public function postInvite($id)
{
$this->projectId = $id = (int) $id;
if (!$this->getProjectPermission('setting')) {
return response()->json(['status' => false, 'message' => '没有权限进行此操作']);
}
$input = (string) request()->input('input');
if (is_email($input)) {
$type = 'email';
} else {
if (is_phone($input)) {
$type = 'phone';
} else {
return response()->json(['status' => false, 'message' => '请输入正确的手机号或邮箱']);
}
}
$user = User::hasBeenUsed($type, $input)->first();
$invite = new ProjectInvite();
$invite->user_id = auth()->id();
$invite->project_id = $this->projectId;
$invite->invite_code = substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890'), rand(0, 27), 8);
$invite->{'invited_user_' . $type} = $input;
if ($user) {
$invite->invited_user_id = $user->id;
if ($type == 'email' && $user->phone) {
$invite->invited_user_phone = $user->phone;
} else {
if ($type == 'phone' && $user->email) {
$invite->invited_user_email = $user->email;
}
}
}
$invite->save();
if ($user) {
if (!ProjectMember::where('project_id', $this->projectId)->where('user_id', $user->id)->exists()) {
$projectMember = new ProjectMember();
$projectMember->user_id = $user->id;
$projectMember->user_name = $user->realname;
$projectMember->project_id = $this->projectId;
$projectMember->save();
return response()->json(['status' => true, 'message' => '受邀用户成功加入项目组', 'data' => ['home' => url('user/' . $user->id), 'face' => oss_face_url($user->face, 's'), 'name' => $user->realname, 'id' => $user->id, 'isMaster' => $this->getProject()->user_id == auth()->id()], 'send' => url('project/' . $this->projectId . '/send-invite'), 'send_data' => ['invite_id' => $invite->id]]);
} else {
$invite->delete();
return response()->json(['status' => false, 'message' => '受邀用户已经在项目组了']);
}
} else {
return response()->json(['status' => true, 'message' => '你的邀请已发送', 'send' => url('project/' . $this->projectId . '/send-invite'), 'send_data' => ['invite_id' => $invite->id]]);
}
}
public function postSendVerify($type = null, RateLimiter $rateLimiter)
{
$user = auth()->user();
$request = request();
$response = response();
if (!$type) {
$type = $request->input('type');
}
if ($type != 'phone' && $type != 'email') {
$response->json(['status' => false, 'message' => '发送失败,Type参数错误!']);
}
$typeValue = $request->input('input_value');
if ($type == 'email') {
if ($typeValue == $user->email || !is_email($typeValue) || strlen($typeValue) > 64) {
return $response->json(['status' => false, 'message' => '请输入正确的新邮箱']);
}
} elseif ($type == 'phone') {
if ($typeValue == $user->phone || !is_phone($typeValue)) {
return $response->json(['status' => false, 'message' => '请输入正确的新手机号']);
}
}
// 60秒发送一次
$sessionKey = 'send_verify_last_time';
$sessionKey .= ".change.{$type}";
$sessionValue = session($sessionKey);
$currentTime = time();
if ($sessionValue && $sessionValue + 60 > $currentTime) {
return $response->json(['status' => false, 'message' => '发送失败,请不要频繁获取验证码']);
}
// 一个IP一个小时可以发送10次
$rateLimiterKey = 'send_verify_rate_limiter';
$rateLimiterKey .= ":change:{$type}_" . $user->id;
if ($rateLimiter->tooManyAttempts($rateLimiterKey, 60, 10)) {
return $response->json(['status' => false, 'message' => '当前网络环境获取已达上限,请一小时后再试']);
}
if (User::hasBeenUsed($type, $typeValue, true)->exists()) {
$typeName = $type == 'phone' ? '手机号' : '邮箱';
return $response->json(['status' => false, 'message' => '此' . $typeName . '已被其他用户使用']);
}
$code = rand(100000, 999999);
$value = ['type' => $type, 'code' => $code, 'value' => $typeValue, 'attempt' => 0, 'user_id' => $user->id];
$cacheKey = md5("send_verify_detail.change.{$typeValue}" . config('key'));
if ($type == 'phone') {
require app_path('Services/Taobao/TopSdk.php');
$status = sendSms('phone_change', $typeValue, ['code' => $code, 'product' => '积木']);
} elseif ($type == 'email') {
$vars = ['email' => $typeValue, 'code' => $code, 'link' => url('account/set/change-confirm') . '?key=' . urlencode($cacheKey)];
$view = 'user.set.change_verify_mail';
$status = \Mail::send($view, $vars, function ($message) use($typeValue) {
$message->to($typeValue);
$message->subject('[积木] 邮箱绑定验证码');
});
}
if (empty($status)) {
$status = false;
} else {
Cache::put($cacheKey, $value, 60);
session([$sessionKey => $currentTime]);
$rateLimiter->hit($rateLimiterKey);
}
$typeName = $type == 'phone' ? '短信' : '邮件';
return $response->json(['status' => (bool) $status, 'message' => $status ? '' : 'Oh. 验证' . $typeName . '发送失败,请稍后重试']);
}
public function postForgotPassword(Request $request)
{
$password = $this->getPassword($request);
if (!is_string($password)) {
return $password;
}
$detail = $this->getVerifiedDetail('forgot_password', $request);
if (!is_array($detail)) {
return $detail;
}
$verifyType = $detail['verify_type'];
$identifier = $detail['identifier'];
$user = User::hasBeenUsed($verifyType, $identifier, false)->first();
if ($user) {
$user->password = $password;
$user->{$verifyType . '_verified_at'} = time();
if ($user->save() && $user->login(null, true)) {
return response()->json(['status' => true, 'location' => url('user/home')]);
}
}
return response()->json(['status' => false, 'message' => '密码修改失败,请联系我们进行解决', 'field' => '']);
}