123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420 |
- <?php
- namespace app\api\controller;
- use app\admin\model\sms\SmsRecord;
- use app\http\validates\user\RegisterValidates;
- use app\models\user\User;
- use app\models\user\UserToken;
- use app\models\user\WechatUser;
- use app\Request;
- use crmeb\jobs\TestJob;
- use crmeb\repositories\ShortLetterRepositories;
- use crmeb\services\CacheService;
- use crmeb\services\UtilService;
- use think\facade\Cache;
- use think\exception\ValidateException;
- use think\facade\Config;
- use think\facade\Queue;
- use think\facade\Session;
- class AuthController
- {
-
- public function login(Request $request)
- {
- $user = User::where('account', $request->param('account'))->find();
- if ($user) {
- if ($user->pwd !== md5($request->param('password')))
- return app('json')->fail('账号或密码错误');
- } else {
- return app('json')->fail('账号或密码错误');
- }
- if (!$user['status'])
- return app('json')->fail('已被禁止,请联系管理员');
-
- User::setSpread(intval($request->param('spread')), $user->uid);
- $token = UserToken::createToken($user, 'user');
- if ($token) {
- event('UserLogin', [$user, $token]);
- return app('json')->success('登录成功', ['token' => $token->token, 'expires_time' => $token->expires_time]);
- } else
- return app('json')->fail('登录失败');
- }
-
- public function logout(Request $request)
- {
- $request->tokenData()->delete();
- return app('json')->success('成功');
- }
- public function verifyCode()
- {
- $unique = password_hash(uniqid(true), PASSWORD_BCRYPT);
- Cache::set('sms.key.' . $unique, 0, 300);
- return app('json')->success(['key' => $unique]);
- }
- public function captcha(Request $request)
- {
- ob_clean();
- $rep = captcha();
- $key = app('session')->get('captcha.key');
- $uni = $request->get('key');
- if ($uni)
- Cache::set('sms.key.cap.' . $uni, $key, 300);
- return $rep;
- }
-
- protected function checkCaptcha($uni, string $code): bool
- {
- $cacheName = 'sms.key.cap.' . $uni;
- if (!Cache::has($cacheName)) {
- return false;
- }
- $key = Cache::get($cacheName);
- $code = mb_strtolower($code, 'UTF-8');
- $res = password_verify($code, $key);
- if ($res) {
- Cache::delete($cacheName);
- }
- return $res;
- }
-
- public function verify(Request $request)
- {
- list($phone, $type, $key, $code) = UtilService::postMore([['phone', 0], ['type', ''], ['key', ''], ['code', '']], $request, true);
- $nowKey = 'sms.' . date('YmdHi');
- $total = 1;
- if ($has = Cache::has($nowKey)) {
- $total = Cache::get($nowKey);
- if ($total > Config::get('sms.maxMinuteCount', 20))
- return app('json')->success('已发送');
- }
- try {
- validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
- } catch (ValidateException $e) {
- return app('json')->fail($e->getError());
- }
- if (User::checkPhone($phone) && $type == 'register') return app('json')->fail('手机号已注册');
- if (!User::checkPhone($phone) && $type == 'login') return app('json')->fail('账号不存在!');
- $default = Config::get('sms.default', 'yunxin');
- $defaultMaxPhoneCount = Config::get('sms.maxPhoneCount', 10);
- $defaultMaxIpCount = Config::get('sms.maxIpCount', 50);
- $maxPhoneCount = Config::get('sms.stores.' . $default . '.maxPhoneCount', $defaultMaxPhoneCount);
- $maxIpCount = Config::get('sms.stores.' . $default . '.maxIpCount', $defaultMaxIpCount);
- if (SmsRecord::where('phone', $phone)->where('add_ip', $request->ip())->whereDay('add_time')->count() >= $maxPhoneCount) {
- return app('json')->fail('您今日发送得短信次数已经达到上限');
- }
- if (SmsRecord::where('add_ip', $request->ip())->whereDay('add_time')->count() >= $maxIpCount) {
- return app('json')->fail('此IP今日发送次数已经达到上限');
- }
- $time = 60;
- if (CacheService::get('code_' . $phone))
- return app('json')->fail($time . '秒内有效');
- $code = rand(100000, 999999);
- $data['code'] = $code;
- $res = ShortLetterRepositories::Alisend(true, $phone, $data, 'VERIFICATION_CODE');
- if ($res !== true)
- return app('json')->fail('短信平台验证码发送失败' . $res);
- CacheService::set('code_' . $phone, $code, $time);
- Cache::set($nowKey, $total, 61);
- return app('json')->success('发送成功');
- }
-
- public function register(Request $request)
- {
- list($account, $captcha, $password, $spread) = UtilService::postMore([['account', ''], ['captcha', ''], ['password', ''], ['spread', 0]], $request, true);
- try {
- validate(RegisterValidates::class)->scene('register')->check(['account' => $account, 'captcha' => $captcha, 'password' => $password]);
- } catch (ValidateException $e) {
- return app('json')->fail($e->getError());
- }
- $verifyCode = CacheService::get('code_' . $account);
- if (!$verifyCode)
- return app('json')->fail('请先获取验证码');
- $verifyCode = substr($verifyCode, 0, 6);
- if ($verifyCode != $captcha)
- return app('json')->fail('验证码错误');
- if (strlen(trim($password)) < 6 || strlen(trim($password)) > 16)
- return app('json')->fail('密码必须是在6到16位之间');
- $registerStatus = User::register($account, $password, $spread);
- if ($registerStatus) return app('json')->success('注册成功');
- return app('json')->fail(User::getErrorInfo('注册失败'));
- }
-
- public function reset(Request $request)
- {
- list($account, $captcha, $password) = UtilService::postMore([['account', ''], ['captcha', ''], ['password', '']], $request, true);
- try {
- validate(RegisterValidates::class)->scene('register')->check(['account' => $account, 'captcha' => $captcha, 'password' => $password]);
- } catch (ValidateException $e) {
- return app('json')->fail($e->getError());
- }
- $verifyCode = CacheService::get('code_' . $account);
- if (!$verifyCode)
- return app('json')->fail('请先获取验证码');
- $verifyCode = substr($verifyCode, 0, 6);
- if ($verifyCode != $captcha)
- return app('json')->fail('验证码错误');
- if (strlen(trim($password)) < 6 || strlen(trim($password)) > 16)
- return app('json')->fail('密码必须是在6到16位之间');
- if ($password == '123456') return app('json')->fail('密码太过简单,请输入较为复杂的密码');
- $resetStatus = User::reset($account, $password);
- if ($resetStatus) return app('json')->success('修改成功');
- return app('json')->fail(User::getErrorInfo('修改失败'));
- }
-
- public function mobile(Request $request)
- {
- list($phone, $captcha, $spread) = UtilService::postMore([['phone', ''], ['captcha', ''], ['spread', 0]], $request, true);
-
- try {
- validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
- } catch (ValidateException $e) {
- return app('json')->fail($e->getError());
- }
-
- $verifyCode = CacheService::get('code_' . $phone);
- if (!$verifyCode)
- return app('json')->fail('请先获取验证码');
- $verifyCode = substr($verifyCode, 0, 6);
- if ($verifyCode != $captcha)
- return app('json')->fail('验证码错误');
-
- $user = User::where('account', $phone)->find();
- if (!$user)
- return app('json')->fail('用户不存在');
- if (!$user->status)
- return app('json')->fail('已被禁止,请联系管理员');
-
- User::setSpread($spread, $user->uid);
- $token = UserToken::createToken($user, 'user');
- if ($token) {
- event('UserLogin', [$user, $token]);
- return app('json')->success('登录成功', ['token' => $token->token, 'expires_time' => $token->expires_time]);
- } else
- return app('json')->fail('登录失败');
- }
-
- public function switch_h5(Request $request)
- {
- $from = $request->post('from', 'wechat');
- $user = $request->user();
- if ($from === 'h5') {
- $user = User::where('phone', $user['phone'])->where('user_type', '<>', 'h5')->find();
- $user->login_type = 'wechat';
- $user->save();
- } else {
-
- $user = User::where('account|phone', $user['phone'])->where('user_type', 'h5')->find();
- if (!$user)
- return app('json')->fail('H5用户不存在,无法切换');
- if (!$user->status) return app('json')->fail('已被禁止,请联系管理员');
- $wechatUserInfo = WechatUser::where('uid', $request->uid())->find();
- $wechatH5UserInfo = WechatUser::where('uid', $user->uid)->find();
- if ($wechatH5UserInfo->unionid && $wechatUserInfo->unionid != $wechatH5UserInfo->unionid)
- return app('json')->fail('您的账号已绑定特定用户无法切换到此用户上');
- if ($wechatH5UserInfo->openid && $wechatUserInfo->openid != $wechatH5UserInfo->openid)
- return app('json')->fail('您的账号已绑定特定用户无法切换到此用户上');
- if ($wechatH5UserInfo->routine_openid && $wechatUserInfo->routine_openid != $wechatH5UserInfo->routine_openid)
- return app('json')->fail('您的账号已绑定特定用户无法切换到此用户上');
- switch ($from) {
- case 'wechat':
- if (!$wechatH5UserInfo->openid)
- $wechatH5UserInfo->openid = $wechatUserInfo->openid;
- if (!$wechatH5UserInfo->unionid && $wechatUserInfo->unionid)
- $wechatH5UserInfo->unionid = $wechatUserInfo->unionid;
- break;
- case 'routine':
- if (!$wechatH5UserInfo->routine_openid)
- $wechatH5UserInfo->routine_openid = $wechatUserInfo->routine_openid;
- if (!$wechatH5UserInfo->unionid && $wechatUserInfo->unionid)
- $wechatH5UserInfo->unionid = $wechatUserInfo->unionid;
- break;
- }
- $wechatH5UserInfo->save();
- User::where('uid', $request->uid())->update(['login_type' => 'h5']);
- }
- $token = UserToken::createToken($user, 'user');
- if ($token) {
- event('UserLogin', [$user, $token]);
- return app('json')->success('登录成功', ['userInfo' => $user, 'token' => $token->token, 'expires_time' => $token->expires_time, 'time' => strtotime($token->expires_time)]);
- } else
- return app('json')->fail('登录失败');
- }
-
- public function binding_phone(Request $request)
- {
- list($phone, $captcha, $step) = UtilService::postMore([
- ['phone', ''],
- ['captcha', ''],
- ['step', 0]
- ], $request, true);
-
- try {
- validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
- } catch (ValidateException $e) {
- return app('json')->fail($e->getError());
- }
-
- $verifyCode = CacheService::get('code_' . $phone);
- if (!$verifyCode)
- return app('json')->fail('请先获取验证码');
- $verifyCode = substr($verifyCode, 0, 6);
- if ($verifyCode != $captcha)
- return app('json')->fail('验证码错误');
- $userInfo = User::where('uid', $request->uid())->find();
- $userPhone = $userInfo->phone;
- if (!$userInfo) return app('json')->fail('用户不存在');
- if ($userInfo->phone) return app('json')->fail('您的账号已经绑定过手机号码!');
- if (User::where('phone', $phone)->where('user_type', '<>', 'h5')->count())
- return app('json')->success('此手机已经绑定,无法多次绑定!');
- if (User::where('account', $phone)->where('phone', $phone)->where('user_type', 'h5')->find()) {
- if (!$step) return app('json')->success('H5已有账号是否绑定此账号上', ['is_bind' => 1]);
- $userInfo->phone = $phone;
- } else {
- $userInfo->account = $phone;
- $userInfo->phone = $phone;
- }
- if ($userInfo->save() || $userPhone == $phone)
- return app('json')->success('绑定成功');
- else
- return app('json')->fail('绑定失败');
- }
- public static function h5Key()
- {
- $time = time();
- do {
- $key = md5($time . rand(1000, 9999));
- } while (CacheService::get($key . '_time'));
- CacheService::set($key . '_time', $time, 300);
- return app('json')->success('ok', compact('key', 'time'));
- }
- public static function h5Auth($key, Request $request)
- {
- if (!CacheService::get($key . '_time')) return app('json')->fail('二维码已过期,请刷新。');
- CacheService::set($key, trim(ltrim($request->header('Authori-zation'), 'Bearer')), 60);
- return app('json')->success('授权完成');
- }
- public static function h5Token($key)
- {
- $token = CacheService::get($key);
- if ($token) return app('json')->success('ok', compact('token'));
- return app('json')->fail('未授权');
- }
- }
|