// +---------------------------------------------------------------------- namespace app\home\controller; use think\Db; use think\captcha\Captcha; use think\Validate; use Flc\Alidayu\Client; use Flc\Alidayu\App; use Flc\Alidayu\Requests\AlibabaAliqinFcSmsNumSend; use afs\Request\V20180112\AuthenticateSigRequest; use function EasyWeChat\Payment\get_client_ip; class Login extends Base { public function index() { if(session('hid')){ if($this->user['user_status']){ $this->redirect(__ROOT__."/"); }else{ $current_user=$this->user; $email = $current_user['member_list_email']; $this->assign("email",$email); return $this->view->fetch('user:active'); } }else{ $this->redirect(__ROOT__."/"); } } //验证码 public function verify(){ if (session('hid')) { $this->redirect(__ROOT__."/"); } return $this->verify_build('hid'); } /* * 退出登录 */ public function logout() { session('hid',null); session('user',null); session('api_token',null); cookie('yf_logged_user',null); $this->redirect(__ROOT__."/"); } //登录验证 public function runlogin(){ $token=input('token',''); $ticket=input('ticket'); $randstr=input('randstr'); if(empty($ticket)||empty($randstr)){ $this->error('请先通过验证'); } $secretKey = 'iK5c3HIfAPULVFyEDyXqvn0G8j4B2e0o'; $config=config('tccaptcha'); $config=$config['log']; $params=[]; $params['Action']='DescribeCaptchaResult'; $params['Version']='2019-07-22'; $params['CaptchaType']=9; $params['Ticket']=$ticket; $params['UserIp']=request()->ip(); $params['Randstr']=$randstr; $params['CaptchaAppId']=isset($config['appid'])?$config['appid']:''; $params['AppSecretKey']=isset($config['appsecret'])?$config['appsecret']:''; $params['SecretId']='AKIDA8pGJICmgL0Reg4Np9ETVHh4D6j7hgS0'; $params['Timestamp']=time(); $params['Nonce']=rand(); //$params['NeedGetCaptchaTime']=1; $path="captcha.tencentcloudapi.com/"; ksort($params); $signStr = "GET".$path."?"; foreach ($params as $key => $value ) { $signStr =$signStr.$key."=".$value."&"; } $signStr = substr($signStr,0,-1); $signature = base64_encode(hash_hmac("sha1", $signStr, $secretKey, true)); $params['Signature']=$signature; $url='https://'.$path.'?'.http_build_query($params); $res=go_curl2($url,'get'); try { $res=json_decode($res,true); if($res['Response']['CaptchaCode']!=1){ $this->error('图片验证失败！'); } } catch (\Exception $e) { $this->error('图片验证失败！'); } $member_list_username=input('member_list_username'); $member_list_pwd=input('member_list_pwd'); $logintype=input('logintype'); $remember=input('remember',0,'intval'); $rule = [ ['member_list_username','require','{%username empty}'], ['member_list_pwd','require','{%pwd empty}'], ]; $validate = new Validate($rule); $rst = $validate->check(array('member_list_username'=>$member_list_username,'member_list_pwd'=>$member_list_pwd)); if(true !==$rst){ $this->error(join('|',$validate->getError())); } $where=[]; if(strpos($member_list_username,"@")>0){//邮箱登陆 $where['member_list_email']=$member_list_username; }else{ $where['member_list_username']=$member_list_username; } if($logintype==1){ $where['member_list_groupid']=['not in',[7,10]]; }else{ $where['member_list_groupid']=['in',[7,10]]; } $member=Db::name("member_list")->where($where)->find(); if (!$member||encrypt_password($member_list_pwd,$member['member_list_salt'])!==$member['member_list_pwd']){ $this->error(lang('username or pwd incorrect'),'',['token'=>$token]); }else{ if($member['member_list_open']==0){ $this->error(lang('user disabled'),'',['token'=>$token]); } //更新字段 $data = array( 'last_login_time' => time(), 'last_login_ip' => request()->ip(), ); Db::name("member_list")->where(array('member_list_id'=>$member["member_list_id"]))->update($data); session('hid',$member['member_list_id']); session('user',$member); if($remember && $member['user_status']){ //更新cookie cookie('yf_logged_user', jiami("{$member['member_list_id']}.{$data['last_login_time']}")); } $this->success(lang('login success'),url('home/Login/check_active')); } } public function runsmslog(){ $logintype=input('logintype'); $remember=input('remember',0,'intval'); $rule = [ '__slogin__' =>'require|token:__slogin__' ]; $message =[ '__slogin__.require'=>'令牌缺失' ]; $validate=new Validate($rule,$message); $result=$validate->check(input()); $token=request()->token('__slogin__'); if(!$result){ $this->error($validate->getError(),'',['token'=>$token]); } $member_list_username=input('member_list_username'); $verify=input('verify',''); $where=[]; //手机 $where['sms_type']='smslog'; $where['sms_tel']=$member_list_username; $where['sms_time']=['>',time()-300]; $rst=Db::name('smslog')->where($where)->find(); if(!$rst||$rst['sms_code']!=$verify) $this->error('验证码不正确','',['token'=>$token]); $where=[]; $where['member_list_username']=$member_list_username; if($logintype==1){ $where['member_list_groupid']=['not in',[7,10]]; }else{ $where['member_list_groupid']=['in',[7,10]]; } $member=Db::name("member_list")->where($where)->find(); if (!$member){ $this->error(lang('username or pwd incorrect'),'',['token'=>$token]); }else{ if($member['member_list_open']==0){ $this->error(lang('user disabled'),'',['token'=>$token]); } //更新字段 $data = array( 'last_login_time' => time(), 'last_login_ip' => request()->ip(), ); Db::name("member_list")->where(array('member_list_id'=>$member["member_list_id"]))->update($data); session('hid',$member['member_list_id']); session('user',$member); if($remember && $member['user_status']){ //更新cookie cookie('yf_logged_user', jiami("{$member['member_list_id']}.{$data['last_login_time']}")); } $this->success(lang('login success'),url('home/Index/index')); } } private function reg(){ return $this->view->fetch('public:reg'); } private function log(){ return $this->view->fetch('public:log'); } public function forgot_pwd() { return $this->view->fetch('user:forgot_pwd'); } //验证码 public function verify_forgot() { if (session('hid')) { $this->redirect(__ROOT__."/"); } return $this->verify_build('forgot'); } public function get_code(){ $verifyCode = input("verify"); $check = input("type"); if(empty($verifyCode)){ $this->error('图形验证码为空！'); } //调用掌柜文化金服登录接口，不需要官网的验证码 $verify =new Captcha (); if($check=='smslog'){ if (!$verify->check($verifyCode,'smslogin')) { $this->error(lang('verifiy incorrect')); } }else{ if (!$verify->check($verifyCode, 'forgot')) { $this->error(lang('verifiy incorrect')); } } $account=input('account',''); $user=Db::name("member_list")->where('member_list_email|member_list_username|member_list_tel',$account)->find(); if($user){ if(stripos($account,'@')){ //邮箱 $code=random(6,'number'); $rst=Db::name("member_list")->where(array("member_list_id"=>$user['member_list_id']))->update(array("user_activation_key"=>$code)); if($rst){ $template = lang('emal text'). <<site_options['site_name'].' '.lang('pwd reset'), $content); if($send_result['error']){ return json(['code'=>0,'msg'=>lang('send pwd reset email failed')]); }else{ return json(['code'=>1]); } }else{ return json(['code'=>0,'msg'=>'获取失败,请重试']); } }else{ //手机 if($check=='smslog'){ $rst=Db::name('smslog')->where(['sms_type'=>'smslog','sms_tel'=>$account])->find(); }else{ $rst=Db::name('smslog')->where(['sms_type'=>'forgot','sms_tel'=>$account])->find(); } if($rst){ if($rst['sms_time']>(time()-120)){ return json(['code'=>0,'msg'=>'已获取过,'.(time()-$rst['sms_time']).'后稍后再试']); } } $rst_sms=false; $error='未设置短信平台配置'; $code=random(6,'number'); $customid=random(16,'number'); $extcode=random(6,'number'); if(config('alisms.on')){ $client = new Client(new App(config('alisms'))); $req = new AlibabaAliqinFcSmsNumSend; $req->setRecNum($account) ->setSmsParam([ 'number' => $code ]) ->setSmsFreeSignName(config('alisms.signName')) ->setSmsTemplateCode(config('alisms.TemplateCode'));//忘记密码短信模板 $resp = $client->execute($req); if($resp->result->success){ $rst_sms=true; }else{ $error=$resp->sub_msg; } }elseif(config('ymsms.on')){ //$arr=send_sms($account,'【'.config('ymsms.signname').'】您好，您的申请密码找回的验证码为'.$code.',验证码2分钟内有效!'); $msg='您好，您的申请密码找回的验证码为'.$code.',验证码5分钟内有效!'; if($check=='smslog'){ $msg='您好，您的短信登录验证码为'.$code.',验证码5分钟内有效!'; } $arr=send_sms($account,$msg); if($arr['code']==1){ $rst_sms=true; }else{ $error=$arr['msg']; } } if($rst_sms){ if($rst){ //更新 $rst['sms_time']=time(); $rst['sms_code']=$code; $rst=Db::name('smslog')->update($rst); if($rst!==false){ return json(['code'=>1]); }else{ return json(['code'=>0,'msg'=>'获取失败,请重试']); } }else{ //插入数据库 $data=[ 'sms_tel'=>$account, 'sms_time'=>time(), 'sms_code'=>$code, 'sms_customid'=>$customid, 'sms_extend'=>$extcode ]; if($check=='smslog'){ $data['sms_type']='smslog'; }else{ $data['sms_type']='forgot'; } $rst=Db::name('smslog')->insert($data); if($rst){ return json(['code'=>1]); }else{ return json(['code'=>0,'msg'=>'获取失败,请重试']); } } }else{ return json(['code'=>0,'msg'=>$error]); } } }else{ return json(['code'=>0,'msg'=>'该邮箱或手机未注册过']); } } public function runforgot_pwd() { if(request()->isPost()){ $logintype=input('logintype'); $rule = [ '__retri__' =>'require|token:__retri__' ]; $message =[ '__retri__.require'=>'令牌缺失' ]; $validate=new Validate($rule,$message); $result=$validate->check(input()); $token=request()->token('__retri__'); if(!$result){ $this->error($validate->getError(),url('index/index'),['token'=>$token]); } $member_list_username=input('member_list_username'); $verify=input('verify',''); $where=[]; $where['member_list_email|member_list_username|member_list_tel']=$member_list_username; if($logintype==1){ $where['member_list_groupid']=['not in',[7,10]]; }else{ $where['member_list_groupid']=['in',[7,10]]; } $find_user=Db::name("member_list")->where($where)->find(); if($find_user){ $mid=$find_user['member_list_id']; if(stripos($member_list_username,'@')){ $code=$find_user['user_activation_key']; //邮箱 if($code==$verify){ $this->success('验证正确',url('index/index'),['token'=>$token,'member_list_id'=>$mid,'code'=>$code]); }else{ $this->error('验证码不正确',url('index/index'),['token'=>$token]); } }else{ $code=$verify; $where=[]; //手机 $where['sms_type']='forgot'; $where['sms_tel']=$member_list_username; $where['sms_time']=['>',time()-300]; $rst=Db::name('smslog')->where($where)->find(); if(!$rst || $rst['sms_code']!=$verify) $this->error('验证码不正确',url('index/index'),['token'=>$token]); $this->success('验证正确',url('index/index'),['token'=>$token,'member_list_id'=>$mid,'code'=>$code]); } }else { $this->error(lang('member not exist'),url('index/index'),['token'=>$token]); } } } public function pwd_reset() { $type=input("type",1,'intval'); $member_list_id=input("member_list_id",0,'intval'); $code=input("code",''); $find_user=Db::name('member_list')->find($member_list_id); if($find_user){ if($type==1){ if(!$code || $find_user['user_activation_key']!=$code){ $this->error('激活验证码不正确',url('home/Index/index')); } }else{ $rst=Db::name('smslog')->where(['sms_type'=>'forgot','sms_code'=>$code,'sms_tel'=>$find_user['member_list_tel']])->find(); if(!$rst){ $this->error('激活验证码不正确',url('home/Index/index')); } } $this->assign("code",$code); $this->assign("member_list_id",$member_list_id); $this->assign("type",$type); return $this->view->fetch('user:pwd_reset'); }else{ $this->error('不存在此会员',url('home/Index/index')); } } //验证码 public function verify_reset() { if (session('hid')) { $this->redirect(__ROOT__."/"); } return $this->verify_build('pwd_reset'); } public function runpwd_reset() { if(request()->isPost()){ $rule = [ '__reset__' =>'require|token:__reset__' ]; $message =[ '__reset__.require'=>'令牌缺失' ]; $validate=new Validate($rule,$message); $result=$validate->check(input()); $token=request()->token('__reset__'); if(!$result){ $this->error($validate->getError(),url('index/index'),['token'=>$token]); } $verify =new Captcha(); if (!$verify->check(input('verify'), 'pwd_reset')) { $this->error(lang('verifiy incorrect'),url('index/index'),['token'=>$token]); } $rule = [ ['password','require|length:5,20','{%pwd empty}|{%pwd length}'], ['repassword','require|confirm:password','{%repassword empty}|{%repassword incorrect}'], ]; $validate = new Validate($rule); $rst= $validate->check(array('password'=>input('password'),'repassword'=>input('repassword'))); if(true !==$rst){ $error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError(); $this->error($error,url('index/index'),['token'=>$token]); }else{ $password=input('password'); $code=input('code',''); $type=input('type'); $member_list_id=input('member_list_id'); $find_user=Db::name('member_list')->find($member_list_id); if($find_user){ if($type==1){ if(!$code || $find_user['user_activation_key']!=$code){ $this->error('激活验证码不正确',url('index/index'),['token'=>$token]); } }else{ $rst=Db::name('smslog')->where(['sms_type'=>'forgot','sms_code'=>$code,'sms_tel'=>$find_user['member_list_tel']])->find(); if(!$rst){ $this->error('激活验证码不正确',url('index/index'),['token'=>$token]); } } $member_list_salt=random(10); $member_list_pwd=encrypt_password($password,$member_list_salt); $result=Db::name("member_list")->where('member_list_id',$member_list_id)->update(array('first_pwd'=>'','member_list_pwd'=>$member_list_pwd,'user_activation_key'=>'','member_list_salt'=>$member_list_salt)); if($result){ $this->success(lang('pwd reset success'),url('index/index'),['token'=>$token]); }else { $this->error(lang('pwd reset failed'),url('index/index'),['token'=>$token]); } }else{ $this->error('不存在此会员',url('index/index'),['token'=>$token]); } } } } public function check_active() { $this->check_login(); if($this->user['user_status']){ $this->redirect(__ROOT__."/"); }else{ $current_user=$this->user; $email = $current_user['member_list_email']; $this->assign("email",$email); $mailurl=null; if(stripos($email,'@163.com') or stripos($email,'@vip.163.com')) { $mailurl = 'http://mail.163.com'; }elseif(stripos($email,'@163.net') or stripos($email,'@vip.tom.com')) { $mailurl = 'http://www.163.net/'; }elseif(stripos($email,'@qq.com') or stripos($email,'@vip.qq.com') or stripos($email,'@foxmail.com')) { $mailurl = 'http://mail.qq.com'; }elseif(stripos($email,'@126.com')) { $mailurl = 'http://mail.126.com'; }elseif(stripos($email,'@yeah.net')) { $mailurl = 'http://mail.yeah.net/'; }elseif(stripos($email,'@msn.com') or stripos($email,'@hotmail.com') or stripos($email,'@live.cn') or stripos($email,'@live.com')) { $mailurl = 'http://hotmail.msn.com/'; }elseif(stripos($email,'@yahoo.cn') or stripos($email,'@yahoo.com.cn')) { $mailurl = 'https://login.yahoo.com/config/mail?&.src=ym&.intl=cn'; }elseif(stripos($email,'@yahoo.com.tw')) { $mailurl = 'https://login.yahoo.com/config/mail?&.src=ym&.intl=tw'; }elseif(stripos($email,'@sohu.com') or stripos($email,'@vip.sohu.com')) { $mailurl = 'http://mail.sohu.com/'; }elseif(stripos($email,'@sina.com') or stripos($email,'@vip.sina.com') or stripos($email,'@sina.cn') or stripos($email,'@51uc.com') or stripos($email,'@2008.sina.com')) { $mailurl = 'http://mail.sina.com.cn/'; }elseif(stripos($email,'@gmail.com')) { $mailurl = 'http://gmail.google.com/'; }elseif(stripos($email,'@gmail.com')) { $mailurl = 'http://mail.10086.cn/'; }elseif(stripos($email,'@gmail.com')) { $mailurl = 'http://mail.10086.cn/'; }elseif(stripos($email,'@tom.com')) { $mailurl = 'http://mail.tom.com/'; }elseif(stripos($email,'@188.com')) { $mailurl = 'http://vip.188.com/'; }elseif(stripos($email,'@21cn.com') or stripos($email,'@vip.21cn.com') or stripos($email,'@21cn.net')) { $mailurl = 'http://mail.21cn.com/'; }elseif(stripos($email,'@263.net')) { $mailurl = 'https://www.263.net/'; }elseif(stripos($email,'@china.com')) { $mailurl = 'http://mail.china.com/'; } $this->assign("mailurl",$mailurl); //判断是否激活 return $this->view->fetch('user:active'); } } //重发激活邮件 public function resend() { $this->check_login(); $current_user=$this->user; if($current_user['user_status']==0){ if($current_user['member_list_email']){ $active_options=get_active_options(); $activekey=md5($current_user['member_list_id'].time().uniqid());//激活码 $result=Db::name('member_list')->where(array("member_list_id"=>$current_user['member_list_id']))->update(array("user_activation_key"=>$activekey)); if(!$result){ $this->error(lang('activation code generation failed')); } //生成激活链接 $url = url('home/Register/active',array("hash"=>$activekey), "", true); $template = $active_options['email_tpl']; $content = str_replace(array('http://#link#','#username#'), array($url,$current_user['member_list_username']),$template); $send_result=sendMail($current_user['member_list_email'], $active_options['email_title'], $content); if($send_result['error']){ return json(['code'=>0,'msg'=>lang('send active email failed')]); }else{ return json(['code'=>1,'msg'=>lang('send active email success'),'url'=>url('home/Login/index')]); } }else{ return json(['code'=>0,'msg'=>lang('no registered email'),'url'=>url('home/Login/index')]); } }else{ return json(['code'=>0,'msg'=>lang('activated'),'url'=>url('home/Login/index')]); } } protected function systemconfig(){ try{ $result = getSystemConfig(); if($result->result=='000000'){ $zgwhjf_config=[ 'login_verity_code_enable'=>$result->data->security->login->verifyCode_enable,//登录是否开启验证码 'login_verity_code_type'=>$result->data->security->login->verifyCode_type,//登录验证类型(SMS:短信 IMAGE:图像验证码) 'code'=>1,'msg'=>'提交成功' ]; return json($zgwhjf_config); }else{ } }catch (\Exception $e){ return json(['code'=>'0','msg'=>'获取失败']); } return json(['code'=>'0','msg'=>'获取失败']); } /** * 获取短信 */ public function loginSms(){ try{ $phone = input("member_list_username"); $verify = input("verify"); if(empty($verify)){ $this->error('验证码为空！'); } if(empty($phone)){ $this->error('手机号码为空！'); } $apitoken = session("api_token"); sendSms($phone,$verify,$apitoken); }catch (\Exception $e){ $this->error('获取失败'); } $this->success('获取失败'); } /** * 检查当前是否已登录 */ public function check_login(){ if(session('hid')){ return json(array('code'=>1)); }else{ return json(array('code'=>0)); } } }