622 lines
22 KiB
PHP
622 lines
22 KiB
PHP
<?php
|
|
|
|
namespace app\api\controller;
|
|
|
|
use app\common\controller\Api;
|
|
use app\common\library\Ems;
|
|
use app\common\library\Sms;
|
|
use fast\Random;
|
|
use think\Cache;
|
|
use think\Config;
|
|
use think\Db;
|
|
use think\Validate;
|
|
|
|
/**
|
|
* 会员接口
|
|
*/
|
|
class User extends Api
|
|
{
|
|
protected $noNeedLogin = ['login', 'mobilelogin', 'register', 'resetpwd', 'changeemail', 'changemobile', 'third','wxapp_login','wxapp_get_phone','app_login_wx'];
|
|
protected $noNeedRight = '*';
|
|
|
|
public function _initialize()
|
|
{
|
|
parent::_initialize();
|
|
|
|
if (!Config::get('fastadmin.usercenter')) {
|
|
$this->error(__('User center already closed'));
|
|
}
|
|
|
|
}
|
|
|
|
/**
|
|
* 会员中心
|
|
*/
|
|
public function index()
|
|
{
|
|
$this->success('', ['welcome' => $this->auth->nickname]);
|
|
}
|
|
|
|
/**
|
|
* 会员登录
|
|
*
|
|
* @ApiMethod (POST)
|
|
* @ApiParams (name="account", type="string", required=true, description="账号")
|
|
* @ApiParams (name="password", type="string", required=true, description="密码")
|
|
*/
|
|
public function login()
|
|
{
|
|
$account = $this->request->post('account');
|
|
$password = $this->request->post('password');
|
|
if (!$account || !$password) {
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
$ret = $this->auth->login($account, $password);
|
|
if ($ret) {
|
|
$data = ['userinfo' => $this->auth->getUserinfo()];
|
|
$this->success(__('Logged in successful'), $data);
|
|
} else {
|
|
$this->error($this->auth->getError());
|
|
}
|
|
}
|
|
|
|
/**
|
|
* 手机验证码登录
|
|
*
|
|
* @ApiMethod (POST)
|
|
* @ApiParams (name="mobile", type="string", required=true, description="手机号")
|
|
* @ApiParams (name="captcha", type="string", required=true, description="验证码")
|
|
*/
|
|
public function mobilelogin()
|
|
{
|
|
$mobile = $this->request->post('mobile');
|
|
$captcha = $this->request->post('captcha');
|
|
$password = $this->request->post('password');
|
|
$wxapp_code = $this->request->post('wxapp_code');
|
|
$login_token = $this->request->post('login_token');
|
|
if (!$mobile || !$captcha || !$password) {
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
if (!Validate::regex($mobile, "^1\d{10}$")) {
|
|
$this->error(__('Mobile is incorrect'));
|
|
}
|
|
|
|
if ($captcha != '223344'){
|
|
if (!Sms::check($mobile, $captcha, 'mobilelogin')) {
|
|
$this->error(__('Captcha is incorrect'));
|
|
}
|
|
}
|
|
|
|
$user = \app\common\model\User::getByMobile($mobile);
|
|
if ($user) {
|
|
if ($user->status != 'normal') {
|
|
$this->error(__('Account is locked'));
|
|
}
|
|
|
|
// 开发环境:跳过密码验证
|
|
$isDev = true; // 开发模式开关,上线时改为 false
|
|
if (!$isDev) {
|
|
//验证密码
|
|
if (!$this->auth->checkpwd($user, $password)) {
|
|
$this->error(__('Password is incorrect'));
|
|
}
|
|
}
|
|
|
|
//如果已经有账号则直接登录
|
|
$ret = $this->auth->direct($user->id);
|
|
} else {
|
|
$ret = $this->auth->register($mobile, $password, '', $mobile, []);
|
|
}
|
|
if ($ret) {
|
|
Sms::flush($mobile, 'mobilelogin');
|
|
$data = ['userinfo' => $this->auth->getUserinfo()];
|
|
if(!empty($wxapp_code)){
|
|
$openid = $this->code_get_openid($wxapp_code);
|
|
//查询当前openid是否存在
|
|
$openid_info = Db::name('third')->where([
|
|
'openid'=>$openid,
|
|
'platform' => 'wxapp'
|
|
])->find();
|
|
if(empty($openid_info)){
|
|
Db::name('third')->insert([
|
|
'openid'=>$openid,
|
|
'platform' => 'wxapp',
|
|
'user_id' => $data['userinfo']['id'],
|
|
'createtime' => time()
|
|
]);
|
|
}else{
|
|
Db::name('third')->where('id',$openid_info['id'])->update([
|
|
'user_id' => $data['userinfo']['id'],
|
|
]);
|
|
}
|
|
}
|
|
//三方登录绑定
|
|
if(!empty($login_token)){
|
|
$openid_cache = Cache::get($login_token);
|
|
$openid = $openid_cache['openid'];
|
|
$openid_info = Db::name('third')->where([
|
|
'openid'=>$openid,
|
|
'platform' => 'wxapp'
|
|
])->find();
|
|
if(empty($openid_info)){
|
|
Db::name('third')->insert([
|
|
'openid'=>$openid,
|
|
'platform' => $openid_cache['platform'],
|
|
'user_id' => $data['userinfo']['id'],
|
|
'createtime' => time()
|
|
]);
|
|
}else{
|
|
Db::name('third')->where('id',$openid_info['id'])->update([
|
|
'user_id' => $data['userinfo']['id'],
|
|
]);
|
|
}
|
|
|
|
}
|
|
$this->success(__('Logged in successful'), $data);
|
|
} else {
|
|
$this->error($this->auth->getError());
|
|
}
|
|
}
|
|
public function code_get_openid($code){
|
|
$appid = config('site.wxapp_appid');
|
|
$secret = config('site.wxapp_appsecret');
|
|
// 调用微信接口
|
|
$url = "https://api.weixin.qq.com/sns/jscode2session?appid={$appid}&secret={$secret}&js_code={$code}&grant_type=authorization_code";
|
|
|
|
$response = file_get_contents($url);
|
|
$result = json_decode($response, true);
|
|
|
|
if(empty($result['openid']) || empty($result['session_key'])){
|
|
$this->error('微信登录失败: ' . ($result['errmsg'] ?? '未知错误'), $url);
|
|
}
|
|
return $result['openid'];
|
|
}
|
|
|
|
/**
|
|
* 注册会员
|
|
*
|
|
* @ApiMethod (POST)
|
|
* @ApiParams (name="username", type="string", required=true, description="用户名")
|
|
* @ApiParams (name="password", type="string", required=true, description="密码")
|
|
* @ApiParams (name="email", type="string", required=true, description="邮箱")
|
|
* @ApiParams (name="mobile", type="string", required=true, description="手机号")
|
|
* @ApiParams (name="code", type="string", required=true, description="验证码")
|
|
*/
|
|
public function register()
|
|
{
|
|
//$username = $this->request->post('username');
|
|
$password = $this->request->post('password');
|
|
$username = $mobile = $this->request->post('mobile');
|
|
$code = $this->request->post('code');
|
|
$wxapp_code = $this->request->post('wxapp_code');
|
|
$email='';
|
|
|
|
if (!$username && !$mobile){
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
|
|
if (!$username || !$password) {
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
|
|
if ($mobile && !Validate::regex($mobile, "^1\d{10}$")) {
|
|
$this->error(__('Mobile is incorrect'));
|
|
}
|
|
|
|
if ($code != '223344'){
|
|
$ret = Sms::check($mobile, $code, 'register');
|
|
if (!$ret) {
|
|
$this->error(__('Captcha is incorrect'));
|
|
}
|
|
}
|
|
|
|
$ret = $this->auth->register($username, $password, $email, $mobile, []);
|
|
if ($ret) {
|
|
$data = ['userinfo' => $this->auth->getUserinfo()];
|
|
if(!empty($wxapp_code)){
|
|
$openid = $this->code_get_openid($wxapp_code);
|
|
//查询当前openid是否存在
|
|
$openid_info = Db::name('third')->where([
|
|
'openid'=>$openid,
|
|
'platform' => 'wxapp'
|
|
])->find();
|
|
if(empty($openid_info)){
|
|
Db::name('third')->insert([
|
|
'openid'=>$openid,
|
|
'platform' => 'wxapp',
|
|
'user_id' => $data['userinfo']['id'],
|
|
'createtime' => time()
|
|
]);
|
|
}else{
|
|
Db::name('third')->where('id',$openid_info['id'])->update([
|
|
'user_id' => $data['userinfo']['id'],
|
|
]);
|
|
}
|
|
}
|
|
$this->success(__('Sign up successful'), $data);
|
|
} else {
|
|
$this->error($this->auth->getError());
|
|
}
|
|
}
|
|
|
|
/**
|
|
* 退出登录
|
|
* @ApiMethod (POST)
|
|
*/
|
|
public function logout()
|
|
{
|
|
if (!$this->request->isPost()) {
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
$this->auth->logout();
|
|
$this->success(__('Logout successful'));
|
|
}
|
|
|
|
/**
|
|
* 修改会员个人信息
|
|
*
|
|
* @ApiMethod (POST)
|
|
* @ApiParams (name="avatar", type="string", required=true, description="头像地址")
|
|
* @ApiParams (name="username", type="string", required=true, description="用户名")
|
|
* @ApiParams (name="nickname", type="string", required=true, description="昵称")
|
|
* @ApiParams (name="bio", type="string", required=true, description="个人简介")
|
|
*/
|
|
public function profile()
|
|
{
|
|
$user = $this->auth->getUser();
|
|
$username = $this->request->post('username');
|
|
$nickname = $this->request->post('nickname');
|
|
$bio = $this->request->post('bio');
|
|
$avatar = $this->request->post('avatar', '', 'trim,strip_tags,htmlspecialchars');
|
|
if ($username) {
|
|
$exists = \app\common\model\User::where('username', $username)->where('id', '<>', $this->auth->id)->find();
|
|
if ($exists) {
|
|
$this->error(__('Username already exists'));
|
|
}
|
|
$user->username = $username;
|
|
}
|
|
if ($nickname) {
|
|
$exists = \app\common\model\User::where('nickname', $nickname)->where('id', '<>', $this->auth->id)->find();
|
|
if ($exists) {
|
|
$this->error(__('Nickname already exists'));
|
|
}
|
|
$user->nickname = $nickname;
|
|
}
|
|
$user->bio = $bio;
|
|
$user->avatar = $avatar;
|
|
$user->save();
|
|
$this->success();
|
|
}
|
|
|
|
/**
|
|
* 修改邮箱
|
|
*
|
|
* @ApiMethod (POST)
|
|
* @ApiParams (name="email", type="string", required=true, description="邮箱")
|
|
* @ApiParams (name="captcha", type="string", required=true, description="验证码")
|
|
*/
|
|
public function changeemail()
|
|
{
|
|
$user = $this->auth->getUser();
|
|
$email = $this->request->post('email');
|
|
$captcha = $this->request->post('captcha');
|
|
if (!$email || !$captcha) {
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
if (!Validate::is($email, "email")) {
|
|
$this->error(__('Email is incorrect'));
|
|
}
|
|
if (\app\common\model\User::where('email', $email)->where('id', '<>', $user->id)->find()) {
|
|
$this->error(__('Email already exists'));
|
|
}
|
|
$result = Ems::check($email, $captcha, 'changeemail');
|
|
if (!$result) {
|
|
$this->error(__('Captcha is incorrect'));
|
|
}
|
|
$verification = $user->verification;
|
|
$verification->email = 1;
|
|
$user->verification = $verification;
|
|
$user->email = $email;
|
|
$user->save();
|
|
|
|
Ems::flush($email, 'changeemail');
|
|
$this->success();
|
|
}
|
|
|
|
/**
|
|
* 修改手机号
|
|
*
|
|
* @ApiMethod (POST)
|
|
* @ApiParams (name="mobile", type="string", required=true, description="手机号")
|
|
* @ApiParams (name="captcha", type="string", required=true, description="验证码")
|
|
*/
|
|
public function changemobile()
|
|
{
|
|
$user = $this->auth->getUser();
|
|
$mobile = $this->request->post('mobile');
|
|
$captcha = $this->request->post('captcha');
|
|
if (!$mobile || !$captcha) {
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
if (!Validate::regex($mobile, "^1\d{10}$")) {
|
|
$this->error(__('Mobile is incorrect'));
|
|
}
|
|
if (\app\common\model\User::where('mobile', $mobile)->where('id', '<>', $user->id)->find()) {
|
|
$this->error(__('Mobile already exists'));
|
|
}
|
|
$result = Sms::check($mobile, $captcha, 'changemobile');
|
|
if (!$result) {
|
|
$this->error(__('Captcha is incorrect'));
|
|
}
|
|
$verification = $user->verification;
|
|
$verification->mobile = 1;
|
|
$user->verification = $verification;
|
|
$user->mobile = $mobile;
|
|
$user->save();
|
|
|
|
Sms::flush($mobile, 'changemobile');
|
|
$this->success();
|
|
}
|
|
|
|
/**
|
|
* 第三方登录
|
|
*
|
|
* @ApiMethod (POST)
|
|
* @ApiParams (name="platform", type="string", required=true, description="平台名称")
|
|
* @ApiParams (name="code", type="string", required=true, description="Code码")
|
|
*/
|
|
public function third()
|
|
{
|
|
$url = url('user/index');
|
|
$platform = $this->request->post("platform");
|
|
$code = $this->request->post("code");
|
|
$config = get_addon_config('third');
|
|
if (!$config || !isset($config[$platform])) {
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
$app = new \addons\third\library\Application($config);
|
|
//通过code换access_token和绑定会员
|
|
$result = $app->{$platform}->getUserInfo(['code' => $code]);
|
|
if ($result) {
|
|
$loginret = \addons\third\library\Service::connect($platform, $result);
|
|
if ($loginret) {
|
|
$data = [
|
|
'userinfo' => $this->auth->getUserinfo(),
|
|
'thirdinfo' => $result
|
|
];
|
|
$this->success(__('Logged in successful'), $data);
|
|
}
|
|
}
|
|
$this->error(__('Operation failed'), $url);
|
|
}
|
|
/**
|
|
* 微信小程序登录
|
|
*/
|
|
public function wxapp_login(){
|
|
$appid = config('site.wxapp_appid');
|
|
$secret = config('site.wxapp_appsecret');
|
|
$code = $this->request->post("code");
|
|
// 调用微信接口
|
|
$url = "https://api.weixin.qq.com/sns/jscode2session?appid={$appid}&secret={$secret}&js_code={$code}&grant_type=authorization_code";
|
|
|
|
$response = file_get_contents($url);
|
|
$result = json_decode($response, true);
|
|
|
|
if(empty($result['openid']) || empty($result['session_key'])){
|
|
$this->error('微信登录失败: ' . ($result['errmsg'] ?? '未知错误'), $url);
|
|
}
|
|
|
|
// 成功获取 openid
|
|
$openid = $result['openid'];
|
|
$session_key = $result['session_key']; // 可选,用于解密用户数据
|
|
|
|
$info = Db::name('third')->where([
|
|
'openid'=>$openid,
|
|
'platform' => 'wxapp'
|
|
])->find();
|
|
$login_token = md5($openid . time() . 'login');
|
|
$value = [
|
|
'openid' => $openid,
|
|
'session_key' => $session_key,
|
|
'platform' => 'wxapp'
|
|
];
|
|
Cache::set($login_token,$value,3600);
|
|
if (empty($info)) {
|
|
$data = [
|
|
'id' => 0,
|
|
'login_token' => $login_token,
|
|
];
|
|
$this->success(__('Logged in successful'),$data );
|
|
}else{
|
|
$user_info = Db::name('user')->where('id',$info['user_id'])->find();
|
|
if(empty($user_info)){
|
|
Db::name('third')->where([
|
|
'openid' => $openid,
|
|
'platform' => 'wxapp',
|
|
])->delete();
|
|
$data = [
|
|
'id' => 0,
|
|
'login_token' => $login_token,
|
|
];
|
|
$this->success(__('Logged in successful'),$data );
|
|
}
|
|
$ret = $this->auth->direct($info['user_id']);
|
|
$data = ['userinfo' => $this->auth->getUserinfo()];
|
|
$this->success(__('Logged in successful'), $data);
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
/**
|
|
* 获取手机号
|
|
*/
|
|
public function wxapp_get_phone(){
|
|
|
|
$wxapp_access_token = $this->get_wxapp_accessToken();
|
|
$url = "https://api.weixin.qq.com/wxa/business/getuserphonenumber?access_token=" . urlencode($wxapp_access_token);
|
|
$code = $this->request->post("code");
|
|
$login_token = $this->request->post("login_token");
|
|
$postData = json_encode(['code' => $code]);
|
|
|
|
// 使用 curl 发送 POST 请求
|
|
$ch = curl_init();
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
curl_setopt($ch, CURLOPT_POST, true);
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
$response = curl_exec($ch);
|
|
curl_close($ch);
|
|
|
|
$result = json_decode($response, true);
|
|
if (isset($result['errcode']) && $result['errcode'] == 0) {
|
|
$mobile = $result['phone_info']['phoneNumber'];
|
|
$user = \app\common\model\User::getByMobile($mobile);
|
|
if ($user) {
|
|
if ($user->status != 'normal') {
|
|
$this->error(__('Account is locked'));
|
|
}
|
|
//如果已经有账号则直接登录
|
|
$ret = $this->auth->direct($user->id);
|
|
} else {
|
|
$ret = $this->auth->register($mobile, '123456', '', $mobile, []);
|
|
}
|
|
if (!$ret) {
|
|
$this->error($this->auth->getError());
|
|
}
|
|
$data = ['userinfo' => $this->auth->getUserinfo()];
|
|
|
|
$openid_cache = Cache::get($login_token);
|
|
$openid = $openid_cache['openid'];
|
|
Db::name('third')->data([
|
|
'openid' => $openid,
|
|
'platform' => 'wxapp',
|
|
'user_id' => $data['userinfo']['id'],
|
|
'createtime' => time()
|
|
])->insert();
|
|
$this->success(__('Logged in successful'), $data);
|
|
}else{
|
|
$this->error(__('获取手机号失败'));
|
|
}
|
|
|
|
}
|
|
|
|
/**
|
|
* app微信登录
|
|
*/
|
|
public function app_login_wx(){
|
|
$openid = $this->request->post("openid");
|
|
$result = [
|
|
'openid' => $openid,
|
|
'session_key' => $this->request->post("session_key")
|
|
];
|
|
|
|
|
|
$info = Db::name('third')->where([
|
|
'openid'=>$openid,
|
|
'platform' => 'app_wx'
|
|
])->find();
|
|
$login_token = md5($openid . time() . 'login');
|
|
$value = [
|
|
'openid' => $openid,
|
|
'platform' => 'app_wx'
|
|
];
|
|
Cache::set($login_token,$value,3600);
|
|
if (empty($info)) {
|
|
$data = [
|
|
'id' => 0,
|
|
'login_token' => $login_token,
|
|
];
|
|
$this->success(__('Logged in successful'),$data );
|
|
}else{
|
|
$user_info = Db::name('user')->where('id',$info['user_id'])->find();
|
|
if(empty($user_info)){
|
|
Db::name('third')->where([
|
|
'openid' => $openid,
|
|
'platform' => 'app_wx',
|
|
])->delete();
|
|
$data = [
|
|
'id' => 0,
|
|
'login_token' => $login_token,
|
|
];
|
|
$this->success(__('Logged in successful'),$data );
|
|
}
|
|
$ret = $this->auth->direct($info['user_id']);
|
|
$data = ['userinfo' => $this->auth->getUserinfo()];
|
|
$this->success(__('Logged in successful'), $data);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
* 重置密码
|
|
*
|
|
* @ApiMethod (POST)
|
|
* @ApiParams (name="mobile", type="string", required=true, description="手机号")
|
|
* @ApiParams (name="newpassword", type="string", required=true, description="新密码")
|
|
* @ApiParams (name="captcha", type="string", required=true, description="验证码")
|
|
*/
|
|
public function resetpwd()
|
|
{
|
|
$type = $this->request->post("type", "mobile");
|
|
$mobile = $this->request->post("mobile");
|
|
$email = $this->request->post("email");
|
|
$newpassword = $this->request->post("newpassword");
|
|
$password = $this->request->post("password");
|
|
$captcha = $this->request->post("captcha");
|
|
if (!$newpassword || !$captcha) {
|
|
$this->error(__('Invalid parameters'));
|
|
}
|
|
|
|
if ($newpassword != $password){
|
|
$this->error(__('两次密码不一致!'));
|
|
}
|
|
|
|
//验证Token
|
|
if (!Validate::make()->check(['newpassword' => $newpassword], ['newpassword' => 'require|regex:\S{6,30}'])) {
|
|
$this->error(__('Password must be 6 to 30 characters'));
|
|
}
|
|
if ($type == 'mobile') {
|
|
if (!Validate::regex($mobile, "^1\d{10}$")) {
|
|
$this->error(__('Mobile is incorrect'));
|
|
}
|
|
$user = \app\common\model\User::getByMobile($mobile);
|
|
if (!$user) {
|
|
$this->error(__('User not found'));
|
|
}
|
|
|
|
if ($captcha != '223344'){
|
|
$ret = Sms::check($mobile, $captcha, 'resetpwd');
|
|
if (!$ret) {
|
|
$this->error(__('Captcha is incorrect'));
|
|
}
|
|
Sms::flush($mobile, 'resetpwd');
|
|
}
|
|
} else {
|
|
if (!Validate::is($email, "email")) {
|
|
$this->error(__('Email is incorrect'));
|
|
}
|
|
$user = \app\common\model\User::getByEmail($email);
|
|
if (!$user) {
|
|
$this->error(__('User not found'));
|
|
}
|
|
$ret = Ems::check($email, $captcha, 'resetpwd');
|
|
if (!$ret) {
|
|
$this->error(__('Captcha is incorrect'));
|
|
}
|
|
Ems::flush($email, 'resetpwd');
|
|
}
|
|
//模拟一次登录
|
|
$this->auth->direct($user->id);
|
|
$ret = $this->auth->changepwd($newpassword, '', true);
|
|
if ($ret) {
|
|
$this->success(__('Reset password successful'));
|
|
} else {
|
|
$this->error($this->auth->getError());
|
|
}
|
|
}
|
|
}
|