success('', ['welcome' => $this->auth->nickname]); } /** * 会员登录 * * @param string $account 账号 * @param string $password 密码 */ public function login() { $account = $this->request->request('account'); $password = $this->request->request('password'); if (!$account || !$password) { $this->error(__('Invalid parameters')); } $ret = $this->auth->login($account, $password); if ($ret) { $data = ['userinfo' => $this->auth->getUserinfo()]; $this->success(__('Logged in successful'), $data); } else { $this->error($this->auth->getError()); } } /** * 手机验证码登录 * * @param string $mobile 手机号 * @param string $captcha 验证码 */ public function mobilelogin() { $mobile = $this->request->request('mobile'); $captcha = $this->request->request('captcha'); if (!$mobile || !$captcha) { $this->error(__('Invalid parameters')); } if (!Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('Mobile is incorrect')); } if (!Sms::check($mobile, $captcha, 'mobilelogin') && $captcha != '1212') { $this->error(__('Captcha is incorrect')); } $user = \app\common\model\User::getByMobile($mobile); if ($user) { if ($user->status != 'normal') { $this->error(__('Account is locked')); } //如果已经有账号则直接登录 $is_register = 0; $ret = $this->auth->direct($user->id); } else { $is_register = 1; $ret = $this->auth->register($mobile, Random::alnum(), $mobile, []); } if ($ret) { Sms::flush($mobile, 'mobilelogin'); $data = ['is_register' => $is_register, 'userinfo' => $this->auth->getUserinfo()]; $this->success(__('Logged in successful'), $data); } else { $this->error($this->auth->getError()); } } /** * 绑定用户 */ public function bindUser() { $invite_no = $this->request->request('invite_no'); // 邀请码 if (!$invite_no) { $this->error("请输入邀请码！"); } $user_id = $this->auth->id; // 查询邀请码用户信息 $inviteUserInfo = \app\common\model\User::where(["invite_no" => $invite_no])->find(); if (!$inviteUserInfo) $this->error("查询不到该邀请码用户信息！"); if ($inviteUserInfo->id == $user_id) $this->error("不能邀请自己哦！"); if ($inviteUserInfo->is_auth != 2) $this->error("该邀请码用户尚未完成实名认证"); $res = \app\common\model\User::update(["pre_userid" => $inviteUserInfo->id,"bindtime" => time()], ["id" => $user_id]); if ($res) { $this->success("恭喜，绑定成功！"); } else { $this->success("网络繁忙，请稍后重试！"); } } /** * 注册会员 * * @param string $username 用户名 * @param string $password 密码 * @param string $email 邮箱 * @param string $mobile 手机号 * @param string $code 验证码 */ public function register() { $username = $this->request->request('username'); $password = $this->request->request('password'); $mobile = $this->request->request('mobile'); $code = $this->request->request('code'); if (!$username || !$password) { $this->error(__('Invalid parameters')); } if ($mobile && !Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('Mobile is incorrect')); } // $ret = Sms::check($mobile, $code, 'register'); // if (!$ret) { // $this->error(__('Captcha is incorrect')); // } $ret = $this->auth->register($username, $password, $mobile, []); if ($ret) { $data = ['userinfo' => $this->auth->getUserinfo()]; $this->success(__('Sign up successful'), $data); } else { $this->error($this->auth->getError()); } } /** * 退出登录 */ public function logout() { $this->auth->logout(); $this->success(__('Logout successful')); } /** * 修改会员个人信息 * * @param string $avatar 头像地址 * @param string $username 用户名 * @param string $nickname 昵称 * @param string $bio 个人简介 */ public function profile() { $user = $this->auth->getUser(); $username = $this->request->request('username'); $nickname = $this->request->request('nickname'); $bio = $this->request->request('bio'); $avatar = $this->request->request('avatar', '', 'trim,strip_tags,htmlspecialchars'); if ($username) { $exists = \app\common\model\User::where('username', $username)->where('id', '<>', $this->auth->id)->find(); if ($exists) { $this->error(__('Username already exists')); } $user->username = $username; } if ($nickname) { $exists = \app\common\model\User::where('nickname', $nickname)->where('id', '<>', $this->auth->id)->find(); if ($exists) { $this->error(__('Nickname already exists')); } $user->nickname = $nickname; } $user->bio = $bio; $user->avatar = $avatar; $user->save(); $this->success(); } /** * 修改手机号 * * @param string $mobile 手机号 * @param string $captcha 验证码 */ public function changemobile() { $user = $this->auth->getUser(); $mobile = $this->request->request('mobile'); $captcha = $this->request->request('captcha'); if (!$mobile || !$captcha) { $this->error(__('Invalid parameters')); } if (!Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('Mobile is incorrect')); } if (\app\common\model\User::where('mobile', $mobile)->where('id', '<>', $user->id)->find()) { $this->error(__('Mobile already exists')); } $result = Sms::check($mobile, $captcha, 'changeMobile'); if (!$result) { $this->error(__('Captcha is incorrect')); } $verification = $user->verification; $verification->mobile = 1; $user->verification = $verification; $user->mobile = $mobile; $user->save(); Sms::flush($mobile, 'changeMobile'); $this->success("手机号更换成功！"); } /** * 第三方登录 * * @param string $platform 平台名称 * @param string $code Code码 */ public function third() { $url = url('user/index'); $platform = $this->request->request("platform"); $code = $this->request->request("code"); $config = get_addon_config('third'); if (!$config || !isset($config[$platform])) { $this->error(__('Invalid parameters')); } $app = new \addons\third\library\Application($config); //通过code换access_token和绑定会员 $result = $app->{$platform}->getUserInfo(['code' => $code]); if ($result) { $loginret = \addons\third\library\Service::connect($platform, $result); if ($loginret) { $data = [ 'userinfo' => $this->auth->getUserinfo(), 'thirdinfo' => $result ]; $this->success(__('Logged in successful'), $data); } } $this->error(__('Operation failed'), $url); } /** * 重置密码 * * @param string $mobile 手机号 * @param string $newpassword 新密码 * @param string $captcha 验证码 */ public function resetpwd() { $type = $this->request->request("type"); $mobile = $this->request->request("mobile"); $email = $this->request->request("email"); $newpassword = $this->request->request("newpassword"); $captcha = $this->request->request("captcha"); if (!$newpassword || !$captcha) { $this->error(__('Invalid parameters')); } if ($type == 'mobile') { if (!Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('Mobile is incorrect')); } $user = \app\common\model\User::getByMobile($mobile); if (!$user) { $this->error(__('User not found')); } $ret = Sms::check($mobile, $captcha, 'resetpwd'); if (!$ret) { $this->error(__('Captcha is incorrect')); } Sms::flush($mobile, 'resetpwd'); } else { if (!Validate::is($email, "email")) { $this->error(__('Email is incorrect')); } $user = \app\common\model\User::getByEmail($email); if (!$user) { $this->error(__('User not found')); } $ret = Ems::check($email, $captcha, 'resetpwd'); if (!$ret) { $this->error(__('Captcha is incorrect')); } Ems::flush($email, 'resetpwd'); } //模拟一次登录 $this->auth->direct($user->id); $ret = $this->auth->changepwd($newpassword, '', true); if ($ret) { $this->success(__('Reset password successful')); } else { $this->error($this->auth->getError()); } } /** * 设置密码 * @param string $newpassword 新密码 * @param string $newpassword 新密码 */ public function setpwd() { $params = $this->request->param(); $validate = new \app\api\validate\User(); $result = $validate->scene('setPwd')->check($params); if (!$result) { $this->error($validate->getError()); } $ret = $this->auth->changepwd($params['password'], '', true); if ($ret) { $this->success(__('Set password successful')); } else { $this->error($this->auth->getError()); } } /** * 修改密码 * * @param string $mobile 手机号 * @param string $newpassword 新密码 * @param string $captcha 验证码 */ public function changepwd() { $params = $this->request->param(); $validate = new \app\api\validate\User(); $result = $validate->scene('changePwd')->check($params); if (!$result) { $this->error($validate->getError()); } $mobile = $this->request->request("mobile"); $newpassword = $this->request->request("password"); $captcha = $this->request->request("captcha"); $user = \app\common\model\User::getByMobile($mobile); if (!$user) { $this->error(__('User not found')); } $ret = Sms::check($mobile, $captcha, 'resetpwd'); if (!$ret) { $this->error(__('Captcha is incorrect')); } Sms::flush($mobile, 'resetpwd'); $ret = $this->auth->changepwd($newpassword, '', true); if ($ret) { $this->success(__('Change password successful')); } else { $this->error($this->auth->getError()); } } /** * 获取用户openid */ public function getUserOpenid() { $code = $this->request->param('code');// code值 if (!$code) { $this->error(__('Invalid parameters')); } $config = config("wxMiniProgram"); $getopenid = "https://api.weixin.qq.com/sns/jscode2session?appid=" . $config["appid"] . "&secret=" . $config["secret"] . "&js_code=" . $code . "&grant_type=authorization_code"; $openidInfo = $this->getJson($getopenid); if (!isset($openidInfo["openid"])) { $this->error("用户openid获取失败", $openidInfo); } // 获取的结果存入数据库 $sessionkeyModel = new \app\common\model\UserSessionkey(); if ($sessionkeyModel->where(["openid" => $openidInfo["openid"]])->find()) { $update = []; $update["sessionkey"] = $openidInfo["session_key"]; $res = $sessionkeyModel->update($update, ["openid" => $openidInfo["openid"]]); } else { $insert = []; $insert["sessionkey"] = $openidInfo["session_key"]; $insert["openid"] = $openidInfo["openid"]; $insert["createtime"] = time(); $res = $sessionkeyModel->insert($insert); } if ($res) { $this->success("获取成功！", $openidInfo); } else { $this->error("获取失败！"); } } /** * 微信小程序登录 */ public function wxMiniProgramLogin() { $openid = $this->request->param('openid');// openid值 $encryptedData = $this->request->param('encryptedData');// 加密数据 $iv = $this->request->param('iv');// 加密算法 $signature = $this->request->param('signature');// 签名验证 $rawData = $this->request->param('rawData');// 签名验证 $logintype = $this->request->param('loginType', 1);// 登录方式:1=手机号,2=微信授权openid if (!$openid || !$encryptedData || !$iv) { $this->error(__('Invalid parameters')); } $encryptedData = urldecode($encryptedData); $config = config("wxMiniProgram"); // 获取openid和sessionkey $sessionkeyModel = new \app\common\model\UserSessionkey(); $openidInfo = $sessionkeyModel->where(["openid" => $openid])->find(); $openid = $openidInfo['openid']; $session_key = $openidInfo['sessionkey']; // // 数据签名校验 // $signature2 = sha1($rawData . $session_key); // if ($signature != $signature2) { // $this->error(__('数据签名验证失败')); // } // 根据加密数据和加密算法获取用户信息 $pc = new WXBizDataCrypt($config["appid"], $session_key); $data = ""; $errCode = $pc->decryptData($encryptedData, $iv, $data); if ($errCode == 0) { $data = json_decode($data, true); // 用户登录逻辑 === 开始 $userModel = new \app\common\model\User(); $auth = \app\common\library\Auth::instance(); if ($logintype == 1) { // 手机号登录 $userInfo = $userModel->where(["mobile" => $data["purePhoneNumber"]])->find(); // 用户信息不存在时使用 $extend = ["mobile" => $data["purePhoneNumber"]]; } else { // 微信授权openid登录 $userInfo = $userModel->where(["openid" => $openid])->find(); // 用户信息不存在时使用 $extend = [ 'openid' => $data['openId'], 'nickname' => $data['nickName'], 'avatar' => $data['avatarUrl'], 'gender' => $data['gender'], ]; } // 判断用户是否已经存在 if ($userInfo) { // 登录 $user = \app\common\model\User::get($userInfo["id"]); if (!$user) { $this->error("网络错误！请稍后重试"); } $user->save(["logintime" => time()]); $res = $auth->direct($user->id); $is_register = 0; } else { // 注册 // 先随机一个用户名,随后再变更为u+数字id $username = Random::alnum(20); $password = Random::alnum(6); Db::startTrans(); try { // 默认注册一个会员 $result = $auth->register($username, $password, "", $extend); if (!$result) { return false; } $user = $auth->getUser(); $fields = ['username' => 'u' . $user->id]; // 更新会员资料 $user = \app\common\model\User::get($user->id); $user->save($fields); Db::commit(); } catch (PDOException $e) { Db::rollback(); $auth->logout(); return false; } // 写入登录Cookies和Token $res = $auth->direct($user->id); $is_register = 1; } $userInfo = $auth->getUserinfo(); $userInfo["is_register"] = $is_register; if ($res) { $this->success("登录成功！", $userInfo); } else { $this->error("登录失败！"); } // 用户登录逻辑 === 结束 } else { $this->error("解密失败！", ["code" => $errCode]); } } /** * json 请求 * @param $url * @return mixed */ private function getJson($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $output = curl_exec($ch); curl_close($ch); return json_decode($output, true); } /** * 运营商一键登录 */ public function onLogin() { $accessToken = $this->request->param('accessToken');// 运营商预取号获取到的token $token = $this->request->param('tokenT');// 易盾返回的token if (!$accessToken || !$token) { $this->error("参数获取失败！"); } $params = array( // 运营商预取号获取到的token "accessToken" => $accessToken, // 易盾返回的token "token" => $token ); // 获取密钥配置 $configInfo = config("onLogin"); $onlogin = new onlogin($configInfo["secretid"], $configInfo["secretkey"], $configInfo["businessid"]); $ret = $onlogin->check($params); // $ret = []; // $ret["code"] = 200; // $ret["msg"] = "ok"; // $ret["data"] = [ // "phone" => "17574504021", // "resultCode" => 0 // ]; if ($ret["code"] == 200) { $data = $ret["data"]; $phone = $data["phone"]; if (empty($phone)) { // 取号失败,建议进行二次验证,例如短信验证码 $this->error("取号登录失败，请用验证码方式登录！"); } else { // 取号成功, 执行登录等流程 // 用户登录逻辑 === 开始 $userModel = new \app\common\model\User(); $auth = \app\common\library\Auth::instance(); $userInfo = $userModel->where(["mobile" => $phone])->find(); // 用户信息不存在时使用 $extend = ["mobile" => $phone]; // 判断用户是否已经存在 if ($userInfo) { // 登录 $user = \app\common\model\User::get($userInfo["id"]); if (!$user) { $this->error("网络错误！请稍后重试"); } if ($user->status != 'normal') { $this->error(__('Account is locked')); } $user->save(["logintime" => time()]); $res = $auth->direct($user->id); $is_register = 0; } else { // 注册 // 先随机一个用户名,随后再变更为u+数字id $username = Random::alnum(20); $password = Random::alnum(6); Db::startTrans(); try { // 默认注册一个会员 $result = $auth->register($username, $password, "", $extend); if (!$result) { return false; } $user = $auth->getUser(); $fields = ['username' => 'u' . $user->id]; // 更新会员资料 $user = \app\common\model\User::get($user->id); $user->save($fields); Db::commit(); } catch (PDOException $e) { Db::rollback(); $auth->logout(); return false; } // 写入登录Cookies和Token $res = $auth->direct($user->id); $is_register = 1; } $userInfo["userinfo"] = $auth->getUserinfo(); $userInfo["is_register"] = $is_register; if ($res) { $this->success("登录成功！", $userInfo); } else { $this->error("登录失败！"); } // 用户登录逻辑 === 结束 } } else { $this->error("登录失败，请用验证码方式登录！"); } } /** * 注销账号 * * @param string $mobile 手机号 * @param string $captcha 验证码 */ public function cancleUser() { $user = $this->auth->getUser(); $user->status = "cancel"; $user->save(); $this->success("账号注销成功！"); } /** * 用户举报 * * @param string $mobile 手机号 * @param string $captcha 验证码 */ public function report() { $type = $this->request->param('type');// 类型描述 $content = $this->request->param('content');// 内容 $image = $this->request->param('image');// 图片 $ruser_id = $this->request->param('ruser_id');// 被举报用户ID if (!$type || !$content || !$image || !$ruser_id) { $this->error("请完成举报内容！"); } $user_id = $this->auth->id; $data = []; $data["user_id"] = $user_id; $data["ruser_id"] = $ruser_id; $data["type"] = $type; $data["content"] = $content; $data["image"] = $image; $data["createtime"] = time(); $res = \app\common\model\UserReport::insert($data); if ($res) { $this->success("举报内容提交成功！"); } else { $this->error("网络错误，请稍后重试！"); } } }