mirror of
https://gitee.com/technical-laohu/mpay.git
synced 2026-05-07 01:01:10 +08:00
96 lines
3.0 KiB
PHP
96 lines
3.0 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace app\controller\api;
|
|
|
|
use app\BaseController;
|
|
use think\facade\Session;
|
|
use app\model\User;
|
|
|
|
class UserController extends BaseController
|
|
{
|
|
protected $middleware = ['Auth' => ['except' => ['login', 'resetKey']]];
|
|
|
|
public function login()
|
|
{
|
|
$login_info = $this->request->post();
|
|
$userinfo = self::checkUser($login_info);
|
|
if ($userinfo['code'] === 0) {
|
|
Session::set('userid', $userinfo['data']->id);
|
|
Session::set('pid', $userinfo['data']->pid);
|
|
Session::set('nickname', $userinfo['data']->nickname);
|
|
Session::set('userrole', $userinfo['data']->role);
|
|
Session::set('islogin', true);
|
|
return json(backMsg(0, 'ok'));
|
|
} else {
|
|
return json($userinfo);
|
|
}
|
|
}
|
|
public function logout()
|
|
{
|
|
Session::clear();
|
|
return json(backMsg(0, '注销成功'));
|
|
}
|
|
public function editUser()
|
|
{
|
|
$userid = session('userid');
|
|
$info = $this->request->post();
|
|
$res = User::update($info, ['id' => $userid]);
|
|
if (!$res) {
|
|
return json(backMsg(1, '修改失败'));
|
|
}
|
|
return json(backMsg(0, '重置成功'));
|
|
}
|
|
public function changePassword()
|
|
{
|
|
$userid = session('userid');
|
|
$user_info = User::find($userid);
|
|
$post_info = $this->request->post();
|
|
if (password_verify($post_info['old_password'], $user_info->password)) {
|
|
$new_password = password_hash($post_info['new_password'], PASSWORD_DEFAULT);
|
|
$res = User::update(['password' => $new_password], ['id' => $userid]);
|
|
if (!$res) {
|
|
return json(backMsg(1, '修改失败'));
|
|
}
|
|
return json(backMsg(0, '修改成功'));
|
|
} else {
|
|
return json(backMsg(1, '原密码错误'));
|
|
}
|
|
}
|
|
public function resetKey()
|
|
{
|
|
$userid = session('userid');
|
|
$res = User::update(['secret_key' => $this->generateKey()], ['id' => $userid]);
|
|
if (!$res) {
|
|
return json(backMsg(1, '重置失败'));
|
|
}
|
|
return json(backMsg(0, '重置成功'));
|
|
}
|
|
private function checkUser(array $login_info): array
|
|
{
|
|
$username = $login_info['username'];
|
|
$password = $login_info['password'];
|
|
$userinfo = User::where('username', $username)->find();
|
|
if ($userinfo) {
|
|
if (password_verify($password, $userinfo->password)) {
|
|
return ['code' => 0, 'data' => $userinfo];
|
|
} else {
|
|
return backMsg(1, '登陆密码错误');
|
|
}
|
|
} else {
|
|
return backMsg(2, '用户不存在');
|
|
}
|
|
}
|
|
private function generateKey(bool $strong = true)
|
|
{
|
|
$bytes = openssl_random_pseudo_bytes(16, $strong);
|
|
if ($strong) {
|
|
$key = bin2hex($bytes);
|
|
return md5($key);
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
}
|