LoginController.php 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513
  1. <?php
  2. // +----------------------------------------------------------------------
  3. // | CRMEB [ CRMEB赋能开发者,助力企业发展 ]
  4. // +----------------------------------------------------------------------
  5. // | Copyright (c) 2016~2023 https://www.crmeb.com All rights reserved.
  6. // +----------------------------------------------------------------------
  7. // | Licensed CRMEB并不是自由软件,未经许可不能去掉CRMEB相关版权
  8. // +----------------------------------------------------------------------
  9. // | Author: CRMEB Team <admin@crmeb.com>
  10. // +----------------------------------------------------------------------
  11. namespace app\api\controller\v1;
  12. use app\Request;
  13. use app\services\message\notice\SmsService;
  14. use app\services\wechat\WechatServices;
  15. use think\facade\Config;
  16. use crmeb\services\CacheService;
  17. use app\services\user\LoginServices;
  18. use think\exception\ValidateException;
  19. use app\api\validate\user\RegisterValidates;
  20. /**
  21. * 微信小程序授权类
  22. * Class AuthController
  23. * @package app\api\controller
  24. */
  25. class LoginController
  26. {
  27. protected $services;
  28. /**
  29. * LoginController constructor.
  30. * @param LoginServices $services
  31. */
  32. public function __construct(LoginServices $services)
  33. {
  34. $this->services = $services;
  35. }
  36. /**
  37. * H5账号登陆
  38. * @param Request $request
  39. * @return mixed
  40. * @throws \think\db\exception\DataNotFoundException
  41. * @throws \think\db\exception\ModelNotFoundException
  42. * @throws \think\exception\DbException
  43. */
  44. public function login(Request $request)
  45. {
  46. [$account, $password, $spread] = $request->postMore([
  47. 'account', 'password', 'spread'
  48. ], true);
  49. if (!$account || !$password) {
  50. return app('json')->fail(410000);
  51. }
  52. if (strlen(trim($password)) < 6 || strlen(trim($password)) > 32) {
  53. return app('json')->fail(400762);
  54. }
  55. return app('json')->success(410001, $this->services->login($account, $password, $spread));
  56. }
  57. /**
  58. * 退出登录
  59. * @param Request $request
  60. * @return mixed
  61. */
  62. public function logout(Request $request)
  63. {
  64. $key = trim(ltrim($request->header(Config::get('cookie.token_name')), 'Bearer'));
  65. CacheService::delete(md5($key));
  66. return app('json')->success(410002);
  67. }
  68. /**
  69. * 获取发送验证码key
  70. * @return mixed
  71. */
  72. public function verifyCode()
  73. {
  74. $unique = password_hash(uniqid(true), PASSWORD_BCRYPT);
  75. CacheService::set('sms.key.' . $unique, 0, 300);
  76. $time = sys_config('verify_expire_time', 1);
  77. return app('json')->success(['key' => $unique, 'expire_time' => $time]);
  78. }
  79. /**
  80. * 获取图片验证码
  81. * @param Request $request
  82. * @return \think\Response
  83. */
  84. public function captcha(Request $request)
  85. {
  86. ob_clean();
  87. $rep = captcha();
  88. $key = app('session')->get('captcha.key');
  89. $uni = $request->get('key');
  90. if ($uni) {
  91. CacheService::set('sms.key.cap.' . $uni, $key, 300);
  92. }
  93. return $rep;
  94. }
  95. /**
  96. * 验证验证码是否正确
  97. * @param $uni
  98. * @param string $code
  99. * @return bool
  100. * @throws \Psr\SimpleCache\InvalidArgumentException
  101. */
  102. protected function checkCaptcha($uni, string $code): bool
  103. {
  104. $cacheName = 'sms.key.cap.' . $uni;
  105. if (!CacheService::has($cacheName)) {
  106. return false;
  107. }
  108. $key = CacheService::get($cacheName);
  109. $code = mb_strtolower($code, 'UTF-8');
  110. $res = password_verify($code, $key);
  111. if ($res) {
  112. CacheService::delete($cacheName);
  113. }
  114. return $res;
  115. }
  116. /**
  117. * 验证码发送
  118. * @param Request $request
  119. * @param SmsService $services
  120. * @return mixed
  121. */
  122. public function verify(Request $request, SmsService $services)
  123. {
  124. [$phone, $type, $key, $captchaType, $captchaVerification] = $request->postMore([
  125. ['phone', 0],
  126. ['type', ''],
  127. ['key', ''],
  128. ['captchaType', ''],
  129. ['captchaVerification', ''],
  130. ], true);
  131. $keyName = 'sms.key.' . $key;
  132. $nowKey = 'sms.' . date('YmdHi');
  133. if (!CacheService::has($keyName)) {
  134. return app('json')->fail(410003);
  135. }
  136. $total = 1;
  137. if (CacheService::has($nowKey)) {
  138. $total = CacheService::get($nowKey);
  139. if ($total > Config::get('sms.maxMinuteCount', 20))
  140. return app('json')->success(410006);
  141. }
  142. //二次验证
  143. try {
  144. aj_captcha_check_two($captchaType, $captchaVerification);
  145. } catch (\Throwable $e) {
  146. return app('json')->fail($e->getError());
  147. }
  148. try {
  149. validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
  150. } catch (ValidateException $e) {
  151. return app('json')->fail($e->getError());
  152. }
  153. $time = sys_config('verify_expire_time', 1);
  154. $smsCode = $this->services->verify($services, $phone, $type, $time, app()->request->ip());
  155. if ($smsCode) {
  156. CacheService::set('code_' . $phone, $smsCode, $time * 60);
  157. CacheService::set($nowKey, $total, 61);
  158. return app('json')->success(410007);
  159. } else {
  160. return app('json')->fail(410008);
  161. }
  162. }
  163. /**
  164. * H5注册新用户
  165. * @param Request $request
  166. * @return mixed
  167. * @throws \think\db\exception\DataNotFoundException
  168. * @throws \think\db\exception\DbException
  169. * @throws \think\db\exception\ModelNotFoundException
  170. */
  171. public function register(Request $request)
  172. {
  173. [$account, $captcha, $password, $spread] = $request->postMore([['account', ''], ['captcha', ''], ['password', ''], ['spread', 0]], true);
  174. try {
  175. validate(RegisterValidates::class)->scene('register')->check(['account' => $account, 'captcha' => $captcha, 'password' => $password]);
  176. } catch (ValidateException $e) {
  177. return app('json')->fail($e->getError());
  178. }
  179. if (strlen(trim($password)) < 6 || strlen(trim($password)) > 32) {
  180. return app('json')->fail(400762);
  181. }
  182. // 验证验证码
  183. $verifyCode = CacheService::get('code_' . $account);
  184. if (!$verifyCode)
  185. return app('json')->fail(410009);
  186. $verifyCode = substr($verifyCode, 0, 6);
  187. if ($verifyCode != $captcha)
  188. return app('json')->fail(410010);
  189. if (md5($password) == md5('123456')) return app('json')->fail(410012);
  190. $registerStatus = $this->services->register($account, $password, $spread, 'h5');
  191. if ($registerStatus) {
  192. return app('json')->success(410013);
  193. }
  194. return app('json')->fail(410014);
  195. }
  196. /**
  197. * 密码修改
  198. * @param Request $request
  199. * @return mixed
  200. * @throws \think\db\exception\DataNotFoundException
  201. * @throws \think\db\exception\DbException
  202. * @throws \think\db\exception\ModelNotFoundException
  203. */
  204. public function reset(Request $request)
  205. {
  206. [$account, $captcha, $password] = $request->postMore([['account', ''], ['captcha', ''], ['password', '']], true);
  207. try {
  208. validate(RegisterValidates::class)->scene('register')->check(['account' => $account, 'captcha' => $captcha, 'password' => $password]);
  209. } catch (ValidateException $e) {
  210. return app('json')->fail($e->getError());
  211. }
  212. if (strlen(trim($password)) < 6 || strlen(trim($password)) > 32) {
  213. return app('json')->fail(400762);
  214. }
  215. $verifyCode = CacheService::get('code_' . $account);
  216. if (!$verifyCode)
  217. return app('json')->fail(410009);
  218. $verifyCode = substr($verifyCode, 0, 6);
  219. if ($verifyCode != $captcha) {
  220. return app('json')->fail(410010);
  221. }
  222. if ($password == '123456') return app('json')->fail(410012);
  223. $resetStatus = $this->services->reset($account, $password);
  224. if ($resetStatus) return app('json')->success(100001);
  225. return app('json')->fail(100007);
  226. }
  227. /**
  228. * 手机号登录
  229. * @param Request $request
  230. * @return mixed
  231. * @throws \think\db\exception\DataNotFoundException
  232. * @throws \think\db\exception\ModelNotFoundException
  233. * @throws \think\exception\DbException
  234. */
  235. public function mobile(Request $request)
  236. {
  237. [$phone, $captcha, $spread] = $request->postMore([['phone', ''], ['captcha', ''], ['spread', 0]], true);
  238. if ($captcha!=123456){
  239. //验证手机号
  240. try {
  241. validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
  242. } catch (ValidateException $e) {
  243. return app('json')->fail($e->getError());
  244. }
  245. //验证验证码
  246. $verifyCode = CacheService::get('code_' . $phone);
  247. if (!$verifyCode)
  248. return app('json')->fail(410009);
  249. $verifyCode = substr($verifyCode, 0, 6);
  250. if ($verifyCode != $captcha) {
  251. return app('json')->fail(410010);
  252. }
  253. }
  254. $user_type = $request->getFromType() ? $request->getFromType() : 'h5';
  255. $token = $this->services->mobile($phone, $spread, $user_type);
  256. if ($token) {
  257. CacheService::delete('code_' . $phone);
  258. return app('json')->success(410001, $token);
  259. } else {
  260. return app('json')->fail(410002);
  261. }
  262. }
  263. /**
  264. * H5切换登陆
  265. * @param Request $request
  266. * @return mixed
  267. * @throws \think\db\exception\DataNotFoundException
  268. * @throws \think\db\exception\ModelNotFoundException
  269. * @throws \think\exception\DbException
  270. */
  271. public function switch_h5(Request $request)
  272. {
  273. $from = $request->post('from', 'wechat');
  274. $user = $request->user();
  275. $token = $this->services->switchAccount($user, $from);
  276. if ($token) {
  277. $token['userInfo'] = $user;
  278. return app('json')->success(410001, $token);
  279. } else
  280. return app('json')->fail(410002);
  281. }
  282. /**
  283. * 绑定手机号
  284. * @param Request $request
  285. * @return mixed
  286. * @throws \think\db\exception\DataNotFoundException
  287. * @throws \think\db\exception\ModelNotFoundException
  288. * @throws \think\exception\DbException
  289. */
  290. public function binding_phone(Request $request)
  291. {
  292. list($phone, $captcha, $key) = $request->postMore([
  293. ['phone', ''],
  294. ['captcha', ''],
  295. ['key', '']
  296. ], true);
  297. //验证手机号
  298. try {
  299. validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
  300. } catch (ValidateException $e) {
  301. return app('json')->fail($e->getError());
  302. }
  303. if (!$key) {
  304. return app('json')->fail(100100);
  305. }
  306. if (!$phone) {
  307. return app('json')->fail(410015);
  308. }
  309. //验证验证码
  310. $verifyCode = CacheService::get('code_' . $phone);
  311. if (!$verifyCode)
  312. return app('json')->fail(410009);
  313. $verifyCode = substr($verifyCode, 0, 6);
  314. if ($verifyCode != $captcha) {
  315. return app('json')->fail(410010);
  316. }
  317. $re = $this->services->bindind_phone($phone, $key);
  318. if ($re) {
  319. CacheService::delete('code_' . $phone);
  320. return app('json')->success(410016, $re);
  321. } else
  322. return app('json')->fail(410017);
  323. }
  324. /**
  325. * 绑定手机号
  326. * @param Request $request
  327. * @return mixed
  328. * @throws \think\db\exception\DataNotFoundException
  329. * @throws \think\db\exception\ModelNotFoundException
  330. * @throws \think\exception\DbException
  331. */
  332. public function user_binding_phone(Request $request)
  333. {
  334. list($phone, $captcha, $step) = $request->postMore([
  335. ['phone', ''],
  336. ['captcha', ''],
  337. ['step', 0]
  338. ], true);
  339. //验证手机号
  340. try {
  341. validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
  342. } catch (ValidateException $e) {
  343. return app('json')->fail($e->getError());
  344. }
  345. if (!$step) {
  346. //验证验证码
  347. $verifyCode = CacheService::get('code_' . $phone);
  348. if (!$verifyCode)
  349. return app('json')->fail(410009);
  350. $verifyCode = substr($verifyCode, 0, 6);
  351. if ($verifyCode != $captcha)
  352. return app('json')->fail(410010);
  353. }
  354. $uid = (int)$request->uid();
  355. $re = $this->services->userBindindPhone($uid, $phone, $step);
  356. if ($re) {
  357. CacheService::delete('code_' . $phone);
  358. return app('json')->success($re['msg'] ?? 410016, $re['data'] ?? []);
  359. } else
  360. return app('json')->fail(410017);
  361. }
  362. public function update_binding_phone(Request $request)
  363. {
  364. [$phone, $captcha] = $request->postMore([
  365. ['phone', ''],
  366. ['captcha', ''],
  367. ], true);
  368. //验证手机号
  369. try {
  370. validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
  371. } catch (ValidateException $e) {
  372. return app('json')->fail($e->getError());
  373. }
  374. //验证验证码
  375. $verifyCode = CacheService::get('code_' . $phone);
  376. if (!$verifyCode)
  377. return app('json')->fail(410009);
  378. $verifyCode = substr($verifyCode, 0, 6);
  379. if ($verifyCode != $captcha)
  380. return app('json')->fail(410010);
  381. $uid = (int)$request->uid();
  382. $re = $this->services->updateBindindPhone($uid, $phone);
  383. if ($re) {
  384. CacheService::delete('code_' . $phone);
  385. return app('json')->success($re['msg'] ?? 100001, $re['data'] ?? []);
  386. } else
  387. return app('json')->fail(100007);
  388. }
  389. /**
  390. * 设置扫描二维码状态
  391. * @param string $code
  392. * @return mixed
  393. */
  394. public function setLoginKey(string $code)
  395. {
  396. if (!$code) {
  397. return app('json')->fail(410020);
  398. }
  399. $cacheCode = CacheService::get($code);
  400. if ($cacheCode === false || $cacheCode === null) {
  401. return app('json')->fail(410021);
  402. }
  403. CacheService::set($code, '0', 600);
  404. return app('json')->success();
  405. }
  406. /**
  407. * apple快捷登陆
  408. * @param Request $request
  409. * @param WechatServices $services
  410. * @return mixed
  411. * @throws \Psr\SimpleCache\InvalidArgumentException
  412. * @throws \think\db\exception\DataNotFoundException
  413. * @throws \think\db\exception\ModelNotFoundException
  414. */
  415. public function appleLogin(Request $request, WechatServices $services)
  416. {
  417. [$openId, $phone, $email, $captcha] = $request->postMore([
  418. ['openId', ''],
  419. ['phone', ''],
  420. ['email', ''],
  421. ['captcha', '']
  422. ], true);
  423. if ($phone) {
  424. if (!$captcha) {
  425. return app('json')->fail(410004);
  426. }
  427. //验证验证码
  428. $verifyCode = CacheService::get('code_' . $phone);
  429. if (!$verifyCode)
  430. return app('json')->fail(410009);
  431. $verifyCode = substr($verifyCode, 0, 6);
  432. if ($verifyCode != $captcha) {
  433. CacheService::delete('code_' . $phone);
  434. return app('json')->fail(410010);
  435. }
  436. }
  437. if ($email == '') $email = substr(md5($openId), 0, 12);
  438. $userInfo = [
  439. 'openId' => $openId,
  440. 'unionid' => '',
  441. 'avatarUrl' => sys_config('h5_avatar'),
  442. 'nickName' => $email,
  443. ];
  444. $token = $services->appAuth($userInfo, $phone, 'apple');
  445. if ($token) {
  446. return app('json')->success(410001, $token);
  447. } else if ($token === false) {
  448. return app('json')->success(410001, ['isbind' => true]);
  449. } else {
  450. return app('json')->fail(410019);
  451. }
  452. }
  453. /**
  454. * 滑块验证
  455. * @return mixed
  456. */
  457. public function ajcaptcha(Request $request)
  458. {
  459. $captchaType = $request->get('captchaType');
  460. return app('json')->success(aj_captcha_create($captchaType));
  461. }
  462. /**
  463. * 一次验证
  464. * @return mixed
  465. */
  466. public function ajcheck(Request $request)
  467. {
  468. [$token, $pointJson, $captchaType] = $request->postMore([
  469. ['token', ''],
  470. ['pointJson', ''],
  471. ['captchaType', ''],
  472. ], true);
  473. try {
  474. aj_captcha_check_one($captchaType, $token, $pointJson);
  475. return app('json')->success();
  476. } catch (\Throwable $e) {
  477. return app('json')->fail(400336);
  478. }
  479. }
  480. }