From 1351ec583e6b4798770de529fe14c68f95355ac0 Mon Sep 17 00:00:00 2001
From: root <root@root.com>
Date: Sat, 28 Dec 2019 17:31:56 +0800
Subject: [PATCH] update

---
 .../Controllers/Passport/LoginController.php  | 43 ++++++++++++++-----
 1 file changed, 32 insertions(+), 11 deletions(-)

diff --git a/app/Http/Controllers/Passport/LoginController.php b/app/Http/Controllers/Passport/LoginController.php
index eb912e08..2ea42f4d 100755
--- a/app/Http/Controllers/Passport/LoginController.php
+++ b/app/Http/Controllers/Passport/LoginController.php
@@ -6,6 +6,8 @@ use Illuminate\Http\Request;
 use App\Http\Requests\Passport\LoginIndex;
 use App\Http\Controllers\Controller;
 use App\Models\User;
+use Illuminate\Support\Facades\Redis;
+use App\Utils\Helper;
 
 class LoginController extends Controller
 {
@@ -35,24 +37,43 @@ class LoginController extends Controller
     }
 
     public function token2Login (Request $request) {
-        if (empty($request->input('token'))) {
-            abort(500, '参数错误');
+        if ($request->input('token')) {
+            $user = User::where('token', $request->input('token'))->first();
+            if (!$user) {
+                return header('Location:' . config('v2board.app_url'));
+            }
+            $key = 'token2Login_' . Helper::guid();
+            Redis::set($key, $user->id);
+            Redis::expire($key, 600);
+            $redirect = '/#/login?verify='. $key .'&redirect=' . ($request->input('redirect') ? $request->input('redirect') : 'dashboard');
+            if (config('v2board.app_url')) {
+                $location = config('v2board.app_url') . $redirect;
+            } else {
+                $location = url($redirect);
+            }
+            return header('Location:' . $location);
         }
-        $redirect = $request->input('redirect') ? $request->input('redirect') : 'dashboard';
-        $user = User::where('token', $request->input('token'))->first();
-        if ($user) {
+
+        if ($request->input('verify')) {
+            $key = 'token2Login_' . $request->input('verify');
+            $userId = Redis::get($key);
+            if (!$userId) {
+                abort(500, '令牌有误');
+            }
+            $user = User::find($userId);
+            if (!$user) {
+                abort(500, '用户不存在');
+            }
             $request->session()->put('email', $user->email);
             $request->session()->put('id', $user->id);
             if ($user->is_admin) {
                 $request->session()->put('is_admin', true);
             }
+            Redis::del($key);
+            return response([
+                'data' => true
+            ]);
         }
-        if (config('v2board.app_url')) {
-            $location = config('v2board.app_url') . '/#/' . $redirect;
-        } else {
-            $location = url('/#/' . $redirect);
-        }
-        header('Location:' . $location);
     }
 
     public function check (Request $request) {