<?php
namespace App\Http\Controllers\Api;
use App\Http\Requests\UserRegister;
use App\Http\Services\UserService;
use App\Mail\SendCode;
use App\Models\UserModel;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Cookie;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Redis;
use Illuminate\Support\Facades\Validator;
class AuthApiController extends Controller
{
use RegistersUsers;
public function register(UserRegister $request)
{
$email = $request->input('email');
if (UserModel::where('email', $email)->exists()) {
return $this->setError('Email has been taken');
}
//判断邮箱验证码
$redisKey = 'sem_email_code_register_' . $email;
$cachedEmailCode = Redis::get($redisKey);
if ($cachedEmailCode != $request->input('email_code')) {
return $this->setError('Email code invalid');
}
$userId = UserService::createUser($request->all());
Redis::del($redisKey);
\Auth::loginUsingId($userId);
return $this->setSuccess('Register success');
}
public function login(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|string|email|max:255',
'password' => 'required|string|min:8|max:50',
], [
'password.min' => 'Password must be at least 8 characters long.'
]);
if ($validator->fails()) {
return $this->setError($validator->errors()->first());
}
$userExists = UserModel::where('email', $request->email)->exists();
if (!$userExists) {
return $this->setError('User dose not exist');
}
if ($this->attemptLogin($request)) {
$request->session()->regenerate();
$cookie = Cookie::make('sem_email', Auth::user()->email, config('session.lifetime'));
Cookie::queue($cookie);
$userIdCookie = Cookie::make('sem_user_id', Auth::user()->id, config('session.lifetime'), null, null, false,
false);
Cookie::queue($userIdCookie);
return $this->setSuccess('Login success');
}
return $this->setError('The account or password is incorrect');
}
public function logout(Request $request)
{
$cookie = Cookie::forget('sem_email');
Cookie::queue($cookie);
Auth::logout();
return $this->setSuccess('Logout success');
}
public function resetPassword(Request $request)
{
$validator = Validator::make($request->all(), [
'old_password' => 'required|min:8|max:50',
'password' => ['required', 'string', 'min:8', 'max:50', 'confirmed'],
], [
'old_password.min' => 'Password must be at least 8 characters long.',
'password.min' => 'Password must be at least 8 characters long.',
'password.confirmed' => 'Passwords do not match!',
]);
if ($validator->fails()) {
return $this->setError($validator->errors()->first());
}
$password = $request->get('password');
$oldPassword = $request->get('old_password');
$userId = Auth::user()->id;
$hashedPassword = UserModel::where('id', $userId)->value('password');
if (!Hash::check($oldPassword, $hashedPassword)) {
return $this->setError('Wrong Password!');
}
if (Hash::check($password, $hashedPassword)) {
return $this->setError('The new password cannot be the same as the old password!');
}
$user = UserModel::find($userId);
$user->password = Hash::make($password);
$user->update_time = time();
$result = $user->save();
if (!$result) {
return $this->setError('Reset password failed');
}
return $this->setSuccess('Reset password success');
}
public function forgetPassword(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'email_code' => 'required'
], []);
if ($validator->fails()) {
return $this->setError($validator->errors()->first());
}
$email = $request->input('email');
$emailCode = $request->input('email_code');
$redisKey = 'sem_email_code_forget_password' . '_' . $email;
$cachedEmailCode = Redis::get($redisKey);
if ($cachedEmailCode != $emailCode) {
return $this->setError('Email code invalid');
}
return $this->setSuccess('Verify email code success');
}
//忘记密码以后的设置密码
public function setForgetPassword(Request $request)
{
$validator = Validator::make($request->all(), [
'password' => ['required', 'string', 'min:8', 'max:50', 'confirmed'],
'email_code' => 'required',
'email' => 'required|email'
], []);
$password = $request->input('password');
$emailCode = $request->input('email_code');
$email = $request->input('email');
if ($validator->fails()) {
return $this->setError($validator->errors()->first());
}
$redisKey = 'sem_email_code_forget_password' . '_' . $email;
$cachedEmailCode = Redis::get($redisKey);
if (!$cachedEmailCode) {
return $this->setError('Email code expired');
}
if ($cachedEmailCode != $emailCode) {
return $this->setError('Email code invalid');
}
$hashedPassword = UserModel::where('email', $email)->value('password');
if (Hash::check($password, $hashedPassword)) {
return $this->setError('The new password cannot be the same as the old password!');
}
$user = UserModel::where('email', $email)->first();
$user->password = Hash::make($password);
$user->update_time = time();
$result = $user->save();
if (!$result) {
return $this->setError('Reset password failed');
}
Redis::del($redisKey);
Auth::logout();
return $this->setSuccess('Reset password success');
}
//发送邮箱验证码
public function sendEmailCode(Request $request)
{
$email = $request->input('email');
$type = $request->input('type', 'register');
$validator = Validator::make($request->all(), [
'email' => 'required|email',
]);
if ($validator->fails()) {
return $this->setError($validator->errors()->first());
}
$info = UserModel::where('email', $email)->first();
$msg = '';
switch ($type) {
case 'register':
if ($info) {
return $this->setError('This email had been registered');
}
$msg = 'You are registering an account with us.';
break;
case 'forget_password' :
$msg = 'You are trying to reset your password.';
$existEmail = UserModel::where('email', $email)->exists();
if (!$existEmail) {
return $this->setError('This email is not registered');
}
break;
case 'update_email':
$existEmail = UserModel::where('email', $email)->exists();
if (!$existEmail) {
return $this->setError('This email is not registered');
}
$msg = 'You are modifying your email address.';
break;
}
//发送验证码
$code = mt_rand(1000, 9999);
$redisKey = 'sem_email_code_' . $type . '_' . $email;
if (Redis::get($redisKey)) {
return $this->setError('A verification code has been sent. Please enter the code below to continue.' . (config('app.debug') ? Redis::get($redisKey) : ''));
}
Redis::set($redisKey, $code);
Redis::expire($redisKey, 120);
// return $this->setSuccessData($code);
Mail::to($email)->send(new SendCode($code, $msg));
//错误处理
if (count(Mail::failures())) {
return $this->setError('Email code send failed');
}
return $this->setSuccess('A verification code has been sent. Please enter the code below to continue. ' . (config('app.debug') ? $code : ''));
}
}