error(__('User center already closed')); } } /** * 会员中心 */ public function index() { $this->success('', ['welcome' => $this->auth->nickname]); } /** * 会员登录 * * @ApiMethod (POST) * @param string $account 账号 * @param string $password 密码 */ public function login() { $account = $this->request->post('account'); $password = $this->request->post('password'); if (!$account || !$password) { $this->error(__('Invalid parameters')); } $ret = $this->auth->login($account, $password); if ($ret) { $data = ['userinfo' => $this->auth->getUserinfo()]; $this->success(__('Logged in successful'), $data); } else { $this->error($this->auth->getError()); } } /** * 手机验证码登录 * * @ApiMethod (POST) * @param string $mobile 手机号 * @param string $captcha 验证码 */ public function mobilelogin() { $mobile = $this->request->post('mobile'); $captcha = $this->request->post('captcha'); if (!$mobile || !$captcha) { $this->error(__('Invalid parameters')); } if (!Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('Mobile is incorrect')); } if (!Sms::check($mobile, $captcha, 'mobilelogin')) { $this->error(__('Captcha is incorrect')); } $user = \app\common\model\User::getByMobile($mobile); if ($user) { if ($user->status != 'normal') { $this->error(__('Account is locked')); } //如果已经有账号则直接登录 $ret = $this->auth->direct($user->id); } else { $ret = $this->auth->register($mobile, Random::alnum(), '', $mobile, []); } if ($ret) { Sms::flush($mobile, 'mobilelogin'); $data = ['userinfo' => $this->auth->getUserinfo()]; $this->success(__('Logged in successful'), $data); } else { $this->error($this->auth->getError()); } } /** * 注册会员 * * @ApiMethod (POST) * @param string $username 用户名 * @param string $password 密码 * @param string $email 邮箱 * @param string $mobile 手机号 * @param string $code 验证码 */ public function register() { $username = $this->request->post('username'); $password = $this->request->post('password'); $email = $this->request->post('email'); $mobile = $this->request->post('mobile'); $code = $this->request->post('code'); if (!$username || !$password) { $this->error(__('Invalid parameters')); } if ($email && !Validate::is($email, "email")) { $this->error(__('Email is incorrect')); } if ($mobile && !Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('Mobile is incorrect')); } $ret = Sms::check($mobile, $code, 'register'); if (!$ret) { $this->error(__('Captcha is incorrect')); } $ret = $this->auth->register($username, $password, $email, $mobile, []); if ($ret) { $data = ['userinfo' => $this->auth->getUserinfo()]; $this->success(__('Sign up successful'), $data); } else { $this->error($this->auth->getError()); } } /** * 退出登录 * @ApiMethod (POST) */ public function logout() { if (!$this->request->isPost()) { $this->error(__('Invalid parameters')); } $this->auth->logout(); $this->success(__('Logout successful')); } /** * 修改会员个人信息 * * @ApiMethod (POST) * @param string $avatar 头像地址 * @param string $username 用户名 * @param string $nickname 昵称 * @param string $bio 个人简介 */ public function profile() { $user = $this->auth->getUser(); $username = $this->request->post('username'); $nickname = $this->request->post('nickname'); $bio = $this->request->post('bio'); $avatar = $this->request->post('avatar', '', 'trim,strip_tags,htmlspecialchars'); if ($username) { $exists = \app\common\model\User::where('username', $username)->where('id', '<>', $this->auth->id)->find(); if ($exists) { $this->error(__('Username already exists')); } $user->username = $username; } if ($nickname) { $exists = \app\common\model\User::where('nickname', $nickname)->where('id', '<>', $this->auth->id)->find(); if ($exists) { $this->error(__('Nickname already exists')); } $user->nickname = $nickname; } $user->bio = $bio; $user->avatar = $avatar; $user->save(); $this->success(); } /** * 修改邮箱 * * @ApiMethod (POST) * @param string $email 邮箱 * @param string $captcha 验证码 */ public function changeemail() { $user = $this->auth->getUser(); $email = $this->request->post('email'); $captcha = $this->request->post('captcha'); if (!$email || !$captcha) { $this->error(__('Invalid parameters')); } if (!Validate::is($email, "email")) { $this->error(__('Email is incorrect')); } if (\app\common\model\User::where('email', $email)->where('id', '<>', $user->id)->find()) { $this->error(__('Email already exists')); } $result = Ems::check($email, $captcha, 'changeemail'); if (!$result) { $this->error(__('Captcha is incorrect')); } $verification = $user->verification; $verification->email = 1; $user->verification = $verification; $user->email = $email; $user->save(); Ems::flush($email, 'changeemail'); $this->success(); } /** * 修改手机号 * * @ApiMethod (POST) * @param string $mobile 手机号 * @param string $captcha 验证码 */ public function changemobile() { $user = $this->auth->getUser(); $mobile = $this->request->post('mobile'); $captcha = $this->request->post('captcha'); if (!$mobile || !$captcha) { $this->error(__('Invalid parameters')); } if (!Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('Mobile is incorrect')); } if (\app\common\model\User::where('mobile', $mobile)->where('id', '<>', $user->id)->find()) { $this->error(__('Mobile already exists')); } $result = Sms::check($mobile, $captcha, 'changemobile'); if (!$result) { $this->error(__('Captcha is incorrect')); } $verification = $user->verification; $verification->mobile = 1; $user->verification = $verification; $user->mobile = $mobile; $user->save(); Sms::flush($mobile, 'changemobile'); $this->success(); } /** * 第三方登录 * * @ApiMethod (POST) * @param string $platform 平台名称 * @param string $code Code码 */ public function third() { $url = url('user/index'); $platform = $this->request->post("platform"); $code = $this->request->post("code"); $config = get_addon_config('third'); if (!$config || !isset($config[$platform])) { $this->error(__('Invalid parameters')); } $app = new \addons\third\library\Application($config); //通过code换access_token和绑定会员 $result = $app->{$platform}->getUserInfo(['code' => $code]); if ($result) { $loginret = \addons\third\library\Service::connect($platform, $result); if ($loginret) { $data = [ 'userinfo' => $this->auth->getUserinfo(), 'thirdinfo' => $result ]; $this->success(__('Logged in successful'), $data); } } $this->error(__('Operation failed'), $url); } /** * 重置密码 * * @ApiMethod (POST) * @param string $mobile 手机号 * @param string $newpassword 新密码 * @param string $captcha 验证码 */ public function resetpwd() { $type = $this->request->post("type"); $mobile = $this->request->post("mobile"); $email = $this->request->post("email"); $newpassword = $this->request->post("newpassword"); $captcha = $this->request->post("captcha"); if (!$newpassword || !$captcha) { $this->error(__('Invalid parameters')); } //验证Token if (!Validate::make()->check(['newpassword' => $newpassword], ['newpassword' => 'require|regex:\S{6,30}'])) { $this->error(__('Password must be 6 to 30 characters')); } if ($type == 'mobile') { if (!Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('Mobile is incorrect')); } $user = \app\common\model\User::getByMobile($mobile); if (!$user) { $this->error(__('User not found')); } $ret = Sms::check($mobile, $captcha, 'resetpwd'); if (!$ret) { $this->error(__('Captcha is incorrect')); } Sms::flush($mobile, 'resetpwd'); } else { if (!Validate::is($email, "email")) { $this->error(__('Email is incorrect')); } $user = \app\common\model\User::getByEmail($email); if (!$user) { $this->error(__('User not found')); } $ret = Ems::check($email, $captcha, 'resetpwd'); if (!$ret) { $this->error(__('Captcha is incorrect')); } Ems::flush($email, 'resetpwd'); } //模拟一次登录 $this->auth->direct($user->id); $ret = $this->auth->changepwd($newpassword, '', true); if ($ret) { $this->success(__('Reset password successful')); } else { $this->error($this->auth->getError()); } } /** * 获取用户openid */ public function getUserOpenid() { // code值 $code = $this->request->param('code'); if (!$code) { $this->error(__('Invalid parameters')); } $config = config('wxMiniProgram'); $getopenid = 'https://api.weixin.qq.com/sns/jscode2session?appid='.$config['appid'].'&secret='.$config['secret'].'&js_code='.$code.'&grant_type=authorization_code'; $openidInfo = $this->getJson($getopenid); if(!isset($openidInfo['openid'])) { $this->error('用户openid获取失败',$openidInfo); } // 获取的结果存入数据库 $find = Db::name('user_sessionkey')->where(['openid'=>$openidInfo['openid']])->find(); if($find) { $update = []; $update['sessionkey'] = $openidInfo['session_key']; $update['createtime'] = time(); $res = Db::name('user_sessionkey')->where(['openid'=>$openidInfo['openid']])->update($update); } else { $insert = []; $insert['sessionkey'] = $openidInfo['session_key']; $insert['openid'] = $openidInfo['openid']; $insert['unionid'] = isset($openidInfo['unionid']) ? $openidInfo['unionid'] : ''; $insert['createtime'] = time(); $res = Db::name('user_sessionkey')->insertGetId($insert); } if($res !== false) { $this->success('获取成功',$openidInfo); } else { $this->error('获取失败'); } } /** * 微信小程序登录 */ public function wxMiniProgramLogin() { $openid = $this->request->request('openid');// openid值 $encryptedData = $this->request->request('encryptedData');// 加密数据 $iv = $this->request->request('iv');// 加密算法 $signature = $this->request->request('signature');// 签名验证 $rawData = $this->request->request('rawData');// 签名验证 $logintype = 2;// 登录方式:1=手机号,2=微信授权openid if (!$openid || !$encryptedData || !$iv) { $this->error(__('Invalid parameters')); } // 获取openid和sessionkey $config = config('wxMiniProgram'); $openidInfo = Db::name('user_sessionkey')->where(['openid'=>$openid])->find(); $openid = $openidInfo['openid']; $session_key = $openidInfo['sessionkey']; // // 数据签名校验 // $signature2 = sha1($rawData . $session_key); // if ($signature != $signature2) { // $this->error(__('数据签名验证失败')); // } // 根据加密数据和加密算法获取用户信息 $pc = new WXBizDataCrypt($config['appid'], $session_key); $data = ''; $errCode = $pc->decryptData(urldecode($encryptedData), $iv, $data); if ($errCode != 0) { $this->error('解密失败',['code'=>$errCode]); } $data = json_decode($data,true); // 用户登录逻辑 === 开始 if($logintype == 1) { // 手机号登录 /*$userInfo = Db::name('user')->where(["mobile"=>$data["purePhoneNumber"]])->find(); // 用户信息不存在时使用 $extend = ["mobile"=>$data["purePhoneNumber"]];*/ } else { // 微信授权openid登录 $userInfo = Db::name('user')->where(['mini_openid'=>$openid])->find(); // 用户信息不存在时使用 $extend = [ 'mini_openid' => $openid, 'nickname' => $data['nickName'], 'avatar' => $data['avatarUrl'], //'gender' => $data['gender']==1 ? 1 : 0, 'mini_sessionkey'=> $session_key, 'unionid' => $openidInfo['unionid'], //'mobile' => $data['purePhoneNumber'], ]; } // 判断用户是否已经存在 if($userInfo) { // 登录 Db::name('user')->where('id',$userInfo['id'])->update(['logintime'=>time()]); $res = $this->auth->direct($userInfo['id']); } else { // 注册 // 先随机一个用户名,随后再变更为u+数字id $username = ''; $password = ''; /*Db::startTrans(); try {*/ // 默认注册一个会员 $result = $this->auth->register($username, $password, '','', $extend); if (!$result) { $this->error("注册失败！"); } /* Db::commit(); } catch (PDOException $e) { Db::rollback(); $this->auth->logout(); return false; }*/ // 写入登录Cookies和Token $res = $this->auth->direct($this->auth->id); } $userInfo = $this->userInfo('return'); if($res) { $this->success("登录成功！",$userInfo); } else { $this->error("登录失败！"); } } /** * json 请求 * @param $url * @return mixed */ private function getJson($url){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $output = curl_exec($ch); curl_close($ch); return json_decode($output, true); } }