kevinlan
/
autocde2.0


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108
							<?php

namespace App\Http\Controllers\API;

use App\Http\Controllers\Controller;
use App\Http\Requests\API\User\ForgetPasswordEmialRequest;
use App\Http\Requests\API\User\LoginRequest;
use App\Http\Requests\API\User\ResetPasswordRequest;
use App\Mail\ForgetPasswordMailable;
use App\Models\User;
use Carbon\Carbon;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;

class AuthController extends Controller
{
    public function login(LoginRequest $request)
    {
        $user = User::query()
            ->where("username", $request->username)
            ->orWhere("email", $request->username)
            ->first();

        if (! $user || ! Hash::check($request->password, $user->password)) {
            throw ValidationException::withMessages([
                'username' => [__("auth.failed")],
            ]);
        }
        if ($user->status===0){
            throw ValidationException::withMessages([
                'username' => [__("auth.ban")],
            ]);
        }

        return $this->success([
            'data' => [
                'token' => $user->createToken('user')->plainTextToken,
            ]
        ]);
    }


    public function logout()
    {
        Auth::user()->currentAccessToken()->delete();

        return $this->noContent();
    }

    /**
     * 发送重置密码邮件
     * @param ForgetPasswordEmialRequest $request username用户名或邮箱
     * @return \Illuminate\Http\Response
     * @throws \Random\RandomException
     */
    public function sendForgetPasswordEmail(ForgetPasswordEmialRequest $request)
    {
        //1.通过用户名或邮箱检索用户
       $user = User::query()
            ->where('username',$request->username)
            ->orWhere('email',$request->username)
            ->first();
        //2.生成 验证码
        $captcha = random_int(100000, 999999);
        DB::table('password_reset_tokens')->insert([
            'email' => $user->email,
            'token' => $captcha,
            'created_at' => Carbon::now()
        ]);
        //3.发送重置验证码邮件
        Mail::to($user)->send(new ForgetPasswordMailable($captcha));
        return $this->noContent();
    }

    /**
     * 重置用户密码
     * @param ResetPasswordRequest $request
     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Response
     */
    public function resetPassword(ResetPasswordRequest $request)
    {
        //1.通过用户名或邮箱检索用户
        $user = User::query()
            ->where('username',$request->username)
            ->orWhere('email',$request->username)
            ->first();
        //2.获取该用户的最后验证码信息
        $resetToken = DB::table('password_reset_tokens')
            ->where('email', $user->email)
            ->orderBy('created_at', 'desc')
            ->first(); // 获取第一条记录;

        //3.判断验证码是否存在 验证码是否一致 验证码是否过期(15分钟) 若过期,执行以下if代码
        if (!$resetToken || $resetToken->token != $request->code || Carbon::parse($resetToken->created_at)->diffInMinutes(Carbon::now()) > 15){
            // 这里抛出错误是否更好?
            return $this->badRequest('Verification code error or expired');
        }
        //4.一切没问题,则修改该用户的密码
        $user->password = Hash::make($request->new_password);
        $user->save();
        return $this->noContent();

    }
}