miao/server/app/Http/Controllers/Api/V1/AuthController.php

<?php

namespace App\Http\Controllers\Api\V1;

use App\Helper\SmsHelper;
use App\Models\UserBanks;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use App\Models\UserInfoModel;
use Illuminate\Http\Request;
use App\Services\Base\ErrorCode;
use App\User;
use Illuminate\Support\Facades\Hash;
use Validator, Auth, Cache;

class AuthController extends Controller
{
    use SmsHelper,AuthenticatesUsers;

    private $expireTime     = 1;
    private $keySmsCode     = 'auth:sms:';
    private $keySmsCodeExist     = 'auth:sms:exist';
    private $expireTimeExist     = 24*60;

    public function test(){
//        return $this->error(ErrorCode::SAVE_USER_FAILED);
        return $this->api(['test' => 'test']);
    }
    /**
     * @api {post} /api/auth/login 登陆（login）
     * @apiDescription 登陆(login)
     * @apiGroup Auth
     * @apiPermission none
     * @apiVersion 0.1.0
     * @apiParam {string}  phone    手机号码
     * @apiParam {String}  verify_code  手机验证码
     * @apiSuccessExample {json} Success-Response:
     * HTTP/1.1 200 OK
     * {
     *     "state": true,
     *     "code": 0,
     *     "message": "",
     *     "data": {
     *         "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjdjYWUyYzFmYTUwMTIyZDI0ZTRiYTZhZGZhNmQxYmZlOWNiMzIxMTBmYWJlZjNjYzIyNmViZjRmNGExNWM3NjllNmU2ZTNiYWE5OGNhOWUzIn0.eyJhdWQiOiIxIiwianRpIjoiN2NhZTJjMWZhNTAxMjJkMjRlNGJhNmFkZmE2ZDFiZmU5Y2IzMjExMGZhYmVmM2NjMjI2ZWJmNGY0YTE1Yzc2OWU2ZTZlM2JhYTk4Y2E5ZTMiLCJpYXQiOjE0NzU0MTE1NTgsIm5iZiI6MTQ3NTQxMTU1OCwiZXhwIjo0NjMxMDg1MTU4LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.E9YGEzuRUOk02aV1EiWLJ_pD0hKoCyW0k_sGy63hM3u5X8K_HI1kVhaU6JNLqLZeszIAroTEDB8XMgZKAqTLlwtL8PLCJcuDoxfk1BRHbfjhDheTsahBysKGalvNEpzRCrGlao0mS0Cg9qDpEsndtypPFS8sfaflToOzbJjiSK2DvQiHSH8xZI3zHJTezgZMz-pB_hPTxp8ajdv0ve1gWtWjs3vERr0Y91X4hngO8X7LuXtAYtfxGZRIye12YE7TuLBMYzj8CCfiRt7Smhyf4palNW5mzKlZpa2l87n6NQ14Iy4oMzQ2PON1j_swrosuE2yZohGOn6fDdSCBRdJ6dLD_emjBdQCQOoB63R7BbhFZgvFX25TjzFJ7r9AdVMiGmebuRKEVSZV_JCGu1C71OIbQk-UK35s00gSr2fmJGBbN2cZTXBRTJpfuMZ_ihFYEZrvVq_Ih2X0xkd36JUuxaUld1BXRgPZvH-9jBuhe0YW2OOlgwpdm6ZB8BMcuS4ftLoi6FipgzFqfIuy-0ZqPMDnJaG7Gycrdpxza00mgOFxYxJtqwZNsUWFRZEVU881l6VC_cy294YXSPQxUwEoyKg-G5Pm8AEB9bqv5z4EU4B8-XTd3zKNqtNba_snHbc711i4EytCiZfYSjNB1hwenq45YYOAhPTwOpFI0kxyRazc",
     *         "user": {
     *             "id": 1,
     *             "name": "15888888888",
     *             "email": "abcdefg@gmail.com",
     *             "type": 2,
     *             "phone": "15888888888",
     *             "avatar": null,
     *             "last_ip": null,
     *             "created_at": "2016-09-30 00:45:13",
     *             "updated_at": "2016-09-29 16:43:36"
     *         }
     *     }
     * }
     * @apiErrorExample {json} Error-Response:
     * HTTP/1.1 400 Bad Request
     * {
     *     "state": false,
     *     "code": 1000,
     *     "message": "传入参数不正确",
     *     "data": null or []
     * }
     * 可能出现的错误代码：
     *    1000    CLIENT_WRONG_PARAMS             传入参数不正确
     *    1103    VERIFY_CODE_TOO_MUCH          验证码大于5次
     *    1610    SERVICE_CODE_FAILED          验证码错误
     *
     */
    public function login(Request $request) {
        $validator = Validator::make($request->all(),
            [
                'phone'         => 'required|regex:/^1[34578]\d{9}$/',
//                'verify_code'      => 'required',
            ],
            [
                'phone.required'        => '手机号码必填',
                'phone.regex'           => '手机号码格式不正确',
//                'verify_code.required'      => '短信验证码必填',
            ]
        );

        if ($validator->fails())
            return $this->validatorError($validator->messages()->all(),ErrorCode::CLIENT_WRONG_PARAMS);

        $phone = $request->phone;
        $key = $this->keySmsCode . $phone;
        $code = Cache::store('file')->get($key);
        $password = 123456;
//        if ($request->verify_code != $code)
//            return $this->error(ErrorCode::SERVICE_CODE_FAILED);
        $a = UserInfoModel::where('tel',$phone)->first();
        if (count($a) == 0) {
            UserInfoModel::create(['tel'=>$phone,'password'=>bcrypt(123456)]);
        }
        $status = UserInfoModel::where('tel',$phone)->first()->status;
        if ($status == 0) return $this->error(ErrorCode::LOCK_USER);
        if (Auth::attempt(['tel'=>$phone,'password'=>$password])) {
            $user = Auth::user();
            $token = $user->createToken($user->tel)->accessToken;
            return $this->api(compact( 'user', 'code','token'));
        }else{
            return $this->error(ErrorCode::INCORRECT_USER_OR_PASS);
        }

    }

    /**
     * @api {get} /api/auth/logout 退出(logout)
     * @apiDescription 退出(logout)
     * @apiGroup Auth
     * @apiPermission Passport
     * @apiVersion 0.1.0
     * @apiSuccessExample {json} Success-Response:
     * HTTP/1.1 200 OK
     * {
     *     "state": true,
     *     "code": 0,
     *     "message": "",
     *     "data": {
     *         "result": true/false
     *     }
     * }
     * @apiErrorExample {json} Error-Response:
     * HTTP/1.1 400 Bad Request
     * {
     *     "state": false,
     *     "code": 1104,
     *     "message": "退出失败",
     *     "data": null
     * }
     * 可能出现的错误代码：
     *    1104    LOGOUT_FAILED                   退出失败
     */
    public function logout() {
        $user = Auth::user();
        if ($user->token()->delete()) {
            return $this->api(['result' => true]);
        }
        return $this->error(ErrorCode::LOGOUT_FAILED);
    }

    /**
     * @api {post} /api/auth/code 获取验证码(get code)
     * @apiDescription 获取验证码(get code)，验证码有效期暂定为15分钟
     * @apiGroup Auth
     * @apiPermission none
     * @apiVersion 0.1.0
     * @apiParam {string} phone   手机
     * @apiSuccessExample {json} Success-Response:
     * HTTP/1.1 200 OK
     * {
     *     "state": true,
     *     "code": 0,
     *     "message": "",
     *     "data": {
     *         "verify_code": "1234"//该值调试时使用，sms调通后取消
     *     }
     * }
     * @apiErrorExample {json} Error-Response:
     * HTTP/1.1 400 Bad Request
     * {
     *     "state": false,
     *     "code": 1000,
     *     "message": "传入参数不正确",
     *     "data": null or []
     * }
     * 可能出现的错误代码：
     *    1000    CLIENT_WRONG_PARAMS             传入参数不正确
     */
    public function getCode(Request $request)
    {

        $validator = Validator::make($request->all(),
            [
                'phone'         => 'required|regex:/^1[34578]\d{9}$/',
            ],
            [
                'phone.required'        => '手机号码必填',
                'phone.regex'           => '手机号码格式不正确',
            ]
        );

        if ($validator->fails())
            return $this->validatorError($validator->messages()->all(),ErrorCode::CLIENT_WRONG_PARAMS);

        $phone = $request->phone;
        $keyexist = $this->keySmsCodeExist . $phone;
        $times = Cache::store('file')->get($keyexist);

        if($times>5) {
            return $this->error(ErrorCode::VERIFY_CODE_TOO_MUCH);
        }else{
            $times++;
            Cache::store('file')->put($keyexist, $times, $this->expireTimeExist);
        }

        $verify_code = (string) mt_rand(1000, 9999);
        \Log::info('verify_code:'.$verify_code);
        $key = $this->keySmsCode . $phone;
        Cache::store('file')->put($key, $verify_code, $this->expireTime);
        $msg = '【喵喵】您的验证码是：' . $verify_code;
        $result = $this->sendSms($msg, $phone);

       /* if (!$result)
            $this->logger->Error("Send sms failed.");*/

        return $this->api(['verify_code' => $verify_code]);
    }


    public function refreshToken() {
        $token = '';//TODO

        return $this->api([
            'token'     => $token,
        ]);
    }

    /**
     * @api {post} /api/auth/password 设置密码(password)
     * @apiDescription 上传头像(password)
     * @apiGroup Auth
     * @apiPermission Passport
     * @apiVersion 0.1.0
     * @apiParam {String} password 密码
     * @apiSuccessExample {json} Success-Response:
     * HTTP/1.1 200 OK
     * {
     *     "state": true,
     *     "code": 0,
     *     "message": "",
     *     "data": {
     *         "result": true,
     *     }
     * }
     * @apiErrorExample {json} Error-Response:
     * HTTP/1.1 400 Bad Request
     * {
     *     "state": false,
     *     "code": 1000,
     *     "message": "传入参数不正确",
     *     "data": null or []
     * }
     * 可能出现的错误代码：
     *    200     SAVE_USER_FAILED                保存用户数据失败
     *    1000    CLIENT_WRONG_PARAMS             传入参数不正确
     */
    public function setPassword(Request $request) {
        $validator = Validator::make($request->input(),
            [
                'password'      => 'required|between:6,16',
            ],
            [
                'password.required'     => '请输入密码',
                'password.between'      => '密码长度6~16位',
            ]
        );

        if ($validator->fails()) {
            return $this->validatorError($validator->messages()->all(),ErrorCode::CLIENT_WRONG_PARAMS);
        }

        $pass = $request->get('password');

        $user = Auth::user();
        $user->password = bcrypt($pass);
        if (!$user->save()) {
            return $this->error(ErrorCode::SAVE_USER_FAILED);
        }

        return $this->api([
            'result'    => true,
        ]);
    }

    public function isLogin()
    {
        $user = Auth::user();
        $res = true;
        if(!$user) $res = false;
        return $this->api([
            'result'    => $res,
        ]);
    }

    public function check_password(Request $request)
    {
        $password = Auth::user()->password;

        if(!Hash::check($request->oldpassword,$password)) return $this->error(ErrorCode::CHECK_OLDPASSWORD_FAILED);

        return $this->api(null,0,'验证通过');
    }

    /**
     * @api {post} /api/auth/reset 找回密码(reset)
     * @apiDescription 找回密码(reset)
     * @apiGroup Auth
     * @apiPermission none
     * @apiVersion 0.1.0
     * @apiParam {Phone}  phone   手机
     * @apiParam {int} type 帐户类型：1.个人，2.商户
     * @apiParam {String} verify_code 手机验证码
     * @apiParam {String} password   password
     * @apiSuccessExample {json} Success-Response:
     * HTTP/1.1 200 OK
     * {
     *     "state": true,
     *     "code": 0,
     *     "message": "",
     *     "data": {
     *         "result": true,
     *     }
     * }
     * @apiErrorExample {json} Error-Response:
     * HTTP/1.1 400 Bad Request
     * {
     *     "state": false,
     *     "code": 1000,
     *     "message": "传入参数不正确",
     *     "data": null or []
     * }
     * 可能出现的错误代码：
     *    200     SAVE_USER_FAILED                保存用户数据失败
     *    1000    CLIENT_WRONG_PARAMS             传入参数不正确
     *    1101    INCORRECT_VERIFY_CODE           输入验证码错误
     *    1105    USER_DOES_NOT_EXIST             用户不存在
     */
    public function reset(Request $request) {
        $validator = Validator::make($request->all(),
            [
                'phone'         => 'required|regex:/^1[34578]\d{9}$/',
                'verify_code'    => 'required',
                'password'      => 'required|between:6,16',
            ],
            [
                'phone.required'        => '手机号码必填',
                'phone.regex'           => '手机号码格式不正确',
                'verify_code.required'   => '请输入校验码',
                'password.required'     => '请输入密码',
                'password.between'      => '密码长度6~16位',
            ]
        );

        if ($validator->fails()) {
            return $this->error(ErrorCode::CLIENT_WRONG_PARAMS, '', $validator->messages());
        }

        $phone = $request->get('phone');
        $verify_code = $request->get('verify_code');
        $pass = $request->get('password');

        $key = $this->keySmsCode . $phone;
//        if (Redis::exists($key)) {
        if (Cache::store('file')->has($key)) {
//            $code = Redis::get($key);
            $code = Cache::store('file')->get($key);
            if ($code == $verify_code) {
                $user = User::where([
                    'phone'     => $phone,
                ])->first();

                if (!$user) {
                    return $this->error(ErrorCode::USER_DOES_NOT_EXIST);
                }

                //$password = app('hash')->make($request->get('password'));
                $user->password = bcrypt($pass);
                if (!$user->save()) {
                    return $this->error(ErrorCode::SAVE_USER_FAILED);
                }
                Cache::store('file')->forget($key);

                return $this->api(['result' => true]);
            }
        }
        return $this->error(ErrorCode::INCORRECT_VERIFY_CODE);
    }


}