AuthController.php 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767
  1. <?php
  2. namespace App\Http\Controllers;
  3. use App\Components\Helpers;
  4. use App\Components\IPIP;
  5. use App\Components\QQWry;
  6. use App\Http\Models\Invite;
  7. use App\Http\Models\SensitiveWords;
  8. use App\Http\Models\User;
  9. use App\Http\Models\UserLabel;
  10. use App\Http\Models\UserLoginLog;
  11. use App\Http\Models\UserSubscribe;
  12. use App\Http\Models\Verify;
  13. use App\Http\Models\VerifyCode;
  14. use App\Mail\activeUser;
  15. use App\Mail\resetPassword;
  16. use App\Mail\sendVerifyCode;
  17. use Auth;
  18. use Cache;
  19. use Captcha;
  20. use Cookie;
  21. use Hash;
  22. use Illuminate\Http\Request;
  23. use Log;
  24. use Mail;
  25. use Redirect;
  26. use Response;
  27. use Session;
  28. use Validator;
  29. /**
  30. * 认证控制器
  31. *
  32. * Class AuthController
  33. *
  34. * @package App\Http\Controllers
  35. */
  36. class AuthController extends Controller
  37. {
  38. protected static $systemConfig;
  39. function __construct()
  40. {
  41. self::$systemConfig = Helpers::systemConfig();
  42. }
  43. // 登录
  44. public function login(Request $request)
  45. {
  46. if($request->isMethod('POST')){
  47. $this->validate($request, [
  48. 'username' => 'required',
  49. 'password' => 'required'
  50. ], [
  51. 'username.required' => trans('auth.email_null'),
  52. 'password.required' => trans('auth.password_null')
  53. ]);
  54. // 是否校验验证码
  55. switch(self::$systemConfig['is_captcha']){
  56. case 1: // 默认图形验证码
  57. if(!Captcha::check($request->captcha)){
  58. return Redirect::back()->withInput()->withErrors(trans('auth.captcha_error'));
  59. }
  60. break;
  61. case 2: // Geetest
  62. $result = $this->validate($request, [
  63. 'geetest_challenge' => 'required|geetest'
  64. ], [
  65. 'geetest' => trans('auth.captcha_fail')
  66. ]);
  67. if(!$result){
  68. return Redirect::back()->withInput()->withErrors(trans('auth.fail_captcha'));
  69. }
  70. break;
  71. case 3: // Google reCAPTCHA
  72. $result = $this->validate($request, [
  73. 'g-recaptcha-response' => 'required|NoCaptcha'
  74. ]);
  75. if(!$result){
  76. return Redirect::back()->withInput()->withErrors(trans('auth.fail_captcha'));
  77. }
  78. break;
  79. default: // 不启用验证码
  80. break;
  81. }
  82. // 验证账号并创建会话
  83. if(!Auth::attempt(['username' => $request->username, 'password' => $request->password], $request->remember)){
  84. return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
  85. }
  86. // 校验普通用户账号状态
  87. if(!Auth::user()->is_admin){
  88. if(Auth::user()->status < 0){
  89. Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话
  90. return Redirect::back()->withInput()->withErrors(trans('auth.login_ban', ['email' => self::$systemConfig['admin_email']]));
  91. }
  92. if(Auth::user()->status == 0 && self::$systemConfig['is_active_register']){
  93. Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话
  94. return Redirect::back()->withInput()->withErrors(trans('auth.active_tip').'<a href="/activeUser?username='.$request->username.'" target="_blank"><span style="color:#000">【'.trans('auth.active_account').'】</span></a>');
  95. }
  96. }
  97. // 写入登录日志
  98. $this->addUserLoginLog(Auth::user()->id, getClientIp());
  99. // 更新登录信息
  100. User::uid()->update(['last_login' => time()]);
  101. // 根据权限跳转
  102. if(Auth::user()->is_admin){
  103. return Redirect::to('admin');
  104. }
  105. return Redirect::to('/');
  106. }else{
  107. if(Auth::check()){
  108. if(Auth::user()->is_admin){
  109. return Redirect::to('admin');
  110. }
  111. return Redirect::to('/');
  112. }
  113. return Response::view('auth.login');
  114. }
  115. }
  116. // 退出
  117. public function logout(Request $request)
  118. {
  119. Auth::logout();
  120. return Redirect::to('login');
  121. }
  122. // 注册
  123. public function register(Request $request)
  124. {
  125. $cacheKey = 'register_times_'.md5(getClientIp()); // 注册限制缓存key
  126. if($request->isMethod('POST')){
  127. $this->validate($request, [
  128. 'username' => 'required|email|unique:user',
  129. 'password' => 'required|min:6',
  130. 'repassword' => 'required|same:password',
  131. 'term' => 'accepted'
  132. ], [
  133. 'username.required' => trans('auth.email_null'),
  134. 'username.email' => trans('auth.email_legitimate'),
  135. 'username.unique' => trans('auth.email_exist'),
  136. 'password.required' => trans('auth.password_null'),
  137. 'password.min' => trans('auth.password_limit'),
  138. 'repassword.required' => trans('auth.retype_password'),
  139. 'repassword.same' => trans('auth.password_same'),
  140. 'term.accepted' => trans('auth.unaccepted')
  141. ]);
  142. // 防止重复提交
  143. if($request->register_token != Session::get('register_token')){
  144. return Redirect::back()->withInput()->withErrors(trans('auth.repeat_request'));
  145. }else{
  146. Session::forget('register_token');
  147. }
  148. // 是否开启注册
  149. if(!self::$systemConfig['is_register']){
  150. return Redirect::back()->withErrors(trans('auth.register_close'));
  151. }
  152. // 校验域名邮箱黑白名单
  153. if(self::$systemConfig['sensitiveType']){
  154. // 校验域名邮箱是否在黑名单中
  155. $sensitiveWords = $this->sensitiveWords(1);
  156. $usernameSuffix = explode('@', $request->username); // 提取邮箱后缀
  157. if(in_array(strtolower($usernameSuffix[1]), $sensitiveWords)){
  158. return Redirect::back()->withInput()->withErrors(trans('auth.email_banned'));
  159. }
  160. }else{
  161. $sensitiveWords = $this->sensitiveWords(2);
  162. $usernameSuffix = explode('@', $request->username); // 提取邮箱后缀
  163. if(!in_array(strtolower($usernameSuffix[1]), $sensitiveWords)){
  164. return Redirect::back()->withInput()->withErrors(trans('auth.email_invalid'));
  165. }
  166. }
  167. // 如果需要邀请注册
  168. if(self::$systemConfig['is_invite_register']){
  169. // 必须使用邀请码
  170. if(self::$systemConfig['is_invite_register'] == 2 && !$request->code){
  171. return Redirect::back()->withInput()->withErrors(trans('auth.code_null'));
  172. }
  173. // 校验邀请码合法性
  174. if($request->code){
  175. $codeEnable = Invite::query()->where('code', $request->code)->where('status', 0)->first();
  176. if(!$codeEnable){
  177. return Redirect::back()->withInput($request->except(['code']))->withErrors(trans('auth.code_error'));
  178. }
  179. }
  180. }
  181. // 如果开启注册发送验证码
  182. if(self::$systemConfig['is_verify_register']){
  183. if(!$request->verify_code){
  184. return Redirect::back()->withInput($request->except(['verify_code']))->withErrors(trans('auth.captcha_null'));
  185. }else{
  186. $verifyCode = VerifyCode::query()->where('username', $request->username)->where('code', $request->verify_code)->where('status', 0)->first();
  187. if(!$verifyCode){
  188. return Redirect::back()->withInput($request->except(['verify_code']))->withErrors(trans('auth.captcha_overtime'));
  189. }
  190. $verifyCode->status = 1;
  191. $verifyCode->save();
  192. }
  193. }elseif(self::$systemConfig['is_captcha']){ // 是否校验验证码
  194. switch(self::$systemConfig['is_captcha']){
  195. case 1: // 默认图形验证码
  196. if(!Captcha::check($request->captcha)){
  197. return Redirect::back()->withInput()->withErrors(trans('auth.captcha_error'));
  198. }
  199. break;
  200. case 2: // Geetest
  201. $result = $this->validate($request, [
  202. 'geetest_challenge' => 'required|geetest'
  203. ], [
  204. 'geetest' => trans('auth.captcha_fail')
  205. ]);
  206. if(!$result){
  207. return Redirect::back()->withInput()->withErrors(trans('auth.captcha_fail'));
  208. }
  209. break;
  210. case 3: // Google reCAPTCHA
  211. $result = $this->validate($request, [
  212. 'g-recaptcha-response' => 'required|NoCaptcha'
  213. ]);
  214. if(!$result){
  215. return Redirect::back()->withInput()->withErrors(trans('auth.captcha_fail'));
  216. }
  217. break;
  218. default: // 不启用验证码
  219. break;
  220. }
  221. }
  222. // 24小时内同IP注册限制
  223. if(self::$systemConfig['register_ip_limit']){
  224. if(Cache::has($cacheKey)){
  225. $registerTimes = Cache::get($cacheKey);
  226. if($registerTimes >= self::$systemConfig['register_ip_limit']){
  227. return Redirect::back()->withInput($request->except(['code']))->withErrors(trans('auth.register_anti'));
  228. }
  229. }
  230. }
  231. // 获取可用端口
  232. $port = self::$systemConfig['is_rand_port']? Helpers::getRandPort() : Helpers::getOnlyPort();
  233. if($port > self::$systemConfig['max_port']){
  234. return Redirect::back()->withInput()->withErrors(trans('auth.register_close'));
  235. }
  236. // 获取aff
  237. $affArr = $this->getAff($request->code, intval($request->aff));
  238. $referral_uid = $affArr['referral_uid'];
  239. $transfer_enable = $referral_uid? (self::$systemConfig['default_traffic']+self::$systemConfig['referral_traffic'])*1048576 : self::$systemConfig['default_traffic']*1048576;
  240. // 创建新用户
  241. $uid = Helpers::addUser($request->username, Hash::make($request->password), $transfer_enable, self::$systemConfig['default_days'], $referral_uid);
  242. // 注册失败,抛出异常
  243. if(!$uid){
  244. return Redirect::back()->withInput()->withErrors(trans('auth.register_fail'));
  245. }
  246. // 生成订阅码
  247. $subscribe = new UserSubscribe();
  248. $subscribe->user_id = $uid;
  249. $subscribe->code = Helpers::makeSubscribeCode();
  250. $subscribe->times = 0;
  251. $subscribe->save();
  252. // 注册次数+1
  253. if(Cache::has($cacheKey)){
  254. Cache::increment($cacheKey);
  255. }else{
  256. Cache::put($cacheKey, 1, 1440); // 24小时
  257. }
  258. // 初始化默认标签
  259. if(strlen(self::$systemConfig['initial_labels_for_user'])){
  260. $labels = explode(',', self::$systemConfig['initial_labels_for_user']);
  261. foreach($labels as $label){
  262. $userLabel = new UserLabel();
  263. $userLabel->user_id = $uid;
  264. $userLabel->label_id = $label;
  265. $userLabel->save();
  266. }
  267. }
  268. // 更新邀请码
  269. if(self::$systemConfig['is_invite_register'] && $affArr['code_id']){
  270. Invite::query()->where('id', $affArr['code_id'])->update(['fuid' => $uid, 'status' => 1]);
  271. }
  272. // 清除邀请人Cookie
  273. Cookie::unqueue('register_aff');
  274. // 发送激活邮件
  275. if(!self::$systemConfig['is_verify_register'] && self::$systemConfig['is_active_register']){
  276. // 生成激活账号的地址
  277. $token = md5(self::$systemConfig['website_name'].$request->username.microtime());
  278. $activeUserUrl = self::$systemConfig['website_url'].'/active/'.$token;
  279. $this->addVerify($uid, $token);
  280. $logId = Helpers::addEmailLog($request->username, '注册激活', '请求地址:'.$activeUserUrl);
  281. Mail::to($request->username)->send(new activeUser($logId, $activeUserUrl));
  282. Session::flash('regSuccessMsg', trans('auth.register_success_tip'));
  283. }else{
  284. // 则直接给推荐人加流量
  285. if($referral_uid){
  286. $transfer_enable = self::$systemConfig['referral_traffic']*1048576;
  287. $referralUser = User::query()->where('id', $referral_uid)->first();
  288. if($referralUser){
  289. if($referralUser->expire_time >= date('Y-m-d')){
  290. User::query()->where('id', $referral_uid)->increment('transfer_enable', $transfer_enable);
  291. }
  292. }
  293. }
  294. User::query()->where('id', $uid)->update(['status' => 1, 'enable' => 1]);
  295. Session::flash('regSuccessMsg', trans('auth.register_success'));
  296. }
  297. return Redirect::to('login')->withInput();
  298. }else{
  299. $view['emailList'] = self::$systemConfig['sensitiveType']? NULL : SensitiveWords::query()->where('type', 2)->get();
  300. Session::put('register_token', makeRandStr(16));
  301. return Response::view('auth.register', $view);
  302. }
  303. }
  304. // 重设密码页
  305. public function resetPassword(Request $request)
  306. {
  307. if($request->isMethod('POST')){
  308. // 校验请求
  309. $this->validate($request, [
  310. 'username' => 'required|email'
  311. ], [
  312. 'username.required' => trans('auth.email_null'),
  313. 'username.email' => trans('auth.email_legitimate')
  314. ]);
  315. // 是否开启重设密码
  316. if(!self::$systemConfig['is_reset_password']){
  317. return Redirect::back()->withErrors(trans('auth.reset_password_close', ['email' => self::$systemConfig['admin_email']]));
  318. }
  319. // 查找账号
  320. $user = User::query()->where('username', $request->username)->first();
  321. if(!$user){
  322. return Redirect::back()->withErrors(trans('auth.email_notExist'));
  323. }
  324. // 24小时内重设密码次数限制
  325. $resetTimes = 0;
  326. if(Cache::has('resetPassword_'.md5($request->username))){
  327. $resetTimes = Cache::get('resetPassword_'.md5($request->username));
  328. if($resetTimes >= self::$systemConfig['reset_password_times']){
  329. return Redirect::back()->withErrors(trans('auth.reset_password_limit', ['time' => self::$systemConfig['reset_password_times']]));
  330. }
  331. }
  332. // 生成取回密码的地址
  333. $token = $this->addVerifyUrl($user->id, $request->username);
  334. // 发送邮件
  335. $resetPasswordUrl = self::$systemConfig['website_url'].'/reset/'.$token;
  336. $logId = Helpers::addEmailLog($request->username, '重置密码', '请求地址:'.$resetPasswordUrl);
  337. Mail::to($request->username)->send(new resetPassword($logId, $resetPasswordUrl));
  338. Cache::put('resetPassword_'.md5($request->username), $resetTimes+1, 1440);
  339. return Redirect::back()->with('successMsg', trans('auth.reset_password_success_tip'));
  340. }else{
  341. return Response::view('auth.resetPassword');
  342. }
  343. }
  344. // 重设密码
  345. public function reset(Request $request, $token)
  346. {
  347. if(!$token){
  348. return Redirect::to('login');
  349. }
  350. if($request->isMethod('POST')){
  351. $this->validate($request, [
  352. 'password' => 'required|min:6',
  353. 'repassword' => 'required|same:password'
  354. ], [
  355. 'password.required' => trans('auth.password_null'),
  356. 'password.min' => trans('auth.password_limit'),
  357. 'repassword.required' => trans('auth.password_null'),
  358. 'repassword.min' => trans('auth.password_limit'),
  359. 'repassword.same' => trans('auth.password_same'),
  360. ]);
  361. // 校验账号
  362. $verify = Verify::type(1)->with('user')->where('token', $token)->first();
  363. if(!$verify){
  364. return Redirect::to('login');
  365. }elseif($verify->status == 1){
  366. return Redirect::back()->withErrors(trans('auth.overtime'));
  367. }elseif($verify->user->status < 0){
  368. return Redirect::back()->withErrors(trans('auth.email_banned'));
  369. }elseif(Hash::check($request->password, $verify->user->password)){
  370. return Redirect::back()->withErrors(trans('auth.reset_password_same_fail'));
  371. }
  372. // 更新密码
  373. $ret = User::query()->where('id', $verify->user_id)->update(['password' => Hash::make($request->password)]);
  374. if(!$ret){
  375. return Redirect::back()->withErrors(trans('auth.reset_password_fail'));
  376. }
  377. // 置为已使用
  378. $verify->status = 1;
  379. $verify->save();
  380. return Redirect::back()->with('successMsg', trans('auth.reset_password_new'));
  381. }else{
  382. $verify = Verify::type(1)->where('token', $token)->first();
  383. if(!$verify){
  384. return Redirect::to('login');
  385. }elseif(time()-strtotime($verify->created_at) >= 1800){
  386. // 置为已失效
  387. $verify->status = 2;
  388. $verify->save();
  389. }
  390. // 重新获取一遍verify
  391. $view['verify'] = Verify::type(1)->where('token', $token)->first();
  392. return Response::view('auth.reset', $view);
  393. }
  394. }
  395. // 激活账号页
  396. public function activeUser(Request $request)
  397. {
  398. if($request->isMethod('POST')){
  399. $this->validate($request, [
  400. 'username' => 'required|email|exists:user,username'
  401. ], [
  402. 'username.required' => trans('auth.email_null'),
  403. 'username.email' => trans('auth.email_legitimate'),
  404. 'username.exists' => trans('auth.email_notExist')
  405. ]);
  406. // 是否开启账号激活
  407. if(!self::$systemConfig['is_active_register']){
  408. return Redirect::back()->withInput()->withErrors(trans('auth.active_close', ['email' => self::$systemConfig['admin_email']]));
  409. }
  410. // 查找账号
  411. $user = User::query()->where('username', $request->username)->first();
  412. if($user->status < 0){
  413. return Redirect::back()->withErrors(trans('auth.login_ban', ['email' => self::$systemConfig['admin_email']]));
  414. }elseif($user->status > 0){
  415. return Redirect::back()->withErrors(trans('auth.email_normal'));
  416. }
  417. // 24小时内激活次数限制
  418. $activeTimes = 0;
  419. if(Cache::has('activeUser_'.md5($request->username))){
  420. $activeTimes = Cache::get('activeUser_'.md5($request->username));
  421. if($activeTimes >= self::$systemConfig['active_times']){
  422. return Redirect::back()->withErrors(trans('auth.active_limit', ['time' => self::$systemConfig['admin_email']]));
  423. }
  424. }
  425. // 生成激活账号的地址
  426. $token = $this->addVerifyUrl($user->id, $request->username);
  427. // 发送邮件
  428. $activeUserUrl = self::$systemConfig['website_url'].'/active/'.$token;
  429. $logId = Helpers::addEmailLog($request->username, '激活账号', '请求地址:'.$activeUserUrl);
  430. Mail::to($request->username)->send(new activeUser($logId, $activeUserUrl));
  431. Cache::put('activeUser_'.md5($request->username), $activeTimes+1, 1440);
  432. return Redirect::back()->with('successMsg', trans('auth.register_success_tip'));
  433. }else{
  434. return Response::view('auth.activeUser');
  435. }
  436. }
  437. // 激活账号
  438. public function active(Request $request, $token)
  439. {
  440. if(!$token){
  441. return Redirect::to('login');
  442. }
  443. $verify = Verify::type(1)->with('user')->where('token', $token)->first();
  444. if(!$verify){
  445. return Redirect::to('login');
  446. }elseif(empty($verify->user)){
  447. Session::flash('errorMsg', trans('auth.overtime'));
  448. return Response::view('auth.active');
  449. }elseif($verify->status > 0){
  450. Session::flash('errorMsg', trans('auth.overtime'));
  451. return Response::view('auth.active');
  452. }elseif($verify->user->status != 0){
  453. Session::flash('errorMsg', trans('auth.email_normal'));
  454. return Response::view('auth.active');
  455. }elseif(time()-strtotime($verify->created_at) >= 1800){
  456. Session::flash('errorMsg', trans('auth.overtime'));
  457. // 置为已失效
  458. $verify->status = 2;
  459. $verify->save();
  460. return Response::view('auth.active');
  461. }
  462. // 更新账号状态
  463. $ret = User::query()->where('id', $verify->user_id)->update(['status' => 1]);
  464. if(!$ret){
  465. Session::flash('errorMsg', trans('auth.active_fail'));
  466. return Redirect::back();
  467. }
  468. // 置为已使用
  469. $verify->status = 1;
  470. $verify->save();
  471. // 账号激活后给邀请人送流量
  472. if($verify->user->referral_uid){
  473. $transfer_enable = self::$systemConfig['referral_traffic']*1048576;
  474. User::query()->where('id', $verify->user->referral_uid)->increment('transfer_enable', $transfer_enable);
  475. User::query()->where('id', $verify->user->referral_uid)->update(['enable' => 1]);
  476. }
  477. Session::flash('successMsg', trans('auth.active_success'));
  478. return Response::view('auth.active');
  479. }
  480. // 发送注册验证码
  481. public function sendCode(Request $request)
  482. {
  483. $validator = Validator::make($request->all(), [
  484. 'username' => 'required|email|unique:user'
  485. ], [
  486. 'username.required' => trans('auth.email_null'),
  487. 'username.email' => trans('auth.email_legitimate'),
  488. 'username.unique' => trans('auth.email_exist')
  489. ]);
  490. if($validator->fails()){
  491. return Response::json(['status' => 'fail', 'data' => '', 'message' => $validator->getMessageBag()->first()]);
  492. }
  493. // 校验域名邮箱黑白名单
  494. if(self::$systemConfig['sensitiveType']){
  495. // 校验域名邮箱是否在黑名单中
  496. $sensitiveWords = $this->sensitiveWords(1);
  497. $usernameSuffix = explode('@', $request->username); // 提取邮箱后缀
  498. if(in_array(strtolower($usernameSuffix[1]), $sensitiveWords)){
  499. return Response::json(['status' => 'fail', 'data' => '', 'message' => trans('auth.email_banned')]);
  500. }
  501. }else{
  502. $sensitiveWords = $this->sensitiveWords(2);
  503. $usernameSuffix = explode('@', $request->username); // 提取邮箱后缀
  504. if(!in_array(strtolower($usernameSuffix[1]), $sensitiveWords)){
  505. return Response::json(['status' => 'fail', 'data' => '', 'message' => trans('auth.email_invalid')]);
  506. }
  507. }
  508. // 是否开启注册发送验证码
  509. if(!self::$systemConfig['is_verify_register']){
  510. return Response::json(['status' => 'fail', 'data' => '', 'message' => trans('auth.captcha_close')]);
  511. }
  512. // 防刷机制
  513. if(Cache::has('send_verify_code_'.md5(getClientIP()))){
  514. return Response::json(['status' => 'fail', 'data' => '', 'message' => trans('auth.register_anti')]);
  515. }
  516. // 发送邮件
  517. $code = makeRandStr(6, TRUE);
  518. $logId = Helpers::addEmailLog($request->username, '发送注册验证码', '验证码:'.$code);
  519. Mail::to($request->username)->send(new sendVerifyCode($logId, $code));
  520. $this->addVerifyCode($request->username, $code);
  521. Cache::put('send_verify_code_'.md5(getClientIP()), getClientIP(), 1);
  522. return Response::json(['status' => 'success', 'data' => '', 'message' => trans('auth.captcha_send')]);
  523. }
  524. // 公开的邀请码列表
  525. public function free(Request $request)
  526. {
  527. $view['inviteList'] = Invite::query()->where('uid', 0)->where('status', 0)->paginate();
  528. return Response::view('auth.free', $view);
  529. }
  530. // 切换语言
  531. public function switchLang(Request $request, $locale)
  532. {
  533. Session::put("locale", $locale);
  534. return Redirect::back();
  535. }
  536. /**
  537. * 添加用户登录日志
  538. *
  539. * @param string $userId 用户ID
  540. * @param string $ip IP地址
  541. */
  542. private function addUserLoginLog($userId, $ip)
  543. {
  544. if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)){
  545. Log::info('识别到IPv6,尝试解析:'.$ip);
  546. $ipInfo = getIPv6($ip);
  547. }else{
  548. $ipInfo = QQWry::ip($ip); // 通过纯真IP库解析IPv4信息
  549. if(isset($ipInfo['error'])){
  550. Log::info('无法识别IPv4,尝试使用IPIP的IP库解析:'.$ip);
  551. $ipip = IPIP::ip($ip);
  552. $ipInfo = [
  553. 'country' => $ipip['country_name'],
  554. 'province' => $ipip['region_name'],
  555. 'city' => $ipip['city_name']
  556. ];
  557. }else{
  558. // 判断纯真IP库获取的国家信息是否与IPIP的IP库获取的信息一致,不一致则用IPIP的(因为纯真IP库的非大陆IP准确率较低)
  559. $ipip = IPIP::ip($ip);
  560. if($ipInfo['country'] != $ipip['country_name']){
  561. $ipInfo['country'] = $ipip['country_name'];
  562. $ipInfo['province'] = $ipip['region_name'];
  563. $ipInfo['city'] = $ipip['city_name'];
  564. }
  565. }
  566. }
  567. if(empty($ipInfo) || empty($ipInfo['country'])){
  568. Log::warning("获取IP信息异常:".$ip);
  569. }
  570. $log = new UserLoginLog();
  571. $log->user_id = $userId;
  572. $log->ip = $ip;
  573. $log->country = $ipInfo['country'] ?? '';
  574. $log->province = $ipInfo['province'] ?? '';
  575. $log->city = $ipInfo['city'] ?? '';
  576. $log->county = $ipInfo['county'] ?? '';
  577. $log->isp = $ipInfo['isp'] ?? ($ipInfo['organization'] ?? '');
  578. $log->area = $ipInfo['area'] ?? '';
  579. $log->save();
  580. }
  581. /**
  582. * 获取AFF
  583. *
  584. * @param string $code 邀请码
  585. * @param int $aff URL中的aff参数
  586. *
  587. * @return array
  588. */
  589. private function getAff($code = '', $aff = '')
  590. {
  591. // 邀请人ID
  592. $referral_uid = 0;
  593. // 邀请码ID
  594. $code_id = 0;
  595. // 有邀请码先用邀请码,用谁的邀请码就给谁返利
  596. if($code){
  597. $inviteCode = Invite::query()->where('code', $code)->where('status', 0)->first();
  598. if($inviteCode){
  599. $referral_uid = $inviteCode->uid;
  600. $code_id = $inviteCode->id;
  601. }
  602. }
  603. // 没有用邀请码或者邀请码是管理员生成的,则检查cookie或者url链接
  604. if(!$referral_uid){
  605. // 检查一下cookie里有没有aff
  606. $cookieAff = \Request::hasCookie('register_aff')? \Request::cookie('register_aff') : 0;
  607. if($cookieAff){
  608. $affUser = User::query()->where('id', $cookieAff)->exists();
  609. $referral_uid = $affUser? $cookieAff : 0;
  610. }elseif($aff){ // 如果cookie里没有aff,就再检查一下请求的url里有没有aff,因为有些人的浏览器会禁用了cookie,比如chrome开了隐私模式
  611. $affUser = User::query()->where('id', $aff)->exists();
  612. $referral_uid = $affUser? $aff : 0;
  613. }
  614. }
  615. return [
  616. 'referral_uid' => $referral_uid,
  617. 'code_id' => $code_id
  618. ];
  619. }
  620. // 写入生成激活账号验证记录
  621. private function addVerify($userId, $token)
  622. {
  623. $verify = new Verify();
  624. $verify->type = 1;
  625. $verify->user_id = $userId;
  626. $verify->token = $token;
  627. $verify->status = 0;
  628. $verify->save();
  629. }
  630. // 生成注册验证码
  631. private function addVerifyCode($username, $code)
  632. {
  633. $verify = new VerifyCode();
  634. $verify->username = $username;
  635. $verify->code = $code;
  636. $verify->status = 0;
  637. $verify->save();
  638. }
  639. // 生成激活账号的地址
  640. private function addVerifyUrl($uid, $username)
  641. {
  642. $token = md5(self::$systemConfig['website_name'].$username.microtime());
  643. $verify = new Verify();
  644. $verify->type = 1;
  645. $verify->user_id = $uid;
  646. $verify->token = $token;
  647. $verify->status = 0;
  648. $verify->save();
  649. return $token;
  650. }
  651. }