AuthController.php 27 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770
  1. <?php
  2. namespace App\Http\Controllers;
  3. use App\Components\Helpers;
  4. use App\Components\IP;
  5. use App\Mail\activeUser;
  6. use App\Mail\resetPassword;
  7. use App\Mail\sendVerifyCode;
  8. use App\Models\EmailFilter;
  9. use App\Models\Invite;
  10. use App\Models\User;
  11. use App\Models\UserLoginLog;
  12. use App\Models\Verify;
  13. use App\Models\VerifyCode;
  14. use Auth;
  15. use Cache;
  16. use Captcha;
  17. use Cookie;
  18. use Hash;
  19. use Illuminate\Http\RedirectResponse;
  20. use Illuminate\Http\Request;
  21. use Log;
  22. use Mail;
  23. use Redirect;
  24. use Response;
  25. use Session;
  26. use Str;
  27. use Validator;
  28. /**
  29. * 认证控制器.
  30. *
  31. * Class AuthController
  32. */
  33. class AuthController extends Controller
  34. {
  35. // 登录
  36. public function login(Request $request)
  37. {
  38. if ($request->isMethod('POST')) {
  39. $validator = Validator::make($request->all(), [
  40. 'email' => 'required|email',
  41. 'password' => 'required',
  42. ], [
  43. 'email.required' => trans('auth.email_null'),
  44. 'password.required' => trans('auth.password_null'),
  45. ]);
  46. if ($validator->fails()) {
  47. return Redirect::back()->withInput()->withErrors($validator->errors());
  48. }
  49. $email = $request->input('email');
  50. $password = $request->input('password');
  51. $remember = $request->input('remember');
  52. // 是否校验验证码
  53. $captcha = $this->check_captcha($request);
  54. if ($captcha !== false) {
  55. return $captcha;
  56. }
  57. // 验证账号并创建会话
  58. if (! Auth::attempt(['email' => $email, 'password' => $password], $remember)) {
  59. return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
  60. }
  61. $user = Auth::getUser();
  62. if (! $user) {
  63. return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
  64. }
  65. // 校验普通用户账号状态
  66. if (! $user->is_admin) {
  67. if ($user->status < 0) {
  68. Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话
  69. return Redirect::back()->withInput()->withErrors(trans('auth.login_ban', ['email' => sysConfig('webmaster_email')]));
  70. }
  71. if ($user->status === 0 && sysConfig('is_activate_account')) {
  72. Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话
  73. return Redirect::back()->withInput()->withErrors(trans('auth.active_tip').'<a href="'.route('active').'?email='.$email.'" target="_blank"><span style="color:#000">【'.trans('auth.active_account').'】</span></a>');
  74. }
  75. }
  76. // 写入登录日志
  77. $this->addUserLoginLog($user->id, IP::getClientIp());
  78. // 更新登录信息
  79. Auth::getUser()->update(['last_login' => time()]);
  80. // 根据权限跳转
  81. if ($user->is_admin) {
  82. return Redirect::route('admin.index');
  83. }
  84. return Redirect::route('home');
  85. }
  86. if (Auth::check()) {
  87. if (Auth::getUser()->is_admin) {
  88. return Redirect::route('admin.index');
  89. }
  90. return Redirect::route('home');
  91. }
  92. return view('auth.login');
  93. }
  94. // 校验验证码
  95. private function check_captcha($request)
  96. {
  97. switch (sysConfig('is_captcha')) {
  98. case 1: // 默认图形验证码
  99. if (! Captcha::check($request->input('captcha'))) {
  100. return Redirect::back()->withInput()->withErrors(trans('auth.captcha_error'));
  101. }
  102. break;
  103. case 2: // Geetest
  104. $validator = Validator::make($request->all(), [
  105. 'geetest_challenge' => 'required|geetest',
  106. ], [
  107. 'geetest' => trans('auth.captcha_fail'),
  108. ]);
  109. if ($validator->fails()) {
  110. return Redirect::back()->withInput()->withErrors(trans('auth.captcha_fail'));
  111. }
  112. break;
  113. case 3: // Google reCAPTCHA
  114. $validator = Validator::make($request->all(), [
  115. 'g-recaptcha-response' => 'required|NoCaptcha',
  116. ]);
  117. if ($validator->fails()) {
  118. return Redirect::back()->withInput()->withErrors(trans('auth.captcha_fail'));
  119. }
  120. break;
  121. case 4: // hCaptcha
  122. $validator = Validator::make($request->all(), [
  123. 'h-captcha-response' => 'required|HCaptcha',
  124. ]);
  125. if ($validator->fails()) {
  126. return Redirect::back()->withInput()->withErrors(trans('auth.captcha_fail'));
  127. }
  128. break;
  129. default: // 不启用验证码
  130. break;
  131. }
  132. return false;
  133. }
  134. /**
  135. * 添加用户登录日志.
  136. *
  137. * @param int $userId 用户ID
  138. * @param string $ip IP地址
  139. */
  140. private function addUserLoginLog(int $userId, string $ip): void
  141. {
  142. $ipLocation = IP::getIPInfo($ip);
  143. if (empty($ipLocation) || empty($ipLocation['country'])) {
  144. Log::warning('获取IP信息异常:'.$ip);
  145. }
  146. $log = new UserLoginLog();
  147. $log->user_id = $userId;
  148. $log->ip = $ip;
  149. $log->country = $ipLocation['country'] ?? '';
  150. $log->province = $ipLocation['province'] ?? '';
  151. $log->city = $ipLocation['city'] ?? '';
  152. $log->county = $ipLocation['county'] ?? '';
  153. $log->isp = $ipLocation['isp'] ?? ($ipLocation['organization'] ?? '');
  154. $log->area = $ipLocation['area'] ?? '';
  155. $log->save();
  156. }
  157. // 退出
  158. public function logout(): RedirectResponse
  159. {
  160. Auth::logout();
  161. return Redirect::route('login');
  162. }
  163. // 注册
  164. public function register(Request $request)
  165. {
  166. $cacheKey = 'register_times_'.md5(IP::getClientIp()); // 注册限制缓存key
  167. if ($request->isMethod('POST')) {
  168. $validator = Validator::make($request->all(), [
  169. 'username' => 'required',
  170. 'email' => 'required|email|unique:user',
  171. 'password' => 'required|min:6',
  172. 'confirmPassword' => 'required|same:password',
  173. 'term' => 'accepted',
  174. ], [
  175. 'username.required' => trans('auth.email_null'),
  176. 'email.required' => trans('auth.email_null'),
  177. 'email.email' => trans('auth.email_legitimate'),
  178. 'email.unique' => trans('auth.email_exist'),
  179. 'password.required' => trans('auth.password_null'),
  180. 'password.min' => trans('auth.password_limit'),
  181. 'confirmPassword.required' => trans('auth.confirm_password'),
  182. 'confirmPassword.same' => trans('auth.password_same'),
  183. 'term.accepted' => trans('auth.unaccepted'),
  184. ]);
  185. if ($validator->fails()) {
  186. return Redirect::back()->withInput()->withErrors($validator->errors());
  187. }
  188. $username = $request->input('username');
  189. $email = $request->input('email');
  190. $password = $request->input('password');
  191. $register_token = $request->input('register_token');
  192. $code = $request->input('code');
  193. $verify_code = $request->input('verify_code');
  194. $aff = (int) $request->input('aff');
  195. // 防止重复提交
  196. if ($register_token !== Session::get('register_token')) {
  197. return Redirect::back()->withInput()->withErrors(trans('auth.repeat_request'));
  198. }
  199. Session::forget('register_token');
  200. // 是否开启注册
  201. if (! sysConfig('is_register')) {
  202. return Redirect::back()->withErrors(trans('auth.register_close'));
  203. }
  204. // 校验域名邮箱黑白名单
  205. if (sysConfig('is_email_filtering')) {
  206. $result = $this->emailChecker($email, 1);
  207. if ($result !== false) {
  208. return $result;
  209. }
  210. }
  211. // 如果需要邀请注册
  212. if (sysConfig('is_invite_register')) {
  213. // 校验邀请码合法性
  214. if ($code) {
  215. if (Invite::whereCode($code)->whereStatus(0)->doesntExist()) {
  216. return Redirect::back()->withInput($request->except('code'))->withErrors(trans('auth.code_error'));
  217. }
  218. } elseif (sysConfig('is_invite_register') == 2) { // 必须使用邀请码
  219. return Redirect::back()->withInput()->withErrors(trans('auth.code_null'));
  220. }
  221. }
  222. // 注册前发送激活码
  223. if (sysConfig('is_activate_account') == 1) {
  224. if (! $verify_code) {
  225. return Redirect::back()->withInput($request->except('verify_code'))->withErrors(trans('auth.captcha_null'));
  226. }
  227. $verifyCode = VerifyCode::whereAddress($email)->whereCode($verify_code)->whereStatus(0)->first();
  228. if (! $verifyCode) {
  229. return Redirect::back()->withInput($request->except('verify_code'))->withErrors(trans('auth.captcha_overtime'));
  230. }
  231. $verifyCode->status = 1;
  232. $verifyCode->save();
  233. }
  234. // 是否校验验证码
  235. $captcha = $this->check_captcha($request);
  236. if ($captcha !== false) {
  237. return $captcha;
  238. }
  239. // 24小时内同IP注册限制
  240. if (sysConfig('register_ip_limit') && Cache::has($cacheKey)) {
  241. $registerTimes = Cache::get($cacheKey);
  242. if ($registerTimes >= sysConfig('register_ip_limit')) {
  243. return Redirect::back()->withInput($request->except('code'))->withErrors(trans('auth.register_anti'));
  244. }
  245. }
  246. // 获取可用端口
  247. $port = Helpers::getPort();
  248. if ($port > sysConfig('max_port')) {
  249. return Redirect::back()->withInput()->withErrors(trans('auth.register_close'));
  250. }
  251. // 获取aff
  252. $affArr = $this->getAff($code, $aff);
  253. $inviter_id = $affArr['inviter_id'];
  254. $transfer_enable = MB * ((int) sysConfig('default_traffic') + ($inviter_id ? (int) sysConfig('referral_traffic') : 0));
  255. // 创建新用户
  256. $uid = Helpers::addUser($email, $password, $transfer_enable, sysConfig('default_days'), $inviter_id);
  257. // 注册失败,抛出异常
  258. if (! $uid) {
  259. return Redirect::back()->withInput()->withErrors(trans('auth.register_fail'));
  260. }
  261. // 更新昵称
  262. User::find($uid)->update(['username' => $username]);
  263. // 注册次数+1
  264. if (Cache::has($cacheKey)) {
  265. Cache::increment($cacheKey);
  266. } else {
  267. Cache::put($cacheKey, 1, Day); // 24小时
  268. }
  269. // 更新邀请码
  270. if ($affArr['code_id'] && sysConfig('is_invite_register')) {
  271. Invite::find($affArr['code_id'])->update(['invitee_id' => $uid, 'status' => 1]);
  272. }
  273. // 清除邀请人Cookie
  274. Cookie::unqueue('register_aff');
  275. // 注册后发送激活码
  276. if (sysConfig('is_activate_account') == 2) {
  277. // 生成激活账号的地址
  278. $token = $this->addVerifyUrl($uid, $email);
  279. $activeUserUrl = route('activeAccount', $token);
  280. $logId = Helpers::addNotificationLog('注册激活', '请求地址:'.$activeUserUrl, 1, $email);
  281. Mail::to($email)->send(new activeUser($logId, $activeUserUrl));
  282. Session::flash('successMsg', trans('auth.register_active_tip'));
  283. } else {
  284. // 则直接给推荐人加流量
  285. if ($inviter_id) {
  286. $referralUser = User::find($inviter_id);
  287. if ($referralUser && $referralUser->expired_at >= date('Y-m-d')) {
  288. $referralUser->incrementData(sysConfig('referral_traffic') * MB);
  289. }
  290. }
  291. if (sysConfig('is_activate_account') == 1) {
  292. User::find($uid)->update(['status' => 1]);
  293. }
  294. Session::flash('successMsg', trans('auth.register_success'));
  295. }
  296. return Redirect::route('login')->withInput();
  297. }
  298. $view['emailList'] = sysConfig('is_email_filtering') != 2 ? false : EmailFilter::whereType(2)->get();
  299. Session::put('register_token', Str::random());
  300. return view('auth.register', $view);
  301. }
  302. //邮箱检查
  303. private function emailChecker($email, $returnType = 0)
  304. {
  305. $emailFilterList = $this->emailFilterList(sysConfig('is_email_filtering'));
  306. $emailSuffix = explode('@', $email); // 提取邮箱后缀
  307. switch (sysConfig('is_email_filtering')) {
  308. // 黑名单
  309. case 1:
  310. if (in_array(strtolower($emailSuffix[1]), $emailFilterList, true)) {
  311. if ($returnType) {
  312. return Redirect::back()->withErrors(trans('auth.email_banned'));
  313. }
  314. return Response::json(['status' => 'fail', 'message' => trans('auth.email_banned')]);
  315. }
  316. break;
  317. //白名单
  318. case 2:
  319. if (! in_array(strtolower($emailSuffix[1]), $emailFilterList, true)) {
  320. if ($returnType) {
  321. return Redirect::back()->withErrors(trans('auth.email_invalid'));
  322. }
  323. return Response::json(['status' => 'fail', 'message' => trans('auth.email_invalid')]);
  324. }
  325. break;
  326. default:
  327. if ($returnType) {
  328. return Redirect::back()->withErrors(trans('auth.email_invalid'));
  329. }
  330. return Response::json(['status' => 'fail', 'message' => trans('auth.email_invalid')]);
  331. }
  332. return false;
  333. }
  334. /**
  335. * 获取AFF.
  336. *
  337. * @param string|null $code 邀请码
  338. * @param int|null $aff URL中的aff参数
  339. *
  340. * @return array
  341. */
  342. private function getAff($code = null, $aff = null): array
  343. {
  344. $data = ['inviter_id' => null, 'code_id' => 0]; // 邀请人ID 与 邀请码ID
  345. // 有邀请码先用邀请码,用谁的邀请码就给谁返利
  346. if ($code) {
  347. $inviteCode = Invite::whereCode($code)->whereStatus(0)->first();
  348. if ($inviteCode) {
  349. $data['inviter_id'] = $inviteCode->inviter_id;
  350. $data['code_id'] = $inviteCode->id;
  351. }
  352. }
  353. // 没有用邀请码或者邀请码是管理员生成的,则检查cookie或者url链接
  354. if (! $data['inviter_id']) {
  355. // 检查一下cookie里有没有aff
  356. $cookieAff = \Request::hasCookie('register_aff') ? \Request::cookie('register_aff') : 0;
  357. if ($cookieAff) {
  358. $data['inviter_id'] = User::find($cookieAff) ? $cookieAff : 0;
  359. } elseif ($aff) { // 如果cookie里没有aff,就再检查一下请求的url里有没有aff,因为有些人的浏览器会禁用了cookie,比如chrome开了隐私模式
  360. $data['inviter_id'] = User::find($aff) ? $aff : 0;
  361. }
  362. }
  363. return $data;
  364. }
  365. // 生成申请的请求地址
  366. private function addVerifyUrl($uid, $email)
  367. {
  368. $token = md5(sysConfig('website_name').$email.microtime());
  369. $verify = new Verify();
  370. $verify->type = 1;
  371. $verify->user_id = $uid;
  372. $verify->token = $token;
  373. $verify->status = 0;
  374. $verify->save();
  375. return $token;
  376. }
  377. // 重设密码页
  378. public function resetPassword(Request $request)
  379. {
  380. if ($request->isMethod('POST')) {
  381. // 校验请求
  382. $validator = Validator::make($request->all(), [
  383. 'email' => 'required|email',
  384. ], [
  385. 'email.required' => trans('auth.email_null'),
  386. 'email.email' => trans('auth.email_legitimate'),
  387. ]);
  388. if ($validator->fails()) {
  389. return Redirect::back()->withInput()->withErrors($validator->errors());
  390. }
  391. $email = $request->input('email');
  392. // 是否开启重设密码
  393. if (! sysConfig('is_reset_password')) {
  394. return Redirect::back()->withErrors(trans('auth.reset_password_close', ['email' => sysConfig('webmaster_email')]));
  395. }
  396. // 查找账号
  397. $user = User::whereEmail($email)->first();
  398. if (! $user) {
  399. return Redirect::back()->withErrors(trans('auth.email_notExist'));
  400. }
  401. // 24小时内重设密码次数限制
  402. $resetTimes = 0;
  403. if (Cache::has('resetPassword_'.md5($email))) {
  404. $resetTimes = Cache::get('resetPassword_'.md5($email));
  405. if ($resetTimes >= sysConfig('reset_password_times')) {
  406. return Redirect::back()->withErrors(trans('auth.reset_password_limit', ['time' => sysConfig('reset_password_times')]));
  407. }
  408. }
  409. // 生成取回密码的地址
  410. $token = $this->addVerifyUrl($user->id, $email);
  411. // 发送邮件
  412. $resetPasswordUrl = route('resettingPasswd', $token);
  413. $logId = Helpers::addNotificationLog('重置密码', '请求地址:'.$resetPasswordUrl, 1, $email);
  414. Mail::to($email)->send(new resetPassword($logId, $resetPasswordUrl));
  415. Cache::put('resetPassword_'.md5($email), $resetTimes + 1, Day);
  416. return Redirect::back()->with('successMsg', trans('auth.reset_password_success_tip'));
  417. }
  418. return view('auth.resetPassword');
  419. }
  420. // 重设密码
  421. public function reset(Request $request, $token)
  422. {
  423. if (! $token) {
  424. return Redirect::route('login');
  425. }
  426. if ($request->isMethod('POST')) {
  427. $validator = Validator::make($request->all(), [
  428. 'password' => 'required|min:6',
  429. 'confirmPassword' => 'required|same:password',
  430. ], [
  431. 'password.required' => trans('auth.password_null'),
  432. 'password.min' => trans('auth.password_limit'),
  433. 'confirmPassword.required' => trans('auth.password_null'),
  434. 'confirmPassword.min' => trans('auth.password_limit'),
  435. 'confirmPassword.same' => trans('auth.password_same'),
  436. ]);
  437. if ($validator->fails()) {
  438. return Redirect::back()->withInput()->withErrors($validator->errors());
  439. }
  440. $password = $request->input('password');
  441. // 校验账号
  442. $verify = Verify::type(1)->whereToken($token)->first();
  443. $user = $verify->user;
  444. if (! $verify) {
  445. return Redirect::route('login');
  446. }
  447. if ($verify->status === 1) {
  448. return Redirect::back()->withErrors(trans('auth.overtime'));
  449. }
  450. if ($user->status < 0) {
  451. return Redirect::back()->withErrors(trans('auth.email_banned'));
  452. }
  453. if (Hash::check($password, $verify->user->password)) {
  454. return Redirect::back()->withErrors(trans('auth.reset_password_same_fail'));
  455. }
  456. // 更新密码
  457. if (! $user->update(['password' => $password])) {
  458. return Redirect::back()->withErrors(trans('auth.reset_password_fail'));
  459. }
  460. // 置为已使用
  461. $verify->status = 1;
  462. $verify->save();
  463. return Redirect::route('login')->with('successMsg', trans('auth.reset_password_new'));
  464. }
  465. $verify = Verify::type(1)->whereToken($token)->first();
  466. if (! $verify) {
  467. return Redirect::route('login');
  468. }
  469. if (time() - strtotime($verify->created_at) >= 1800) {
  470. // 置为已失效
  471. $verify->status = 2;
  472. $verify->save();
  473. }
  474. // 重新获取一遍verify
  475. $view['verify'] = Verify::type(1)->whereToken($token)->first();
  476. return view('auth.reset', $view);
  477. }
  478. // 激活账号页
  479. public function activeUser(Request $request)
  480. {
  481. if ($request->isMethod('POST')) {
  482. $validator = Validator::make($request->all(), [
  483. 'email' => 'required|email|exists:user,email',
  484. ], [
  485. 'email.required' => trans('auth.email_null'),
  486. 'email.email' => trans('auth.email_legitimate'),
  487. 'email.exists' => trans('auth.email_notExist'),
  488. ]);
  489. if ($validator->fails()) {
  490. return Redirect::back()->withInput()->withErrors($validator->errors());
  491. }
  492. $email = $request->input('email');
  493. // 是否开启账号激活
  494. if (sysConfig('is_activate_account') != 2) {
  495. return Redirect::back()->withInput()->withErrors(trans('auth.active_close', ['email' => sysConfig('webmaster_email')]));
  496. }
  497. // 查找账号
  498. $user = User::whereEmail($email)->firstOrFail();
  499. if ($user->status < 0) {
  500. return Redirect::back()->withErrors(trans('auth.login_ban', ['email' => sysConfig('webmaster_email')]));
  501. }
  502. if ($user->status > 0) {
  503. return Redirect::back()->withErrors(trans('auth.email_normal'));
  504. }
  505. // 24小时内激活次数限制
  506. $activeTimes = 0;
  507. if (Cache::has('activeUser_'.md5($email))) {
  508. $activeTimes = Cache::get('activeUser_'.md5($email));
  509. if ($activeTimes >= sysConfig('active_times')) {
  510. return Redirect::back()->withErrors(trans('auth.active_limit', ['time' => sysConfig('webmaster_email')]));
  511. }
  512. }
  513. // 生成激活账号的地址
  514. $token = $this->addVerifyUrl($user->id, $email);
  515. // 发送邮件
  516. $activeUserUrl = route('activeAccount', $token);
  517. $logId = Helpers::addNotificationLog('激活账号', '请求地址:'.$activeUserUrl, 1, $email);
  518. Mail::to($email)->send(new activeUser($logId, $activeUserUrl));
  519. Cache::put('activeUser_'.md5($email), $activeTimes + 1, Day);
  520. return Redirect::back()->with('successMsg', trans('auth.register_active_tip'));
  521. }
  522. return view('auth.activeUser');
  523. }
  524. // 激活账号
  525. public function active($token)
  526. {
  527. if (! $token) {
  528. return Redirect::route('login');
  529. }
  530. $verify = Verify::type(1)->with('user')->whereToken($token)->first();
  531. $user = $verify->user;
  532. if (! $verify) {
  533. return Redirect::route('login');
  534. }
  535. if (empty($user)) {
  536. Session::flash('errorMsg', trans('auth.overtime'));
  537. return view('auth.active');
  538. }
  539. if ($verify->status > 0) {
  540. Session::flash('errorMsg', trans('auth.overtime'));
  541. return view('auth.active');
  542. }
  543. if ($user->status !== 0) {
  544. Session::flash('errorMsg', trans('auth.email_normal'));
  545. return view('auth.active');
  546. }
  547. if (time() - strtotime($verify->created_at) >= 1800) {
  548. Session::flash('errorMsg', trans('auth.overtime'));
  549. // 置为已失效
  550. $verify->status = 2;
  551. $verify->save();
  552. return view('auth.active');
  553. }
  554. // 更新账号状态
  555. if (! $user->update(['status' => 1])) {
  556. Session::flash('errorMsg', trans('auth.active_fail'));
  557. return Redirect::back();
  558. }
  559. // 置为已使用
  560. $verify->status = 1;
  561. $verify->save();
  562. // 账号激活后给邀请人送流量
  563. $inviter = $user->inviter;
  564. if ($inviter) {
  565. $inviter->incrementData(sysConfig('referral_traffic') * MB);
  566. }
  567. Session::flash('successMsg', trans('auth.active_success'));
  568. return view('auth.active');
  569. }
  570. // 发送注册验证码
  571. public function sendCode(Request $request)
  572. {
  573. $validator = Validator::make($request->all(), [
  574. 'email' => 'required|email|unique:user',
  575. ], [
  576. 'email.required' => trans('auth.email_null'),
  577. 'email.email' => trans('auth.email_legitimate'),
  578. 'email.unique' => trans('auth.email_exist'),
  579. ]);
  580. $email = $request->input('email');
  581. if ($validator->fails()) {
  582. return Response::json(['status' => 'fail', 'message' => $validator->getMessageBag()->first()]);
  583. }
  584. $ip = IP::getClientIP();
  585. // 校验域名邮箱黑白名单
  586. if (sysConfig('is_email_filtering')) {
  587. $result = $this->emailChecker($email);
  588. if ($result !== false) {
  589. return $result;
  590. }
  591. }
  592. // 是否开启注册发送验证码
  593. if (sysConfig('is_activate_account') != 1) {
  594. return Response::json(['status' => 'fail', 'message' => trans('auth.captcha_close')]);
  595. }
  596. // 防刷机制
  597. if (Cache::has('send_verify_code_'.md5($ip))) {
  598. return Response::json(['status' => 'fail', 'message' => trans('auth.register_anti')]);
  599. }
  600. // 发送邮件
  601. $code = Str::random(6);
  602. $logId = Helpers::addNotificationLog('发送注册验证码', '验证码:'.$code, 1, $email);
  603. Mail::to($email)->send(new sendVerifyCode($logId, $code));
  604. $this->addVerifyCode($email, $code);
  605. Cache::put('send_verify_code_'.md5($ip), $ip, Minute);
  606. return Response::json(['status' => 'success', 'message' => trans('auth.captcha_send')]);
  607. }
  608. // 生成注册验证码
  609. private function addVerifyCode($email, $code): void
  610. {
  611. $verify = new VerifyCode();
  612. $verify->address = $email;
  613. $verify->code = $code;
  614. $verify->status = 0;
  615. $verify->save();
  616. }
  617. // 公开的邀请码列表
  618. public function free()
  619. {
  620. $view['inviteList'] = Invite::whereInviterId(0)->whereStatus(0)->paginate();
  621. return view('auth.free', $view);
  622. }
  623. // 切换语言
  624. public function switchLang($locale): RedirectResponse
  625. {
  626. Session::put('locale', $locale);
  627. return Redirect::back();
  628. }
  629. }