mirror of
https://github.com/v2board/v2board.git
synced 2025-10-31 17:31:49 +08:00
update: new auth
This commit is contained in:
tokumeikoi
@@ -39,7 +39,7 @@ class ConfigController extends Controller
|
|||||||
public function testSendMail(Request $request)
|
public function testSendMail(Request $request)
|
||||||
{
|
{
|
||||||
$obj = new SendEmailJob([
|
$obj = new SendEmailJob([
|
||||||
'email' => $request->session()->get('email'),
|
'email' => $request->user->email,
|
||||||
'subject' => 'This is v2board test email',
|
'subject' => 'This is v2board test email',
|
||||||
'template_name' => 'notify',
|
'template_name' => 'notify',
|
||||||
'template_value' => [
|
'template_value' => [
|
||||||
|
|||||||
@@ -68,7 +68,7 @@ class TicketController extends Controller
|
|||||||
$ticketService->replyByAdmin(
|
$ticketService->replyByAdmin(
|
||||||
$request->input('id'),
|
$request->input('id'),
|
||||||
$request->input('message'),
|
$request->input('message'),
|
||||||
$request->session()->get('id')
|
$request->user->id
|
||||||
);
|
);
|
||||||
return response([
|
return response([
|
||||||
'data' => true
|
'data' => true
|
||||||
|
|||||||
@@ -167,8 +167,8 @@ class AuthController extends Controller
|
|||||||
'token' => $user->token,
|
'token' => $user->token,
|
||||||
'auth_data' => base64_encode("{$user->email}:{$user->password}")
|
'auth_data' => base64_encode("{$user->email}:{$user->password}")
|
||||||
];
|
];
|
||||||
$request->session()->put('email', $user->email);
|
|
||||||
$request->session()->put('id', $user->id);
|
Helper::setSession($request, $user);
|
||||||
$user->last_login_at = time();
|
$user->last_login_at = time();
|
||||||
$user->save();
|
$user->save();
|
||||||
|
|
||||||
@@ -210,16 +210,8 @@ class AuthController extends Controller
|
|||||||
'token' => $user->token,
|
'token' => $user->token,
|
||||||
'auth_data' => base64_encode("{$user->email}:{$user->password}")
|
'auth_data' => base64_encode("{$user->email}:{$user->password}")
|
||||||
];
|
];
|
||||||
$request->session()->put('email', $user->email);
|
|
||||||
$request->session()->put('id', $user->id);
|
if ($user->is_admin) $data['is_admin'] = true;
|
||||||
if ($user->is_admin) {
|
|
||||||
$request->session()->put('is_admin', true);
|
|
||||||
$data['is_admin'] = true;
|
|
||||||
}
|
|
||||||
if ($user->is_staff) {
|
|
||||||
$request->session()->put('is_staff', true);
|
|
||||||
$data['is_staff'] = true;
|
|
||||||
}
|
|
||||||
return response([
|
return response([
|
||||||
'data' => $data
|
'data' => $data
|
||||||
]);
|
]);
|
||||||
@@ -250,11 +242,7 @@ class AuthController extends Controller
|
|||||||
if ($user->banned) {
|
if ($user->banned) {
|
||||||
abort(500, __('Your account has been suspended'));
|
abort(500, __('Your account has been suspended'));
|
||||||
}
|
}
|
||||||
$request->session()->put('email', $user->email);
|
Helper::setSession($request, $user);
|
||||||
$request->session()->put('id', $user->id);
|
|
||||||
if ($user->is_admin) {
|
|
||||||
$request->session()->put('is_admin', true);
|
|
||||||
}
|
|
||||||
Cache::forget($key);
|
Cache::forget($key);
|
||||||
return response([
|
return response([
|
||||||
'data' => true
|
'data' => true
|
||||||
@@ -302,19 +290,6 @@ class AuthController extends Controller
|
|||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function check(Request $request)
|
|
||||||
{
|
|
||||||
$data = [
|
|
||||||
'is_login' => $request->session()->get('id') ? true : false
|
|
||||||
];
|
|
||||||
if ($request->session()->get('is_admin')) {
|
|
||||||
$data['is_admin'] = true;
|
|
||||||
}
|
|
||||||
return response([
|
|
||||||
'data' => $data
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function forget(AuthForget $request)
|
public function forget(AuthForget $request)
|
||||||
{
|
{
|
||||||
if (Cache::get(CacheKey::get('EMAIL_VERIFY_CODE', $request->input('email'))) !== $request->input('email_code')) {
|
if (Cache::get(CacheKey::get('EMAIL_VERIFY_CODE', $request->input('email'))) !== $request->input('email_code')) {
|
||||||
@@ -335,5 +310,4 @@ class AuthController extends Controller
|
|||||||
'data' => true
|
'data' => true
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -57,7 +57,7 @@ class TicketController extends Controller
|
|||||||
$ticketService->replyByAdmin(
|
$ticketService->replyByAdmin(
|
||||||
$request->input('id'),
|
$request->input('id'),
|
||||||
$request->input('message'),
|
$request->input('message'),
|
||||||
$request->session()->get('id')
|
$request->user->id
|
||||||
);
|
);
|
||||||
return response([
|
return response([
|
||||||
'data' => true
|
'data' => true
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ class CouponController extends Controller
|
|||||||
}
|
}
|
||||||
$couponService = new CouponService($request->input('code'));
|
$couponService = new CouponService($request->input('code'));
|
||||||
$couponService->setPlanId($request->input('plan_id'));
|
$couponService->setPlanId($request->input('plan_id'));
|
||||||
$couponService->setUserId($request->session()->get('id'));
|
$couponService->setUserId($request->user->id);
|
||||||
$couponService->check();
|
$couponService->check();
|
||||||
return response([
|
return response([
|
||||||
'data' => $couponService->getCoupon()
|
'data' => $couponService->getCoupon()
|
||||||
|
|||||||
@@ -14,11 +14,11 @@ class InviteController extends Controller
|
|||||||
{
|
{
|
||||||
public function save(Request $request)
|
public function save(Request $request)
|
||||||
{
|
{
|
||||||
if (InviteCode::where('user_id', $request->session()->get('id'))->where('status', 0)->count() >= config('v2board.invite_gen_limit', 5)) {
|
if (InviteCode::where('user_id', $request->user->id)->where('status', 0)->count() >= config('v2board.invite_gen_limit', 5)) {
|
||||||
abort(500, __('The maximum number of creations has been reached'));
|
abort(500, __('The maximum number of creations has been reached'));
|
||||||
}
|
}
|
||||||
$inviteCode = new InviteCode();
|
$inviteCode = new InviteCode();
|
||||||
$inviteCode->user_id = $request->session()->get('id');
|
$inviteCode->user_id = $request->user->id;
|
||||||
$inviteCode->code = Helper::randomChar(8);
|
$inviteCode->code = Helper::randomChar(8);
|
||||||
return response([
|
return response([
|
||||||
'data' => $inviteCode->save()
|
'data' => $inviteCode->save()
|
||||||
@@ -28,7 +28,7 @@ class InviteController extends Controller
|
|||||||
public function details(Request $request)
|
public function details(Request $request)
|
||||||
{
|
{
|
||||||
return response([
|
return response([
|
||||||
'data' => CommissionLog::where('invite_user_id', $request->session()->get('id'))
|
'data' => CommissionLog::where('invite_user_id', $request->user->id)
|
||||||
->where('get_amount', '>', 0)
|
->where('get_amount', '>', 0)
|
||||||
->select([
|
->select([
|
||||||
'id',
|
'id',
|
||||||
@@ -43,26 +43,26 @@ class InviteController extends Controller
|
|||||||
|
|
||||||
public function fetch(Request $request)
|
public function fetch(Request $request)
|
||||||
{
|
{
|
||||||
$codes = InviteCode::where('user_id', $request->session()->get('id'))
|
$codes = InviteCode::where('user_id', $request->user->id)
|
||||||
->where('status', 0)
|
->where('status', 0)
|
||||||
->get();
|
->get();
|
||||||
$commission_rate = config('v2board.invite_commission', 10);
|
$commission_rate = config('v2board.invite_commission', 10);
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
if ($user->commission_rate) {
|
if ($user->commission_rate) {
|
||||||
$commission_rate = $user->commission_rate;
|
$commission_rate = $user->commission_rate;
|
||||||
}
|
}
|
||||||
$stat = [
|
$stat = [
|
||||||
//已注册用户数
|
//已注册用户数
|
||||||
(int)User::where('invite_user_id', $request->session()->get('id'))->count(),
|
(int)User::where('invite_user_id', $request->user->id)->count(),
|
||||||
//有效的佣金
|
//有效的佣金
|
||||||
(int)Order::where('status', 3)
|
(int)Order::where('status', 3)
|
||||||
->where('commission_status', 2)
|
->where('commission_status', 2)
|
||||||
->where('invite_user_id', $request->session()->get('id'))
|
->where('invite_user_id', $request->user->id)
|
||||||
->sum('commission_balance'),
|
->sum('commission_balance'),
|
||||||
//确认中的佣金
|
//确认中的佣金
|
||||||
(int)Order::where('status', 3)
|
(int)Order::where('status', 3)
|
||||||
->where('commission_status', 0)
|
->where('commission_status', 0)
|
||||||
->where('invite_user_id', $request->session()->get('id'))
|
->where('invite_user_id', $request->user->id)
|
||||||
->sum('commission_balance'),
|
->sum('commission_balance'),
|
||||||
//佣金比例
|
//佣金比例
|
||||||
(int)$commission_rate,
|
(int)$commission_rate,
|
||||||
|
|||||||
@@ -19,7 +19,7 @@ class KnowledgeController extends Controller
|
|||||||
->first()
|
->first()
|
||||||
->toArray();
|
->toArray();
|
||||||
if (!$knowledge) abort(500, __('Article does not exist'));
|
if (!$knowledge) abort(500, __('Article does not exist'));
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
$userService = new UserService();
|
$userService = new UserService();
|
||||||
if ($userService->isAvailable($user)) {
|
if ($userService->isAvailable($user)) {
|
||||||
$appleId = config('v2board.apple_id');
|
$appleId = config('v2board.apple_id');
|
||||||
|
|||||||
@@ -29,7 +29,7 @@ class OrderController extends Controller
|
|||||||
{
|
{
|
||||||
public function fetch(Request $request)
|
public function fetch(Request $request)
|
||||||
{
|
{
|
||||||
$model = Order::where('user_id', $request->session()->get('id'))
|
$model = Order::where('user_id', $request->user->id)
|
||||||
->orderBy('created_at', 'DESC');
|
->orderBy('created_at', 'DESC');
|
||||||
if ($request->input('status') !== null) {
|
if ($request->input('status') !== null) {
|
||||||
$model->where('status', $request->input('status'));
|
$model->where('status', $request->input('status'));
|
||||||
@@ -50,7 +50,7 @@ class OrderController extends Controller
|
|||||||
|
|
||||||
public function detail(Request $request)
|
public function detail(Request $request)
|
||||||
{
|
{
|
||||||
$order = Order::where('user_id', $request->session()->get('id'))
|
$order = Order::where('user_id', $request->user->id)
|
||||||
->where('trade_no', $request->input('trade_no'))
|
->where('trade_no', $request->input('trade_no'))
|
||||||
->first();
|
->first();
|
||||||
if (!$order) {
|
if (!$order) {
|
||||||
@@ -72,14 +72,14 @@ class OrderController extends Controller
|
|||||||
public function save(OrderSave $request)
|
public function save(OrderSave $request)
|
||||||
{
|
{
|
||||||
$userService = new UserService();
|
$userService = new UserService();
|
||||||
if ($userService->isNotCompleteOrderByUserId($request->session()->get('id'))) {
|
if ($userService->isNotCompleteOrderByUserId($request->user->id)) {
|
||||||
abort(500, __('You have an unpaid or pending order, please try again later or cancel it'));
|
abort(500, __('You have an unpaid or pending order, please try again later or cancel it'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$planService = new PlanService($request->input('plan_id'));
|
$planService = new PlanService($request->input('plan_id'));
|
||||||
|
|
||||||
$plan = $planService->plan;
|
$plan = $planService->plan;
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
|
|
||||||
if (!$plan) {
|
if (!$plan) {
|
||||||
abort(500, __('Subscription plan does not exist'));
|
abort(500, __('Subscription plan does not exist'));
|
||||||
@@ -121,7 +121,7 @@ class OrderController extends Controller
|
|||||||
DB::beginTransaction();
|
DB::beginTransaction();
|
||||||
$order = new Order();
|
$order = new Order();
|
||||||
$orderService = new OrderService($order);
|
$orderService = new OrderService($order);
|
||||||
$order->user_id = $request->session()->get('id');
|
$order->user_id = $request->user->id;
|
||||||
$order->plan_id = $plan->id;
|
$order->plan_id = $plan->id;
|
||||||
$order->period = $request->input('period');
|
$order->period = $request->input('period');
|
||||||
$order->trade_no = Helper::generateOrderNo();
|
$order->trade_no = Helper::generateOrderNo();
|
||||||
@@ -177,7 +177,7 @@ class OrderController extends Controller
|
|||||||
$tradeNo = $request->input('trade_no');
|
$tradeNo = $request->input('trade_no');
|
||||||
$method = $request->input('method');
|
$method = $request->input('method');
|
||||||
$order = Order::where('trade_no', $tradeNo)
|
$order = Order::where('trade_no', $tradeNo)
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->where('status', 0)
|
->where('status', 0)
|
||||||
->first();
|
->first();
|
||||||
if (!$order) {
|
if (!$order) {
|
||||||
@@ -216,7 +216,7 @@ class OrderController extends Controller
|
|||||||
{
|
{
|
||||||
$tradeNo = $request->input('trade_no');
|
$tradeNo = $request->input('trade_no');
|
||||||
$order = Order::where('trade_no', $tradeNo)
|
$order = Order::where('trade_no', $tradeNo)
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->first();
|
->first();
|
||||||
if (!$order) {
|
if (!$order) {
|
||||||
abort(500, __('Order does not exist'));
|
abort(500, __('Order does not exist'));
|
||||||
@@ -249,7 +249,7 @@ class OrderController extends Controller
|
|||||||
abort(500, __('Invalid parameter'));
|
abort(500, __('Invalid parameter'));
|
||||||
}
|
}
|
||||||
$order = Order::where('trade_no', $request->input('trade_no'))
|
$order = Order::where('trade_no', $request->input('trade_no'))
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->first();
|
->first();
|
||||||
if (!$order) {
|
if (!$order) {
|
||||||
abort(500, __('Order does not exist'));
|
abort(500, __('Order does not exist'));
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ class PlanController extends Controller
|
|||||||
{
|
{
|
||||||
public function fetch(Request $request)
|
public function fetch(Request $request)
|
||||||
{
|
{
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
if ($request->input('id')) {
|
if ($request->input('id')) {
|
||||||
$plan = Plan::where('id', $request->input('id'))->first();
|
$plan = Plan::where('id', $request->input('id'))->first();
|
||||||
if (!$plan) {
|
if (!$plan) {
|
||||||
|
|||||||
@@ -19,7 +19,7 @@ class ServerController extends Controller
|
|||||||
{
|
{
|
||||||
public function fetch(Request $request)
|
public function fetch(Request $request)
|
||||||
{
|
{
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
$servers = [];
|
$servers = [];
|
||||||
$userService = new UserService();
|
$userService = new UserService();
|
||||||
if ($userService->isAvailable($user)) {
|
if ($userService->isAvailable($user)) {
|
||||||
|
|||||||
@@ -18,7 +18,7 @@ class StatController extends Controller
|
|||||||
'user_id',
|
'user_id',
|
||||||
'server_rate'
|
'server_rate'
|
||||||
])
|
])
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->where('record_at', '>=', strtotime(date('Y-m-1')))
|
->where('record_at', '>=', strtotime(date('Y-m-1')))
|
||||||
->orderBy('record_at', 'DESC');
|
->orderBy('record_at', 'DESC');
|
||||||
return response([
|
return response([
|
||||||
|
|||||||
@@ -22,6 +22,6 @@ class TelegramController extends Controller
|
|||||||
|
|
||||||
public function unbind(Request $request)
|
public function unbind(Request $request)
|
||||||
{
|
{
|
||||||
$user = User::where('user_id', $request->session()->get('id'))->first();
|
$user = User::where('user_id', $request->user->id)->first();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -21,7 +21,7 @@ class TicketController extends Controller
|
|||||||
{
|
{
|
||||||
if ($request->input('id')) {
|
if ($request->input('id')) {
|
||||||
$ticket = Ticket::where('id', $request->input('id'))
|
$ticket = Ticket::where('id', $request->input('id'))
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->first();
|
->first();
|
||||||
if (!$ticket) {
|
if (!$ticket) {
|
||||||
abort(500, __('Ticket does not exist'));
|
abort(500, __('Ticket does not exist'));
|
||||||
@@ -38,7 +38,7 @@ class TicketController extends Controller
|
|||||||
'data' => $ticket
|
'data' => $ticket
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
$ticket = Ticket::where('user_id', $request->session()->get('id'))
|
$ticket = Ticket::where('user_id', $request->user->id)
|
||||||
->orderBy('created_at', 'DESC')
|
->orderBy('created_at', 'DESC')
|
||||||
->get();
|
->get();
|
||||||
return response([
|
return response([
|
||||||
@@ -49,21 +49,21 @@ class TicketController extends Controller
|
|||||||
public function save(TicketSave $request)
|
public function save(TicketSave $request)
|
||||||
{
|
{
|
||||||
DB::beginTransaction();
|
DB::beginTransaction();
|
||||||
if ((int)Ticket::where('status', 0)->where('user_id', $request->session()->get('id'))->lockForUpdate()->count()) {
|
if ((int)Ticket::where('status', 0)->where('user_id', $request->user->id)->lockForUpdate()->count()) {
|
||||||
abort(500, __('There are other unresolved tickets'));
|
abort(500, __('There are other unresolved tickets'));
|
||||||
}
|
}
|
||||||
$ticket = Ticket::create(array_merge($request->only([
|
$ticket = Ticket::create(array_merge($request->only([
|
||||||
'subject',
|
'subject',
|
||||||
'level'
|
'level'
|
||||||
]), [
|
]), [
|
||||||
'user_id' => $request->session()->get('id')
|
'user_id' => $request->user->id
|
||||||
]));
|
]));
|
||||||
if (!$ticket) {
|
if (!$ticket) {
|
||||||
DB::rollback();
|
DB::rollback();
|
||||||
abort(500, __('Failed to open ticket'));
|
abort(500, __('Failed to open ticket'));
|
||||||
}
|
}
|
||||||
$ticketMessage = TicketMessage::create([
|
$ticketMessage = TicketMessage::create([
|
||||||
'user_id' => $request->session()->get('id'),
|
'user_id' => $request->user->id,
|
||||||
'ticket_id' => $ticket->id,
|
'ticket_id' => $ticket->id,
|
||||||
'message' => $request->input('message')
|
'message' => $request->input('message')
|
||||||
]);
|
]);
|
||||||
@@ -87,7 +87,7 @@ class TicketController extends Controller
|
|||||||
abort(500, __('Message cannot be empty'));
|
abort(500, __('Message cannot be empty'));
|
||||||
}
|
}
|
||||||
$ticket = Ticket::where('id', $request->input('id'))
|
$ticket = Ticket::where('id', $request->input('id'))
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->first();
|
->first();
|
||||||
if (!$ticket) {
|
if (!$ticket) {
|
||||||
abort(500, __('Ticket does not exist'));
|
abort(500, __('Ticket does not exist'));
|
||||||
@@ -95,14 +95,14 @@ class TicketController extends Controller
|
|||||||
if ($ticket->status) {
|
if ($ticket->status) {
|
||||||
abort(500, __('The ticket is closed and cannot be replied'));
|
abort(500, __('The ticket is closed and cannot be replied'));
|
||||||
}
|
}
|
||||||
if ($request->session()->get('id') == $this->getLastMessage($ticket->id)->user_id) {
|
if ($request->user->id == $this->getLastMessage($ticket->id)->user_id) {
|
||||||
abort(500, __('Please wait for the technical enginneer to reply'));
|
abort(500, __('Please wait for the technical enginneer to reply'));
|
||||||
}
|
}
|
||||||
$ticketService = new TicketService();
|
$ticketService = new TicketService();
|
||||||
if (!$ticketService->reply(
|
if (!$ticketService->reply(
|
||||||
$ticket,
|
$ticket,
|
||||||
$request->input('message'),
|
$request->input('message'),
|
||||||
$request->session()->get('id')
|
$request->user->id
|
||||||
)) {
|
)) {
|
||||||
abort(500, __('Ticket reply failed'));
|
abort(500, __('Ticket reply failed'));
|
||||||
}
|
}
|
||||||
@@ -119,7 +119,7 @@ class TicketController extends Controller
|
|||||||
abort(500, __('Invalid parameter'));
|
abort(500, __('Invalid parameter'));
|
||||||
}
|
}
|
||||||
$ticket = Ticket::where('id', $request->input('id'))
|
$ticket = Ticket::where('id', $request->input('id'))
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->first();
|
->first();
|
||||||
if (!$ticket) {
|
if (!$ticket) {
|
||||||
abort(500, __('Ticket does not exist'));
|
abort(500, __('Ticket does not exist'));
|
||||||
@@ -154,7 +154,7 @@ class TicketController extends Controller
|
|||||||
)) {
|
)) {
|
||||||
abort(500, __('Unsupported withdrawal method'));
|
abort(500, __('Unsupported withdrawal method'));
|
||||||
}
|
}
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
$limit = config('v2board.commission_withdraw_limit', 100);
|
$limit = config('v2board.commission_withdraw_limit', 100);
|
||||||
if ($limit > ($user->commission_balance / 100)) {
|
if ($limit > ($user->commission_balance / 100)) {
|
||||||
abort(500, __('The current required minimum withdrawal commission is :limit', ['limit' => $limit]));
|
abort(500, __('The current required minimum withdrawal commission is :limit', ['limit' => $limit]));
|
||||||
@@ -164,7 +164,7 @@ class TicketController extends Controller
|
|||||||
$ticket = Ticket::create([
|
$ticket = Ticket::create([
|
||||||
'subject' => $subject,
|
'subject' => $subject,
|
||||||
'level' => 2,
|
'level' => 2,
|
||||||
'user_id' => $request->session()->get('id')
|
'user_id' => $request->user->id
|
||||||
]);
|
]);
|
||||||
if (!$ticket) {
|
if (!$ticket) {
|
||||||
DB::rollback();
|
DB::rollback();
|
||||||
@@ -175,7 +175,7 @@ class TicketController extends Controller
|
|||||||
__('Withdrawal account') . ":" . $request->input('withdraw_account')
|
__('Withdrawal account') . ":" . $request->input('withdraw_account')
|
||||||
);
|
);
|
||||||
$ticketMessage = TicketMessage::create([
|
$ticketMessage = TicketMessage::create([
|
||||||
'user_id' => $request->session()->get('id'),
|
'user_id' => $request->user->id,
|
||||||
'ticket_id' => $ticket->id,
|
'ticket_id' => $ticket->id,
|
||||||
'message' => $message
|
'message' => $message
|
||||||
]);
|
]);
|
||||||
|
|||||||
@@ -18,17 +18,22 @@ use Illuminate\Support\Facades\Cache;
|
|||||||
|
|
||||||
class UserController extends Controller
|
class UserController extends Controller
|
||||||
{
|
{
|
||||||
public function logout(Request $request)
|
public function checkLogin(Request $request)
|
||||||
{
|
{
|
||||||
$request->session()->flush();
|
$data = [
|
||||||
|
'is_login' => $request->user->id ? true : false
|
||||||
|
];
|
||||||
|
if ($request->user->is_admin) {
|
||||||
|
$data['is_admin'] = true;
|
||||||
|
}
|
||||||
return response([
|
return response([
|
||||||
'data' => true
|
'data' => $data
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function changePassword(UserChangePassword $request)
|
public function changePassword(UserChangePassword $request)
|
||||||
{
|
{
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
if (!$user) {
|
if (!$user) {
|
||||||
abort(500, __('The user does not exist'));
|
abort(500, __('The user does not exist'));
|
||||||
}
|
}
|
||||||
@@ -46,7 +51,6 @@ class UserController extends Controller
|
|||||||
if (!$user->save()) {
|
if (!$user->save()) {
|
||||||
abort(500, __('Save failed'));
|
abort(500, __('Save failed'));
|
||||||
}
|
}
|
||||||
$request->session()->flush();
|
|
||||||
return response([
|
return response([
|
||||||
'data' => true
|
'data' => true
|
||||||
]);
|
]);
|
||||||
@@ -54,7 +58,7 @@ class UserController extends Controller
|
|||||||
|
|
||||||
public function info(Request $request)
|
public function info(Request $request)
|
||||||
{
|
{
|
||||||
$user = User::where('id', $request->session()->get('id'))
|
$user = User::where('id', $request->user->id)
|
||||||
->select([
|
->select([
|
||||||
'email',
|
'email',
|
||||||
'transfer_enable',
|
'transfer_enable',
|
||||||
@@ -86,12 +90,12 @@ class UserController extends Controller
|
|||||||
{
|
{
|
||||||
$stat = [
|
$stat = [
|
||||||
Order::where('status', 0)
|
Order::where('status', 0)
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->count(),
|
->count(),
|
||||||
Ticket::where('status', 0)
|
Ticket::where('status', 0)
|
||||||
->where('user_id', $request->session()->get('id'))
|
->where('user_id', $request->user->id)
|
||||||
->count(),
|
->count(),
|
||||||
User::where('invite_user_id', $request->session()->get('id'))
|
User::where('invite_user_id', $request->user->id)
|
||||||
->count()
|
->count()
|
||||||
];
|
];
|
||||||
return response([
|
return response([
|
||||||
@@ -101,7 +105,7 @@ class UserController extends Controller
|
|||||||
|
|
||||||
public function getSubscribe(Request $request)
|
public function getSubscribe(Request $request)
|
||||||
{
|
{
|
||||||
$user = User::where('id', $request->session()->get('id'))
|
$user = User::where('id', $request->user->id)
|
||||||
->select([
|
->select([
|
||||||
'plan_id',
|
'plan_id',
|
||||||
'token',
|
'token',
|
||||||
@@ -131,7 +135,7 @@ class UserController extends Controller
|
|||||||
|
|
||||||
public function resetSecurity(Request $request)
|
public function resetSecurity(Request $request)
|
||||||
{
|
{
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
if (!$user) {
|
if (!$user) {
|
||||||
abort(500, __('The user does not exist'));
|
abort(500, __('The user does not exist'));
|
||||||
}
|
}
|
||||||
@@ -152,7 +156,7 @@ class UserController extends Controller
|
|||||||
'remind_traffic'
|
'remind_traffic'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
if (!$user) {
|
if (!$user) {
|
||||||
abort(500, __('The user does not exist'));
|
abort(500, __('The user does not exist'));
|
||||||
}
|
}
|
||||||
@@ -169,7 +173,7 @@ class UserController extends Controller
|
|||||||
|
|
||||||
public function transfer(UserTransfer $request)
|
public function transfer(UserTransfer $request)
|
||||||
{
|
{
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
if (!$user) {
|
if (!$user) {
|
||||||
abort(500, __('The user does not exist'));
|
abort(500, __('The user does not exist'));
|
||||||
}
|
}
|
||||||
@@ -188,7 +192,7 @@ class UserController extends Controller
|
|||||||
|
|
||||||
public function getQuickLoginUrl(Request $request)
|
public function getQuickLoginUrl(Request $request)
|
||||||
{
|
{
|
||||||
$user = User::find($request->session()->get('id'));
|
$user = User::find($request->user->id);
|
||||||
if (!$user) {
|
if (!$user) {
|
||||||
abort(500, __('The user does not exist'));
|
abort(500, __('The user does not exist'));
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
namespace App\Http;
|
namespace App\Http;
|
||||||
|
|
||||||
|
use Fruitcake\Cors\HandleCors;
|
||||||
use Illuminate\Foundation\Http\Kernel as HttpKernel;
|
use Illuminate\Foundation\Http\Kernel as HttpKernel;
|
||||||
|
|
||||||
class Kernel extends HttpKernel
|
class Kernel extends HttpKernel
|
||||||
@@ -14,6 +15,7 @@ class Kernel extends HttpKernel
|
|||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $middleware = [
|
protected $middleware = [
|
||||||
|
\App\Http\Middleware\CORS::class,
|
||||||
\App\Http\Middleware\TrustProxies::class,
|
\App\Http\Middleware\TrustProxies::class,
|
||||||
\App\Http\Middleware\CheckForMaintenanceMode::class,
|
\App\Http\Middleware\CheckForMaintenanceMode::class,
|
||||||
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
|
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
|
||||||
@@ -28,22 +30,20 @@ class Kernel extends HttpKernel
|
|||||||
*/
|
*/
|
||||||
protected $middlewareGroups = [
|
protected $middlewareGroups = [
|
||||||
'web' => [
|
'web' => [
|
||||||
\App\Http\Middleware\EncryptCookies::class,
|
// \App\Http\Middleware\EncryptCookies::class,
|
||||||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
// \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||||
\Illuminate\Session\Middleware\StartSession::class,
|
// \Illuminate\Session\Middleware\StartSession::class,
|
||||||
// \Illuminate\Session\Middleware\AuthenticateSession::class,
|
// \Illuminate\Session\Middleware\AuthenticateSession::class,
|
||||||
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
|
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
|
||||||
\App\Http\Middleware\VerifyCsrfToken::class,
|
\App\Http\Middleware\VerifyCsrfToken::class,
|
||||||
\Illuminate\Routing\Middleware\SubstituteBindings::class,
|
\Illuminate\Routing\Middleware\SubstituteBindings::class,
|
||||||
\App\Http\Middleware\CORS::class,
|
|
||||||
],
|
],
|
||||||
|
|
||||||
'api' => [
|
'api' => [
|
||||||
\App\Http\Middleware\EncryptCookies::class,
|
// \App\Http\Middleware\EncryptCookies::class,
|
||||||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
// \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||||
\Illuminate\Session\Middleware\StartSession::class,
|
// \Illuminate\Session\Middleware\StartSession::class,
|
||||||
\App\Http\Middleware\ForceJson::class,
|
\App\Http\Middleware\ForceJson::class,
|
||||||
\App\Http\Middleware\CORS::class,
|
|
||||||
\App\Http\Middleware\Language::class,
|
\App\Http\Middleware\Language::class,
|
||||||
'bindings',
|
'bindings',
|
||||||
],
|
],
|
||||||
|
|||||||
@@ -3,6 +3,7 @@
|
|||||||
namespace App\Http\Middleware;
|
namespace App\Http\Middleware;
|
||||||
|
|
||||||
use Closure;
|
use Closure;
|
||||||
|
use Laravel\Horizon\Horizon;
|
||||||
|
|
||||||
class Admin
|
class Admin
|
||||||
{
|
{
|
||||||
@@ -15,9 +16,19 @@ class Admin
|
|||||||
*/
|
*/
|
||||||
public function handle($request, Closure $next)
|
public function handle($request, Closure $next)
|
||||||
{
|
{
|
||||||
if (!$request->session()->get('is_admin')) {
|
$authorization = $request->input('auth_data') ?? $request->header('authorization');
|
||||||
abort(403, '权限不足');
|
if (!$authorization) abort(403, '未登录或登陆已过期');
|
||||||
}
|
|
||||||
|
$authData = explode(':', base64_decode($authorization));
|
||||||
|
if (!isset($authData[1]) || !isset($authData[0])) abort(403, '鉴权失败,请重新登入');
|
||||||
|
$user = \App\Models\User::where('password', $authData[1])
|
||||||
|
->where('email', $authData[0])
|
||||||
|
->first();
|
||||||
|
if (!$user) abort(403, '鉴权失败,请重新登入');
|
||||||
|
if (!$user->is_admin) abort(403, '未登录或登陆已过期');
|
||||||
|
$request->merge([
|
||||||
|
'user' => $user
|
||||||
|
]);
|
||||||
return $next($request);
|
return $next($request);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -17,8 +17,8 @@ class CORS
|
|||||||
}
|
}
|
||||||
$response = $next($request);
|
$response = $next($request);
|
||||||
$response->header('Access-Control-Allow-Origin', trim($origin, '/'));
|
$response->header('Access-Control-Allow-Origin', trim($origin, '/'));
|
||||||
$response->header('Access-Control-Allow-Methods', 'GET,POST,OPTIONS');
|
$response->header('Access-Control-Allow-Methods', 'GET,POST,OPTIONS,HEAD');
|
||||||
$response->header('Access-Control-Allow-Headers', 'Content-Type,X-Requested-With');
|
$response->header('Access-Control-Allow-Headers', 'Origin,Content-Type,Accept,Authorization,X-Request-With');
|
||||||
$response->header('Access-Control-Allow-Credentials', 'true');
|
$response->header('Access-Control-Allow-Credentials', 'true');
|
||||||
$response->header('Access-Control-Max-Age', 10080);
|
$response->header('Access-Control-Max-Age', 10080);
|
||||||
|
|
||||||
|
|||||||
@@ -26,7 +26,9 @@ class Client
|
|||||||
if (!$user) {
|
if (!$user) {
|
||||||
abort(403, 'token is error');
|
abort(403, 'token is error');
|
||||||
}
|
}
|
||||||
$request->user = $user;
|
$request->merge([
|
||||||
|
'user' => $user
|
||||||
|
]);
|
||||||
return $next($request);
|
return $next($request);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -15,9 +15,19 @@ class Staff
|
|||||||
*/
|
*/
|
||||||
public function handle($request, Closure $next)
|
public function handle($request, Closure $next)
|
||||||
{
|
{
|
||||||
if (!$request->session()->get('is_staff')) {
|
$authorization = $request->input('auth_data') ?? $request->header('authorization');
|
||||||
abort(403, '权限不足');
|
if (!$authorization) abort(403, '未登录或登陆已过期');
|
||||||
}
|
|
||||||
|
$authData = explode(':', base64_decode($authorization));
|
||||||
|
if (!isset($authData[1]) || !isset($authData[0])) abort(403, '鉴权失败,请重新登入');
|
||||||
|
$user = \App\Models\User::where('password', $authData[1])
|
||||||
|
->where('email', $authData[0])
|
||||||
|
->first();
|
||||||
|
if (!$user) abort(403, '鉴权失败,请重新登入');
|
||||||
|
if (!$user->is_staff) abort(403, '未登录或登陆已过期');
|
||||||
|
$request->merge([
|
||||||
|
'user' => $user
|
||||||
|
]);
|
||||||
return $next($request);
|
return $next($request);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
namespace App\Http\Middleware;
|
namespace App\Http\Middleware;
|
||||||
|
|
||||||
|
use App\Utils\Helper;
|
||||||
use Closure;
|
use Closure;
|
||||||
|
|
||||||
class User
|
class User
|
||||||
@@ -16,19 +17,17 @@ class User
|
|||||||
public function handle($request, Closure $next)
|
public function handle($request, Closure $next)
|
||||||
{
|
{
|
||||||
$authorization = $request->input('auth_data') ?? $request->header('authorization');
|
$authorization = $request->input('auth_data') ?? $request->header('authorization');
|
||||||
if ($authorization) {
|
if (!$authorization) abort(403, '未登录或登陆已过期');
|
||||||
$authData = explode(':', base64_decode($authorization));
|
|
||||||
if (!isset($authData[1]) || !isset($authData[0])) abort(403, '鉴权失败,请重新登入');
|
$authData = explode(':', base64_decode($authorization));
|
||||||
$user = \App\Models\User::where('password', $authData[1])
|
if (!isset($authData[1]) || !isset($authData[0])) abort(403, '鉴权失败,请重新登入');
|
||||||
->where('email', $authData[0])
|
$user = \App\Models\User::where('password', $authData[1])
|
||||||
->first();
|
->where('email', $authData[0])
|
||||||
if (!$user) abort(403, '鉴权失败,请重新登入');
|
->first();
|
||||||
$request->session()->put('email', $user->email);
|
if (!$user) abort(403, '鉴权失败,请重新登入');
|
||||||
$request->session()->put('id', $user->id);
|
$request->merge([
|
||||||
}
|
'user' => $user
|
||||||
if (!$request->session()->get('id')) {
|
]);
|
||||||
abort(403, '未登录或登陆已过期');
|
|
||||||
}
|
|
||||||
return $next($request);
|
return $next($request);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -14,7 +14,6 @@ class PassportRoute
|
|||||||
$router->post('/auth/register', 'Passport\\AuthController@register');
|
$router->post('/auth/register', 'Passport\\AuthController@register');
|
||||||
$router->post('/auth/login', 'Passport\\AuthController@login');
|
$router->post('/auth/login', 'Passport\\AuthController@login');
|
||||||
$router->get ('/auth/token2Login', 'Passport\\AuthController@token2Login');
|
$router->get ('/auth/token2Login', 'Passport\\AuthController@token2Login');
|
||||||
$router->get ('/auth/check', 'Passport\\AuthController@check');
|
|
||||||
$router->post('/auth/forget', 'Passport\\AuthController@forget');
|
$router->post('/auth/forget', 'Passport\\AuthController@forget');
|
||||||
$router->post('/auth/getTempToken', 'Passport\\AuthController@getTempToken');
|
$router->post('/auth/getTempToken', 'Passport\\AuthController@getTempToken');
|
||||||
$router->post('/auth/getQuickLoginUrl', 'Passport\\AuthController@getQuickLoginUrl');
|
$router->post('/auth/getQuickLoginUrl', 'Passport\\AuthController@getQuickLoginUrl');
|
||||||
|
|||||||
@@ -13,12 +13,12 @@ class UserRoute
|
|||||||
], function ($router) {
|
], function ($router) {
|
||||||
// User
|
// User
|
||||||
$router->get ('/resetSecurity', 'User\\UserController@resetSecurity');
|
$router->get ('/resetSecurity', 'User\\UserController@resetSecurity');
|
||||||
$router->get ('/logout', 'User\\UserController@logout');
|
|
||||||
$router->get ('/info', 'User\\UserController@info');
|
$router->get ('/info', 'User\\UserController@info');
|
||||||
$router->post('/changePassword', 'User\\UserController@changePassword');
|
$router->post('/changePassword', 'User\\UserController@changePassword');
|
||||||
$router->post('/update', 'User\\UserController@update');
|
$router->post('/update', 'User\\UserController@update');
|
||||||
$router->get ('/getSubscribe', 'User\\UserController@getSubscribe');
|
$router->get ('/getSubscribe', 'User\\UserController@getSubscribe');
|
||||||
$router->get ('/getStat', 'User\\UserController@getStat');
|
$router->get ('/getStat', 'User\\UserController@getStat');
|
||||||
|
$router->get ('/checkLogin', 'User\\UserController@checkLogin');
|
||||||
$router->post('/transfer', 'User\\UserController@transfer');
|
$router->post('/transfer', 'User\\UserController@transfer');
|
||||||
$router->post('/getQuickLoginUrl', 'User\\UserController@getQuickLoginUrl');
|
$router->post('/getQuickLoginUrl', 'User\\UserController@getQuickLoginUrl');
|
||||||
// Order
|
// Order
|
||||||
|
|||||||
@@ -2,11 +2,6 @@
|
|||||||
|
|
||||||
namespace App\Utils;
|
namespace App\Utils;
|
||||||
|
|
||||||
use App\Models\ServerV2ray;
|
|
||||||
use App\Models\ServerShadowsocks;
|
|
||||||
use App\Models\ServerTrojan;
|
|
||||||
use App\Models\User;
|
|
||||||
|
|
||||||
class Helper
|
class Helper
|
||||||
{
|
{
|
||||||
public static function guid($format = false)
|
public static function guid($format = false)
|
||||||
|
|||||||
@@ -74,7 +74,7 @@ return [
|
|||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
'middleware' => ['web', 'admin'],
|
'middleware' => [],
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
<head>
|
<head>
|
||||||
<meta charset="UTF-8">
|
<meta charset="UTF-8">
|
||||||
<title>网站公告</title>
|
<title>网站通知</title>
|
||||||
<style type="text/css">
|
<style type="text/css">
|
||||||
img {
|
img {
|
||||||
max-width: 100%;
|
max-width: 100%;
|
||||||
@@ -102,7 +102,7 @@
|
|||||||
<td class="alert alert-warning"
|
<td class="alert alert-warning"
|
||||||
style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 22px; font-weight: bold; vertical-align: top; color: #fff; font-weight: 500; text-align: center; border-radius: 3px 3px 0 0; background-color: #0073ba; margin: 0; padding: 20px;"
|
style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 22px; font-weight: bold; vertical-align: top; color: #fff; font-weight: 500; text-align: center; border-radius: 3px 3px 0 0; background-color: #0073ba; margin: 0; padding: 20px;"
|
||||||
align="center" bgcolor="#0073ba" valign="top">
|
align="center" bgcolor="#0073ba" valign="top">
|
||||||
网站公告
|
网站通知
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr
|
<tr
|
||||||
|
|||||||
@@ -12,7 +12,7 @@
|
|||||||
</thead>
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr style="padding:40px 40px 0 40px;display:table-cell">
|
<tr style="padding:40px 40px 0 40px;display:table-cell">
|
||||||
<td style="font-size:24px;line-height:1.5;color:#000;margin-top:40px">公告通知</td>
|
<td style="font-size:24px;line-height:1.5;color:#000;margin-top:40px">网站通知</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td style="font-size:14px;color:#333;padding:24px 40px 0 40px">
|
<td style="font-size:14px;color:#333;padding:24px 40px 0 40px">
|
||||||
|
|||||||
Reference in New Issue
Block a user