Beispiel #1
0
 public function postInvite($id)
 {
     $this->projectId = $id = (int) $id;
     if (!$this->getProjectPermission('setting')) {
         return response()->json(['status' => false, 'message' => '没有权限进行此操作']);
     }
     $input = (string) request()->input('input');
     if (is_email($input)) {
         $type = 'email';
     } else {
         if (is_phone($input)) {
             $type = 'phone';
         } else {
             return response()->json(['status' => false, 'message' => '请输入正确的手机号或邮箱']);
         }
     }
     $user = User::hasBeenUsed($type, $input)->first();
     $invite = new ProjectInvite();
     $invite->user_id = auth()->id();
     $invite->project_id = $this->projectId;
     $invite->invite_code = substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890'), rand(0, 27), 8);
     $invite->{'invited_user_' . $type} = $input;
     if ($user) {
         $invite->invited_user_id = $user->id;
         if ($type == 'email' && $user->phone) {
             $invite->invited_user_phone = $user->phone;
         } else {
             if ($type == 'phone' && $user->email) {
                 $invite->invited_user_email = $user->email;
             }
         }
     }
     $invite->save();
     if ($user) {
         if (!ProjectMember::where('project_id', $this->projectId)->where('user_id', $user->id)->exists()) {
             $projectMember = new ProjectMember();
             $projectMember->user_id = $user->id;
             $projectMember->user_name = $user->realname;
             $projectMember->project_id = $this->projectId;
             $projectMember->save();
             return response()->json(['status' => true, 'message' => '受邀用户成功加入项目组', 'data' => ['home' => url('user/' . $user->id), 'face' => oss_face_url($user->face, 's'), 'name' => $user->realname, 'id' => $user->id, 'isMaster' => $this->getProject()->user_id == auth()->id()], 'send' => url('project/' . $this->projectId . '/send-invite'), 'send_data' => ['invite_id' => $invite->id]]);
         } else {
             $invite->delete();
             return response()->json(['status' => false, 'message' => '受邀用户已经在项目组了']);
         }
     } else {
         return response()->json(['status' => true, 'message' => '你的邀请已发送', 'send' => url('project/' . $this->projectId . '/send-invite'), 'send_data' => ['invite_id' => $invite->id]]);
     }
 }
Beispiel #2
0
 public function postSendVerify($type = null, RateLimiter $rateLimiter)
 {
     $user = auth()->user();
     $request = request();
     $response = response();
     if (!$type) {
         $type = $request->input('type');
     }
     if ($type != 'phone' && $type != 'email') {
         $response->json(['status' => false, 'message' => '发送失败,Type参数错误!']);
     }
     $typeValue = $request->input('input_value');
     if ($type == 'email') {
         if ($typeValue == $user->email || !is_email($typeValue) || strlen($typeValue) > 64) {
             return $response->json(['status' => false, 'message' => '请输入正确的新邮箱']);
         }
     } elseif ($type == 'phone') {
         if ($typeValue == $user->phone || !is_phone($typeValue)) {
             return $response->json(['status' => false, 'message' => '请输入正确的新手机号']);
         }
     }
     // 60秒发送一次
     $sessionKey = 'send_verify_last_time';
     $sessionKey .= ".change.{$type}";
     $sessionValue = session($sessionKey);
     $currentTime = time();
     if ($sessionValue && $sessionValue + 60 > $currentTime) {
         return $response->json(['status' => false, 'message' => '发送失败,请不要频繁获取验证码']);
     }
     // 一个IP一个小时可以发送10次
     $rateLimiterKey = 'send_verify_rate_limiter';
     $rateLimiterKey .= ":change:{$type}_" . $user->id;
     if ($rateLimiter->tooManyAttempts($rateLimiterKey, 60, 10)) {
         return $response->json(['status' => false, 'message' => '当前网络环境获取已达上限,请一小时后再试']);
     }
     if (User::hasBeenUsed($type, $typeValue, true)->exists()) {
         $typeName = $type == 'phone' ? '手机号' : '邮箱';
         return $response->json(['status' => false, 'message' => '此' . $typeName . '已被其他用户使用']);
     }
     $code = rand(100000, 999999);
     $value = ['type' => $type, 'code' => $code, 'value' => $typeValue, 'attempt' => 0, 'user_id' => $user->id];
     $cacheKey = md5("send_verify_detail.change.{$typeValue}" . config('key'));
     if ($type == 'phone') {
         require app_path('Services/Taobao/TopSdk.php');
         $status = sendSms('phone_change', $typeValue, ['code' => $code, 'product' => '积木']);
     } elseif ($type == 'email') {
         $vars = ['email' => $typeValue, 'code' => $code, 'link' => url('account/set/change-confirm') . '?key=' . urlencode($cacheKey)];
         $view = 'user.set.change_verify_mail';
         $status = \Mail::send($view, $vars, function ($message) use($typeValue) {
             $message->to($typeValue);
             $message->subject('[积木] 邮箱绑定验证码');
         });
     }
     if (empty($status)) {
         $status = false;
     } else {
         Cache::put($cacheKey, $value, 60);
         session([$sessionKey => $currentTime]);
         $rateLimiter->hit($rateLimiterKey);
     }
     $typeName = $type == 'phone' ? '短信' : '邮件';
     return $response->json(['status' => (bool) $status, 'message' => $status ? '' : 'Oh. 验证' . $typeName . '发送失败,请稍后重试']);
 }
 public function postForgotPassword(Request $request)
 {
     $password = $this->getPassword($request);
     if (!is_string($password)) {
         return $password;
     }
     $detail = $this->getVerifiedDetail('forgot_password', $request);
     if (!is_array($detail)) {
         return $detail;
     }
     $verifyType = $detail['verify_type'];
     $identifier = $detail['identifier'];
     $user = User::hasBeenUsed($verifyType, $identifier, false)->first();
     if ($user) {
         $user->password = $password;
         $user->{$verifyType . '_verified_at'} = time();
         if ($user->save() && $user->login(null, true)) {
             return response()->json(['status' => true, 'location' => url('user/home')]);
         }
     }
     return response()->json(['status' => false, 'message' => '密码修改失败,请联系我们进行解决', 'field' => '']);
 }