<?php
namespace app\api\controller;
use app\common\controller\Api;
use app\common\library\Ems;
use app\common\library\Sms;
use fast\Random;
use think\Validate;
use miniprogram\wxBizDataCrypt;
use onlogin\onlogin;
use think\Db;
/**
* 会员接口
*/
class User extends Api
{
protected $noNeedLogin = ['login', 'onLogin', 'mobilelogin', 'register', 'resetpwd', 'changemobile', 'third', 'getUserOpenid', 'wxMiniProgramLogin'];
protected $noNeedRight = '*';
public function _initialize()
{
parent::_initialize();
}
/**
* 会员中心
*/
public function index()
{
$this->success('', ['welcome' => $this->auth->nickname]);
}
/**
* 会员登录
*
* @param string $account 账号
* @param string $password 密码
*/
public function login()
{
$account = $this->request->request('account');
$password = $this->request->request('password');
if (!$account || !$password) {
$this->error(__('Invalid parameters'));
}
$ret = $this->auth->login($account, $password);
if ($ret) {
$data = ['userinfo' => $this->auth->getUserinfo()];
$this->success(__('Logged in successful'), $data);
} else {
$this->error($this->auth->getError());
}
}
/**
* 手机验证码登录
*
* @param string $mobile 手机号
* @param string $captcha 验证码
*/
public function mobilelogin()
{
$mobile = $this->request->request('mobile');
$captcha = $this->request->request('captcha');
if (!$mobile || !$captcha) {
$this->error(__('Invalid parameters'));
}
if (!Validate::regex($mobile, "^1\d{10}$")) {
$this->error(__('Mobile is incorrect'));
}
if (!Sms::check($mobile, $captcha, 'mobilelogin')) {
$this->error(__('Captcha is incorrect'));
}
$user = \app\common\model\User::getByMobile($mobile);
if ($user) {
if ($user->status != 'normal') {
$this->error(__('Account is locked'));
}
//如果已经有账号则直接登录
$is_register = 0;
$ret = $this->auth->direct($user->id);
} else {
$is_register = 1;
$ret = $this->auth->register($mobile, Random::alnum(), $mobile, []);
}
if ($ret) {
Sms::flush($mobile, 'mobilelogin');
$data = ['is_register' => $is_register, 'userinfo' => $this->auth->getUserinfo()];
$this->success(__('Logged in successful'), $data);
} else {
$this->error($this->auth->getError());
}
}
/**
* 绑定用户
*/
public function bindUser()
{
$invite_no = $this->request->request('invite_no'); // 邀请码
if (!$invite_no) {
$this->error("请输入邀请码!");
}
$user_id = $this->auth->id;
// 查询邀请码用户信息
$inviteUserInfo = \app\common\model\User::where(["invite_no" => $invite_no])->find();
if (!$inviteUserInfo) $this->error("查询不到该邀请码用户信息!");
if ($inviteUserInfo->id == $user_id) $this->error("不能邀请自己哦!");
if ($inviteUserInfo->is_auth != 2) $this->error("该邀请码用户尚未完成实名认证");
$res = \app\common\model\User::update(["pre_userid" => $inviteUserInfo->id,"bindtime" => time()], ["id" => $user_id]);
if ($res) {
$this->success("恭喜,绑定成功!");
} else {
$this->success("网络繁忙,请稍后重试!");
}
}
/**
* 注册会员
*
* @param string $username 用户名
* @param string $password 密码
* @param string $email 邮箱
* @param string $mobile 手机号
* @param string $code 验证码
*/
public function register()
{
$username = $this->request->request('username');
$password = $this->request->request('password');
$mobile = $this->request->request('mobile');
$code = $this->request->request('code');
if (!$username || !$password) {
$this->error(__('Invalid parameters'));
}
if ($mobile && !Validate::regex($mobile, "^1\d{10}$")) {
$this->error(__('Mobile is incorrect'));
}
// $ret = Sms::check($mobile, $code, 'register');
// if (!$ret) {
// $this->error(__('Captcha is incorrect'));
// }
$ret = $this->auth->register($username, $password, $mobile, []);
if ($ret) {
$data = ['userinfo' => $this->auth->getUserinfo()];
$this->success(__('Sign up successful'), $data);
} else {
$this->error($this->auth->getError());
}
}
/**
* 退出登录
*/
public function logout()
{
$this->auth->logout();
$this->success(__('Logout successful'));
}
/**
* 修改会员个人信息
*
* @param string $avatar 头像地址
* @param string $username 用户名
* @param string $nickname 昵称
* @param string $bio 个人简介
*/
public function profile()
{
$user = $this->auth->getUser();
$username = $this->request->request('username');
$nickname = $this->request->request('nickname');
$bio = $this->request->request('bio');
$avatar = $this->request->request('avatar', '', 'trim,strip_tags,htmlspecialchars');
if ($username) {
$exists = \app\common\model\User::where('username', $username)->where('id', '<>', $this->auth->id)->find();
if ($exists) {
$this->error(__('Username already exists'));
}
$user->username = $username;
}
if ($nickname) {
$exists = \app\common\model\User::where('nickname', $nickname)->where('id', '<>', $this->auth->id)->find();
if ($exists) {
$this->error(__('Nickname already exists'));
}
$user->nickname = $nickname;
}
$user->bio = $bio;
$user->avatar = $avatar;
$user->save();
$this->success();
}
/**
* 修改手机号
*
* @param string $mobile 手机号
* @param string $captcha 验证码
*/
public function changemobile()
{
$user = $this->auth->getUser();
$mobile = $this->request->request('mobile');
$captcha = $this->request->request('captcha');
if (!$mobile || !$captcha) {
$this->error(__('Invalid parameters'));
}
if (!Validate::regex($mobile, "^1\d{10}$")) {
$this->error(__('Mobile is incorrect'));
}
if (\app\common\model\User::where('mobile', $mobile)->where('id', '<>', $user->id)->find()) {
$this->error(__('Mobile already exists'));
}
$result = Sms::check($mobile, $captcha, 'changeMobile');
if (!$result) {
$this->error(__('Captcha is incorrect'));
}
$verification = $user->verification;
$verification->mobile = 1;
$user->verification = $verification;
$user->mobile = $mobile;
$user->save();
Sms::flush($mobile, 'changeMobile');
$this->success("手机号更换成功!");
}
/**
* 第三方登录
*
* @param string $platform 平台名称
* @param string $code Code码
*/
public function third()
{
$url = url('user/index');
$platform = $this->request->request("platform");
$code = $this->request->request("code");
$config = get_addon_config('third');
if (!$config || !isset($config[$platform])) {
$this->error(__('Invalid parameters'));
}
$app = new \addons\third\library\Application($config);
//通过code换access_token和绑定会员
$result = $app->{$platform}->getUserInfo(['code' => $code]);
if ($result) {
$loginret = \addons\third\library\Service::connect($platform, $result);
if ($loginret) {
$data = [
'userinfo' => $this->auth->getUserinfo(),
'thirdinfo' => $result
];
$this->success(__('Logged in successful'), $data);
}
}
$this->error(__('Operation failed'), $url);
}
/**
* 重置密码
*
* @param string $mobile 手机号
* @param string $newpassword 新密码
* @param string $captcha 验证码
*/
public function resetpwd()
{
$type = $this->request->request("type");
$mobile = $this->request->request("mobile");
$email = $this->request->request("email");
$newpassword = $this->request->request("newpassword");
$captcha = $this->request->request("captcha");
if (!$newpassword || !$captcha) {
$this->error(__('Invalid parameters'));
}
if ($type == 'mobile') {
if (!Validate::regex($mobile, "^1\d{10}$")) {
$this->error(__('Mobile is incorrect'));
}
$user = \app\common\model\User::getByMobile($mobile);
if (!$user) {
$this->error(__('User not found'));
}
$ret = Sms::check($mobile, $captcha, 'resetpwd');
if (!$ret) {
$this->error(__('Captcha is incorrect'));
}
Sms::flush($mobile, 'resetpwd');
} else {
if (!Validate::is($email, "email")) {
$this->error(__('Email is incorrect'));
}
$user = \app\common\model\User::getByEmail($email);
if (!$user) {
$this->error(__('User not found'));
}
$ret = Ems::check($email, $captcha, 'resetpwd');
if (!$ret) {
$this->error(__('Captcha is incorrect'));
}
Ems::flush($email, 'resetpwd');
}
//模拟一次登录
$this->auth->direct($user->id);
$ret = $this->auth->changepwd($newpassword, '', true);
if ($ret) {
$this->success(__('Reset password successful'));
} else {
$this->error($this->auth->getError());
}
}
/**
* 设置密码
* @param string $newpassword 新密码
* @param string $newpassword 新密码
*/
public function setpwd()
{
$params = $this->request->param();
$validate = new \app\api\validate\User();
$result = $validate->scene('setPwd')->check($params);
if (!$result) {
$this->error($validate->getError());
}
$ret = $this->auth->changepwd($params['password'], '', true);
if ($ret) {
$this->success(__('Set password successful'));
} else {
$this->error($this->auth->getError());
}
}
/**
* 修改密码
*
* @param string $mobile 手机号
* @param string $newpassword 新密码
* @param string $captcha 验证码
*/
public function changepwd()
{
$params = $this->request->param();
$validate = new \app\api\validate\User();
$result = $validate->scene('changePwd')->check($params);
if (!$result) {
$this->error($validate->getError());
}
$mobile = $this->request->request("mobile");
$newpassword = $this->request->request("password");
$captcha = $this->request->request("captcha");
$user = \app\common\model\User::getByMobile($mobile);
if (!$user) {
$this->error(__('User not found'));
}
$ret = Sms::check($mobile, $captcha, 'resetpwd');
if (!$ret) {
$this->error(__('Captcha is incorrect'));
}
Sms::flush($mobile, 'resetpwd');
$ret = $this->auth->changepwd($newpassword, '', true);
if ($ret) {
$this->success(__('Change password successful'));
} else {
$this->error($this->auth->getError());
}
}
/**
* 获取用户openid
*/
public function getUserOpenid()
{
$code = $this->request->param('code');// code值
if (!$code) {
$this->error(__('Invalid parameters'));
}
$config = config("wxMiniProgram");
$getopenid = "https://api.weixin.qq.com/sns/jscode2session?appid=" . $config["appid"] . "&secret=" . $config["secret"] . "&js_code=" . $code . "&grant_type=authorization_code";
$openidInfo = $this->getJson($getopenid);
if (!isset($openidInfo["openid"])) {
$this->error("用户openid获取失败", $openidInfo);
}
// 获取的结果存入数据库
$sessionkeyModel = new \app\common\model\UserSessionkey();
if ($sessionkeyModel->where(["openid" => $openidInfo["openid"]])->find()) {
$update = [];
$update["sessionkey"] = $openidInfo["session_key"];
$res = $sessionkeyModel->update($update, ["openid" => $openidInfo["openid"]]);
} else {
$insert = [];
$insert["sessionkey"] = $openidInfo["session_key"];
$insert["openid"] = $openidInfo["openid"];
$insert["createtime"] = time();
$res = $sessionkeyModel->insert($insert);
}
if ($res) {
$this->success("获取成功!", $openidInfo);
} else {
$this->error("获取失败!");
}
}
/**
* 微信小程序登录
*/
public function wxMiniProgramLogin()
{
$openid = $this->request->param('openid');// openid值
$encryptedData = $this->request->param('encryptedData');// 加密数据
$iv = $this->request->param('iv');// 加密算法
$signature = $this->request->param('signature');// 签名验证
$rawData = $this->request->param('rawData');// 签名验证
$logintype = $this->request->param('loginType', 1);// 登录方式:1=手机号,2=微信授权openid
if (!$openid || !$encryptedData || !$iv) {
$this->error(__('Invalid parameters'));
}
$encryptedData = urldecode($encryptedData);
$config = config("wxMiniProgram");
// 获取openid和sessionkey
$sessionkeyModel = new \app\common\model\UserSessionkey();
$openidInfo = $sessionkeyModel->where(["openid" => $openid])->find();
$openid = $openidInfo['openid'];
$session_key = $openidInfo['sessionkey'];
// // 数据签名校验
// $signature2 = sha1($rawData . $session_key);
// if ($signature != $signature2) {
// $this->error(__('数据签名验证失败'));
// }
// 根据加密数据和加密算法获取用户信息
$pc = new WXBizDataCrypt($config["appid"], $session_key);
$data = "";
$errCode = $pc->decryptData($encryptedData, $iv, $data);
if ($errCode == 0) {
$data = json_decode($data, true);
// 用户登录逻辑 === 开始
$userModel = new \app\common\model\User();
$auth = \app\common\library\Auth::instance();
if ($logintype == 1) { // 手机号登录
$userInfo = $userModel->where(["mobile" => $data["purePhoneNumber"]])->find();
// 用户信息不存在时使用
$extend = ["mobile" => $data["purePhoneNumber"]];
} else { // 微信授权openid登录
$userInfo = $userModel->where(["openid" => $openid])->find();
// 用户信息不存在时使用
$extend = [
'openid' => $data['openId'],
'nickname' => $data['nickName'],
'avatar' => $data['avatarUrl'],
'gender' => $data['gender'],
];
}
// 判断用户是否已经存在
if ($userInfo) { // 登录
$user = \app\common\model\User::get($userInfo["id"]);
if (!$user) {
$this->error("网络错误!请稍后重试");
}
$user->save(["logintime" => time()]);
$res = $auth->direct($user->id);
$is_register = 0;
} else { // 注册
// 先随机一个用户名,随后再变更为u+数字id
$username = Random::alnum(20);
$password = Random::alnum(6);
Db::startTrans();
try {
// 默认注册一个会员
$result = $auth->register($username, $password, "", $extend);
if (!$result) {
return false;
}
$user = $auth->getUser();
$fields = ['username' => 'u' . $user->id];
// 更新会员资料
$user = \app\common\model\User::get($user->id);
$user->save($fields);
Db::commit();
} catch (PDOException $e) {
Db::rollback();
$auth->logout();
return false;
}
// 写入登录Cookies和Token
$res = $auth->direct($user->id);
$is_register = 1;
}
$userInfo = $auth->getUserinfo();
$userInfo["is_register"] = $is_register;
if ($res) {
$this->success("登录成功!", $userInfo);
} else {
$this->error("登录失败!");
}
// 用户登录逻辑 === 结束
} else {
$this->error("解密失败!", ["code" => $errCode]);
}
}
/**
* json 请求
* @param $url
* @return mixed
*/
private function getJson($url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
curl_close($ch);
return json_decode($output, true);
}
/**
* 运营商一键登录
*/
public function onLogin()
{
$accessToken = $this->request->param('accessToken');// 运营商预取号获取到的token
$token = $this->request->param('tokenT');// 易盾返回的token
if (!$accessToken || !$token) {
$this->error("参数获取失败!");
}
$params = array(
// 运营商预取号获取到的token
"accessToken" => $accessToken,
// 易盾返回的token
"token" => $token
);
// 获取密钥配置
$configInfo = config("onLogin");
$onlogin = new onlogin($configInfo["secretid"], $configInfo["secretkey"], $configInfo["businessid"]);
$ret = $onlogin->check($params);
// $ret = [];
// $ret["code"] = 200;
// $ret["msg"] = "ok";
// $ret["data"] = [
// "phone" => "17574504021",
// "resultCode" => 0
// ];
if ($ret["code"] == 200) {
$data = $ret["data"];
$phone = $data["phone"];
if (empty($phone)) {
// 取号失败,建议进行二次验证,例如短信验证码
$this->error("取号登录失败,请用验证码方式登录!");
} else {
// 取号成功, 执行登录等流程
// 用户登录逻辑 === 开始
$userModel = new \app\common\model\User();
$auth = \app\common\library\Auth::instance();
$userInfo = $userModel->where(["mobile" => $phone])->find();
// 用户信息不存在时使用
$extend = ["mobile" => $phone];
// 判断用户是否已经存在
if ($userInfo) { // 登录
$user = \app\common\model\User::get($userInfo["id"]);
if (!$user) {
$this->error("网络错误!请稍后重试");
}
if ($user->status != 'normal') {
$this->error(__('Account is locked'));
}
$user->save(["logintime" => time()]);
$res = $auth->direct($user->id);
$is_register = 0;
} else { // 注册
// 先随机一个用户名,随后再变更为u+数字id
$username = Random::alnum(20);
$password = Random::alnum(6);
Db::startTrans();
try {
// 默认注册一个会员
$result = $auth->register($username, $password, "", $extend);
if (!$result) {
return false;
}
$user = $auth->getUser();
$fields = ['username' => 'u' . $user->id];
// 更新会员资料
$user = \app\common\model\User::get($user->id);
$user->save($fields);
Db::commit();
} catch (PDOException $e) {
Db::rollback();
$auth->logout();
return false;
}
// 写入登录Cookies和Token
$res = $auth->direct($user->id);
$is_register = 1;
}
$userInfo["userinfo"] = $auth->getUserinfo();
$userInfo["is_register"] = $is_register;
if ($res) {
$this->success("登录成功!", $userInfo);
} else {
$this->error("登录失败!");
}
// 用户登录逻辑 === 结束
}
} else {
$this->error("登录失败,请用验证码方式登录!");
}
}
/**
* 注销账号
*
* @param string $mobile 手机号
* @param string $captcha 验证码
*/
public function cancleUser()
{
$user = $this->auth->getUser();
$user->status = "cancel";
$user->save();
$this->success("账号注销成功!");
}
/**
* 用户举报
*
* @param string $mobile 手机号
* @param string $captcha 验证码
*/
public function report()
{
$type = $this->request->param('type');// 类型描述
$content = $this->request->param('content');// 内容
$image = $this->request->param('image');// 图片
$ruser_id = $this->request->param('ruser_id');// 被举报用户ID
if (!$type || !$content || !$image || !$ruser_id) {
$this->error("请完成举报内容!");
}
$user_id = $this->auth->id;
$data = [];
$data["user_id"] = $user_id;
$data["ruser_id"] = $ruser_id;
$data["type"] = $type;
$data["content"] = $content;
$data["image"] = $image;
$data["createtime"] = time();
$res = \app\common\model\UserReport::insert($data);
if ($res) {
$this->success("举报内容提交成功!");
} else {
$this->error("网络错误,请稍后重试!");
}
}
}