<?php
namespace App\Http\Controllers;
use App\Components\Helpers;
use App\Components\IP;
use App\Mail\activeUser;
use App\Mail\resetPassword;
use App\Mail\sendVerifyCode;
use App\Models\EmailFilter;
use App\Models\Invite;
use App\Models\User;
use App\Models\UserLoginLog;
use App\Models\Verify;
use App\Models\VerifyCode;
use App\Services\UserService;
use Auth;
use Cache;
use Captcha;
use Cookie;
use Hash;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Log;
use Mail;
use Redirect;
use Response;
use Session;
use Str;
use Validator;
/**
* 认证控制器.
*
* Class AuthController
*/
class AuthController extends Controller
{
// 登录
public function login(Request $request)
{
if ($request->isMethod('POST')) {
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
], [
'email.required' => trans('auth.email_null'),
'password.required' => trans('auth.password_null'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
$email = $request->input('email');
$password = $request->input('password');
$remember = $request->input('remember');
// 是否校验验证码
$captcha = $this->check_captcha($request);
if ($captcha !== false) {
return $captcha;
}
// 验证账号并创建会话
if (! Auth::attempt(['email' => $email, 'password' => $password], $remember)) {
return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
}
$user = Auth::getUser();
if (! $user) {
return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
}
// 校验普通用户账号状态
if (! $user->is_admin) {
if ($user->status < 0) {
Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话
return Redirect::back()->withInput()->withErrors(trans('auth.login_ban', ['email' => sysConfig('webmaster_email')]));
}
if ($user->status === 0 && sysConfig('is_activate_account')) {
Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话
return Redirect::back()->withInput()->withErrors(trans('auth.active_tip').'<a href="'.route('active').'?email='.$email.'" target="_blank"><span style="color:#000">【'.trans('auth.active_account').'】</span></a>');
}
}
// 写入登录日志
$this->addUserLoginLog($user->id, IP::getClientIp());
// 更新登录信息
Auth::getUser()->update(['last_login' => time()]);
// 根据权限跳转
if ($user->is_admin) {
return Redirect::route('admin.index');
}
return Redirect::route('home');
}
if (Auth::check()) {
if (Auth::getUser()->is_admin) {
return Redirect::route('admin.index');
}
return Redirect::route('home');
}
return view('auth.login');
}
// 校验验证码
private function check_captcha($request)
{
switch (sysConfig('is_captcha')) {
case 1: // 默认图形验证码
if (! Captcha::check($request->input('captcha'))) {
return Redirect::back()->withInput()->withErrors(trans('auth.captcha_error'));
}
break;
case 2: // Geetest
$validator = Validator::make($request->all(), [
'geetest_challenge' => 'required|geetest',
], [
'geetest' => trans('auth.captcha_fail'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors(trans('auth.captcha_fail'));
}
break;
case 3: // Google reCAPTCHA
$validator = Validator::make($request->all(), [
'g-recaptcha-response' => 'required|NoCaptcha',
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors(trans('auth.captcha_fail'));
}
break;
case 4: // hCaptcha
$validator = Validator::make($request->all(), [
'h-captcha-response' => 'required|HCaptcha',
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors(trans('auth.captcha_fail'));
}
break;
default: // 不启用验证码
break;
}
return false;
}
/**
* 添加用户登录日志.
*
* @param int $userId 用户ID
* @param string $ip IP地址
*/
private function addUserLoginLog(int $userId, string $ip): void
{
$ipLocation = IP::getIPInfo($ip);
if (empty($ipLocation) || empty($ipLocation['country'])) {
Log::warning('获取IP信息异常:'.$ip);
}
$log = new UserLoginLog();
$log->user_id = $userId;
$log->ip = $ip;
$log->country = $ipLocation['country'] ?? '';
$log->province = $ipLocation['province'] ?? '';
$log->city = $ipLocation['city'] ?? '';
$log->county = $ipLocation['county'] ?? '';
$log->isp = $ipLocation['isp'] ?? ($ipLocation['organization'] ?? '');
$log->area = $ipLocation['area'] ?? '';
$log->save();
}
// 退出
public function logout(): RedirectResponse
{
Auth::logout();
return Redirect::route('login');
}
// 注册
public function register(Request $request)
{
$cacheKey = 'register_times_'.md5(IP::getClientIp()); // 注册限制缓存key
if ($request->isMethod('POST')) {
$validator = Validator::make($request->all(), [
'username' => 'required',
'email' => 'required|email|unique:user',
'password' => 'required|min:6',
'confirmPassword' => 'required|same:password',
'term' => 'accepted',
], [
'username.required' => trans('auth.email_null'),
'email.required' => trans('auth.email_null'),
'email.email' => trans('auth.email_legitimate'),
'email.unique' => trans('auth.email_exist'),
'password.required' => trans('auth.password_null'),
'password.min' => trans('auth.password_limit'),
'confirmPassword.required' => trans('auth.confirm_password'),
'confirmPassword.same' => trans('auth.password_same'),
'term.accepted' => trans('auth.unaccepted'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
$username = $request->input('username');
$email = $request->input('email');
$password = $request->input('password');
$register_token = $request->input('register_token');
$code = $request->input('code');
$verify_code = $request->input('verify_code');
$aff = (int) $request->input('aff');
// 防止重复提交
if ($register_token !== Session::get('register_token')) {
return Redirect::back()->withInput()->withErrors(trans('auth.repeat_request'));
}
Session::forget('register_token');
// 是否开启注册
if (! sysConfig('is_register')) {
return Redirect::back()->withErrors(trans('auth.register_close'));
}
// 校验域名邮箱黑白名单
if (sysConfig('is_email_filtering')) {
$result = $this->emailChecker($email, 1);
if ($result !== false) {
return $result;
}
}
// 如果需要邀请注册
if (sysConfig('is_invite_register')) {
// 校验邀请码合法性
if ($code) {
if (Invite::whereCode($code)->whereStatus(0)->doesntExist()) {
return Redirect::back()->withInput($request->except('code'))->withErrors(trans('auth.code_error'));
}
} elseif (sysConfig('is_invite_register') == 2) { // 必须使用邀请码
return Redirect::back()->withInput()->withErrors(trans('auth.code_null'));
}
}
// 注册前发送激活码
if (sysConfig('is_activate_account') == 1) {
if (! $verify_code) {
return Redirect::back()->withInput($request->except('verify_code'))->withErrors(trans('auth.captcha_null'));
}
$verifyCode = VerifyCode::whereAddress($email)->whereCode($verify_code)->whereStatus(0)->first();
if (! $verifyCode) {
return Redirect::back()->withInput($request->except('verify_code'))->withErrors(trans('auth.captcha_overtime'));
}
$verifyCode->status = 1;
$verifyCode->save();
}
// 是否校验验证码
$captcha = $this->check_captcha($request);
if ($captcha !== false) {
return $captcha;
}
// 24小时内同IP注册限制
if (sysConfig('register_ip_limit') && Cache::has($cacheKey)) {
$registerTimes = Cache::get($cacheKey);
if ($registerTimes >= sysConfig('register_ip_limit')) {
return Redirect::back()->withInput($request->except('code'))->withErrors(trans('auth.register_anti'));
}
}
// 获取可用端口
$port = Helpers::getPort();
if ($port > sysConfig('max_port')) {
return Redirect::back()->withInput()->withErrors(trans('auth.register_close'));
}
// 获取aff
$affArr = $this->getAff($code, $aff);
$inviter_id = $affArr['inviter_id'];
$transfer_enable = MB * ((int) sysConfig('default_traffic') + ($inviter_id ? (int) sysConfig('referral_traffic') : 0));
// 创建新用户
$uid = Helpers::addUser($email, $password, $transfer_enable, sysConfig('default_days'), $inviter_id);
// 注册失败,抛出异常
if (! $uid) {
return Redirect::back()->withInput()->withErrors(trans('auth.register_fail'));
}
// 更新昵称
User::find($uid)->update(['username' => $username]);
// 注册次数+1
if (Cache::has($cacheKey)) {
Cache::increment($cacheKey);
} else {
Cache::put($cacheKey, 1, Day); // 24小时
}
// 更新邀请码
if ($affArr['code_id'] && sysConfig('is_invite_register')) {
Invite::find($affArr['code_id'])->update(['invitee_id' => $uid, 'status' => 1]);
}
// 清除邀请人Cookie
Cookie::unqueue('register_aff');
// 注册后发送激活码
if (sysConfig('is_activate_account') == 2) {
// 生成激活账号的地址
$token = $this->addVerifyUrl($uid, $email);
$activeUserUrl = route('activeAccount', $token);
$logId = Helpers::addNotificationLog('注册激活', '请求地址:'.$activeUserUrl, 1, $email);
Mail::to($email)->send(new activeUser($logId, $activeUserUrl));
Session::flash('successMsg', trans('auth.register_active_tip'));
} else {
// 则直接给推荐人加流量
if ($inviter_id) {
$referralUser = User::find($inviter_id);
if ($referralUser && $referralUser->expired_at >= date('Y-m-d')) {
(new UserService($referralUser))->incrementData(sysConfig('referral_traffic') * MB);
}
}
if (sysConfig('is_activate_account') == 1) {
User::find($uid)->update(['status' => 1]);
}
Session::flash('successMsg', trans('auth.register_success'));
}
return Redirect::route('login')->withInput();
}
$view['emailList'] = sysConfig('is_email_filtering') != 2 ? false : EmailFilter::whereType(2)->get();
Session::put('register_token', Str::random());
return view('auth.register', $view);
}
//邮箱检查
private function emailChecker($email, $returnType = 0)
{
$emailFilterList = $this->emailFilterList(sysConfig('is_email_filtering'));
$emailSuffix = explode('@', $email); // 提取邮箱后缀
switch (sysConfig('is_email_filtering')) {
// 黑名单
case 1:
if (in_array(strtolower($emailSuffix[1]), $emailFilterList, true)) {
if ($returnType) {
return Redirect::back()->withErrors(trans('auth.email_banned'));
}
return Response::json(['status' => 'fail', 'message' => trans('auth.email_banned')]);
}
break;
//白名单
case 2:
if (! in_array(strtolower($emailSuffix[1]), $emailFilterList, true)) {
if ($returnType) {
return Redirect::back()->withErrors(trans('auth.email_invalid'));
}
return Response::json(['status' => 'fail', 'message' => trans('auth.email_invalid')]);
}
break;
default:
if ($returnType) {
return Redirect::back()->withErrors(trans('auth.email_invalid'));
}
return Response::json(['status' => 'fail', 'message' => trans('auth.email_invalid')]);
}
return false;
}
/**
* 获取AFF.
*
* @param string|null $code 邀请码
* @param int|null $aff URL中的aff参数
*
* @return array
*/
private function getAff($code = null, $aff = null): array
{
$data = ['inviter_id' => null, 'code_id' => 0]; // 邀请人ID 与 邀请码ID
// 有邀请码先用邀请码,用谁的邀请码就给谁返利
if ($code) {
$inviteCode = Invite::whereCode($code)->whereStatus(0)->first();
if ($inviteCode) {
$data['inviter_id'] = $inviteCode->inviter_id;
$data['code_id'] = $inviteCode->id;
}
}
// 没有用邀请码或者邀请码是管理员生成的,则检查cookie或者url链接
if (! $data['inviter_id']) {
// 检查一下cookie里有没有aff
$cookieAff = \Request::hasCookie('register_aff') ? \Request::cookie('register_aff') : 0;
if ($cookieAff) {
$data['inviter_id'] = User::find($cookieAff) ? $cookieAff : 0;
} elseif ($aff) { // 如果cookie里没有aff,就再检查一下请求的url里有没有aff,因为有些人的浏览器会禁用了cookie,比如chrome开了隐私模式
$data['inviter_id'] = User::find($aff) ? $aff : 0;
}
}
return $data;
}
// 生成申请的请求地址
private function addVerifyUrl($uid, $email)
{
$token = md5(sysConfig('website_name').$email.microtime());
$verify = new Verify();
$verify->type = 1;
$verify->user_id = $uid;
$verify->token = $token;
$verify->status = 0;
$verify->save();
return $token;
}
// 重设密码页
public function resetPassword(Request $request)
{
if ($request->isMethod('POST')) {
// 校验请求
$validator = Validator::make($request->all(), [
'email' => 'required|email',
], [
'email.required' => trans('auth.email_null'),
'email.email' => trans('auth.email_legitimate'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
$email = $request->input('email');
// 是否开启重设密码
if (! sysConfig('is_reset_password')) {
return Redirect::back()->withErrors(trans('auth.reset_password_close', ['email' => sysConfig('webmaster_email')]));
}
// 查找账号
$user = User::whereEmail($email)->first();
if (! $user) {
return Redirect::back()->withErrors(trans('auth.email_notExist'));
}
// 24小时内重设密码次数限制
$resetTimes = 0;
if (Cache::has('resetPassword_'.md5($email))) {
$resetTimes = Cache::get('resetPassword_'.md5($email));
if ($resetTimes >= sysConfig('reset_password_times')) {
return Redirect::back()->withErrors(trans('auth.reset_password_limit', ['time' => sysConfig('reset_password_times')]));
}
}
// 生成取回密码的地址
$token = $this->addVerifyUrl($user->id, $email);
// 发送邮件
$resetPasswordUrl = route('resettingPasswd', $token);
$logId = Helpers::addNotificationLog('重置密码', '请求地址:'.$resetPasswordUrl, 1, $email);
Mail::to($email)->send(new resetPassword($logId, $resetPasswordUrl));
Cache::put('resetPassword_'.md5($email), $resetTimes + 1, Day);
return Redirect::back()->with('successMsg', trans('auth.reset_password_success_tip'));
}
return view('auth.resetPassword');
}
// 重设密码
public function reset(Request $request, $token)
{
if (! $token) {
return Redirect::route('login');
}
if ($request->isMethod('POST')) {
$validator = Validator::make($request->all(), [
'password' => 'required|min:6',
'confirmPassword' => 'required|same:password',
], [
'password.required' => trans('auth.password_null'),
'password.min' => trans('auth.password_limit'),
'confirmPassword.required' => trans('auth.password_null'),
'confirmPassword.min' => trans('auth.password_limit'),
'confirmPassword.same' => trans('auth.password_same'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
$password = $request->input('password');
// 校验账号
$verify = Verify::type(1)->whereToken($token)->first();
$user = $verify->user;
if (! $verify) {
return Redirect::route('login');
}
if ($verify->status === 1) {
return Redirect::back()->withErrors(trans('auth.overtime'));
}
if ($user->status < 0) {
return Redirect::back()->withErrors(trans('auth.email_banned'));
}
if (Hash::check($password, $verify->user->password)) {
return Redirect::back()->withErrors(trans('auth.reset_password_same_fail'));
}
// 更新密码
if (! $user->update(['password' => $password])) {
return Redirect::back()->withErrors(trans('auth.reset_password_fail'));
}
// 置为已使用
$verify->status = 1;
$verify->save();
return Redirect::route('login')->with('successMsg', trans('auth.reset_password_new'));
}
$verify = Verify::type(1)->whereToken($token)->first();
if (! $verify) {
return Redirect::route('login');
}
if (time() - strtotime($verify->created_at) >= 1800) {
// 置为已失效
$verify->status = 2;
$verify->save();
}
// 重新获取一遍verify
$view['verify'] = Verify::type(1)->whereToken($token)->first();
return view('auth.reset', $view);
}
// 激活账号页
public function activeUser(Request $request)
{
if ($request->isMethod('POST')) {
$validator = Validator::make($request->all(), [
'email' => 'required|email|exists:user,email',
], [
'email.required' => trans('auth.email_null'),
'email.email' => trans('auth.email_legitimate'),
'email.exists' => trans('auth.email_notExist'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
$email = $request->input('email');
// 是否开启账号激活
if (sysConfig('is_activate_account') != 2) {
return Redirect::back()->withInput()->withErrors(trans('auth.active_close', ['email' => sysConfig('webmaster_email')]));
}
// 查找账号
$user = User::whereEmail($email)->firstOrFail();
if ($user->status < 0) {
return Redirect::back()->withErrors(trans('auth.login_ban', ['email' => sysConfig('webmaster_email')]));
}
if ($user->status > 0) {
return Redirect::back()->withErrors(trans('auth.email_normal'));
}
// 24小时内激活次数限制
$activeTimes = 0;
if (Cache::has('activeUser_'.md5($email))) {
$activeTimes = Cache::get('activeUser_'.md5($email));
if ($activeTimes >= sysConfig('active_times')) {
return Redirect::back()->withErrors(trans('auth.active_limit', ['time' => sysConfig('webmaster_email')]));
}
}
// 生成激活账号的地址
$token = $this->addVerifyUrl($user->id, $email);
// 发送邮件
$activeUserUrl = route('activeAccount', $token);
$logId = Helpers::addNotificationLog('激活账号', '请求地址:'.$activeUserUrl, 1, $email);
Mail::to($email)->send(new activeUser($logId, $activeUserUrl));
Cache::put('activeUser_'.md5($email), $activeTimes + 1, Day);
return Redirect::back()->with('successMsg', trans('auth.register_active_tip'));
}
return view('auth.activeUser');
}
// 激活账号
public function active($token)
{
if (! $token) {
return Redirect::route('login');
}
$verify = Verify::type(1)->with('user')->whereToken($token)->first();
$user = $verify->user;
if (! $verify) {
return Redirect::route('login');
}
if (empty($user)) {
Session::flash('errorMsg', trans('auth.overtime'));
return view('auth.active');
}
if ($verify->status > 0) {
Session::flash('errorMsg', trans('auth.overtime'));
return view('auth.active');
}
if ($user->status !== 0) {
Session::flash('errorMsg', trans('auth.email_normal'));
return view('auth.active');
}
if (time() - strtotime($verify->created_at) >= 1800) {
Session::flash('errorMsg', trans('auth.overtime'));
// 置为已失效
$verify->status = 2;
$verify->save();
return view('auth.active');
}
// 更新账号状态
if (! $user->update(['status' => 1])) {
Session::flash('errorMsg', trans('auth.active_fail'));
return Redirect::back();
}
// 置为已使用
$verify->status = 1;
$verify->save();
// 账号激活后给邀请人送流量
$inviter = $user->inviter;
if ($inviter) {
(new UserService($inviter))->incrementData(sysConfig('referral_traffic') * MB);
}
Session::flash('successMsg', trans('auth.active_success'));
return view('auth.active');
}
// 发送注册验证码
public function sendCode(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email|unique:user',
], [
'email.required' => trans('auth.email_null'),
'email.email' => trans('auth.email_legitimate'),
'email.unique' => trans('auth.email_exist'),
]);
$email = $request->input('email');
if ($validator->fails()) {
return Response::json(['status' => 'fail', 'message' => $validator->getMessageBag()->first()]);
}
$ip = IP::getClientIP();
// 校验域名邮箱黑白名单
if (sysConfig('is_email_filtering')) {
$result = $this->emailChecker($email);
if ($result !== false) {
return $result;
}
}
// 是否开启注册发送验证码
if (sysConfig('is_activate_account') != 1) {
return Response::json(['status' => 'fail', 'message' => trans('auth.captcha_close')]);
}
// 防刷机制
if (Cache::has('send_verify_code_'.md5($ip))) {
return Response::json(['status' => 'fail', 'message' => trans('auth.register_anti')]);
}
// 发送邮件
$code = Str::random(6);
$logId = Helpers::addNotificationLog('发送注册验证码', '验证码:'.$code, 1, $email);
Mail::to($email)->send(new sendVerifyCode($logId, $code));
$this->addVerifyCode($email, $code);
Cache::put('send_verify_code_'.md5($ip), $ip, Minute);
return Response::json(['status' => 'success', 'message' => trans('auth.captcha_send')]);
}
// 生成注册验证码
private function addVerifyCode($email, $code): void
{
$verify = new VerifyCode();
$verify->address = $email;
$verify->code = $code;
$verify->status = 0;
$verify->save();
}
// 公开的邀请码列表
public function free()
{
$view['inviteList'] = Invite::whereInviterId(0)->whereStatus(0)->paginate();
return view('auth.free', $view);
}
// 切换语言
public function switchLang($locale): RedirectResponse
{
Session::put('locale', $locale);
return Redirect::back();
}
}