param(); if(!$data['username']){ return CatchResponse::fail('手机号码不能为空'); } if(!$data['smsCode']){ return CatchResponse::fail('短信验证码不能为空'); } if(! $data['password']){ return CatchResponse::fail('密码不能为空'); } if(! $data['confirmPassword']){ return CatchResponse::fail('请输入确认密码'); } if ($data['password'] != $data['confirmPassword']) { return CatchResponse::fail('两次密码不一致'); } // 号码是否已注册 $userinfo = Db::name('users')->where(['username'=>$data['username']])->find(); if ($userinfo) { return CatchResponse::fail('该号码已注册'); } // 验证码有效性 $res = $this->isValidSmsCode($data['username'], $data['smsCode']); if (!$res['success']) { return CatchResponse::fail($res['message']); } //设置转换密码 $user=new Users(); $savePwd = $user->setPasswordAttr($data['password']); $saveData = [ 'username' => $data['username'], 'password' => $savePwd ]; $userid = Db::name('users')->insert($saveData); if(!$userid){ return CatchResponse::fail('注册失败'); } return CatchResponse::success('注册成功'); } //重置密码 /** * Undocumented function * * @param Request $request * @username 手机号 * @smsCode 手机验证码 * @password 密码 * @confirmPassword 重复密码 * @ * @return void */ public function resetPassword(Request $request) { header('Access-Control-Allow-Origin: *'); // 通过手机号和短信验证码注册 $data = $request->param(); if(!$data['username']){ return CatchResponse::fail('手机号码不能为空'); } if(!$data['smsCode']){ return CatchResponse::fail('短信验证码不能为空'); } if(! $data['password']){ return CatchResponse::fail('密码不能为空'); } if(! $data['confirmPassword']){ return CatchResponse::fail('确认密码不能为空'); } if ($data['password'] != $data['confirmPassword']) { return CatchResponse::fail('两次密码不一致'); } // 判断角色、号码是否已注册 $userinfo = Users::where('username',$data['username'])->find(); if (empty($userinfo)) { return CatchResponse::fail('该号码未注册'); } // 验证码有效性 $res = $this->isValidSmsCode($data['username'], $data['smsCode']); if (!$res['success']) { return CatchResponse::fail($res['message']); } // 重置密码 $user=new Users(); $savePwd = $user->setPasswordAttr($data['password']); $cond = ['id' => $userinfo['id']]; $res = Users::where($cond)->update(["password"=>$savePwd]); if($res === false){ return CatchResponse::fail('重置失败'); } return CatchResponse::success('重置成功'); } /** * @username 手机号 * isReset 是否重置密码 1代表重置 0未重置 */ //发送短信验证码 public function sendSmsCode(Request $request){ header('Access-Control-Allow-Origin: *'); $postData = $request->param(); //判断账号和密码是否存在 if (!$postData['username']) { return CatchResponse::fail('手机号不存在'); } if (!preg_match('/^1[3456789]\d{9}$/', $postData['username'])) { return CatchResponse::fail('手机号格式不存在'); } // 是否重置密码 //1代表重置 //0 未重置 $isReset = $postData['isReset']; // 号码是否已注册 $userinfo = Db::name("users")->where('username',$postData['username'])->find(); // 重置密码时 if ($isReset && empty($userinfo)) { return CatchResponse::fail('该号码未注册'); } elseif (!$isReset && $userinfo) { return CatchResponse::fail('该号码已注册'); } $sms_code_mode = Db::name('sms_verification_code'); // 短信验证码模型 // 防盗刷IP地址检测 $todayTime = strtotime(date('Y-m-d')); $where = ['access_ip' => $_SERVER['REMOTE_ADDR'], 'created_at' => ['GT', $todayTime]]; $count = $sms_code_mode->where($where)->count(); if ($count >= 10) { return CatchResponse::fail('已达到当日获取次数上限'); } // 获取短信配置 $rlyunId = Db::name('sms_config')->where(['name' => 'rlyun'])->value('id'); $smsConfig = Db::name('sms_config')->where(['pid' => $rlyunId])->column('key,value'); $test=null; foreach ($smsConfig as $key=>$value) { $test[$value['key']]=$value['value']; } $smsConfig=$test; if (empty($smsConfig)) { return CatchResponse::fail('获取短信配置失败'); } // 获取短信验证码模板信息 $where = ['operator' => 'rlyun', 'code' => 'verification_code']; $tmpInfo = Db::name('sms_template')->where($where)->find(); if (empty($tmpInfo)) { return CatchResponse::fail('获取短信验证码模板信息失败'); } // 生成验证码 $code = rand(0, 9999); $code = str_pad($code, 4, '0',STR_PAD_LEFT); // 保存验证码 $time = time(); $saveData = [ 'mobile' => $postData['username'], 'code' => $code, 'access_ip' => $_SERVER['REMOTE_ADDR'], 'created_at' => $time, 'updated_at' => $time, ]; Db::startTrans(); // 开启事务 // createAdd($saveData); $res = $sms_code_mode->insert($saveData); if ($res === false) { Db::rollback(); return CatchResponse::fail('发送失败，请稍后重试'); } // 发送短信验证码 $content = str_replace('{1}', $code, $tmpInfo['content']); $content = str_replace('{2}', '5分钟', $content); $contentData = [ 'tplno' => $tmpInfo['identify'], 'tpldata' => [ $code, '5分钟' ], //'tpldata' => $content, // error test 'info' => $content, ]; $res = send_sms_with_config($postData['username'], $contentData, $smsConfig,array()); if (!$res['success']) { Db::rollback(); Db::name('sms_send_log')->insert($res['data']); return CatchResponse::fail($res['message'] ?: '发送失败'); } Db::commit(); return CatchResponse::success($res['message']); } //校验密码 private function isValidSmsCode( $mobile, $code ){ if (!$mobile) { return ['success' => false, 'message' => '手机号码不存在']; } if (!$code) { return ['success' => false, 'message' => '验证码不存在']; } // 根据手机号码和验证码查询最后一次验证码 $sms_verification_code_model = Db::name('sms_verification_code'); $cond = [ 'mobile' => $mobile, 'code' => $code ]; $info = $sms_verification_code_model->where($cond)->order('created_at', 'desc')->find(); // 不存在 if (empty($info)) { return ['success' => false, 'message' => '验证失败，请确保手机号码和验证码输入无误']; } // 超过时间（暂定5分钟） $valid_time = 60 * 5; if (time() - $info['created_at'] > $valid_time) { return ['success' => false, 'message' => '验证码已失效']; } // 超过使用次数（暂定3次） if ($info['use_times'] >= 3) { return ['success' => false, 'message' => '验证码已失效']; } // 可以使用，使用次数+1 $cond = ['id' => $info['id']]; $user_times=$sms_verification_code_model->where($cond)->value('use_times'); $res = $sms_verification_code_model->where($cond)->update(['use_times'=>$user_times+1]); if ($res === false) { return ['success' => false, 'message' => '操作失败，请重试']; } return ['success' => true, 'message' => '验证码有效']; } }