Auth.php 7.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. <?php
  2. namespace app\controller\api;
  3. use app\extra\basic\Base;
  4. use app\extra\dyLife\Crypt;
  5. use app\extra\tools\CodeExtend;
  6. use app\middleware\AuthMiddleware;
  7. use app\model\saas\SaasUserOpen;
  8. use DI\Attribute\Inject;
  9. use LinFly\Annotation\Attributes\Route\Controller;
  10. use LinFly\Annotation\Attributes\Route\GetMapping;
  11. use LinFly\Annotation\Attributes\Route\Middleware;
  12. use LinFly\Annotation\Attributes\Route\PostMapping;
  13. use support\Request;
  14. use Shopwwi\WebmanAuth\Facade\Auth as AuthFacade;
  15. use support\Response;
  16. #[Controller("/dy/auth"),Middleware(AuthMiddleware::class)]
  17. class Auth extends Base
  18. {
  19. protected array $noNeedLogin = ["log2mobile","log2nickname","loginMobileAuth",'loginNicknameAuth'];
  20. #[Inject]
  21. protected SaasUserOpen $model;
  22. /**
  23. * 授权获取手机号-非登录
  24. * @param Request $request
  25. * @return Response
  26. */
  27. #[PostMapping("mobile/auth")]
  28. public function loginMobileAuth(Request $request): Response
  29. {
  30. try {
  31. $param = $this->_valid([
  32. "login.require" => trans("empty.require"),
  33. "code.require" => trans("empty.require"),
  34. ],$request->method());
  35. if (!is_array($param)) return error($param);
  36. $sessionKey = (new Crypt)->config($this->getDyConfig())->getSessionKey($param['login']);
  37. if (empty($sessionKey)) return error("授权登录失败");
  38. $mobileStr = (new Crypt)->config($this->getDyConfig())->token()->getMobile($param['code']);
  39. if (empty($mobileStr)) return error("授权信息获取失败");
  40. return $this->encode("success",['mobile' => $mobileStr,'openid' => $sessionKey['openid']]);
  41. } catch (\Throwable $throwable) {
  42. return error($throwable->getMessage());
  43. }
  44. }
  45. /**
  46. * 授权昵称等信息-实际登录
  47. * @param Request $request
  48. * @return Response
  49. */
  50. #[PostMapping("nickname/auth")]
  51. public function loginNicknameAuth(Request $request): Response
  52. {
  53. try {
  54. $param = $this->_valid([
  55. "avatar.require" => trans("empty.require"),
  56. "nickname.require" => trans("empty.require"),
  57. "mobile.require" => trans("empty.require"),
  58. ],$request->method());
  59. if (!is_array($param)) return error($param);
  60. $mobileData = json_decode($param['mobile'],true);
  61. $mobile = [];
  62. if (!empty($param['mobile'])) {
  63. if (!isset($mobileData['openid'])) return error("授权失败");
  64. $mobile = $this->decrypt2code(sConf('wechat.min_private_key'), $mobileData['mobile']);
  65. }
  66. if (empty($mobile)) return error("授权登录失败");
  67. $userInfo = [
  68. "openid" => $mobileData['openid'],
  69. "nickname" => $param['nickname'],
  70. "avatar" => $param['avatar']
  71. ];
  72. $map = ["openid" => $mobileData['openid']];
  73. if (!empty($mobile['purePhoneNumber'])) {
  74. $userInfo['mobile'] = $mobile['purePhoneNumber'];
  75. }
  76. $user = $this->model->where($map)->findOrEmpty();
  77. if ($user->isEmpty()) {
  78. $userInfo["create_ip"] = $request->getRealIp();
  79. $user->insertGetId($userInfo);
  80. }
  81. $userAuth = get_object_vars(AuthFacade::guard("user")->login(['openid' => $mobileData['openid']]));
  82. return success("ok",$userAuth);
  83. } catch (\Throwable $throwable) {
  84. return error($throwable->getMessage());
  85. }
  86. }
  87. #[PostMapping("nickname")]
  88. public function log2nickname(Request $request): Response
  89. {
  90. try {
  91. $param = $request->post();
  92. $sessionKey = (new Crypt)->config($this->getDyConfig())->getSessionKey($param['login']);
  93. if (empty($sessionKey)) return error("授权登录失败");
  94. $userInfo = [
  95. "openid" => $sessionKey['openid'],
  96. "nickname" => $param['nickname']??'',
  97. "avatar" => $param['avatar']??'',
  98. "create_ip" => $request->getRealIp()
  99. ];
  100. $map = ["openid" => $sessionKey['openid']];
  101. $user = $this->model->where($map)->findOrEmpty();
  102. if ($user->isEmpty()) {
  103. $user->insertGetId($userInfo);
  104. } else {
  105. $user->nickname = $param['nickname']??'';
  106. $user->avatar = $param['avatar']??'';
  107. $user->save();
  108. }
  109. $userAuth = get_object_vars(AuthFacade::guard("user")->login(['openid' => $sessionKey['openid']]));
  110. return success("ok",$userAuth);
  111. } catch (\Throwable $th) {
  112. return error($th->getMessage());
  113. }
  114. }
  115. #[PostMapping("mobile")]
  116. public function log2mobile(Request $request): Response
  117. {
  118. try {
  119. $param = $request->post();
  120. $sessionKey = (new Crypt)->config($this->getDyConfig())->getSessionKey($param['login']);
  121. if (empty($sessionKey)) return error("授权登录失败");
  122. $mobile = [];
  123. if (!empty($param['code'])) {
  124. $mobileStr = (new Crypt)->config($this->getDyConfig())->token()->getMobile($param['code']);
  125. if (!empty($mobileStr)) {
  126. $mobile = $this->decrypt2code(sConf('wechat.min_private_key'), $mobileStr);
  127. }
  128. }
  129. $userInfo = [
  130. "openid" => $sessionKey['openid'],
  131. "nickname" => "DY-".strtoupper(CodeExtend::random(5,3)),
  132. "create_ip" => $request->getRealIp()
  133. ];
  134. $map = ["openid" => $sessionKey['openid']];
  135. if (!empty($mobile['purePhoneNumber'])) {
  136. $userInfo['mobile'] = $mobile['purePhoneNumber'];
  137. }
  138. $user = $this->model->where($map)->findOrEmpty();
  139. if ($user->isEmpty()) {
  140. $user->insertGetId($userInfo);
  141. }
  142. $userAuth = get_object_vars(AuthFacade::guard("user")->login(['openid' => $sessionKey['openid']]));
  143. return success("ok",$userAuth);
  144. } catch (\Throwable $th) {
  145. return error($th->getMessage());
  146. }
  147. }
  148. protected function decrypt2code($private_key, $ciphertext_str) {
  149. // 解码 base64 密文
  150. $ciphertext = base64_decode($ciphertext_str);
  151. // 使用私钥解密
  152. openssl_private_decrypt($ciphertext, $plaintext, $private_key, OPENSSL_PKCS1_PADDING);
  153. if ($plaintext === false) {
  154. return [];
  155. }
  156. return json_decode($plaintext,true);
  157. }
  158. protected function decrypt($encrypted_data, $session_key, $iv) {
  159. $data = base64_decode($encrypted_data);
  160. $key = base64_decode($session_key);
  161. $iv_decoded = base64_decode($iv);
  162. // 使用 AES-256-CBC 模式解密
  163. $decrypted = openssl_decrypt($data, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv_decoded);
  164. return $decrypted;
  165. }
  166. }