* * This source file is subject to the MIT license that is bundled * with this source code in the file LICENSE. */ namespace App\Http\Controllers\Admin\Base; use App\Http\Controllers\Controller; use App\Http\Middleware\SingleLoginLimit; use App\Mail\NoticeMail; use App\Repositories\Enums\ModelStatusEnum; use App\Repositories\Enums\ResponseCodeEnum; use App\Repositories\Models\Base\Admin; use App\Repositories\Transformers\Base\AdminTransformer; use App\Services\AdvancedRateLimiterServices; use Carbon\Carbon; use Illuminate\Http\Request; use Illuminate\Support\Facades\Cache; use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Mail; use Jiannei\Response\Laravel\Support\Facades\Response; class AuthController extends Controller { /** * Create a new controller instance. */ public function __construct() { $this->middleware('throttle:10,1', ['only' => ['login']]); } /** * 登录 * Author: Mead */ public function login(Request $request, AdvancedRateLimiterServices $advancedRateLimiterServices) { $this->validate($request, [ 'username' => 'required', 'password' => 'required|min:6' ]); $credentials = request(['username', 'password']); $credentials['password'] = base64_decode($credentials['password']); $credentials['status'] = ModelStatusEnum::OK; $msg = $advancedRateLimiterServices->isLogin($request); if ($msg) { return Response::fail($msg); } if (!$token = auth()->guard('admins')->attempt($credentials)) { $advancedRateLimiterServices->main($request); return Response::fail('账号或密码不对！', ResponseCodeEnum::SERVICE_LOGIN_ERROR); } $user = auth('admins')->user(); $advancedRateLimiterServices->clear($request); SingleLoginLimit::setToken('admins', $user->id, $token); $user = (new AdminTransformer())->transform($user); $permissions = login_admin()->getAllPermissions()->pluck('name'); return Response::success(compact('token', 'user', 'permissions')); } /** * 退出 * @return mixed * Author: Mead */ public function logout() { auth('admins')->logout(); return Response::noContent(); } /** * 用户 * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Resources\Json\JsonResource * Author: Mead */ public function me() { $me = (new AdminTransformer())->transform(Admin::query()->find(login_admin_id())); return Response::success($me); } /** * 更新用户信息 * @param Request $request * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Resources\Json\Resource * @throws \Illuminate\Validation\ValidationException * Author: Mead */ public function update(Request $request) { $this->validate($request, [ // 'username' => 'required|min:6', 'name' => 'required', 'password' => 'sometimes|confirmed', // 'headimg' => 'sometimes', // 'department_id' => 'required', 'mobile' => 'required|mobile', 'email' => 'required|email', // 'status' => 'required', ]); try { $data = $request->only(['name', 'password', 'mobile', 'email', 'department_id']); if (isset($data['password']) && $data['password']) { $data['password'] = Hash::make($data['password']); } else { unset($data['password']); } $re = Admin::query()->where('id', login_admin_id())->update($data); if ($re) { return Response::success(null); } return $this->errorFail(); } catch (\Exception $e) { $this->error($e); } } /** * 找回密码，发送验证码 * Author: Mead */ public function sendValidationCode(Request $request) { $this->validate($request, [ 'username' => 'required|min:5' ]); $username = $request->get('username'); $admin = Admin::query()->where('username', $username)->first(); if (!$admin) { return Response::fail('找不到该账号'); } if (empty($admin->email)) { return Response::fail('该账号邮箱为空，请联系管理员重置密码！'); } $code = rand(1000, 9000); Cache::put('sendValidationCode:username:' . $username, $code, Carbon::now()->addMinutes(5)); Mail::to($admin->email)->send(new NoticeMail('找回密码-' . config('app.name'), "您正在找回登录密码，验证码:{$code}，如非本人操作，请注意账号安全。")); return Response::success(null); } /** * 重置密码 * @param Request $request * Author: Mead */ public function retrievePassword(Request $request) { $this->validate($request, [ 'username' => 'required|min:5', 'code' => 'required|size:4', 'password' => 'required|min:6|confirmed', ]); if ($password = $request->get('password')) { if ($msg = check_password($password)) { return Response::fail($msg); } } $username = $request->get('username'); $code = $request->get('code'); $validation_code = Cache::get('sendValidationCode:username:' . $username); if ((string)$code !== (string)$validation_code) { return Response::fail('验证码错误'); } $admin = Admin::query()->where('username', $username)->first(); if (!$admin) { return Response::fail('找不到该账号'); } $admin->password = Hash::make($request->get('password')); $admin->save(); return Response::success(null); } /** * 查找账号的邮箱 * @param Request $request * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Resources\Json\JsonResource * @throws \Illuminate\Validation\ValidationException * Author: Mead */ public function findEmail(Request $request) { $this->validate($request, [ 'username' => 'required|min:5' ]); $username = $request->get('username'); $email = Admin::query()->where('username', $username)->value('email'); return Response::success(compact('email')); } /** * 重置密码 * @param Request $request * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Resources\Json\Resource * @throws \Illuminate\Validation\ValidationException * Author: Mead */ public function resetPassword(Request $request) { $this->validate($request, [ 'id' => 'required', 'password' => 'required|min:6|confirmed', ]); $id = $request->get('id'); $admin = Admin::query()->where('id', $id)->first(); if (!$admin) { return Response::fail('找不到该账号'); } $admin->password = Hash::make($request->get('password')); $admin->save(); return Response::success(null); } }