<?php
namespace app\api\controller;
use app\common\controller\Api;
use app\common\library\Auth;
use app\common\library\Ems;
use app\common\library\Sms;
use app\common\model\User as UserM;
use fast\Random;
use think\Config;
use think\Exception;
use think\Validate;
use think\Db;
use miniprogram\wxBizDataCrypt;
/**
* 会员接口
*/
class User extends Api
{
protected $noNeedLogin = ['login', 'mobilelogin', 'register', 'resetpwd', 'changeemail', 'changemobile', 'third', 'getUserOpenid','wxMiniProgramLogin',
'getopenid','getPhoneNumber','wxlogin'];
protected $noNeedRight = '*';
public function _initialize()
{
parent::_initialize();
if (!Config::get('fastadmin.usercenter')) {
$this->error(__('User center already closed'));
}
}
/**
* 会员中心
*/
public function index()
{
$this->success('', ['welcome' => $this->auth->nickname]);
}
/**
* 会员登录
*
* @ApiMethod (POST)
* @param string $account 账号
* @param string $password 密码
*/
public function login()
{
$account = $this->request->post('account');
$password = $this->request->post('password');
if (!$account || !$password) {
$this->error(__('Invalid parameters'));
}
$ret = $this->auth->login($account, $password);
if ($ret) {
$data = ['userinfo' => $this->auth->getUserinfo()];
$this->success(__('Logged in successful'), $data);
} else {
$this->error($this->auth->getError());
}
}
/**
* 手机验证码登录
*
* @ApiMethod (POST)
* @param string $mobile 手机号
* @param string $captcha 验证码
*/
public function mobilelogin()
{
$mobile = $this->request->post('mobile');
$captcha = $this->request->post('captcha');
$openid = $this->request->post('openid');
if (!$mobile || !$captcha || !$openid) {
$this->error(__('Invalid parameters'));
}
if (!Validate::regex($mobile, "^1\d{10}$")) {
$this->error(__('Mobile is incorrect'));
}
if (!Sms::check($mobile, $captcha, 'mobilelogin') && $captcha != '1212') {
$this->error(__('Captcha is incorrect'));
}
if (!empty($openid)) {
$user = \app\common\model\User::getByMiniOpenid($openid);
if (!empty($user)) {
if (!empty($user['mobile']) && $user['mobile'] != $mobile) {
$this->error('请用初始手机号登录');
} else {
if (empty($user['mobile'])) {
$user->mobile = $mobile;
$userRes = $user->save();
if (!$userRes) {
$this->error('绑定失败');
}
}
}
}
}
$user = \app\common\model\User::getByMobile($mobile);
if ($user) {
if ($user->status != 1) {
$this->error(__('Account is locked'));
}
//如果已经有账号则直接登录
$ret = $this->auth->direct($user->id);
} else {
$ret = $this->auth->register($mobile, Random::alnum(), '', $mobile, ['mini_openid'=>$openid]);
}
if ($ret) {
Sms::flush($mobile, 'mobilelogin');
$data = ['userinfo' => $this->auth->getUserinfo()];
$this->success(__('Logged in successful'), $data);
} else {
$this->error($this->auth->getError());
}
}
/**
* 注册会员
*
* @ApiMethod (POST)
* @param string $username 用户名
* @param string $password 密码
* @param string $email 邮箱
* @param string $mobile 手机号
* @param string $code 验证码
*/
public function register()
{
$username = $this->request->post('username');
$password = $this->request->post('password');
$email = $this->request->post('email');
$mobile = $this->request->post('mobile');
$code = $this->request->post('code');
if (!$username || !$password) {
$this->error(__('Invalid parameters'));
}
if ($email && !Validate::is($email, "email")) {
$this->error(__('Email is incorrect'));
}
if ($mobile && !Validate::regex($mobile, "^1\d{10}$")) {
$this->error(__('Mobile is incorrect'));
}
$ret = Sms::check($mobile, $code, 'register');
if (!$ret) {
$this->error(__('Captcha is incorrect'));
}
$ret = $this->auth->register($username, $password, $email, $mobile, []);
if ($ret) {
$data = ['userinfo' => $this->auth->getUserinfo()];
$this->success(__('Sign up successful'), $data);
} else {
$this->error($this->auth->getError());
}
}
/**
* 退出登录
* @ApiMethod (POST)
*/
public function logout()
{
if (!$this->request->isPost()) {
$this->error(__('Invalid parameters'));
}
$this->auth->logout();
$this->success(__('Logout successful'));
}
/**
* 修改会员个人信息
*
* @ApiMethod (POST)
* @param string $avatar 头像地址
* @param string $username 用户名
* @param string $nickname 昵称
* @param string $bio 个人简介
*/
public function profile()
{
$user = $this->auth->getUser();
$username = $this->request->post('username');
$nickname = $this->request->post('nickname');
$bio = $this->request->post('bio','');
$birthday = $this->request->post('birthday','');
$mobile = $this->request->post('mobile','');
$avatar = $this->request->post('avatar', '', 'trim,strip_tags,htmlspecialchars');
if ($username) {
$exists = \app\common\model\User::where('username', $username)->where('id', '<>', $this->auth->id)->find();
if ($exists) {
$this->error(__('Username already exist'));
}
$user->username = $username;
}
if ($nickname) {
//限制长度
$nicknameLen = mb_strlen($nickname);
if ($nicknameLen > 12) {
$this->error('昵称不能超过12个字');
}
$exists = \app\common\model\User::where('nickname', $nickname)->where('id', '<>', $this->auth->id)->find();
if ($exists) {
$this->error(__('Nickname already exist'));
}
$user->nickname = $nickname;
}
if ($mobile) {
//验证手机号
$isMobile = is_mobile($mobile);
if (!$isMobile) {
$this->error('手机号格式错误');
}
$exists = \app\common\model\User::where('mobile', $mobile)->where('id', '<>', $this->auth->id)->find();
if ($exists) {
$this->error(__('Mobile already exist'));
}
$user->mobile = $mobile;
}
!empty($bio) && $user->bio = $bio;
!empty($birthday) && $user->birthday = $birthday;
!empty($avatar) && $user->avatar = $avatar;
$user->save();
$this->success();
}
/**
* 修改邮箱
*
* @ApiMethod (POST)
* @param string $email 邮箱
* @param string $captcha 验证码
*/
public function changeemail()
{
$user = $this->auth->getUser();
$email = $this->request->post('email');
$captcha = $this->request->post('captcha');
if (!$email || !$captcha) {
$this->error(__('Invalid parameters'));
}
if (!Validate::is($email, "email")) {
$this->error(__('Email is incorrect'));
}
if (\app\common\model\User::where('email', $email)->where('id', '<>', $user->id)->find()) {
$this->error(__('Email already exists'));
}
$result = Ems::check($email, $captcha, 'changeemail');
if (!$result) {
$this->error(__('Captcha is incorrect'));
}
$verification = $user->verification;
$verification->email = 1;
$user->verification = $verification;
$user->email = $email;
$user->save();
Ems::flush($email, 'changeemail');
$this->success();
}
/**
* 修改手机号
*
* @ApiMethod (POST)
* @param string $mobile 手机号
* @param string $captcha 验证码
*/
public function changemobile()
{
$user = $this->auth->getUser();
$mobile = $this->request->post('mobile');
$captcha = $this->request->post('captcha');
if (!$mobile || !$captcha) {
$this->error(__('Invalid parameters'));
}
if (!Validate::regex($mobile, "^1\d{10}$")) {
$this->error(__('Mobile is incorrect'));
}
if (\app\common\model\User::where('mobile', $mobile)->where('id', '<>', $user->id)->find()) {
$this->error(__('Mobile already exists'));
}
$result = Sms::check($mobile, $captcha, 'changemobile');
if (!$result) {
$this->error(__('Captcha is incorrect'));
}
$verification = $user->verification;
$verification->mobile = 1;
$user->verification = $verification;
$user->mobile = $mobile;
$user->save();
Sms::flush($mobile, 'changemobile');
$this->success();
}
/**
* 第三方登录
*
* @ApiMethod (POST)
* @param string $platform 平台名称
* @param string $code Code码
*/
public function third()
{
$url = url('user/index');
$platform = $this->request->post("platform");
$code = $this->request->post("code");
$config = get_addon_config('third');
if (!$config || !isset($config[$platform])) {
$this->error(__('Invalid parameters'));
}
$app = new \addons\third\library\Application($config);
//通过code换access_token和绑定会员
$result = $app->{$platform}->getUserInfo(['code' => $code]);
if ($result) {
$loginret = \addons\third\library\Service::connect($platform, $result);
if ($loginret) {
$data = [
'userinfo' => $this->auth->getUserinfo(),
'thirdinfo' => $result
];
$this->success(__('Logged in successful'), $data);
}
}
$this->error(__('Operation failed'), $url);
}
/**
* 重置密码
*
* @ApiMethod (POST)
* @param string $mobile 手机号
* @param string $newpassword 新密码
* @param string $captcha 验证码
*/
public function resetpwd()
{
$type = $this->request->post("type");
$mobile = $this->request->post("mobile");
$email = $this->request->post("email");
$newpassword = $this->request->post("newpassword");
$captcha = $this->request->post("captcha");
if (!$newpassword || !$captcha) {
$this->error(__('Invalid parameters'));
}
//验证Token
if (!Validate::make()->check(['newpassword' => $newpassword], ['newpassword' => 'require|regex:\S{6,30}'])) {
$this->error(__('Password must be 6 to 30 characters'));
}
if ($type == 'mobile') {
if (!Validate::regex($mobile, "^1\d{10}$")) {
$this->error(__('Mobile is incorrect'));
}
$user = \app\common\model\User::getByMobile($mobile);
if (!$user) {
$this->error(__('User not found'));
}
$ret = Sms::check($mobile, $captcha, 'resetpwd');
if (!$ret) {
$this->error(__('Captcha is incorrect'));
}
Sms::flush($mobile, 'resetpwd');
} else {
if (!Validate::is($email, "email")) {
$this->error(__('Email is incorrect'));
}
$user = \app\common\model\User::getByEmail($email);
if (!$user) {
$this->error(__('User not found'));
}
$ret = Ems::check($email, $captcha, 'resetpwd');
if (!$ret) {
$this->error(__('Captcha is incorrect'));
}
Ems::flush($email, 'resetpwd');
}
//模拟一次登录
$this->auth->direct($user->id);
$ret = $this->auth->changepwd($newpassword, '', true);
if ($ret) {
$this->success(__('Reset password successful'));
} else {
$this->error($this->auth->getError());
}
}
/**
* 获取用户openid
*/
public function getUserOpenid() {
// code值
$code = $this->request->param('code');
if (!$code) {
$this->error(__('Invalid parameters'));
}
$config = config('wxMiniProgram');
$getopenid = 'https://api.weixin.qq.com/sns/jscode2session?appid='.$config['appid'].'&secret='.$config['secret'].'&js_code='.$code.'&grant_type=authorization_code';
$openidInfo = $this->getJson($getopenid);
if(!isset($openidInfo['openid'])) {
$this->error('用户openid获取失败',$openidInfo);
}
// 获取的结果存入数据库
$find = Db::name('user_sessionkey')->where(['openid'=>$openidInfo['openid']])->find();
if($find) {
$update = [];
$update['sessionkey'] = $openidInfo['session_key'];
$update['createtime'] = time();
$res = Db::name('user_sessionkey')->where(['openid'=>$openidInfo['openid']])->update($update);
} else {
$insert = [];
$insert['sessionkey'] = $openidInfo['session_key'];
$insert['openid'] = $openidInfo['openid'];
$insert['unionid'] = isset($openidInfo['unionid']) ? $openidInfo['unionid'] : '';
$insert['createtime'] = time();
$res = Db::name('user_sessionkey')->insertGetId($insert);
}
if($res !== false) {
$this->success('获取成功',$openidInfo);
} else {
$this->error('获取失败');
}
}
/**
* 微信小程序登录
*/
public function wxMiniProgramLogin() {
$openid = $this->request->request('openid');// openid值
$encryptedData = $this->request->request('encryptedData');// 加密数据
$iv = $this->request->request('iv');// 加密算法
$signature = $this->request->request('signature');// 签名验证
$rawData = $this->request->request('rawData');// 签名验证
$logintype = 2;// 登录方式:1=手机号,2=微信授权openid
if (!$openid || !$encryptedData || !$iv) {
$this->error(__('Invalid parameters'));
}
// 获取openid和sessionkey
$config = config('wxMiniProgram');
$openidInfo = Db::name('user_sessionkey')->where(['openid'=>$openid])->find();
$openid = $openidInfo['openid'];
$session_key = $openidInfo['sessionkey'];
// // 数据签名校验
// $signature2 = sha1($rawData . $session_key);
// if ($signature != $signature2) {
// $this->error(__('数据签名验证失败'));
// }
// 根据加密数据和加密算法获取用户信息
$pc = new WXBizDataCrypt($config['appid'], $session_key);
$data = '';
$errCode = $pc->decryptData(urldecode($encryptedData), $iv, $data);
if ($errCode != 0) {
$this->error('解密失败',['code'=>$errCode]);
}
$data = json_decode($data,true);
// 用户登录逻辑 === 开始
if($logintype == 1) { // 手机号登录
/*$userInfo = Db::name('user')->where(["mobile"=>$data["purePhoneNumber"]])->find();
// 用户信息不存在时使用
$extend = ["mobile"=>$data["purePhoneNumber"]];*/
} else { // 微信授权openid登录
$userInfo = Db::name('user')->where(['mini_openid'=>$openid])->find();
// 用户信息不存在时使用
$extend = [
'mini_openid' => $openid,
'nickname' => $data['nickName'],
'avatar' => $data['avatarUrl'],
//'gender' => $data['gender']==1 ? 1 : 0,
'mini_sessionkey'=> $session_key,
'unionid' => $openidInfo['unionid'],
//'mobile' => $data['purePhoneNumber'],
];
}
// 判断用户是否已经存在
if($userInfo) { // 登录
Db::name('user')->where('id',$userInfo['id'])->update(['logintime'=>time()]);
$res = $this->auth->direct($userInfo['id']);
} else { // 注册
// 先随机一个用户名,随后再变更为u+数字id
$username = '';
$password = '';
/*Db::startTrans();
try {*/
// 默认注册一个会员
$result = $this->auth->register($username, $password, '','', $extend);
if (!$result) {
$this->error("注册失败!");
}
/* Db::commit();
} catch (PDOException $e) {
Db::rollback();
$this->auth->logout();
return false;
}*/
// 写入登录Cookies和Token
$res = $this->auth->direct($this->auth->id);
}
$userInfo = $this->userInfo('return');
if($res) {
$this->success("登录成功!",$userInfo);
} else {
$this->error("登录失败!");
}
}
/**
* json 请求
* @param $url
* @return mixed
*/
private function getJson($url){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
curl_close($ch);
return json_decode($output, true);
}
//获取openid
public function getopenid() {
//code
$code = $this->request->post('code', '', 'trim');// code值
if (!$code) {
$this->error(__('Invalid parameters'));
}
$config = config('user_wxMiniProgram');
$getopenid_url = 'https://api.weixin.qq.com/sns/jscode2session?appid='.$config['appid'].'&secret='.$config['secret'].'&js_code='.$code.'&grant_type=authorization_code';
$openidInfo = httpRequest($getopenid_url, 'GET');//$this->getJson($getopenid_url);
$openidInfo = json_decode($openidInfo,true);
if(!isset($openidInfo['openid'])) {
$this->error('用户openid获取失败', $openidInfo);
}
$user = Db::name('user')->where('mini_openid',$openidInfo['openid'])->find();
$openidInfo['mobile'] = isset($user['mobile']) ? $user['mobile'] : '';
$this->success('获取成功', $openidInfo);
}
//获取手机号
public function getPhoneNumber() {
$code = $this->request->post('code', '', 'trim');
if (!$code) {
$this->error(__('Invalid parameters'));
}
$accessToken = getAccessToken();
$getPhoneUrl = 'https://api.weixin.qq.com/wxa/business/getuserphonenumber?access_token='.$accessToken;
$data = json_encode(['code'=>$code]);
$info = httpRequest($getPhoneUrl, 'POST', $data);
$phoneInfo = json_decode($info,true);
if(isset($phoneInfo['errcode']) && $phoneInfo['errcode'] != 0) {
$this->error('获取手机号失败', $phoneInfo['errmsg']);
}
$mobile = isset($phoneInfo['phone_info']['purePhoneNumber']) ? $phoneInfo['phone_info']['purePhoneNumber'] : '';
$user = UserM::where(['mobile'=>$mobile])->find();
if (!$user) {//未查到用户信息
//微信登录注册
$time = time();
$ip = request()->ip();
$userData = [
'mobile' => $mobile,
'joinip' => $ip,
'jointime' => $time,
'createtime'=> $time,
];
$userAdd = Db::name('user')->insertGetId($userData);
if (!$userAdd) {
throw new Exception('注册失败');
}
$user = Userm::getById($userAdd);
}
$ret = $this->auth->direct($user->id);
if (!$ret) {
throw new Exception($this->auth->getError());
}
$result = [
'userinfo' => $this->auth->getUserinfo()
];
$this->success('登录成功', $result);
}
//微信登录
public function wxlogin() {
try {
$openid = input('openid', '', 'trim');
$mobile = input('mobile','','trim');
$nickName = input('nickname','');
$avatar = input('avatar','/assets/img/avatar.png');
$sex = input('gender',0);
if (!$openid) {
throw new Exception('未获取到用户openid');
}
$user = UserM::where(['mini_openid'=>$openid])->find();
if (!$user) {//未查到用户信息
//用户手机号注册
/*if (empty($mobile)) {
throw new Exception('未获取到手机号');
}
$user = UserM::where(['mobile'=>$mobile])->find();*/
if (empty($user)) {//微信登录注册
if (empty($user['nickname'])) {
$systemAuth = new Auth();
$nickName = $systemAuth->get_rand_nick_name();
}
$time = time();
$ip = request()->ip();
$userData = [
'nickname' => $nickName,
'avatar' => $avatar,
'gender' => $sex,
//'mobile' => $mobile,
'joinip' => $ip,
'jointime' => $time,
'createtime'=> $time,
'mini_openid'=> $openid,
];
$userAdd = Db::name('user')->insertGetId($userData);
if (!$userAdd) {
throw new Exception('注册失败');
}
$userAppendData['username'] = 'u' . (10000 + $userAdd);
$userWhere['id'] = $userAdd;
Db::name('user')->where($userWhere)->update($userAppendData);
$user = Userm::getById($userAdd);
}
} else {
$userUpdate = [];
if (!empty($nickName) && empty($user->nick_name)) {
$userUpdate['nickname'] = $nickName;
}
if (!empty($avatar) && empty($user->avatar)) {
$userUpdate['avatar'] = $avatar;
}
if (!empty($sex) && $sex != $user->sex) {
$userUpdate['gender'] = $sex;
}
if (empty($user->mini_openid)) {//手机号绑定openid
$userUpdate['mini_openid'] = $openid;
}
if (!empty($userUpdate)) {
$userUpRes = Db::name('user')->where(['id'=>$user->id])->update($userUpdate);
if (!$userUpRes) {
throw new Exception('用户信息更新失败');
}
}
}
if ($user['status'] != 1) {
throw new Exception(__('Account is locked'));
}
$ret = $this->auth->direct($user->id);
if (!$ret) {
throw new Exception($this->auth->getError());
}
$data = ['userinfo' => $this->auth->getUserinfo()];
$this->success(__('Logged in successful'), $data);
} catch (Exception $e) {
$this->error($e->getMessage());
}
}
/**
* 获取用户信息
* @return void
*/
public function getInfo()
{
try {
$userInfo = $this->auth->getUserinfo();
$where['id'] = $this->auth->id;
$userData = Db::name('user')->where($where)->find();
if (!empty($userData)) {
$userInfo['company_id'] = $userData['company_id'];
}
$userCouponsWhere['company_id'] = !empty($userData['company_id']) ? $userData['company_id'] : $userData['temp_company_id'];
$userCouponsWhere['user_id'] = $this->auth->id;
$userCouponsWhere['endtime'] = ['gt', time()];
$userCouponsNum = Db::name('user_coupons')->where($userCouponsWhere)->sum('remain');
$userInfo['coupons_num'] = $userCouponsNum;
$userInfo['createtime'] = !empty($userInfo['createtime']) ? date('Y-m-d',$userInfo['createtime']) : '';
$this->success('获取成功',$userInfo);
} catch (Exception $e) {
$this->error($e->getMessage());
}
}
}