guagua_php/app/model/User.php

<?php

namespace app\model;

use think\facade\Session;
use think\Model;

class User extends Model
{
    /**
     * 注册用户
     * @param $data
     * @return bool
     * @throws \think\db\exception\DataNotFoundException
     * @throws \think\db\exception\DbException
     * @throws \think\db\exception\ModelNotFoundException
     */
    public function register($data)
    {

        $user = $this->where('phone', $data['phone'])->find();
        if ($user) return false;

        // 生成盐值
        $salt = $this->generateSalt();
        // 密码加盐值后哈希存储
        $password = $this->generateHashedPassword($data['password'], $salt);

        $this->save([
            'username' => generate_random_str(),
            'password' => $password,
            'salt' => $salt,
            'phone' => $data['phone'],
            'invite_code' => $data['invite_code'],
            'register_time' => date("Y-m-d H:i:s",time())
        ]);

        return true;
    }

    /**
     * 用户登录
     * @param $data
     * @return User|array|mixed|Model
     * @throws \think\db\exception\DataNotFoundException
     * @throws \think\db\exception\DbException
     * @throws \think\db\exception\ModelNotFoundException
     * @author whj
     * @date 2023-08-22 16:28
     */
    public function login($data)
    {
        // 根据用户名查询用户信息
        $user = $this->where('phone', $data['phone'])->field('id,username,phone,invite_code,password,salt')->find();

        if ($user) {
            // 使用相同的盐值对输入密码进行哈希验证
            $hashedPassword = $this->generateHashedPassword($data['password'], $user->salt);

            if ($user->password === $hashedPassword) {

                # 缓存用户信息
                $login_user_data = $user->toArray();
                unset($login_user_data['password'],$login_user_data['salt']);
                Session::set('login_user_data',$login_user_data);
                // 登录成功
                return ['status' => true, 'msg' => '登录成功', 'data' => $login_user_data];
            } else {

                return ['status' => false, 'msg' => '密码错误'];
            }
        }

        return ['status' => false, 'msg' => '手机号未注册'];
    }

    /**
     * 找回密码
     * @param $data
     * @return array
     * @throws \think\db\exception\DataNotFoundException
     * @throws \think\db\exception\DbException
     * @throws \think\db\exception\ModelNotFoundException
     */
    public function retrieve($data)
    {
        // 根据用户名查询用户信息
        $user = $this->where('phone', $data['phone'])->find();

        if ($user) {

            // 生成盐值
            $salt = $this->generateSalt();
            $password = $this->generateHashedPassword($data['password'], $salt);
            // 密码加盐值后哈希存储
            $user->password = $password;
            $user->salt = $salt;
            $user->update_time = date("Y-m-d H:i:s",time());
            $user->save();

            return ['status' => true, 'msg' => '密码重制成功'];
        }

        return ['status' => false, 'msg' => '手机号未注册'];
    }

    /**
     * 修改密码
     * @param $data
     * @return array
     * @throws \think\db\exception\DataNotFoundException
     * @throws \think\db\exception\DbException
     * @throws \think\db\exception\ModelNotFoundException
     */
    public function modifyPassword($data)
    {
        $user = Session::get('login_user_data');

        if ($user) {

            $userModel = $this->find($user['id']);
            $password = $this->generateHashedPassword($data['password'], $userModel->salt);

            if ($userModel->password == $password) {
                return ['status' => false, 'msg' => '新密码与原密码一致'];
            }

            // 生成盐值
            $salt = $this->generateSalt();
            $new_password = $this->generateHashedPassword($data['password'], $salt);

            // 密码加盐值后哈希存储
            $userModel->password = $new_password;
            $userModel->salt = $salt;
            $userModel->update_time = date("Y-m-d H:i:s",time());

            $this->save();

            return ['status' => true, 'msg' => '修改成功'];
        }

        return ['status' => false, 'msg' => '登陆状态有误'];
    }

    /**
     * 手机号短信验证码验证
     * @param $phone
     * @param $smsCode
     * @return bool
     */
    public function verifySmsCode($phone, $smsCode)
    {
        // 在这个方法中，您可以调用您的短信服务提供商的API进行验证码验证
        // 这里简化为直接比较验证码
        // 请根据实际情况自行实现验证码验证逻辑

        // 假设存储了正确的短信验证码
        $correctSmsCode = '123456';

        if ($smsCode === $correctSmsCode) {
            return true;
        }

        return false;
    }

    /**
     * 验证邀请码是否有效
     * @param $invite_code
     * @return bool
     * @throws \think\db\exception\DataNotFoundException
     * @throws \think\db\exception\DbException
     * @throws \think\db\exception\ModelNotFoundException
     */
    public function verifyInviteCode($invite_code)
    {
        $codeRes = $this->where('invite_code',$invite_code)->find();

        if (empty($codeRes)) {
            return false;
        }

        return true;
    }

    /**
     * 生成盐值
     * @return string
     */
    private function generateSalt()
    {
        return generate_random_str(6);
    }

    /**
     * 密码加盐值后哈希存储
     * @param $password
     * @param $salt
     * @return string
     */
    private function generateHashedPassword($password, $salt)
    {
        return md5(md5($password) . md5($salt));
    }
}