BitMaster/ProxyPanel
1
0
Fork 0
mirror of https://github.com/ProxyPanel/ProxyPanel.git synced 2026-04-03 11:09:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

微拆分 auth操作

Browse Source
This commit is contained in:
兔姬桑
2020-12-30 09:54:29 +08:00
parent 51520ec2d5
commit 330158f2fb
6 changed files with 265 additions and 235 deletions
Download Patch File Download Diff File Expand all files Collapse all files

451
app/Http/Controllers/AuthController.php
View File

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
use App\Components\Helpers;
use App\Components\IP;
use App\Http\Requests\Auth\RegisterRequest;
use App\Mail\activeUser;
use App\Mail\resetPassword;
use App\Mail\sendVerifyCode;
@@ -36,57 +37,8 @@ use Validator;
class AuthController extends Controller
{
// 登录
public function login(Request $request)
public function showLoginForm()
{
if ($request->isMethod('POST')) {
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
], [
'email.required' => trans('auth.email_null'),
'password.required' => trans('auth.password_null'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
// 是否校验验证码
$captcha = $this->check_captcha($request);
if ($captcha !== false) {
return $captcha;
}
// 验证账号并创建会话
if (! Auth::attempt($validator->validated(), $request->input('remember'))) {
return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
}
$user = Auth::getUser();
if (! $user) {
return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
}
// 校验普通用户账号状态
if ($user->status < 0) {
Auth::logout(); // 强制销毁会话因为Auth::attempt的时候会产生会话
return Redirect::back()->withInput()->withErrors(trans('auth.login_ban', ['email' => sysConfig('webmaster_email')]));
}
if ($user->status === 0 && sysConfig('is_activate_account')) {
Auth::logout(); // 强制销毁会话因为Auth::attempt的时候会产生会话
return Redirect::back()->withInput()->withErrors(trans('auth.active_tip').'<a href="'.route('active').'?email='.$user->email.'" target="_blank"><span style="color:#000">【'.trans('auth.active_account').'】</span></a>');
}
// 写入登录日志
$this->addUserLoginLog($user->id, IP::getClientIp());
// 更新登录信息
$user->update(['last_login' => time()]);
}
// 根据权限跳转
if (Auth::check()) {
if (Auth::getUser()->hasPermissionTo('admin.index') || Auth::getUser()->hasRole('Super Admin')) {
@@ -99,6 +51,58 @@ class AuthController extends Controller
return view('auth.login');
}
public function login(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
], [
'email.required' => trans('auth.email_null'),
'password.required' => trans('auth.password_null'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
// 是否校验验证码
$captcha = $this->check_captcha($request);
if ($captcha !== false) {
return $captcha;
}
// 验证账号并创建会话
if (! Auth::attempt($validator->validated(), $request->input('remember'))) {
return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
}
$user = Auth::getUser();
if (! $user) {
return Redirect::back()->withInput()->withErrors(trans('auth.login_error'));
}
// 校验普通用户账号状态
if ($user->status < 0) {
Auth::logout(); // 强制销毁会话因为Auth::attempt的时候会产生会话
return Redirect::back()->withInput()->withErrors(trans('auth.login_ban', ['email' => sysConfig('webmaster_email')]));
}
if ($user->status === 0 && sysConfig('is_activate_account')) {
Auth::logout(); // 强制销毁会话因为Auth::attempt的时候会产生会话
return Redirect::back()->withInput()->withErrors(trans('auth.active_tip').'<a href="'.route('active').'?email='.$user->email.'" target="_blank"><span style="color:#000">【'.trans('auth.active_account').'】</span></a>');
}
// 写入登录日志
$this->addUserLoginLog($user->id, IP::getClientIp());
// 更新登录信息
$user->update(['last_login' => time()]);
return redirect()->back();
}
// 校验验证码
private function check_captcha(Request $request)
{
@@ -178,175 +182,173 @@ class AuthController extends Controller
return Redirect::route('login');
}
// 注册
public function register(Request $request)
public function showRegistrationForm()
{
$cacheKey = 'register_times_'.md5(IP::getClientIp()); // 注册限制缓存key
if ($request->isMethod('POST')) {
$validator = Validator::make($request->all(), [
'username' => 'required',
'email' => 'required|email|unique:user',
'password' => 'required|min:6',
'confirmPassword' => 'required|same:password',
'term' => 'accepted',
], [
'username.required' => trans('auth.email_null'),
'email.required' => trans('auth.email_null'),
'email.email' => trans('auth.email_legitimate'),
'email.unique' => trans('auth.email_exist'),
'password.required' => trans('auth.password_null'),
'password.min' => trans('auth.password_limit'),
'confirmPassword.required' => trans('auth.confirm_password'),
'confirmPassword.same' => trans('auth.password_same'),
'term.accepted' => trans('auth.unaccepted'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
$username = $request->input('username');
$email = $request->input('email');
$password = $request->input('password');
$register_token = $request->input('register_token');
$code = $request->input('code');
$verify_code = $request->input('verify_code');
$aff = (int) $request->input('aff');
// 防止重复提交
if ($register_token !== Session::get('register_token')) {
return Redirect::back()->withInput()->withErrors(trans('auth.repeat_request'));
}
Session::forget('register_token');
// 是否开启注册
if (! sysConfig('is_register')) {
return Redirect::back()->withErrors(trans('auth.register_close'));
}
// 校验域名邮箱黑白名单
if (sysConfig('is_email_filtering')) {
$result = $this->emailChecker($email, 1);
if ($result !== false) {
return $result;
}
}
// 如果需要邀请注册
if (sysConfig('is_invite_register')) {
// 校验邀请码合法性
if ($code) {
if (Invite::whereCode($code)->whereStatus(0)->doesntExist()) {
return Redirect::back()->withInput($request->except('code'))->withErrors(trans('auth.code_error'));
}
} elseif ((int) sysConfig('is_invite_register') === 2) { // 必须使用邀请码
return Redirect::back()->withInput()->withErrors(trans('auth.code_null'));
}
}
// 注册前发送激活码
if ((int) sysConfig('is_activate_account') === 1) {
if (! $verify_code) {
return Redirect::back()->withInput($request->except('verify_code'))->withErrors(trans('auth.captcha_null'));
}
$verifyCode = VerifyCode::whereAddress($email)->whereCode($verify_code)->whereStatus(0)->first();
if (! $verifyCode) {
return Redirect::back()->withInput($request->except('verify_code'))->withErrors(trans('auth.captcha_overtime'));
}
$verifyCode->status = 1;
$verifyCode->save();
}
// 是否校验验证码
$captcha = $this->check_captcha($request);
if ($captcha !== false) {
return $captcha;
}
// 24小时内同IP注册限制
if (sysConfig('register_ip_limit') && Cache::has($cacheKey)) {
$registerTimes = Cache::get($cacheKey);
if ($registerTimes >= sysConfig('register_ip_limit')) {
return Redirect::back()->withInput($request->except('code'))->withErrors(trans('auth.register_anti'));
}
}
// 获取可用端口
$port = Helpers::getPort();
if ($port > sysConfig('max_port')) {
return Redirect::back()->withInput()->withErrors(trans('auth.register_close'));
}
// 获取aff
$affArr = $this->getAff($code, $aff);
$inviter_id = $affArr['inviter_id'];
$transfer_enable = MB * ((int) sysConfig('default_traffic') + ($inviter_id ? (int) sysConfig('referral_traffic') : 0));
// 创建新用户
$user = Helpers::addUser($email, $password, $transfer_enable, sysConfig('default_days'), $inviter_id, $username);
// 注册失败,抛出异常
if (! $user) {
return Redirect::back()->withInput()->withErrors(trans('auth.register_fail'));
}
// 注册次数+1
if (Cache::has($cacheKey)) {
Cache::increment($cacheKey);
} else {
Cache::put($cacheKey, 1, Day); // 24小时
}
// 更新邀请码
if ($affArr['code_id'] && sysConfig('is_invite_register')) {
$invite = Invite::find($affArr['code_id']);
if ($invite) {
$invite->update(['invitee_id' => $user->id, 'status' => 1]);
}
}
// 清除邀请人Cookie
Cookie::unqueue('register_aff');
// 注册后发送激活码
if ((int) sysConfig('is_activate_account') === 2) {
// 生成激活账号的地址
$token = $this->addVerifyUrl($user->id, $email);
$activeUserUrl = route('activeAccount', $token);
$logId = Helpers::addNotificationLog('注册激活', '请求地址:'.$activeUserUrl, 1, $email);
Mail::to($email)->send(new activeUser($logId, $activeUserUrl));
Session::flash('successMsg', trans('auth.register_active_tip'));
} else {
// 则直接给推荐人加流量
if ($inviter_id) {
$referralUser = User::find($inviter_id);
if ($referralUser && $referralUser->expired_at >= date('Y-m-d')) {
$referralUser->incrementData(sysConfig('referral_traffic') * MB);
}
}
if ((int) sysConfig('is_activate_account') === 1) {
$user->update(['status' => 1]);
}
Session::flash('successMsg', trans('auth.register_success'));
}
return Redirect::route('login')->withInput();
}
Session::put('register_token', Str::random());
return view('auth.register', ['emailList' => (int) sysConfig('is_email_filtering') !== 2 ? false : EmailFilter::whereType(2)->get()]);
}
// 注册
public function register(RegisterRequest $request)
{
$cacheKey = 'register_times_'.md5(IP::getClientIp()); // 注册限制缓存key
$validator = Validator::make($request->all(), [
'username' => 'required',
'email' => 'required|email|unique:user',
'password' => 'required|min:6|confirmed',
'password_confirmation' => 'required|same:password',
'term' => 'accepted',
], [
'username.required' => trans('auth.email_null'),
'email.required' => trans('auth.email_null'),
'email.email' => trans('auth.email_legitimate'),
'email.unique' => trans('auth.email_exist'),
'password.required' => trans('auth.password_null'),
'password.min' => trans('auth.password_limit'),
'password_confirmation.required' => trans('auth.confirm_password'),
'password_confirmation.same' => trans('auth.password_same'),
'term.accepted' => trans('auth.unaccepted'),
]);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator->errors());
}
$data = $request->validated();
$register_token = $request->input('register_token');
$code = $request->input('code');
$verify_code = $request->input('verify_code');
$aff = (int) $request->input('aff');
// 防止重复提交
if ($register_token !== Session::get('register_token')) {
return Redirect::back()->withInput()->withErrors(trans('auth.repeat_request'));
}
Session::forget('register_token');
// 是否开启注册
if (! sysConfig('is_register')) {
return Redirect::back()->withErrors(trans('auth.register_close'));
}
// 校验域名邮箱黑白名单
if (sysConfig('is_email_filtering')) {
$result = $this->emailChecker($data['email'], 1);
if ($result !== false) {
return $result;
}
}
// 如果需要邀请注册
if (sysConfig('is_invite_register')) {
// 校验邀请码合法性
if ($code) {
if (Invite::whereCode($code)->whereStatus(0)->doesntExist()) {
return Redirect::back()->withInput($request->except('code'))->withErrors(trans('auth.code_error'));
}
} elseif ((int) sysConfig('is_invite_register') === 2) { // 必须使用邀请码
return Redirect::back()->withInput()->withErrors(trans('auth.code_null'));
}
}
// 注册前发送激活码
if ((int) sysConfig('is_activate_account') === 1) {
if (! $verify_code) {
return Redirect::back()->withInput($request->except('verify_code'))->withErrors(trans('auth.captcha_null'));
}
$verifyCode = VerifyCode::whereAddress($data['email'])->whereCode($verify_code)->whereStatus(0)->first();
if (! $verifyCode) {
return Redirect::back()->withInput($request->except('verify_code'))->withErrors(trans('auth.captcha_overtime'));
}
$verifyCode->status = 1;
$verifyCode->save();
}
// 是否校验验证码
$captcha = $this->check_captcha($request);
if ($captcha !== false) {
return $captcha;
}
// 24小时内同IP注册限制
if (sysConfig('register_ip_limit') && Cache::has($cacheKey)) {
$registerTimes = Cache::get($cacheKey);
if ($registerTimes >= sysConfig('register_ip_limit')) {
return Redirect::back()->withInput($request->except('code'))->withErrors(trans('auth.register_anti'));
}
}
// 获取可用端口
$port = Helpers::getPort();
if ($port > sysConfig('max_port')) {
return Redirect::back()->withInput()->withErrors(trans('auth.register_close'));
}
// 获取aff
$affArr = $this->getAff($code, $aff);
$inviter_id = $affArr['inviter_id'];
$transfer_enable = MB * ((int) sysConfig('default_traffic') + ($inviter_id ? (int) sysConfig('referral_traffic') : 0));
// 创建新用户
$user = Helpers::addUser($data['email'], $data['password'], $transfer_enable, sysConfig('default_days'), $inviter_id, $data['username']);
// 注册失败,抛出异常
if (! $user) {
return Redirect::back()->withInput()->withErrors(trans('auth.register_fail'));
}
// 注册次数+1
if (Cache::has($cacheKey)) {
Cache::increment($cacheKey);
} else {
Cache::put($cacheKey, 1, Day); // 24小时
}
// 更新邀请码
if ($affArr['code_id'] && sysConfig('is_invite_register')) {
$invite = Invite::find($affArr['code_id']);
if ($invite) {
$invite->update(['invitee_id' => $user->id, 'status' => 1]);
}
}
// 清除邀请人Cookie
Cookie::unqueue('register_aff');
// 注册后发送激活码
if ((int) sysConfig('is_activate_account') === 2) {
// 生成激活账号的地址
$token = $this->addVerifyUrl($user->id, $user->email);
$activeUserUrl = route('activeAccount', $token);
$logId = Helpers::addNotificationLog('注册激活', '请求地址:'.$activeUserUrl, 1, $user->email);
Mail::to($user->email)->send(new activeUser($logId, $activeUserUrl));
Session::flash('successMsg', trans('auth.register_active_tip'));
} else {
// 则直接给推荐人加流量
if ($inviter_id) {
$referralUser = User::find($inviter_id);
if ($referralUser && $referralUser->expired_at >= date('Y-m-d')) {
$referralUser->incrementData(sysConfig('referral_traffic') * MB);
}
}
if ((int) sysConfig('is_activate_account') === 1) {
$user->update(['status' => 1]);
}
Session::flash('successMsg', trans('auth.register_success'));
}
return Redirect::route('login')->withInput();
}
//邮箱检查
private function emailChecker($email, $returnType = 0)
{
@@ -495,14 +497,14 @@ class AuthController extends Controller
if ($request->isMethod('POST')) {
$validator = Validator::make($request->all(), [
'password' => 'required|min:6',
'confirmPassword' => 'required|same:password',
'password' => 'required|min:6|confirmed',
'password_confirmation' => 'required|same:password',
], [
'password.required' => trans('auth.password_null'),
'password.min' => trans('auth.password_limit'),
'confirmPassword.required' => trans('auth.password_null'),
'confirmPassword.min' => trans('auth.password_limit'),
'confirmPassword.same' => trans('auth.password_same'),
'password_confirmation.required' => trans('auth.password_null'),
'password_confirmation.min' => trans('auth.password_limit'),
'password_confirmation.same' => trans('auth.password_same'),
]);
if ($validator->fails()) {
@@ -675,7 +677,7 @@ class AuthController extends Controller
public function sendCode(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email|unique:user',
'email' => 'required|email|unique:user,email',
], [
'email.required' => trans('auth.email_null'),
'email.email' => trans('auth.email_legitimate'),
@@ -712,22 +714,13 @@ class AuthController extends Controller
$logId = Helpers::addNotificationLog('发送注册验证码', '验证码:'.$code, 1, $email);
Mail::to($email)->send(new sendVerifyCode($logId, $code));
$this->addVerifyCode($email, $code);
VerifyCode::create(['address' => $email, 'code' => $code]); // 生成注册验证码
Cache::put('send_verify_code_'.md5($ip), $ip, Minute);
return Response::json(['status' => 'success', 'message' => trans('auth.captcha_send')]);
}
// 生成注册验证码
private function addVerifyCode(string $email, string $code): void
{
$verify = new VerifyCode();
$verify->address = $email;
$verify->code = $code;
$verify->save();
}
// 公开的邀请码列表
public function free()
{

34
app/Http/Requests/Auth/RegisterRequest.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
namespace App\Http\Requests\Auth;
use Illuminate\Foundation\Http\FormRequest;
class RegisterRequest extends FormRequest
{
public function rules()
{
return [
'username' => 'required',
'email' => 'required|email|unique:user',
'password' => 'required|min:6|confirmed',
'password_confirmation' => 'required|same:password',
'term' => 'accepted',
];
}
public function messages()
{
return [
'username.required' => trans('auth.email_null'),
'email.required' => trans('auth.email_null'),
'email.email' => trans('auth.email_legitimate'),
'email.unique' => trans('auth.email_exist'),
'password.required' => trans('auth.password_null'),
'password.min' => trans('auth.password_limit'),
'password_confirmation.required' => trans('auth.confirm_password'),
'password_confirmation.same' => trans('auth.password_same'),
'term.accepted' => trans('auth.unaccepted'),
];
}
}

1
app/Models/VerifyCode.php
View File

@@ -10,6 +10,7 @@ use Illuminate\Database\Eloquent\Model;
class VerifyCode extends Model
{
protected $table = 'verify_code';
protected $guarded = [];
public function scopeRecentUnused($query)
{

4
resources/views/auth/register.blade.php
View File

@@ -54,8 +54,8 @@
<label class="floating-label" for="password">{{trans('auth.password')}}</label>
</div>
<div class="form-group form-material floating" data-plugin="formMaterial">
<input type="password" class="form-control" autocomplete="off" name="confirmPassword" required/>
<label class="floating-label" for="confirmPassword">{{trans('auth.confirm_password')}}</label>
<input type="password" class="form-control" autocomplete="off" name="password_confirmation" required/>
<label class="floating-label" for="password_confirmation">{{trans('auth.confirm_password')}}</label>
</div>
@if(sysConfig('is_invite_register'))
<div class="form-group form-material floating" data-plugin="formMaterial">

4
resources/views/auth/reset.blade.php
View File

@@ -20,8 +20,8 @@
<label class="floating-label" for="password">{{trans('auth.new_password')}}</label>
</div>
<div class="form-group form-material floating" data-plugin="formMaterial">
<input class="form-control" type="password" autocomplete="off" name="confirmPassword" required/>
<label class="floating-label" for="confirmPassword">{{trans('auth.confirm_password')}}</label>
<input class="form-control" type="password" autocomplete="off" name="password_confirmation" required/>
<label class="floating-label" for="password_confirmation">{{trans('auth.confirm_password')}}</label>
</div>
@endif
<a href="/login"

6
routes/web.php
View File

@@ -13,9 +13,11 @@ Route::get('callback/checkout', 'Gateway\PayPal@getCheckout')->name('paypal.chec
// 登录相关
Route::middleware(['isForbidden', 'affiliate', 'isMaintenance'])->group(function () {
Route::get('lang/{locale}', 'AuthController@switchLang')->name('lang'); // 语言切换
Route::match(['get', 'post'], 'login', 'AuthController@login')->middleware('isSecurity')->name('login'); // 登录
Route::get('login', 'AuthController@showLoginForm')->middleware('isSecurity')->name('login'); // 登录
Route::post('login', 'AuthController@login')->middleware('isSecurity'); // 登录
Route::get('logout', 'AuthController@logout')->name('logout'); // 退出
Route::match(['get', 'post'], 'register', 'AuthController@register')->name('register'); // 注册
Route::get('register', 'AuthController@showRegistrationForm')->name('register'); // 注册
Route::post('register', 'AuthController@register'); // 注册
Route::match(['get', 'post'], 'reset', 'AuthController@resetPassword')->name('resetPasswd'); // 重设密码
Route::match(['get', 'post'], 'reset/{token}', 'AuthController@reset')->name('resettingPasswd'); // 重设密码
Route::match(['get', 'post'], 'activeUser', 'AuthController@activeUser')->name('active'); // 激活账号