| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 |
- <?php
- namespace App\Http\Controllers\API;
- use App\Http\Controllers\Controller;
- use App\Http\Requests\API\User\ForgetPasswordEmialRequest;
- use App\Http\Requests\API\User\LoginRequest;
- use App\Http\Requests\API\User\ResetPasswordRequest;
- use App\Mail\ForgetPasswordMailable;
- use App\Models\GlobalUser;
- use App\Models\User;
- use Carbon\Carbon;
- use Illuminate\Http\Request;
- use Illuminate\Support\Facades\Auth;
- use Illuminate\Support\Facades\Cache;
- use Illuminate\Support\Facades\Crypt;
- use Illuminate\Support\Facades\DB;
- use Illuminate\Support\Facades\Hash;
- use Illuminate\Support\Facades\Mail;
- use Illuminate\Support\Str;
- use Illuminate\Validation\ValidationException;
- class AuthController extends Controller
- {
- public function login(LoginRequest $request)
- {
- $user = User::query()
- ->where("username", $request->username)
- ->orWhere("email", $request->username)
- ->first();
- if (! $user || ! Hash::check($request->password, $user->password)) {
- throw ValidationException::withMessages([
- 'username' => [__("auth.failed")],
- ]);
- }
- if ($user->status===0){
- throw ValidationException::withMessages([
- 'username' => [__("auth.ban")],
- ]);
- }
- // 创建token
- $token = $user->createToken('user')->plainTextToken;
- $tenantId = GlobalUser::query()->where('username', $request->username)->value('tenant_id');
- return $this->success([
- 'data' => [
- 'token' => $token,
- 'tenant_id' => $tenantId
- ]
- ])->withCookie('X-Tenant', tenant()->id);
- }
- public function logout(Request $request)
- {
- Auth::user()->currentAccessToken()->delete();
- return $this->noContent()->withCookie('X-Tenant', null);
- }
- /**
- * 发送重置密码邮件
- * @param ForgetPasswordEmialRequest $request username用户名或邮箱
- * @return \Illuminate\Http\Response
- * @throws \Random\RandomException
- */
- public function sendForgetPasswordEmail(ForgetPasswordEmialRequest $request)
- {
- //1.通过用户名或邮箱检索用户
- $user = User::query()
- ->where('username',$request->username)
- ->orWhere('email',$request->username)
- ->first();
- $code = uniqid();
- $exists = DB::table('password_reset_tokens')->where('email', $user->email)->exists();
- if ($exists) {
- // 如果记录存在,更新它
- DB::table('password_reset_tokens')->where('email', $user->email)->update([
- 'token' => $code,
- 'exp_date' => Carbon::now(),
- ]);
- } else {
- // 如果记录不存在,插入新记录
- DB::table('password_reset_tokens')->insert([
- 'email' => $user->email,
- 'token' => $code,
- 'created_at' => Carbon::now(),
- 'exp_date' => Carbon::now(),
- ]);
- }
- //3.发送重置验证码邮件
- Mail::to($user)->send(new ForgetPasswordMailable($code));
- return $this->noContent();
- }
- /**
- * 重置用户密码
- * @param ResetPasswordRequest $request
- * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Response
- */
- public function resetPassword(ResetPasswordRequest $request)
- {
- //1.通过用户名或邮箱检索用户
- $user = User::query()
- ->where('username',$request->username)
- ->orWhere('email',$request->username)
- ->first();
- //2.获取该用户的最后验证码信息
- $resetToken = DB::table('password_reset_tokens')
- ->where('email', $user->email)
- ->orderBy('created_at', 'desc')
- ->first(); // 获取第一条记录;
- //3.判断验证码是否存在 验证码是否一致 验证码是否过期(15分钟) 若过期,执行以下if代码
- if (!$resetToken || $resetToken->token != $request->code || Carbon::parse($resetToken->exp_date)->diffInMinutes(Carbon::now()) > 15){
- return $this->badRequest('Verification code error or expired');
- }
- //4.一切没问题,则修改该用户的密码
- $user->password = Hash::make($request->new_password);
- $user->save();
- return $this->noContent();
- }
- }
|
