bab-icon/app/Http/Controllers/Auth/Front/AuthController.php

<?php


namespace App\Http\Controllers\Auth\Front;


use App\Http\Controllers\Controller;
use App\Http\Controllers\Traits\ApiResponseTrait;
use App\Models\ApiDetection;
use App\Models\ApiToken;
use App\Models\Config;
use App\Models\Member;
use App\Models\Tip;
use App\Servers\MemberServer;
use App\Servers\Sign\SignServer;
use App\Servers\Yp;
use Carbon\Carbon;
use Tymon\JWTAuth\Facades\JWTAuth;

class AuthController extends Controller
{
    use ApiResponseTrait;

    /**
     * Create a new AuthController instance.
     * 要求附带email和password（数据来源users表）
     *
     * @return void
     */
    public function __construct()
    {
        // 这里额外注意了：官方文档样例中只除外了『login』
        // 这样的结果是，token 只能在有效期以内进行刷新，过期无法刷新
        // 如果把 refresh 也放进去，token 即使过期但仍在刷新期以内也可刷新
        // 不过刷新一次作废
        $this->middleware('auth:api', ['except' => ['login', 'refresh','getSendToken']]);
        // 另外关于上面的中间件，官方文档写的是『auth:api』
        // 但是我推荐用 『jwt.auth』，效果是一样的，但是有更加丰富的报错信息返回
    }

    /**
     * 获取签名token
     * @return mixed
     */
    public function getSendToken()
    {
        $time=time();
        $send_token_num=session('send_token_num','0');
        $send_token_time=session('send_token_time','');
        session(['send_token_num' => ++$send_token_num]);
        if($send_token_time<$time-60 && $send_token_num>2){
            return response()->json([
                'msg'   => "",
                'data'  => [
                    'send_token_str'      =>'验证失败'
                ],
                'code'  => 0,
            ]);
        }
        session(['send_token_time' =>$time]);
        $str = '';
        $strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
        $max = strlen($strPol) - 1;
        for ($i = 0; $i < 10; $i++) {
            $str .= $strPol[rand(0, $max)];//rand($min,$max)生成介于min和max两个数之间的一个随机整数
        }
        session(['send_token_str' => $str]);
        return response()->json([
            'msg'   => "",
            'data'  => [
                'send_token_str'      =>$str
            ],
            'code'  => 1,
        ]);
    }

    /**
     * @return \Illuminate\Http\JsonResponse
     * @throws \App\Exceptions\Sign\SignException
     */
    public function login()
    {
        if( strtolower(env('APP_ENV')) == 'down' ){
            return $this->apiResponseError(null, '系统维护中...');
        }
        $is_behavior=Yp::validateYP();
        if(empty($is_behavior) ){
            return $this->apiResponseError(null, '请完成滑块验证...');
//            return $this->apiResponseError(null, '系统升级中...');
        }
//        $send_token_sign=request()->input('send_token_sign', '');
//        if($send_token_sign){
//            //滑块验证
//            $send_token_str=session('send_token_str');
//            if(empty($send_token_sign) || empty($send_token_str)){
//                return response()->json([
//                    'msg'   => '请按住滑块验证',
//                    'data'  => [],
//                    'code'  => 0,
//                ]);
//            }
//            $sys_token_sign=md5( substr($send_token_str,5).'ziUDRO96uFhSOxdCMc58bPPznJDataaM');
//            if($send_token_sign!=$sys_token_sign){
//                return response()->json([
//                    'msg'   => '滑块验证失败,请重新验证',
//                    'data'  => [],
//                    'code'  => 0,
//                ]);
//            }
//        }
        $credentials = request(['phone', 'password']);

        $rCount = Member::where('phone', request()->input('phone', ''))->count();

        if( $rCount <= 0 ){ return $this->apiResponseError(null, '账户不存在'); }

        if (! $token = auth('api')->attempt($credentials)) { return $this->apiResponseError(null, '密码不正确'); }

        // 登录成功缓存token
        $user = auth('api')->user();

        if ( !empty($user->deleted_at) ) { return $this->apiResponseError(null, '账号已被注销'); }

        $new_token = SignServer::loginSign($user);

        // 判断当前会员是否被冻结
        if( $user->is_show >= 1 ){
            JWTAuth::setToken($user->last_jwt_token)->invalidate();         // 加入黑名单
            auth('api')->logout();
            $apiDetection = ApiDetection::where('member_id', $user->id)->first();
            if( !empty($apiDetection) && $apiDetection->{'count'} >= 5 ){
                return $this->apiResponseError(null, '系统检查你是机器人,自动封号,请联系客服');
            }else{
                return $this->apiResponseError(null, '账号已被冻结');
            }
        }

//        if($user->id!= 1 && $user->id!=12277 && $user->phone!='18200172438'){
//            return $this->apiResponseError(null, '系统升级中...');
//        }

        if( $user->id > 1 && $user->id != 12277 ){
            $loginMac = request()->input('mac', '');
            // 记录会员数据
//            file_put_contents(base_path('member_login.txt'),"Phone：{$user->phone}; Mac：{$loginMac}; Member_user：{$user->mac}\r\n", FILE_APPEND);
            if( empty($loginMac)) {
                return $this->apiResponseError(null, '无法获取手机设备信息');
            }else{
                $loginMac=explode(',',$loginMac);
                if(!empty($loginMac[0]))$loginMac=$loginMac[0];
            }

            // 判断当前是否绑定MAC
            if ( !empty($user->mac) ) {
                $xMember = Member::where('mac', $loginMac)->where('id','<>',$user->id)->first();
                if(  !empty($xMember)  ){ return $this->apiResponseError(null, '已绑定'.":".(empty($xMember->{'phone'}) ? '' : $xMember->{'phone'}) ); }
            }else{

                // 判断mac是否已被绑定
                $countMac = Member::where('mac', $loginMac)->count();
                if( $countMac > 0 ) {
                    $xMember = Member::where('mac', $loginMac)->first();
                    return $this->apiResponseError(null, '已绑定:'.$xMember->{'phone'});
                }else{
                    Member::where('id', $user->id)->update([
                        'mac'   => $loginMac
                    ]);
                }
            }
        }

        // 之前token加入黑名单
        $oldToken = $user->last_jwt_token;
        if( !empty($oldToken) && JWTAuth::setToken($oldToken)->check() ){
            JWTAuth::setToken($oldToken)->invalidate();         // 加入黑名单
        }

        // 清除登录信息
        ApiToken::where('member_id', $user->id)->update(['count' => 0]);

        // 保存最后一次token
        Member::where('id', $user->id)->update(['last_jwt_token' => $token]);

        return $this->respondWithToken($token,$user->id, $new_token);
    }

    /**
     * Get the authenticated User.
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function me()
    {
        $user = auth('api')->user();
        // 判断会员矿机状态
        $status = 1;
        if ( $user->machine_status == 0 ) {
            $status = 1;    // 可以挖矿
        }else if( $user->machine_status == 1 ){
            // 判断当前是否已经释放完成
            if(
                Carbon::now(config('app.timezone'))->lt(Carbon::parse($user->machine_end_time, config('app.timezone')))
            ){
                $status = 2;    // 挖矿进行中
            }else{
                // 挖矿已结束
                if( $user->machine_receive == 0 ){
                    $status = 3;     // 待领取
                }else{
                    $status = 4;     // 已领取
                }
            }
        }

        $config = Config::where('key', '_me_de')->first();
        $span = explode("\r\n", $config->{'value'});

        $st = Tip::where('member_id', $user->id)->where('status', 1)->count();

        return response()->json([
            'msg'   => '获取用户信息',
            'data'  => [
                'm_id'              => $user->{'id'},                                       // 会员ID
                'username'          => empty($user->username) ? "小富农" : $user->username,                                     // 会员昵称
                'phone'             => $user->phone,                                        // 会员手机账号
                'referee_phone'     => $user->referee_phone,                                // 推荐人账号
                'level_name'        => $user->level->name,                                  // 会员级别
                'star_name'         => $user->star->name,                                   // 会员星级
                'fruit'             => MemberServer::frontUnit($user->fruit / 1000000),// 会员果实(两位小数)
                'contribution'      => MemberServer::frontUnit($user->contribution),        // 贡献值(两位小数)
                'activity'          => MemberServer::frontUnit($user->activity),            // 活跃度(两位小数)
                'honor'             => MemberServer::frontUnit($user->honor),               // 荣誉值(两位小数)
                'is_prove'          => $user->is_active,                                    // 是否实名认证;0:未认证;1:已认证;
                'is_prove_name'     => $user->is_active > 1 ? '已认证' : '未认证',           // 实名认证
                'freeze'            => $user->is_show,                                      // 限制登录;0:正常用户;1:冻结账户
                'avatar'            => $user->avatar ?: asset('/storage/avatar/default/default_av.png'),   // 用户头像
                'machine_status'    => $user->machine_status,           // 矿机挖矿状态;0:今日未手动开启;1:当日手动开启;
                'machine_start_time'=> Carbon::now(config('app.timezone'))->timestamp,  // 矿机开始时间
                'machine_end_time'  => empty($user->machine_end_time) ? 0 : Carbon::parse($user->machine_end_time, config('app.timezone'))->timestamp,         // 矿机结束时间
                'machine_unit'      => $user->machine_unit,             // 矿机每秒单价
                'machine_total'     => empty($user->machine_start_time) ? 0 : (
                        ((Carbon::now(config('app.timezone'))->timestamp >= Carbon::parse($user->machine_end_time, config('app.timezone'))->timestamp) ? Carbon::parse($user->machine_end_time, config('app.timezone'))->timestamp : Carbon::now(config('app.timezone'))->timestamp)
                        -
                        Carbon::parse($user->machine_start_time, config('app.timezone'))->timestamp
                ) * $user->machine_unit,            // 矿机产矿总数
                'machine_receive'   => $user->machine_receive,          // 挖矿领取状态;0:未领取;1:当日已领取;
                'area_id'           => $user->area_id > 0 ? $user->area->name : '',    // 城主
                'machine_receive_status'    => $status,                 // 1:可以挖矿;2:挖矿进行中;3:待领取;4:已领取
                'me_de'             => "<span>{$span[0]}</span><span>{$span[1]}</span>",  //
                'is_unread'         => $st > 0 ? true : false,
                'mac'               => $user->mac,                      // 设备信息
            ],
            'code'  => 1,
        ],200);
    }

    /**
     * Log the user out (Invalidate the token).
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function logout()
    {
        auth('api')->logout();

        return $this->apiResponseSuccess(null, '成功');
    }

    /**
     * Refresh a token.
     * 刷新token，如果开启黑名单，以前的token便会失效。
     * 值得注意的是用上面的getToken(登录)再获取一次Token并不算做刷新，两次获得的Token是并行的，即两个都可用。
     * @return \Illuminate\Http\JsonResponse
     */
    public function refresh()
    {
        $user = auth('api')->user();
        return $this->respondWithToken(auth('api')->refresh(), $user->id);
    }


    /**
     * Get the token array structure.
     *
     * @param $token
     * @param null $mId
     * @return \Illuminate\Http\JsonResponse
     */
    protected function respondWithToken($token, $mId = null, $new_token = null)
    {
        return $this->apiResponseSuccess(
            [
                'access_token' => $token,
                'token_type' => 'bearer',
                'expires_in' => auth('api')->factory()->getTTL() * 60,
                'm_id'       => empty($mId) ? auth('api')->user()->{'id'} : $mId,
            ],
            'token获取成功',1,200,[],0,$new_token, time()
        );
    }
}