first commit

app/Http/Controllers/WebAdmin/AuthController.php

@@ -0,0 +1,53 @@
+<?php
+
+namespace App\Http\Controllers\WebAdmin;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\View\View;
+
+class AuthController extends Controller
+{
+    public function showLogin(Request $request): View
+    {
+        return view('admin.login', [
+            'redirect' => (string) $request->query('redirect', route('webadmin.home')),
+        ]);
+    }
+
+    public function login(Request $request): RedirectResponse
+    {
+        $validated = $request->validate([
+            'email' => ['required', 'email'],
+            'password' => ['required', 'string'],
+            'redirect' => ['nullable', 'string'],
+            'remember' => ['nullable', 'boolean'],
+        ]);
+
+        $user = User::query()->where('email', $validated['email'])->first();
+
+        if (!$user || !Hash::check($validated['password'], $user->password)) {
+            return back()->withInput($request->except('password'))->with('error', '账号或密码不正确');
+        }
+
+        Auth::login($user, (bool) ($validated['remember'] ?? false));
+        $request->session()->regenerate();
+
+        $redirect = $validated['redirect'] ?: route('webadmin.home');
+
+        return redirect()->to($redirect);
+    }
+
+    public function logout(Request $request): RedirectResponse
+    {
+        Auth::logout();
+        $request->session()->invalidate();
+        $request->session()->regenerateToken();
+
+        return redirect()->route('webadmin.login')->with('success', '已退出后台');
+    }
+}