account, $password);
if ($ret) {
$userInfo = $this->auth->getUserinfo();
$token = $userInfo['token']; // 获取当前登录的 token
$config = \think\Config::get('token');
$realToken = hash_hmac($config['hashalgo'], $token, $config['key']);
if ($realToken) {
// 删除该用户除了最新 token 以外的所有 token
Db::name('user_token')
->where('user_id', $userInfo['id'])
->where('token','<>',$realToken)
->delete();
}
$data = ['userinfo' => $userInfo];
$this->success(__('Logged in successful'), $data);
} else {
$this->error($this->auth->getError());
}
}