2025-03-16 17:43:30 +08:00
|
|
|
|
<?php
|
|
|
|
|
|
namespace app\common\service;
|
|
|
|
|
|
|
|
|
|
|
|
use app\common\model\User;
|
|
|
|
|
|
use app\common\util\JwtUtil;
|
|
|
|
|
|
use think\facade\Log;
|
2025-03-24 14:59:19 +08:00
|
|
|
|
use think\facade\Cache;
|
|
|
|
|
|
use think\facade\Config;
|
|
|
|
|
|
use think\facade\Env;
|
2025-03-16 17:43:30 +08:00
|
|
|
|
|
|
|
|
|
|
class AuthService
|
|
|
|
|
|
{
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 令牌有效期(秒)
|
|
|
|
|
|
*/
|
|
|
|
|
|
const TOKEN_EXPIRE = 7200;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 短信服务实例
|
|
|
|
|
|
* @var SmsService
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected $smsService;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 构造函数
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function __construct()
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->smsService = new SmsService();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 用户登录
|
2025-03-27 15:28:38 +08:00
|
|
|
|
* @param string $account 账号(手机号)
|
2025-03-16 19:24:37 +08:00
|
|
|
|
* @param string $password 密码(可能是加密后的)
|
2025-03-16 17:43:30 +08:00
|
|
|
|
* @param string $ip 登录IP
|
|
|
|
|
|
* @return array
|
|
|
|
|
|
* @throws \Exception
|
|
|
|
|
|
*/
|
2025-03-27 15:28:38 +08:00
|
|
|
|
public function login($account, $password, $typeId, $ip)
|
2025-03-16 17:43:30 +08:00
|
|
|
|
{
|
|
|
|
|
|
// 获取用户信息
|
2025-03-27 15:28:38 +08:00
|
|
|
|
$user = User::getAdminUser($account, $password, $typeId);
|
|
|
|
|
|
|
2025-03-16 17:43:30 +08:00
|
|
|
|
if (empty($user)) {
|
|
|
|
|
|
// 记录登录失败
|
2025-03-27 15:28:38 +08:00
|
|
|
|
Log::info('登录失败', ['account' => $account, 'ip' => $ip, 'is_encrypted' => true]);
|
|
|
|
|
|
throw new \Exception('账号或密码错误');
|
2025-03-16 17:43:30 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 生成JWT令牌
|
|
|
|
|
|
$token = JwtUtil::createToken($user, self::TOKEN_EXPIRE);
|
|
|
|
|
|
$expireTime = time() + self::TOKEN_EXPIRE;
|
|
|
|
|
|
|
|
|
|
|
|
// 记录登录成功
|
2025-03-27 15:28:38 +08:00
|
|
|
|
Log::info('登录成功', ['account' => $account, 'ip' => $ip]);
|
2025-03-16 17:43:30 +08:00
|
|
|
|
|
|
|
|
|
|
return [
|
|
|
|
|
|
'token' => $token,
|
|
|
|
|
|
'token_expired' => $expireTime,
|
|
|
|
|
|
'member' => $user
|
|
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 手机号验证码登录
|
2025-03-27 15:28:38 +08:00
|
|
|
|
* @param string $account 手机号
|
2025-03-16 19:24:37 +08:00
|
|
|
|
* @param string $code 验证码(可能是加密后的)
|
2025-03-16 17:43:30 +08:00
|
|
|
|
* @param string $ip 登录IP
|
2025-03-16 19:24:37 +08:00
|
|
|
|
* @param bool $isEncrypted 验证码是否已加密
|
2025-03-16 17:43:30 +08:00
|
|
|
|
* @return array
|
|
|
|
|
|
* @throws \Exception
|
|
|
|
|
|
*/
|
2025-03-27 15:28:38 +08:00
|
|
|
|
public function mobileLogin($account, $code, $ip, $isEncrypted = false)
|
2025-03-16 17:43:30 +08:00
|
|
|
|
{
|
|
|
|
|
|
// 验证验证码
|
2025-03-27 15:28:38 +08:00
|
|
|
|
if (!$this->smsService->verifyCode($account, $code, 'login', $isEncrypted)) {
|
|
|
|
|
|
Log::info('验证码验证失败', ['account' => $account, 'ip' => $ip, 'is_encrypted' => $isEncrypted]);
|
2025-03-16 17:43:30 +08:00
|
|
|
|
throw new \Exception('验证码错误或已过期');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 获取用户信息
|
2025-03-27 15:28:38 +08:00
|
|
|
|
$user = User::getUserByMobile($account);
|
2025-03-16 17:43:30 +08:00
|
|
|
|
if (empty($user)) {
|
2025-03-27 15:28:38 +08:00
|
|
|
|
Log::info('用户不存在', ['account' => $account, 'ip' => $ip]);
|
2025-03-16 17:43:30 +08:00
|
|
|
|
throw new \Exception('用户不存在');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 生成JWT令牌
|
|
|
|
|
|
$token = JwtUtil::createToken($user, self::TOKEN_EXPIRE);
|
|
|
|
|
|
$expireTime = time() + self::TOKEN_EXPIRE;
|
|
|
|
|
|
|
|
|
|
|
|
// 记录登录成功
|
2025-03-27 15:28:38 +08:00
|
|
|
|
Log::info('手机号登录成功', ['account' => $account, 'ip' => $ip]);
|
2025-03-16 17:43:30 +08:00
|
|
|
|
|
|
|
|
|
|
return [
|
|
|
|
|
|
'token' => $token,
|
|
|
|
|
|
'token_expired' => $expireTime,
|
|
|
|
|
|
'member' => $user
|
|
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 发送登录验证码
|
2025-03-27 15:28:38 +08:00
|
|
|
|
* @param string $account 手机号
|
2025-03-16 17:43:30 +08:00
|
|
|
|
* @param string $type 验证码类型
|
|
|
|
|
|
* @return array
|
|
|
|
|
|
* @throws \Exception
|
|
|
|
|
|
*/
|
2025-03-27 15:28:38 +08:00
|
|
|
|
public function sendLoginCode($account, $type)
|
2025-03-16 17:43:30 +08:00
|
|
|
|
{
|
2025-03-27 15:28:38 +08:00
|
|
|
|
return $this->smsService->sendCode($account, $type);
|
2025-03-16 17:43:30 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 获取用户信息
|
|
|
|
|
|
* @param array $userInfo JWT中的用户信息
|
|
|
|
|
|
* @return array
|
|
|
|
|
|
* @throws \Exception
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function getUserInfo($userInfo)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (empty($userInfo)) {
|
|
|
|
|
|
throw new \Exception('获取用户信息失败');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 移除不需要返回的字段
|
|
|
|
|
|
unset($userInfo['exp']);
|
|
|
|
|
|
unset($userInfo['iat']);
|
|
|
|
|
|
|
|
|
|
|
|
return $userInfo;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 刷新令牌
|
|
|
|
|
|
* @param array $userInfo JWT中的用户信息
|
|
|
|
|
|
* @return array
|
|
|
|
|
|
* @throws \Exception
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function refreshToken($userInfo)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (empty($userInfo)) {
|
|
|
|
|
|
throw new \Exception('刷新令牌失败');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 移除过期时间信息
|
|
|
|
|
|
unset($userInfo['exp']);
|
|
|
|
|
|
unset($userInfo['iat']);
|
|
|
|
|
|
|
|
|
|
|
|
// 生成新令牌
|
|
|
|
|
|
$token = JwtUtil::createToken($userInfo, self::TOKEN_EXPIRE);
|
|
|
|
|
|
$expireTime = time() + self::TOKEN_EXPIRE;
|
|
|
|
|
|
|
|
|
|
|
|
return [
|
|
|
|
|
|
'token' => $token,
|
|
|
|
|
|
'token_expired' => $expireTime
|
|
|
|
|
|
];
|
|
|
|
|
|
}
|
2025-03-24 14:59:19 +08:00
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 获取系统授权信息,使用缓存存储10分钟
|
|
|
|
|
|
* @return string
|
|
|
|
|
|
*/
|
|
|
|
|
|
public static function getSystemAuthorization()
|
|
|
|
|
|
{
|
|
|
|
|
|
// 定义缓存键名
|
|
|
|
|
|
$cacheKey = 'system_authorization_token';
|
|
|
|
|
|
|
|
|
|
|
|
// 尝试从缓存获取授权信息
|
|
|
|
|
|
$authorization = Cache::get($cacheKey);
|
|
|
|
|
|
|
|
|
|
|
|
// 如果缓存中没有或已过期,则重新获取
|
|
|
|
|
|
if (empty($authorization)) {
|
|
|
|
|
|
try {
|
|
|
|
|
|
// 从环境变量中获取API用户名和密码
|
|
|
|
|
|
$username = Env::get('api.username', '');
|
|
|
|
|
|
$password = Env::get('api.password', '');
|
|
|
|
|
|
|
|
|
|
|
|
if (empty($username) || empty($password)) {
|
|
|
|
|
|
Log::error('缺少API用户名或密码配置');
|
|
|
|
|
|
return '';
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 构建登录参数
|
|
|
|
|
|
$params = [
|
|
|
|
|
|
'grant_type' => 'password',
|
|
|
|
|
|
'username' => $username,
|
|
|
|
|
|
'password' => $password
|
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
|
|
// 获取API基础URL
|
|
|
|
|
|
$baseUrl = Env::get('api.wechat_url', '');
|
|
|
|
|
|
if (empty($baseUrl)) {
|
|
|
|
|
|
Log::error('缺少API基础URL配置');
|
|
|
|
|
|
return '';
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 调用登录接口获取token
|
|
|
|
|
|
// 设置请求头
|
|
|
|
|
|
$headerData = ['client:system'];
|
|
|
|
|
|
$header = setHeader($headerData, '', 'plain');
|
|
|
|
|
|
$result = requestCurl($baseUrl . 'token', $params, 'POST',$header);
|
|
|
|
|
|
$result_array = handleApiResponse($result);
|
|
|
|
|
|
|
|
|
|
|
|
if (isset($result_array['access_token']) && !empty($result_array['access_token'])) {
|
|
|
|
|
|
$authorization = $result_array['access_token'];
|
|
|
|
|
|
|
|
|
|
|
|
// 存入缓存,有效期10分钟(600秒)
|
|
|
|
|
|
Cache::set($cacheKey, $authorization, 600);
|
|
|
|
|
|
Cache::set('system_refresh_token', $result_array['refresh_token'], 600);
|
|
|
|
|
|
|
|
|
|
|
|
Log::info('已重新获取系统授权信息并缓存');
|
|
|
|
|
|
return $authorization;
|
|
|
|
|
|
} else {
|
|
|
|
|
|
Log::error('获取系统授权信息失败:' . ($response['message'] ?? '未知错误'));
|
|
|
|
|
|
return '';
|
|
|
|
|
|
}
|
|
|
|
|
|
} catch (\Exception $e) {
|
|
|
|
|
|
Log::error('获取系统授权信息异常:' . $e->getMessage());
|
|
|
|
|
|
return '';
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return $authorization;
|
|
|
|
|
|
}
|
2025-03-16 17:43:30 +08:00
|
|
|
|
}
|
