Auth.php 7.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196
  1. <?php
  2. namespace app\controller\api;
  3. use app\extra\basic\Base;
  4. use app\extra\dyLife\Crypt;
  5. use app\extra\tools\CodeExtend;
  6. use app\middleware\AuthMiddleware;
  7. use app\model\saas\SaasUserOpen;
  8. use DI\Attribute\Inject;
  9. use LinFly\Annotation\Attributes\Route\Controller;
  10. use LinFly\Annotation\Attributes\Route\GetMapping;
  11. use LinFly\Annotation\Attributes\Route\Middleware;
  12. use LinFly\Annotation\Attributes\Route\PostMapping;
  13. use support\Request;
  14. use Shopwwi\WebmanAuth\Facade\Auth as AuthFacade;
  15. use support\Response;
  16. #[Controller("/dy/auth"),Middleware(AuthMiddleware::class)]
  17. class Auth extends Base
  18. {
  19. protected array $noNeedLogin = ["log2mobile","log2nickname","loginMobileAuth",'loginNicknameAuth'];
  20. #[Inject]
  21. protected SaasUserOpen $model;
  22. /**
  23. * 授权获取手机号-非登录
  24. * @param Request $request
  25. * @return Response
  26. */
  27. #[PostMapping("mobile/auth")]
  28. public function loginMobileAuth(Request $request): Response
  29. {
  30. try {
  31. $param = $this->_valid([
  32. "login.require" => '获取登录参数失败',
  33. "code.default" => '',
  34. "encryptedData.default" => '',
  35. "iv.default" => '',
  36. ],$request->method());
  37. if (!is_array($param)) return error($param);
  38. $sessionKey = (new Crypt)->config($this->getDyConfig())->getSessionKey($param['login']);
  39. if (empty($sessionKey)) return error("授权登录失败");
  40. if (!empty($param['code'])) {
  41. $mobileStr = (new Crypt)->config($this->getDyConfig())->token()->getMobile($param['code']);
  42. echo "sdasd\n";
  43. print_r($mobileStr);
  44. } else {
  45. $data = $this->decrypt($param['encryptedData'],$sessionKey['session_key'],$param['iv']);
  46. $mobileStr = $data['purePhoneNumber'];
  47. }
  48. print_r($mobileStr);
  49. if (empty($mobileStr)) return error("授权信息获取失败");
  50. return $this->encode("success",['mobile' => $mobileStr,'openid' => $sessionKey['openid']]);
  51. } catch (\Throwable $throwable) {
  52. return error($throwable->getMessage());
  53. }
  54. }
  55. /**
  56. * 授权昵称等信息-实际登录
  57. * @param Request $request
  58. * @return Response
  59. */
  60. #[PostMapping("nickname/auth")]
  61. public function loginNicknameAuth(Request $request): Response
  62. {
  63. try {
  64. $param = $this->_valid([
  65. "avatar.require" => trans("empty.require"),
  66. "nickname.require" => trans("empty.require"),
  67. "mobile.require" => trans("empty.require"),
  68. ],$request->method());
  69. if (!is_array($param)) return error($param);
  70. $mobileData = json_decode($param['mobile'],true);
  71. $mobile = [];
  72. if (!empty($param['mobile'])) {
  73. if (!isset($mobileData['openid'])) return error("授权失败");
  74. if (isValidMobile($mobileData['mobile'])) {
  75. $mobile = ["purePhoneNumber" => $mobileData['mobile']];
  76. } else {
  77. $mobile = $this->decrypt2code(sConf('wechat.min_private_key'), $mobileData['mobile']);
  78. }
  79. }
  80. if (empty($mobile)) return error("授权登录失败");
  81. $userInfo = [
  82. "openid" => $mobileData['openid'],
  83. "nickname" => $param['nickname']?removeEmoji2($param['nickname']):'',
  84. "avatar" => $param['avatar']
  85. ];
  86. $map = ["openid" => $mobileData['openid']];
  87. if (!empty($mobile['purePhoneNumber'])) {
  88. $userInfo['mobile'] = $mobile['purePhoneNumber'];
  89. }
  90. $user = $this->model->where($map)->findOrEmpty();
  91. if ($user->isEmpty()) {
  92. $userInfo["create_ip"] = $request->getRealIp();
  93. $user->insertGetId($userInfo);
  94. }
  95. $userAuth = get_object_vars(AuthFacade::guard("user")->login(['openid' => $mobileData['openid']]));
  96. return success("ok",$userAuth);
  97. } catch (\Throwable $throwable) {
  98. return error($throwable->getMessage());
  99. }
  100. }
  101. #[PostMapping("nickname")]
  102. public function log2nickname(Request $request): Response
  103. {
  104. try {
  105. $param = $request->post();
  106. $sessionKey = (new Crypt)->config($this->getDyConfig())->getSessionKey($param['login']);
  107. if (empty($sessionKey)) return error("授权登录失败");
  108. $userInfo = [
  109. "openid" => $sessionKey['openid'],
  110. "nickname" => $param['nickname']?removeEmoji2($param['nickname']):'',
  111. "avatar" => $param['avatar']??'',
  112. "create_ip" => $request->getRealIp()
  113. ];
  114. $map = ["openid" => $sessionKey['openid']];
  115. $user = $this->model->where($map)->findOrEmpty();
  116. if ($user->isEmpty()) {
  117. $user->insertGetId($userInfo);
  118. } else {
  119. $user->nickname = $param['nickname']?removeEmoji2($param['nickname']):'';
  120. $user->avatar = $param['avatar']??'';
  121. $user->save();
  122. }
  123. $userAuth = get_object_vars(AuthFacade::guard("user")->login(['openid' => $sessionKey['openid']]));
  124. return success("ok",$userAuth);
  125. } catch (\Throwable $th) {
  126. return error($th->getMessage());
  127. }
  128. }
  129. #[PostMapping("mobile")]
  130. public function log2mobile(Request $request): Response
  131. {
  132. try {
  133. $param = $request->post();
  134. $sessionKey = (new Crypt)->config($this->getDyConfig())->getSessionKey($param['login']);
  135. if (empty($sessionKey)) return error("授权登录失败");
  136. $mobile = [];
  137. if (!empty($param['code'])) {
  138. $mobileStr = (new Crypt)->config($this->getDyConfig())->token()->getMobile($param['code']);
  139. if (!empty($mobileStr)) {
  140. $mobile = $this->decrypt2code(sConf('wechat.min_private_key'), $mobileStr);
  141. }
  142. }
  143. $userInfo = [
  144. "openid" => $sessionKey['openid'],
  145. "create_ip" => $request->getRealIp()
  146. ];
  147. $map = ["openid" => $sessionKey['openid']];
  148. if (!empty($mobile['purePhoneNumber'])) {
  149. $userInfo['mobile'] = $mobile['purePhoneNumber'];
  150. }
  151. $user = $this->model->where($map)->findOrEmpty();
  152. if ($user->isEmpty()) {
  153. $user->insertGetId($userInfo);
  154. }
  155. $userAuth = get_object_vars(AuthFacade::guard("user")->login(['openid' => $sessionKey['openid']]));
  156. return success("ok",$userAuth);
  157. } catch (\Throwable $th) {
  158. return error($th->getMessage());
  159. }
  160. }
  161. protected function decrypt2code($private_key, $ciphertext_str) {
  162. // 解码 base64 密文
  163. $ciphertext = base64_decode($ciphertext_str);
  164. // 使用私钥解密
  165. openssl_private_decrypt($ciphertext, $plaintext, $private_key, OPENSSL_PKCS1_PADDING);
  166. if ($plaintext === false) {
  167. return [];
  168. }
  169. return json_decode($plaintext,true);
  170. }
  171. protected function decrypt($encrypted_data, $session_key, $iv) {
  172. $data = base64_decode($encrypted_data);
  173. $key = base64_decode($session_key);
  174. $iv_decoded = base64_decode($iv);
  175. // 使用 AES-256-CBC 模式解密
  176. $decrypted = openssl_decrypt($data, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv_decoded);
  177. return json_decode($decrypted,true);
  178. }
  179. }