fnvtk/cunkebao_v3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

公共登录 - 手机后、账号同时可作为登录条件

Browse Source
This commit is contained in:
柳清爽
2025-04-30 14:52:51 +08:00
parent f75c5fc310
commit df72ab8095
8 changed files with 275 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
Server/application/common/service/AuthService.php
View File

@@ -1,85 +1,59 @@
<?php
namespace app\common\service;
use app\common\model\User;
use app\common\model\User as UserModel;
use app\common\util\JwtUtil;
use think\facade\Log;
use think\facade\Cache;
use think\facade\Config;
use think\facade\Env;
use think\facade\Log;
class AuthService
{
/**
* 令牌有效期(秒)
*/
const TOKEN_EXPIRE = 7200;
/**
* 短信服务实例
* @var SmsService
*/
protected $smsService;
/**
* 获取用户基本信息
*
* @param string $account
* @param int $typeId
* @return UserModel
*/
protected function getUserProfileWithAccountAndType(string $account, int $typeId): UserModel
{
$user = UserModel::where(function ($query) use ($account) {
$query->where('phone', $account)->whereOr('account', $account);
})
->where(function ($query) use ($typeId) {
$query->where('status', 1)->where('typeId', $typeId);
})->find();
return $user;
}
/**
* 获取用户信息
*
* @param string $account 账号(手机号)
* @param string $password 密码(可能是加密后的)
* @param int $typeId 身份信息
* @return array|null
*/
protected function getUser($account, $password, $typeId)
protected function getUser(string $account, string $password, int $typeId): array
{
// 查询用户
$user = User::where('account', $account)
->where('typeId', $typeId)
->where('status', 1)
->find();
$user = $this->getUserProfileWithAccountAndType($account, $typeId);
if (!$user) {
// 记录日志
\think\facade\Log::info('用户不存在或已禁用', ['account' => $account]);
return null;
throw new \Exception('用户不存在或已禁用', 403);
}
// 记录密码验证信息
\think\facade\Log::info('密码验证', [
'account' => $account,
'input_password' => $password,
'stored_hash' => $user->passwordMd5,
]);
// 验证密码
$isValid = ($user->passwordMd5 == md5($password));
\think\facade\Log::info('密码验证结果', [
'account' => $account,
'is_valid' => $isValid,
]);
if (!$isValid) {
return null;
if ($user->passwordMd5 !== md5($password)) {
throw new \Exception('账号或密码错误', 403);
}
// 更新登录信息
$user->lastLoginIp = request()->ip();
$user->lastLoginTime = time();
$user->save();
// 用手机号当做默认用户名(如果没有设置用户名)
$username = $user->username ?: $user->account;
return [
'id' => $user->id,
'username' => $username,
'account' => $user->account,
'avatar' => $user->avatar,
'isAdmin' => $user->isAdmin,
'companyId' => $user->companyId,
'typeId' => $user->typeId,
'lastLoginIp' => $user->lastLoginIp,
'lastLoginTime' => $user->lastLoginTime
];
return $user->toArray();
}
/**
@@ -92,39 +66,28 @@ class AuthService
/**
* 用户登录
*
* @param string $account 账号(手机号)
* @param string $password 密码(可能是加密后的)
* @param string $ip 登录IP
* @return array
* @throws \Exception
*/
public function login($account, $password, $typeId, $ip)
public function login(string $account, string $password, int $typeId, string $ip)
{
// 获取用户信息
$user = $this->getUser($account, $password, $typeId);
$member = $this->getUser($account, $password, $typeId);
if (empty($user)) {
// 记录登录失败
Log::info('登录失败', ['account' => $account, 'ip' => $ip, 'is_encrypted' => true]);
throw new \Exception('账号或密码错误');
}
// 生成JWT令牌
$token = JwtUtil::createToken($user, self::TOKEN_EXPIRE);
$expireTime = time() + self::TOKEN_EXPIRE;
// 记录登录成功
Log::info('登录成功', ['account' => $account, 'ip' => $ip]);
return [
'token' => $token,
'token_expired' => $expireTime,
'member' => $user
];
$token_expired = time() + self::TOKEN_EXPIRE;
return compact('member', 'token', 'token_expired');
}
/**
* 手机号验证码登录
*
* @param string $account 手机号
* @param string $code 验证码(可能是加密后的)
* @param string $ip 登录IP
@@ -137,14 +100,14 @@ class AuthService
// 验证验证码
if (!$this->smsService->verifyCode($account, $code, 'login', $isEncrypted)) {
Log::info('验证码验证失败', ['account' => $account, 'ip' => $ip, 'is_encrypted' => $isEncrypted]);
throw new \Exception('验证码错误或已过期');
throw new \Exception('验证码错误或已过期', 404);
}
// 获取用户信息
$user = User::getUserByMobile($account);
if (empty($user)) {
Log::info('用户不存在', ['account' => $account, 'ip' => $ip]);
throw new \Exception('用户不存在');
throw new \Exception('用户不存在', 404);
}
// 生成JWT令牌
@@ -163,6 +126,7 @@ class AuthService
/**
* 发送登录验证码
*
* @param string $account 手机号
* @param string $type 验证码类型
* @return array
@@ -175,6 +139,7 @@ class AuthService
/**
* 获取用户信息
*
* @param array $userInfo JWT中的用户信息
* @return array
* @throws \Exception
@@ -184,16 +149,17 @@ class AuthService
if (empty($userInfo)) {
throw new \Exception('获取用户信息失败');
}
// 移除不需要返回的字段
unset($userInfo['exp']);
unset($userInfo['iat']);
return $userInfo;
}
/**
* 刷新令牌
*
* @param array $userInfo JWT中的用户信息
* @return array
* @throws \Exception
@@ -203,15 +169,15 @@ class AuthService
if (empty($userInfo)) {
throw new \Exception('刷新令牌失败');
}
// 移除过期时间信息
unset($userInfo['exp']);
unset($userInfo['iat']);
// 生成新令牌
$token = JwtUtil::createToken($userInfo, self::TOKEN_EXPIRE);
$expireTime = time() + self::TOKEN_EXPIRE;
return [
'token' => $token,
'token_expired' => $expireTime
@@ -220,52 +186,53 @@ class AuthService
/**
* 获取系统授权信息使用缓存存储10分钟
*
* @return string
*/
public static function getSystemAuthorization()
{
// 定义缓存键名
$cacheKey = 'system_authorization_token';
// 尝试从缓存获取授权信息
$authorization = Cache::get($cacheKey);
//$authorization = 'mYpVVhPY7PxctvYw1pn1VCTS2ck0yZG8q11gAiJrRN_D3q7KXXBPAfXoAmqs7kKHeaAx-h4GB7DiqVIQJ09HiXVhaQT6PtgLX3w8YV16erThC-lG1fyJB4DJxu-QxA3Q8ogSs1WFOa8aAXD1QQUZ7Kbjkw_VMLL4lrfe0Yjaqy3DnO7aL1xGnNjjX8P5uqCAZgHKlN8NjuDEGyYvXygW1YyoK9pNpwvq-6DYKjLWdmbHvFaAybHf-hU1XyrFavZqcZYxIoVXjfJ5ASp4XxeCWqMCzwtSoz9RAvwLAlNxGweowtuyX9389ZaXI-zbqb2T0S8llg';
// 如果缓存中没有或已过期,则重新获取
// 如果缓存中没有或已过期,则重新获取
if (empty($authorization)) {
try {
// 从环境变量中获取API用户名和密码
$username = Env::get('api.username', '');
$password = Env::get('api.password', '');
if (empty($username) || empty($password)) {
Log::error('缺少API用户名或密码配置');
return '';
}
// 构建登录参数
$params = [
'grant_type' => 'password',
'username' => $username,
'password' => $password
];
// 获取API基础URL
$baseUrl = Env::get('api.wechat_url', '');
if (empty($baseUrl)) {
Log::error('缺少API基础URL配置');
return '';
}
// 调用登录接口获取token
// 设置请求头
$headerData = ['client:system'];
$header = setHeader($headerData, '', 'plain');
$result = requestCurl($baseUrl . 'token', $params, 'POST',$header);
$result = requestCurl($baseUrl . 'token', $params, 'POST', $header);
$result_array = handleApiResponse($result);
if (isset($result_array['access_token']) && !empty($result_array['access_token'])) {
$authorization = $result_array['access_token'];
// 存入缓存有效期10分钟600秒
Cache::set($cacheKey, $authorization, 600);
Cache::set('system_refresh_token', $result_array['refresh_token'], 600);
@@ -281,7 +248,7 @@ class AuthService
return '';
}
}
return $authorization;
}
}