Merge pull request #439 from v2board/dev

1.5.1
update: version
2025-08-02 21:38:49 +08:00 · 2021-05-18 21:00:54 +09:00 · 2021-05-18 21:00:01 +09:00 · 2021-05-17 02:30:39 +09:00 · 2021-05-17 02:30:00 +09:00 · 2021-05-16 23:16:33 +09:00
313 changed files with 26598 additions and 7868 deletions
--- a/.env.example
+++ b/.env.example
@ -7,16 +7,16 @@ APP_URL=http://localhost
 LOG_CHANNEL=stack

 DB_CONNECTION=mysql
-DB_HOST=db
+DB_HOST=localhost
 DB_PORT=3306
 DB_DATABASE=laravel
 DB_USERNAME=root
 DB_PASSWORD=123456

 BROADCAST_DRIVER=log
-CACHE_DRIVER=file
-QUEUE_CONNECTION=sync
-SESSION_DRIVER=file
+CACHE_DRIVER=redis
+QUEUE_CONNECTION=redis
+SESSION_DRIVER=redis
 SESSION_LIFETIME=120

 REDIS_HOST=127.0.0.1
@ -31,6 +31,8 @@ MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDRESS=null
 MAIL_FROM_NAME=null
+MAILGUN_DOMAIN=
+MAILGUN_SECRET=

 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
--- a/.gitignore
+++ b/.gitignore
@ -1,5 +1,5 @@
 /node_modules
-/config/v2panel.php
+/config/v2board.php
 /public/hot
 /public/storage
 /public/env.example.js
@ -9,6 +9,7 @@
 .env.backup
 .phpunit.result.cache
 .idea
+.lock
 Homestead.json
 Homestead.yaml
 npm-debug.log
--- a/2
+++ b/2
@ -1,6 +1,6 @@
 MIT License

-Copyright (c) 2017-2019 Bruskyii Panda
+Copyright (c) 2019 Tokumeikoi

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
--- a/app/Console/Commands/CheckCommission.php
+++ b/app/Console/Commands/CheckCommission.php
@ -5,6 +5,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use App\Models\Order;
 use App\Models\User;
+use Illuminate\Support\Facades\DB;

 class CheckCommission extends Command
 {
@ -38,19 +39,45 @@ class CheckCommission extends Command
     * @return mixed
     */
    public function handle()
+    {
+        $this->autoCheck();
+        $this->autoPayCommission();
+    }
+
+    public function autoCheck()
+    {
+        if ((int)config('v2board.commission_auto_check_enable', 1)) {
+            Order::where('commission_status', 0)
+                ->where('invite_user_id', '!=', NULL)
+                ->whereNotIn('status', [0, 2])
+                ->where('updated_at', '<=', strtotime('-3 day', time()))
+                ->update([
+                    'commission_status' => 1
+                ]);
+        }
+    }
+
+    public function autoPayCommission()
    {
        $order = Order::where('commission_status', 1)
-            ->where('status', 3)
+            ->where('invite_user_id', '!=', NULL)
            ->get();
        foreach ($order as $item) {
-            if ($item->invite_user_id) {
-                $inviter = User::find($item->invite_user_id);
-                if (!$inviter) continue;
+            $inviter = User::find($item->invite_user_id);
+            if (!$inviter) continue;
+            if ((int)config('v2board.withdraw_close_enable', 0)) {
+                $inviter->balance = $inviter->balance + $item->commission_balance;
+            } else {
                $inviter->commission_balance = $inviter->commission_balance + $item->commission_balance;
-                if ($inviter->save()) {
-                    $item->commission_status = 2;
-                    $item->save();
+            }
+            DB::beginTransaction();
+            if ($inviter->save()) {
+                $item->commission_status = 2;
+                if (!$item->save()) {
+                    DB::rollBack();
+                    continue;
                }
+                DB::commit();
            }
        }
    }
--- a/app/Console/Commands/CheckExpire.php
+++ b/app/Console/Commands/CheckExpire.php
@ -1,53 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use Illuminate\Console\Command;
-use App\Models\Order;
-use App\Models\User;
-
-class CheckExpire extends Command
-{
-    /**
-     * The name and signature of the console command.
-     *
-     * @var string
-     */
-    protected $signature = 'check:expire';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = '过期检查';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return mixed
-     */
-    public function handle()
-    {
-        $user = User::all();
-        foreach ($user as $item) {
-            if ($item->expired_at < time() || $item->u + $item->d >= $item->transfer_enable) {
-                $item->enable = 0;
-            } else {
-                $item->enable = 1;
-            }
-            $item->save();
-        }
-    }
-    
-}
--- a/app/Console/Commands/CheckOrder.php
+++ b/app/Console/Commands/CheckOrder.php
@ -2,11 +2,12 @@

 namespace App\Console\Commands;

+use App\Services\OrderService;
 use Illuminate\Console\Command;
 use App\Models\Order;
 use App\Models\User;
 use App\Models\Plan;
-use App\Utils\Helper;
+use Illuminate\Support\Facades\DB;

 class CheckOrder extends Command
 {
@ -41,51 +42,21 @@ class CheckOrder extends Command
     */
    public function handle()
    {
-        $order = Order::get();
-        foreach ($order as $item) {
+        $orders = Order::get();
+        foreach ($orders as $item) {
+            $orderService = new OrderService($item);
            switch ($item->status) {
                // cancel
                case 0:
                    if (strtotime($item->created_at) <= (time() - 1800)) {
-                        $item->status = 2;
-                        $item->save();
+                        $orderService->cancel();
                    }
                    break;
                case 1:
-                    $this->orderHandle($item);
+                    $orderService->open();
                    break;
            }

        }
    }
-    
-    private function orderHandle ($order) {
-        $user = User::find($order->user_id);
-        return $this->buy($order, $user);
-    }
-    
-    private function buy ($order, $user) {
-        $plan = Plan::find($order->plan_id);
-        $user->transfer_enable = $plan->transfer_enable * 1073741824;
-        $user->enable = 1;
-        $user->plan_id = $plan->id;
-        $user->group_id = $plan->group_id;
-        $user->expired_at = $this->getTime($order->cycle, $user->expired_at);
-        if ($user->save()) {
-            $order->status = 3;
-            $order->save();
-        }
-    }
-    
-    private function getTime ($str, $timestamp) {
-        if ($timestamp < time()) {
-            $timestamp = time();
-        }
-        switch ($str) {
-            case 'month_price': return strtotime('+1 month', $timestamp);
-            case 'quarter_price': return  strtotime('+3 month', $timestamp);
-            case 'half_year_price': return  strtotime('+6 month', $timestamp);
-            case 'year_price': return  strtotime('+12 month', $timestamp);
-        }
-    }
 }
--- a/app/Console/Commands/ResetTraffic.php
+++ b/app/Console/Commands/ResetTraffic.php
@ -3,10 +3,11 @@
 namespace App\Console\Commands;

 use Illuminate\Console\Command;
-use Illuminate\Support\Facades\DB;
+use App\Models\User;

 class ResetTraffic extends Command
 {
+    protected $builder;
    /**
     * The name and signature of the console command.
     *
@ -29,6 +30,8 @@ class ResetTraffic extends Command
    public function __construct()
    {
        parent::__construct();
+        $this->builder = User::where('expired_at', '!=', NULL)
+            ->where('expired_at', '>', time());
    }

    /**
@ -38,7 +41,47 @@ class ResetTraffic extends Command
     */
    public function handle()
    {
-        DB::table('v2_user')->update([
+        $resetTrafficMethod = config('v2board.reset_traffic_method', 0);
+        switch ((int)$resetTrafficMethod) {
+            // 1 a month
+            case 0:
+                $this->resetByMonthFirstDay();
+                break;
+            // expire day
+            case 1:
+                $this->resetByExpireDay();
+                break;
+        }
+    }
+
+    private function resetByMonthFirstDay():void
+    {
+        $builder = $this->builder;
+        if ((string)date('d') === '01') {
+            $builder->update([
+                'u' => 0,
+                'd' => 0
+            ]);
+        }
+    }
+
+    private function resetByExpireDay():void
+    {
+        $builder = $this->builder;
+        $lastDay = date('d', strtotime('last day of +0 months'));
+        $users = [];
+        foreach ($builder->get() as $item) {
+            $expireDay = date('d', $item->expired_at);
+            $today = date('d');
+            if ($expireDay === $today) {
+                array_push($users, $item->id);
+            }
+
+            if (($today === $lastDay) && $expireDay >= $lastDay) {
+                array_push($users, $item->id);
+            }
+        }
+        User::whereIn('id', $users)->update([
            'u' => 0,
            'd' => 0
        ]);
--- a/app/Console/Commands/SendRemindMail.php
+++ b/app/Console/Commands/SendRemindMail.php
@ -0,0 +1,63 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\User;
+use App\Models\MailLog;
+use App\Jobs\SendEmailJob;
+
+class SendRemindMail extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'send:remindMail';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = '发送提醒邮件';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $users = User::all();
+        foreach ($users as $user) {
+            if ($user->remind_expire) $this->remindExpire($user);
+        }
+    }
+
+    private function remindExpire($user)
+    {
+        if ($user->expired_at !== NULL && ($user->expired_at - 86400) < time() && $user->expired_at > time()) {
+            SendEmailJob::dispatch([
+                'email' => $user->email,
+                'subject' => '在' . config('v2board.app_name', 'V2board') . '的服务即将到期',
+                'template_name' => 'remindExpire',
+                'template_value' => [
+                    'name' => config('v2board.app_name', 'V2Board'),
+                    'url' => config('v2board.app_url')
+                ]
+            ]);
+        }
+    }
+}
--- a/app/Console/Commands/SystemCache.php
+++ b/app/Console/Commands/SystemCache.php
@ -1,68 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use Illuminate\Console\Command;
-use App\Models\User;
-use App\Models\Order;
-use App\Models\Server;
-use App\Models\ServerLog;
-use App\Utils\Helper;
-use Illuminate\Support\Facades\Redis;
-
-class SystemCache extends Command
-{
-    /**
-     * The name and signature of the console command.
-     *
-     * @var string
-     */
-    protected $signature = 'system:cache';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = '系统缓存任务';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return mixed
-     */
-    public function handle()
-    {
-        $this->setMonthIncome();
-        $this->setMonthRegisterTotal();
-    }
-
-    private function setMonthIncome() {
-        Redis::set(
-            'month_income',
-            Order::where('created_at', '>=', strtotime(date('Y-m-1')))
-                ->where('created_at', '<', time())
-                ->where('status', '3')
-                ->sum('total_amount')
-        );
-    }
-
-    private function setMonthRegisterTotal() {
-        Redis::set(
-            'month_register_total',
-            User::where('created_at', '>=', strtotime(date('Y-m-1')))
-                ->where('created_at', '<', time())
-                ->count()
-        );
-    }
-}
--- a/app/Console/Commands/ImportReset.php
+++ b/app/Console/Commands/ImportReset.php
@ -2,25 +2,24 @@

 namespace App\Console\Commands;

+use App\Services\PaymentService;
 use Illuminate\Console\Command;
-use App\Models\User;
-use App\Utils\Helper;

-class ImportReset extends Command
+class Test extends Command
 {
    /**
     * The name and signature of the console command.
     *
     * @var string
     */
-    protected $signature = 'import:reset';
+    protected $signature = 'test';

    /**
     * The console command description.
     *
     * @var string
     */
-    protected $description = '为导入用户重置所有uuid及token';
+    protected $description = '';

    /**
     * Create a new command instance.
@ -39,11 +38,7 @@ class ImportReset extends Command
     */
    public function handle()
    {
-        $user = User::all();
-        foreach ($user as $item) {
-            $item->v2ray_uuid = Helper::guid(true);
-            $item->token = Helper::guid();
-            $item->save();
-        }
+        $paymentService = new PaymentService('MGate');
+        var_dump($paymentService->form());
    }
 }
--- a/app/Console/Commands/V2boardInstall.php
+++ b/app/Console/Commands/V2boardInstall.php
@ -3,6 +3,7 @@
 namespace App\Console\Commands;

 use Illuminate\Console\Command;
+use Illuminate\Encryption\Encrypter;
 use App\Models\User;
 use App\Utils\Helper;
 use Illuminate\Support\Facades\DB;
@ -40,50 +41,114 @@ class V2boardInstall extends Command
     */
    public function handle()
    {
-        if (\File::exists(base_path() . '/.lock')) {
-            abort(500, 'V2board 已安装，如需重新安装请删除目录下.lock文件');
-        }
-        \Artisan::call('key:generate');
-        \Artisan::call('config:cache');
-    	DB::connection()->getPdo();
-    	$file = \File::get(base_path() . '/install.sql');
-    	if (!$file) {
-    		abort(500, '数据库文件不存在');
-    	}
-		$sql = str_replace("\n", "", $file);
-		$sql = preg_split("/;/", $sql);
-		if (!is_array($sql)) {
-			abort(500, '数据库文件格式有误');
-		}
-		$this->info('正在导入数据库请稍等...');
-		foreach($sql as $item) {
-			try {
-				DB::select(DB::raw($item));
-			} catch (\Exception $e) {}
-        }
-        $email = '';
-        while (!$email) {
-        	$email = $this->ask('请输入管理员邮箱?');
-        }
-        $password = '';
-        while (!$password) {
-    		$password = $this->ask('请输入管理员密码?');
-        }
-        if (!$this->registerAdmin($email, $password)) {
-        	abort(500, '管理员账号注册失败，请重试');
-        }
+        try {
+            $this->info("__     ______  ____                      _  ");
+            $this->info("\ \   / /___ \| __ )  ___   __ _ _ __ __| | ");
+            $this->info(" \ \ / /  __) |  _ \ / _ \ / _` | '__/ _` | ");
+            $this->info("  \ V /  / __/| |_) | (_) | (_| | | | (_| | ");
+            $this->info("   \_/  |_____|____/ \___/ \__,_|_|  \__,_| ");
+            if (\File::exists(base_path() . '/.lock')) {
+                abort(500, 'V2board 已安装，如需重新安装请删除目录下.lock文件');
+            }
+            if (!\File::exists(base_path() . '/.env')) {
+                if (!copy(base_path() . '/.env.example', base_path() . '/.env')) {
+                    abort(500, '复制环境文件失败，请检查目录权限');
+                }
+            }
+            $this->saveToEnv([
+                'APP_KEY' => 'base64:' . base64_encode(Encrypter::generateKey('AES-256-CBC')),
+                'DB_HOST' => $this->ask('请输入数据库地址（默认:localhost）', 'localhost'),
+                'DB_DATABASE' => $this->ask('请输入数据库名'),
+                'DB_USERNAME' => $this->ask('请输入数据库用户名'),
+                'DB_PASSWORD' => $this->ask('请输入数据库密码')
+            ]);
+            \Artisan::call('config:clear');
+            \Artisan::call('config:cache');
+            try {
+                DB::connection()->getPdo();
+            } catch (\Exception $e) {
+                abort(500, '数据库连接失败');
+            }
+            $file = \File::get(base_path() . '/database/install.sql');
+            if (!$file) {
+                abort(500, '数据库文件不存在');
+            }
+            $sql = str_replace("\n", "", $file);
+            $sql = preg_split("/;/", $sql);
+            if (!is_array($sql)) {
+                abort(500, '数据库文件格式有误');
+            }
+            $this->info('正在导入数据库请稍等...');
+            foreach ($sql as $item) {
+                try {
+                    DB::select(DB::raw($item));
+                } catch (\Exception $e) {
+                }
+            }
+            $this->info('数据库导入完成');
+            $email = '';
+            while (!$email) {
+                $email = $this->ask('请输入管理员邮箱?');
+            }
+            $password = '';
+            while (!$password) {
+                $password = $this->ask('请输入管理员密码?');
+            }
+            if (!$this->registerAdmin($email, $password)) {
+                abort(500, '管理员账号注册失败，请重试');
+            }

-		$this->info('一切就绪');
-        \File::put(base_path() . '/.lock', time());
+            $this->info('一切就绪');
+            $this->info('访问 http(s)://你的站点/admin 进入管理面板');
+            \File::put(base_path() . '/.lock', time());
+        } catch (\Exception $e) {
+            $this->error($e->getMessage());
+        }
    }

-    private function registerAdmin ($email, $password) {
+    private function registerAdmin($email, $password)
+    {
        $user = new User();
        $user->email = $email;
+        if (strlen($password) < 8) {
+            abort(500, '管理员密码长度最小为8位字符');
+        }
        $user->password = password_hash($password, PASSWORD_DEFAULT);
-        $user->v2ray_uuid = Helper::guid(true);
+        $user->uuid = Helper::guid(true);
        $user->token = Helper::guid();
        $user->is_admin = 1;
        return $user->save();
    }
+
+    private function saveToEnv($data = [])
+    {
+        function set_env_var($key, $value)
+        {
+            if (! is_bool(strpos($value, ' '))) {
+                $value = '"' . $value . '"';
+            }
+            $key = strtoupper($key);
+
+            $envPath = app()->environmentFilePath();
+            $contents = file_get_contents($envPath);
+
+            preg_match("/^{$key}=[^\r\n]*/m", $contents, $matches);
+
+            $oldValue = count($matches) ? $matches[0] : '';
+
+            if ($oldValue) {
+                $contents = str_replace("{$oldValue}", "{$key}={$value}", $contents);
+            } else {
+                $contents = $contents . "\n{$key}={$value}\n";
+            }
+
+            $file = fopen($envPath, 'w');
+            fwrite($file, $contents);
+            return fclose($file);
+        }
+        foreach($data as $key => $value) {
+            set_env_var($key, $value);
+        }
+        return true;
+    }
 }
--- a/app/Console/Commands/V2boardStatistics.php
+++ b/app/Console/Commands/V2boardStatistics.php
@ -0,0 +1,101 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Jobs\StatServerJob;
+use Illuminate\Console\Command;
+use App\Models\Order;
+use App\Models\StatOrder;
+use App\Models\ServerLog;
+use Illuminate\Support\Facades\DB;
+
+class V2boardStatistics extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'v2board:statistics';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = '统计任务';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+         $this->statOrder();
+         $this->statServer();
+    }
+
+    private function statOrder()
+    {
+        $endAt = strtotime(date('Y-m-d'));
+        $startAt = strtotime('-1 day', $endAt);
+        $builder = Order::where('created_at', '>=', $startAt)
+            ->where('created_at', '<', $endAt)
+            ->whereNotIn('status', [0, 2]);
+        $orderCount = $builder->count();
+        $orderAmount = $builder->sum('total_amount');
+        $builder = $builder->where('commission_balance', '!=', 0)
+            ->where('commission_status', 0);
+        $commissionCount = $builder->count();
+        $commissionAmount = $builder->sum('commission_balance');
+        $data = [
+            'order_count' => $orderCount,
+            'order_amount' => $orderAmount,
+            'commission_count' => $commissionCount,
+            'commission_amount' => $commissionAmount,
+            'record_type' => 'd',
+            'record_at' => $startAt
+        ];
+        $statistic = StatOrder::where('record_at', $startAt)
+            ->where('record_type', 'd')
+            ->first();
+        if ($statistic) {
+            $statistic->update($data);
+            return;
+        }
+        StatOrder::create($data);
+    }
+
+    private function statServer()
+    {
+        $endAt = strtotime(date('Y-m-d'));
+        $startAt = strtotime('-1 day', $endAt);
+        $statistics = ServerLog::select([
+            'server_id',
+            'method as server_type',
+            DB::raw("sum(u) as u"),
+            DB::raw("sum(d) as d"),
+        ])
+            ->where('log_at', '>=', $startAt)
+            ->where('log_at', '<', $endAt)
+            ->groupBy('server_id', 'method')
+            ->get()
+            ->toArray();
+        foreach ($statistics as $statistic) {
+            $statistic['record_type'] = 'd';
+            $statistic['record_at'] = $startAt;
+            StatServerJob::dispatch($statistic);
+        }
+    }
+}
--- a/app/Console/Commands/V2boardUpdate.php
+++ b/app/Console/Commands/V2boardUpdate.php
@ -39,22 +39,23 @@ class V2boardUpdate extends Command
    public function handle()
    {
        \Artisan::call('config:cache');
-    	DB::connection()->getPdo();
-    	$file = \File::get(base_path() . '/update.sql');
-    	if (!$file) {
-    		abort(500, '数据库文件不存在');
-    	}
-		$sql = str_replace("\n", "", $file);
-		$sql = preg_split("/;/", $sql);
-		if (!is_array($sql)) {
-			abort(500, '数据库文件格式有误');
+        DB::connection()->getPdo();
+        $file = \File::get(base_path() . '/database/update.sql');
+        if (!$file) {
+            abort(500, '数据库文件不存在');
+        }
+        $sql = str_replace("\n", "", $file);
+        $sql = preg_split("/;/", $sql);
+        if (!is_array($sql)) {
+            abort(500, '数据库文件格式有误');
        }
        $this->info('正在导入数据库请稍等...');
-		foreach($sql as $item) {
-			try {
-				DB::select(DB::raw($item));
-			} catch (\Exception $e) {}
-		}
+        foreach ($sql as $item) {
+            try {
+                DB::select(DB::raw($item));
+            } catch (\Exception $e) {
+            }
+        }
        $this->info('更新完毕');
    }
 }
--- a/app/Console/Kernel.php
+++ b/app/Console/Kernel.php
@ -19,22 +19,21 @@ class Kernel extends ConsoleKernel
    /**
     * Define the application's command schedule.
     *
-     * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
+     * @param \Illuminate\Console\Scheduling\Schedule $schedule
     * @return void
     */
    protected function schedule(Schedule $schedule)
    {
-        // check order
+        // v2board
+        $schedule->command('v2board:statistics')->daily();
+        // check
        $schedule->command('check:order')->everyMinute();
-        // check expire
-        $schedule->command('check:expire')->everyMinute();
-        // check commission
        $schedule->command('check:commission')->everyMinute();
-        // system cache
-        $schedule->command('system:cache')->hourly();
        // reset
-        $schedule->command('reset:traffic')->monthlyOn(1, '00:00');
-        $schedule->command('reset:serverLog')->monthlyOn(1, '00:00');
+        $schedule->command('reset:traffic')->daily();
+        $schedule->command('reset:serverLog')->quarterly();
+        // send
+        $schedule->command('send:remindMail')->dailyAt('11:30');
    }

    /**
@ -44,7 +43,7 @@ class Kernel extends ConsoleKernel
     */
    protected function commands()
    {
-        $this->load(__DIR__.'/Commands');
+        $this->load(__DIR__ . '/Commands');

        require base_path('routes/console.php');
    }
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@ -29,7 +29,7 @@ class Handler extends ExceptionHandler
    /**
     * Report or log an exception.
     *
-     * @param  \Exception  $exception
+     * @param \Exception $exception
     * @return void
     */
    public function report(Exception $exception)
@ -40,12 +40,15 @@ class Handler extends ExceptionHandler
    /**
     * Render an exception into an HTTP response.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Exception  $exception
+     * @param \Illuminate\Http\Request $request
+     * @param \Exception $exception
     * @return \Illuminate\Http\Response
     */
    public function render($request, Exception $exception)
    {
+        if($exception instanceof \Illuminate\Http\Exceptions\ThrottleRequestsException) {
+            abort(429, '请求频繁，请稍后再试');
+        }
        return parent::render($request, $exception);
    }

--- a/app/Http/Controllers/Admin/ConfigController.php
+++ b/app/Http/Controllers/Admin/ConfigController.php
@ -3,35 +3,77 @@
 namespace App\Http\Controllers\Admin;

 use App\Http\Requests\Admin\ConfigSave;
+use App\Services\TelegramService;
 use Illuminate\Http\Request;
+use App\Utils\Dict;
 use App\Http\Controllers\Controller;
-use App\Models\Plan;
-use App\Models\Order;
-use App\Models\User;

 class ConfigController extends Controller
 {
-    public function init () {
-
+    public function getEmailTemplate()
+    {
+        $path = resource_path('views/mail/');
+        $files = array_map(function ($item) use ($path) {
+            return str_replace($path, '', $item);
+        }, glob($path . '*'));
+        return response([
+            'data' => $files
+        ]);
    }

-    public function fetch () {
+    public function setTelegramWebhook(Request $request)
+    {
+        $telegramService = new TelegramService($request->input('telegram_bot_token'));
+        $telegramService->getMe();
+        $telegramService->setWebhook(
+            url(
+                '/api/v1/guest/telegram/webhook?access_token=' . md5(config('v2board.telegram_bot_token', $request->input('telegram_bot_token')))
+            )
+        );
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function fetch()
+    {
+        // TODO: default should be in Dict
        return response([
            'data' => [
                'invite' => [
                    'invite_force' => (int)config('v2board.invite_force', 0),
                    'invite_commission' => config('v2board.invite_commission', 10),
                    'invite_gen_limit' => config('v2board.invite_gen_limit', 5),
-                    'invite_never_expire' => config('v2board.invite_never_expire', 0)
+                    'invite_never_expire' => config('v2board.invite_never_expire', 0),
+                    'commission_first_time_enable' => config('v2board.commission_first_time_enable', 1),
+                    'commission_auto_check_enable' => config('v2board.commission_auto_check_enable', 1),
+                    'commission_withdraw_limit' => config('v2board.commission_withdraw_limit', 100),
+                    'commission_withdraw_method' => config('v2board.commission_withdraw_method', Dict::WITHDRAW_METHOD_WHITELIST_DEFAULT),
+                    'withdraw_close_enable' => config('v2board.withdraw_close_enable', 0)
                ],
                'site' => [
+                    'safe_mode_enable' => (int)config('v2board.safe_mode_enable', 0),
                    'stop_register' => (int)config('v2board.stop_register', 0),
                    'email_verify' => (int)config('v2board.email_verify', 0),
                    'app_name' => config('v2board.app_name', 'V2Board'),
+                    'app_description' => config('v2board.app_description', 'V2Board is best!'),
                    'app_url' => config('v2board.app_url'),
                    'subscribe_url' => config('v2board.subscribe_url'),
-                    'plan_update_fee' => config('v2board.plan_update_fee', 0.5),
-                    'plan_is_update' => (int)config('v2board.plan_is_update', 1)
+                    'try_out_plan_id' => (int)config('v2board.try_out_plan_id', 0),
+                    'try_out_hour' => (int)config('v2board.try_out_hour', 1),
+                    'email_whitelist_enable' => (int)config('v2board.email_whitelist_enable', 0),
+                    'email_whitelist_suffix' => config('v2board.email_whitelist_suffix', Dict::EMAIL_WHITELIST_SUFFIX_DEFAULT),
+                    'email_gmail_limit_enable' => config('v2board.email_gmail_limit_enable', 0),
+                    'recaptcha_enable' => (int)config('v2board.recaptcha_enable', 0),
+                    'recaptcha_key' => config('v2board.recaptcha_key'),
+                    'recaptcha_site_key' => config('v2board.recaptcha_site_key'),
+                    'tos_url' => config('v2board.tos_url')
+                ],
+                'subscribe' => [
+                    'plan_change_enable' => (int)config('v2board.plan_change_enable', 1),
+                    'reset_traffic_method' => (int)config('v2board.reset_traffic_method', 0),
+                    'renew_reset_traffic_enable' => (int)config('v2board.renew_reset_traffic_enable', 0),
+                    'surplus_enable' => (int)config('v2board.surplus_enable', 1)
                ],
                'pay' => [
                    // alipay
@ -40,35 +82,93 @@ class ConfigController extends Controller
                    'alipay_pubkey' => config('v2board.alipay_pubkey'),
                    'alipay_privkey' => config('v2board.alipay_privkey'),
                    // stripe
+                    'stripe_alipay_enable' => (int)config('v2board.stripe_alipay_enable', 0),
+                    'stripe_wepay_enable' => (int)config('v2board.stripe_wepay_enable', 0),
+                    'stripe_card_enable' => (int)config('v2board.stripe_card_enable', 0),
                    'stripe_sk_live' => config('v2board.stripe_sk_live'),
                    'stripe_pk_live' => config('v2board.stripe_pk_live'),
-                    'stripe_alipay_enable' => (int)config('v2board.stripe_alipay_enable'),
-                    'stripe_wepay_enable' => (int)config('v2board.stripe_wepay_enable'),
-                    'stripe_webhook_key' => config('v2board.stripe_webhook_key')
+                    'stripe_webhook_key' => config('v2board.stripe_webhook_key'),
+                    'stripe_currency' => config('v2board.stripe_currency', 'hkd'),
+                    // bitpayx
+                    'bitpayx_name' => config('v2board.bitpayx_name', '在线支付'),
+                    'bitpayx_enable' => (int)config('v2board.bitpayx_enable', 0),
+                    'bitpayx_appsecret' => config('v2board.bitpayx_appsecret'),
+                    // mGate
+                    'mgate_name' => config('v2board.mgate_name', '在线支付'),
+                    'mgate_enable' => (int)config('v2board.mgate_enable', 0),
+                    'mgate_url' => config('v2board.mgate_url'),
+                    'mgate_app_id' => config('v2board.mgate_app_id'),
+                    'mgate_app_secret' => config('v2board.mgate_app_secret'),
+                    // Epay
+                    'epay_name' => config('v2board.epay_name', '在线支付'),
+                    'epay_enable' => (int)config('v2board.epay_enable', 0),
+                    'epay_url' => config('v2board.epay_url'),
+                    'epay_pid' => config('v2board.epay_pid'),
+                    'epay_key' => config('v2board.epay_key'),
+                ],
+                'frontend' => [
+                    'frontend_theme_sidebar' => config('v2board.frontend_theme_sidebar', 'light'),
+                    'frontend_theme_header' => config('v2board.frontend_theme_header', 'dark'),
+                    'frontend_theme_color' => config('v2board.frontend_theme_color', 'default'),
+                    'frontend_background_url' => config('v2board.frontend_background_url'),
+                    'frontend_admin_path' => config('v2board.frontend_admin_path', 'admin'),
+                    'frontend_customer_service_method' => config('v2board.frontend_customer_service_method', 0),
+                    'frontend_customer_service_id' => config('v2board.frontend_customer_service_id'),
                ],
                'server' => [
-                    'server_token' => config('v2board.server_token')
+                    'server_token' => config('v2board.server_token'),
+                    'server_license' => config('v2board.server_license'),
+                    'server_log_enable' => config('v2board.server_log_enable', 0),
+                    'server_v2ray_domain' => config('v2board.server_v2ray_domain'),
+                    'server_v2ray_protocol' => config('v2board.server_v2ray_protocol'),
                ],
                'tutorial' => [
                    'apple_id' => config('v2board.apple_id')
+                ],
+                'email' => [
+                    'email_template' => config('v2board.email_template', 'default'),
+                    'email_host' => config('v2board.email_host'),
+                    'email_port' => config('v2board.email_port'),
+                    'email_username' => config('v2board.email_username'),
+                    'email_password' => config('v2board.email_password'),
+                    'email_encryption' => config('v2board.email_encryption'),
+                    'email_from_address' => config('v2board.email_from_address')
+                ],
+                'telegram' => [
+                    'telegram_bot_enable' => config('v2board.telegram_bot_enable', 0),
+                    'telegram_bot_token' => config('v2board.telegram_bot_token')
+                ],
+                'app' => [
+                    'windows_version' => config('v2board.windows_version'),
+                    'windows_download_url' => config('v2board.windows_download_url'),
+                    'macos_version' => config('v2board.macos_version'),
+                    'macos_download_url' => config('v2board.macos_download_url'),
+                    'android_version' => config('v2board.android_version'),
+                    'android_download_url' => config('v2board.android_download_url')
                ]
            ]
        ]);
    }

-    public function save (ConfigSave $request) {
+    public function save(ConfigSave $request)
+    {
        $data = $request->input();
        $array = \Config::get('v2board');
        foreach ($data as $k => $v) {
-            if (!in_array($k, ConfigSave::filter())) {
-                abort(500, '禁止修改');
+            if (!in_array($k, array_keys($request->validated()))) {
+                abort(500, '参数' . $k . '不在规则内，禁止修改');
            }
            $array[$k] = $v;
        }
        $data = var_export($array, 1);
-        if(!\File::put(base_path() . '/config/v2board.php', "<?php\n return $data ;")) {
+        if (!\File::put(base_path() . '/config/v2board.php', "<?php\n return $data ;")) {
            abort(500, '修改失败');
        }
+        if (function_exists('opcache_reset')) {
+            if (opcache_reset() === false) {
+                abort(500, '缓存清除失败，请卸载或检查opcache配置状态');
+            }
+        }
        \Artisan::call('config:cache');
        return response([
            'data' => true
--- a/app/Http/Controllers/Admin/CouponController.php
+++ b/app/Http/Controllers/Admin/CouponController.php
@ -0,0 +1,144 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Requests\Admin\CouponSave;
+use App\Http\Requests\Admin\CouponGenerate;
+use App\Models\Plan;
+use App\Models\User;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Coupon;
+use App\Utils\Helper;
+use Illuminate\Support\Facades\DB;
+
+class CouponController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        $current = $request->input('current') ? $request->input('current') : 1;
+        $pageSize = $request->input('pageSize') >= 10 ? $request->input('pageSize') : 10;
+        $sortType = in_array($request->input('sort_type'), ['ASC', 'DESC']) ? $request->input('sort_type') : 'DESC';
+        $sort = $request->input('sort') ? $request->input('sort') : 'created_at';
+        $builder = Coupon::orderBy($sort, $sortType);
+        $total = $builder->count();
+        $coupons = $builder->forPage($current, $pageSize)
+            ->get();
+
+        foreach ($coupons as $k => $v) {
+            if ($coupons[$k]['limit_plan_ids']) $coupons[$k]['limit_plan_ids'] = json_decode($coupons[$k]['limit_plan_ids']);
+        }
+        return response([
+            'data' => $coupons,
+            'total' => $total
+        ]);
+    }
+
+    public function save(CouponSave $request)
+    {
+        $params = $request->validated();
+        if (isset($params['limit_plan_ids'])) {
+            $params['limit_plan_ids'] = json_encode($params['limit_plan_ids']);
+        }
+        if (!$request->input('id')) {
+            if (!isset($params['code'])) {
+                $params['code'] = Helper::randomChar(8);
+            }
+            if (!Coupon::create($params)) {
+                abort(500, '创建失败');
+            }
+        } else {
+            try {
+                Coupon::find($request->input('id'))->update($params);
+            } catch (\Exception $e) {
+                abort(500, '保存失败');
+            }
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function generate(CouponGenerate $request)
+    {
+        if ($request->input('generate_count')) {
+            $this->multiGenerate($request);
+            return;
+        }
+
+        $params = $request->validated();
+        if (isset($params['limit_plan_ids'])) {
+            $params['limit_plan_ids'] = json_encode($params['limit_plan_ids']);
+        }
+        if (!$request->input('id')) {
+            if (!isset($params['code'])) {
+                $params['code'] = Helper::randomChar(8);
+            }
+            if (!Coupon::create($params)) {
+                abort(500, '创建失败');
+            }
+        } else {
+            try {
+                Coupon::find($request->input('id'))->update($params);
+            } catch (\Exception $e) {
+                abort(500, '保存失败');
+            }
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    private function multiGenerate(CouponGenerate $request)
+    {
+        $coupons = [];
+        $coupon = $request->validated();
+        if (isset($coupon['limit_plan_ids'])) {
+            $coupon['limit_plan_ids'] = json_encode($coupon['limit_plan_ids']);
+        }
+        $coupon['created_at'] = $coupon['updated_at'] = time();
+        unset($coupon['generate_count']);
+        for ($i = 0;$i < $request->input('generate_count');$i++) {
+            $coupon['code'] = Helper::randomChar(8);
+            array_push($coupons, $coupon);
+        }
+        DB::beginTransaction();
+        if (!Coupon::insert($coupons)) {
+            DB::rollBack();
+            abort(500, '生成失败');
+        }
+        DB::commit();
+        $data = "名称,类型,金额或比例,开始时间,结束时间,可用次数,可用于订阅,券码,生成时间\r\n";
+        foreach($coupons as $coupon) {
+            $type = ['', '金额', '比例'][$coupon['type']];
+            $value = ['', ($coupon['value'] / 100),$coupon['value']][$coupon['type']];
+            $startTime = date('Y-m-d H:i:s', $coupon['started_at']);
+            $endTime = date('Y-m-d H:i:s', $coupon['ended_at']);
+            $limitUse = $coupon['limit_use'] ?? '不限制';
+            $createTime = date('Y-m-d H:i:s', $coupon['created_at']);
+            $limitPlanIds = $coupon['limit_plan_ids'] ?? '不限制';
+            $data .= "{$coupon['name']},{$type},{$value},{$startTime},{$endTime},{$limitUse},{$limitPlanIds},{$coupon['code']},{$createTime}\r\n";
+        }
+        echo $data;
+    }
+
+    public function drop(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, '参数有误');
+        }
+        $coupon = Coupon::find($request->input('id'));
+        if (!$coupon) {
+            abort(500, '优惠券不存在');
+        }
+        if (!$coupon->delete()) {
+            abort(500, '删除失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+}
--- a/app/Http/Controllers/Admin/KnowledgeController.php
+++ b/app/Http/Controllers/Admin/KnowledgeController.php
@ -0,0 +1,109 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Requests\Admin\KnowledgeSave;
+use App\Http\Requests\Admin\KnowledgeSort;
+use App\Models\Knowledge;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\DB;
+
+class KnowledgeController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        if ($request->input('id')) {
+            $knowledge = Knowledge::find($request->input('id'))->toArray();
+            if (!$knowledge) abort(500, '知识不存在');
+            return response([
+                'data' => $knowledge
+            ]);
+        }
+        return response([
+            'data' => Knowledge::select(['title', 'id', 'updated_at', 'category', 'show'])
+                ->orderBy('sort', 'ASC')
+                ->get()
+        ]);
+    }
+
+    public function getCategory(Request $request)
+    {
+        return response([
+            'data' => array_keys(Knowledge::get()->groupBy('category')->toArray())
+        ]);
+    }
+
+    public function save(KnowledgeSave $request)
+    {
+        $params = $request->validated();
+
+        if (!$request->input('id')) {
+            if (!Knowledge::create($params)) {
+                abort(500, '创建失败');
+            }
+        } else {
+            try {
+                Knowledge::find($request->input('id'))->update($params);
+            } catch (\Exception $e) {
+                abort(500, '保存失败');
+            }
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function show(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, '参数有误');
+        }
+        $knowledge = Knowledge::find($request->input('id'));
+        if (!$knowledge) {
+            abort(500, '知识不存在');
+        }
+        $knowledge->show = $knowledge->show ? 0 : 1;
+        if (!$knowledge->save()) {
+            abort(500, '保存失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function sort(KnowledgeSort $request)
+    {
+        DB::beginTransaction();
+        foreach ($request->input('knowledge_ids') as $k => $v) {
+            if (!Knowledge::find($v)->update(['sort' => $k + 1])) {
+                DB::rollBack();
+                abort(500, '保存失败');
+            }
+        }
+        DB::commit();
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function drop(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, '参数有误');
+        }
+        $knowledge = Knowledge::find($request->input('id'));
+        if (!$knowledge) {
+            abort(500, '知识不存在');
+        }
+        if (!$knowledge->delete()) {
+            abort(500, '删除失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+}
--- a/app/Http/Controllers/Admin/NoticeController.php
+++ b/app/Http/Controllers/Admin/NoticeController.php
@ -6,45 +6,42 @@ use App\Http\Requests\Admin\NoticeSave;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Notice;
-use Illuminate\Support\Facades\Redis;
+use Illuminate\Support\Facades\Cache;

 class NoticeController extends Controller
 {
-    public function fetch (Request $request) {
+    public function fetch(Request $request)
+    {
        return response([
            'data' => Notice::orderBy('id', 'DESC')->get()
        ]);
    }

-    public function save (NoticeSave $request) {
+    public function save(NoticeSave $request)
+    {
        $data = $request->only([
            'title',
            'content',
            'img_url'
        ]);
-        if (!Notice::create($data)) {
-            abort(500, '保存失败');
+        if (!$request->input('id')) {
+            if (!Notice::create($data)) {
+                abort(500, '保存失败');
+            }
+        } else {
+            try {
+                Notice::find($request->input('id'))->update($data);
+            } catch (\Exception $e) {
+                abort(500, '保存失败');
+            }
        }
        return response([
            'data' => true
        ]);
    }

-    public function update (NoticeSave $request) {
-        $data = $request->only([
-            'title',
-            'content',
-            'img_url'
-        ]);
-        if (!Notice::where('id', $request->input('id'))->update($data)) {
-            abort(500, '保存失败');
-        }
-        return response([
-            'data' => true
-        ]);
-    }
-
-    public function drop (Request $request) {
+    public function drop(Request $request)
+    {
        if (empty($request->input('id'))) {
            abort(500, '参数错误');
        }
--- a/app/Http/Controllers/Admin/OrderController.php
+++ b/app/Http/Controllers/Admin/OrderController.php
@ -2,29 +2,50 @@

 namespace App\Http\Controllers\Admin;

+use App\Http\Requests\Admin\OrderAssign;
 use App\Http\Requests\Admin\OrderUpdate;
+use App\Http\Requests\Admin\OrderFetch;
+use App\Services\OrderService;
+use App\Utils\Helper;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Order;
 use App\Models\User;
 use App\Models\Plan;
+use Illuminate\Support\Facades\DB;

 class OrderController extends Controller
 {
-    public function fetch (Request $request) {
+    private function filter(Request $request, &$builder)
+    {
+        if ($request->input('filter')) {
+            foreach ($request->input('filter') as $filter) {
+                if ($filter['key'] === 'email') {
+                    $user = User::where('email', "%{$filter['value']}%")->first();
+                    if (!$user) continue;
+                    $builder->where('user_id', $user->id);
+                    continue;
+                }
+                if ($filter['condition'] === '模糊') {
+                    $filter['condition'] = 'like';
+                    $filter['value'] = "%{$filter['value']}%";
+                }
+                $builder->where($filter['key'], $filter['condition'], $filter['value']);
+            }
+        }
+    }
+
+    public function fetch(OrderFetch $request)
+    {
        $current = $request->input('current') ? $request->input('current') : 1;
        $pageSize = $request->input('pageSize') >= 10 ? $request->input('pageSize') : 10;
        $orderModel = Order::orderBy('created_at', 'DESC');
-        if ($request->input('trade_no')) {
-            $orderModel->where('trade_no', $request->input('trade_no'));
-        }
        if ($request->input('is_commission')) {
            $orderModel->where('invite_user_id', '!=', NULL);
-            $orderModel->where('status', 3);
-        }
-        if ($request->input('id')) {
-            $orderModel->where('id', $request->input('id'));
+            $orderModel->whereNotIn('status', [0, 2]);
+            $orderModel->where('commission_balance', '>', 0);
        }
+        $this->filter($request, $orderModel);
        $total = $orderModel->count();
        $res = $orderModel->forPage($current, $pageSize)
            ->get();
@ -42,8 +63,9 @@ class OrderController extends Controller
        ]);
    }

-    public function update (OrderUpdate $request) {
-        $updateData = $request->only([
+    public function update(OrderUpdate $request)
+    {
+        $params = $request->only([
            'status',
            'commission_status'
        ]);
@ -54,7 +76,19 @@ class OrderController extends Controller
            abort(500, '订单不存在');
        }

-        if (!$order->update($updateData)) {
+        if (isset($params['status']) && (int)$params['status'] === 2) {
+            $orderService = new OrderService($order);
+            if (!$orderService->cancel()) {
+                abort(500, '更新失败');
+            }
+            return response([
+                'data' => true
+            ]);
+        }
+
+        try {
+            $order->update($params);
+        } catch (\Exception $e) {
            abort(500, '更新失败');
        }

@ -63,7 +97,8 @@ class OrderController extends Controller
        ]);
    }

-    public function repair (Request $request) {
+    public function repair(Request $request)
+    {
        if (empty($request->input('trade_no'))) {
            abort(500, '参数错误');
        }
@ -81,4 +116,50 @@ class OrderController extends Controller
            'data' => true
        ]);
    }
+
+    public function assign(OrderAssign $request)
+    {
+        $plan = Plan::find($request->input('plan_id'));
+        $user = User::where('email', $request->input('email'))->first();
+
+        if (!$user) {
+            abort(500, '该用户不存在');
+        }
+
+        if (!$plan) {
+            abort(500, '该订阅不存在');
+        }
+
+        DB::beginTransaction();
+        $order = new Order();
+        $orderService = new OrderService($order);
+        $order->user_id = $user->id;
+        $order->plan_id = $plan->id;
+        $order->cycle = $request->input('cycle');
+        $order->trade_no = Helper::guid();
+        $order->total_amount = $request->input('total_amount');
+
+        if ($order->cycle === 'reset_price') {
+            $order->type = 4;
+        } else if ($user->plan_id !== NULL && $order->plan_id !== $user->plan_id) {
+            $order->type = 3;
+        } else if ($user->expired_at > time() && $order->plan_id == $user->plan_id) {
+            $order->type = 2;
+        } else {
+            $order->type = 1;
+        }
+
+        $orderService->setInvite($user);
+
+        if (!$order->save()) {
+            DB::rollback();
+            abort(500, '订单创建失败');
+        }
+
+        DB::commit();
+
+        return response([
+            'data' => $order->trade_no
+        ]);
+    }
 }
--- a/app/Http/Controllers/Admin/PaymentController.php
+++ b/app/Http/Controllers/Admin/PaymentController.php
@ -0,0 +1,78 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Services\PaymentService;
+use App\Utils\Helper;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Payment;
+
+class PaymentController extends Controller
+{
+    public function getPaymentMethods()
+    {
+        $methods = [];
+        foreach (glob(base_path('app//Payments') . '/*.php') as $file) {
+            array_push($methods, pathinfo($file)['filename']);
+        }
+        return response([
+            'data' => $methods
+        ]);
+    }
+
+    public function fetch()
+    {
+        $payments = Payment::all();
+        foreach ($payments as $k => $v) {
+            $payments[$k]['notify_url'] = url("/api/v1/guest/payment/notify/{$v->payment}/{$v->uuid}");
+        }
+        return response([
+            'data' => $payments
+        ]);
+    }
+
+    public function getPaymentForm(Request $request)
+    {
+        $paymentService = new PaymentService($request->input('payment'), $request->input('id'));
+        return response([
+            'data' => $paymentService->form()
+        ]);
+    }
+
+    public function save(Request $request)
+    {
+        if ($request->input('id')) {
+            $payment = Payment::find($request->input('id'));
+            if (!$payment) abort(500, '支付方式不存在');
+            try {
+                $payment->update($request->input());
+            } catch (\Exception $e) {
+                abort(500, '更新失败');
+            }
+            return response([
+                'data' => true
+            ]);
+        }
+        if (!Payment::create([
+            'name' => $request->input('name'),
+            'payment' => $request->input('payment'),
+            'config' => $request->input('config'),
+            'uuid' => Helper::guid()
+        ])) {
+            abort(500, '保存失败');
+        }
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function drop(Request $request)
+    {
+        $payment = Payment::find($request->input('id'));
+        if (!$payment) abort(500, '支付方式不存在');
+        return response([
+            'data' => $payment->delete()
+        ]);
+    }
+}
--- a/app/Http/Controllers/Admin/PlanController.php
+++ b/app/Http/Controllers/Admin/PlanController.php
@ -3,48 +3,78 @@
 namespace App\Http\Controllers\Admin;

 use App\Http\Requests\Admin\PlanSave;
+use App\Http\Requests\Admin\PlanSort;
 use App\Http\Requests\Admin\PlanUpdate;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Plan;
 use App\Models\Order;
 use App\Models\User;
+use Illuminate\Support\Facades\DB;

 class PlanController extends Controller
 {
-    public function fetch (Request $request) {
+    public function fetch(Request $request)
+    {
+
+        $counts = User::select(
+            DB::raw("plan_id"),
+            DB::raw("count(*) as count")
+        )
+            ->where('plan_id', '!=', NULL)
+            ->where(function ($query) {
+                $query->where('expired_at', '>=', time())
+                    ->orWhere('expired_at', NULL);
+            })
+            ->groupBy("plan_id")
+            ->get();
+        $plans = Plan::orderBy('sort', 'ASC')->get();
+        foreach ($plans as $k => $v) {
+            $plans[$k]->count = 0;
+            foreach ($counts as $kk => $vv) {
+                if ($plans[$k]->id === $counts[$kk]->plan_id) $plans[$k]->count = $counts[$kk]->count;
+            }
+        }
        return response([
-            'data' => Plan::get()
+            'data' => $plans
        ]);
    }

-    public function save (PlanSave $request) {
+    public function save(PlanSave $request)
+    {
+        $params = $request->validated();
        if ($request->input('id')) {
            $plan = Plan::find($request->input('id'));
            if (!$plan) {
                abort(500, '该订阅不存在');
            }
-        } else {
-            $plan = new Plan();
+            DB::beginTransaction();
+            // update user group id and transfer
+            try {
+                User::where('plan_id', $plan->id)->update([
+                    'group_id' => $plan->group_id,
+                    'transfer_enable' => $plan->transfer_enable * 1073741824
+                ]);
+                $plan->update($params);
+            } catch (\Exception $e) {
+                DB::rollBack();
+                abort(500, '保存失败');
+            }
+            DB::commit();
+            return response([
+                'data' => true
+            ]);
        }
-        $plan->name = $request->input('name');
-        $plan->content = $request->input('content');
-        if ($plan->content) {
-            $plan->content = str_replace(PHP_EOL, '', $plan->content);
+        if (!Plan::create($params)) {
+            abort(500, '创建失败');
        }
-        $plan->transfer_enable = $request->input('transfer_enable');
-        $plan->group_id = $request->input('group_id');
-        $plan->month_price = $request->input('month_price');
-        $plan->quarter_price = $request->input('quarter_price');
-        $plan->half_year_price = $request->input('half_year_price');
-        $plan->year_price = $request->input('year_price');
-        
        return response([
-            'data' => $plan->save()
+            'data' => true
        ]);
    }

-    public function drop (Request $request) {
+    public function drop(Request $request)
+    {
        if (Order::where('plan_id', $request->input('id'))->first()) {
            abort(500, '该订阅下存在订单无法删除');
        }
@ -62,7 +92,8 @@ class PlanController extends Controller
        ]);
    }

-    public function update (PlanUpdate $request) {
+    public function update(PlanUpdate $request)
+    {
        $updateData = $request->only([
            'show',
            'renew'
@ -72,7 +103,10 @@ class PlanController extends Controller
        if (!$plan) {
            abort(500, '该订阅不存在');
        }
-        if (!$plan->update($updateData)) {
+
+        try {
+            $plan->update($updateData);
+        } catch (\Exception $e) {
            abort(500, '保存失败');
        }

@ -80,4 +114,19 @@ class PlanController extends Controller
            'data' => true
        ]);
    }
+
+    public function sort(PlanSort $request)
+    {
+        DB::beginTransaction();
+        foreach ($request->input('plan_ids') as $k => $v) {
+            if (!Plan::find($v)->update(['sort' => $k + 1])) {
+                DB::rollBack();
+                abort(500, '保存失败');
+            }
+        }
+        DB::commit();
+        return response([
+            'data' => true
+        ]);
+    }
 }
--- a/app/Http/Controllers/Admin/Server/GroupController.php
+++ b/app/Http/Controllers/Admin/Server/GroupController.php
@ -0,0 +1,71 @@
+<?php
+
+namespace App\Http\Controllers\Admin\Server;
+
+use App\Models\Plan;
+use App\Models\Server;
+use App\Models\ServerGroup;
+use App\Models\User;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+
+class GroupController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        if ($request->input('group_id')) {
+            return response([
+                'data' => [ServerGroup::find($request->input('group_id'))]
+            ]);
+        }
+        return response([
+            'data' => ServerGroup::get()
+        ]);
+    }
+
+    public function save(Request $request)
+    {
+        if (empty($request->input('name'))) {
+            abort(500, '组名不能为空');
+        }
+
+        if ($request->input('id')) {
+            $serverGroup = ServerGroup::find($request->input('id'));
+        } else {
+            $serverGroup = new ServerGroup();
+        }
+
+        $serverGroup->name = $request->input('name');
+        return response([
+            'data' => $serverGroup->save()
+        ]);
+    }
+
+    public function drop(Request $request)
+    {
+        if ($request->input('id')) {
+            $serverGroup = ServerGroup::find($request->input('id'));
+            if (!$serverGroup) {
+                abort(500, '组不存在');
+            }
+        }
+
+        $servers = Server::all();
+        foreach ($servers as $server) {
+            $groupId = json_decode($server->group_id);
+            if (in_array($request->input('id'), $groupId)) {
+                abort(500, '该组已被节点所使用，无法删除');
+            }
+        }
+
+        if (Plan::where('group_id', $request->input('id'))->first()) {
+            abort(500, '该组已被订阅所使用，无法删除');
+        }
+        if (User::where('group_id', $request->input('id'))->first()) {
+            abort(500, '该组已被用户所使用，无法删除');
+        }
+        return response([
+            'data' => $serverGroup->delete()
+        ]);
+    }
+}
--- a/app/Http/Controllers/Admin/Server/ManageController.php
+++ b/app/Http/Controllers/Admin/Server/ManageController.php
@ -0,0 +1,61 @@
+<?php
+
+namespace App\Http\Controllers\Admin\Server;
+
+use App\Models\Server;
+use App\Models\ServerShadowsocks;
+use App\Models\ServerTrojan;
+use App\Services\ServerService;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\DB;
+
+class ManageController extends Controller
+{
+    public function getNodes(Request $request)
+    {
+        $serverService = new ServerService();
+        $servers = array_merge(
+            $serverService->getShadowsocksServers(),
+            $serverService->getV2rayServers(),
+            $serverService->getTrojanServers()
+        );
+        $serverService->mergeData($servers);
+        $tmp = array_column($servers, 'sort');
+        array_multisort($tmp, SORT_ASC, $servers);
+        return response([
+            'data' => $servers
+        ]);
+    }
+
+    public function sort(Request $request)
+    {
+        DB::beginTransaction();
+        foreach ($request->input('sorts') as $k => $v) {
+            switch ($v['key']) {
+                case 'shadowsocks':
+                    if (!ServerShadowsocks::find($v['value'])->update(['sort' => $k + 1])) {
+                        DB::rollBack();
+                        abort(500, '保存失败');
+                    }
+                    break;
+                case 'v2ray':
+                    if (!Server::find($v['value'])->update(['sort' => $k + 1])) {
+                        DB::rollBack();
+                        abort(500, '保存失败');
+                    }
+                    break;
+                case 'trojan':
+                    if (!ServerTrojan::find($v['value'])->update(['sort' => $k + 1])) {
+                        DB::rollBack();
+                        abort(500, '保存失败');
+                    }
+                    break;
+            }
+        }
+        DB::commit();
+        return response([
+            'data' => true
+        ]);
+    }
+}
--- a/app/Http/Controllers/Admin/Server/ShadowsocksController.php
+++ b/app/Http/Controllers/Admin/Server/ShadowsocksController.php
@ -0,0 +1,96 @@
+<?php
+
+namespace App\Http\Controllers\Admin\Server;
+
+use App\Http\Requests\Admin\ServerShadowsocksSave;
+use App\Http\Requests\Admin\ServerShadowsocksUpdate;
+use App\Models\ServerShadowsocks;
+use App\Services\ServerService;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+
+class ShadowsocksController extends Controller
+{
+    public function save(ServerShadowsocksSave $request)
+    {
+        $params = $request->validated();
+        $params['group_id'] = json_encode($params['group_id']);
+        if (isset($params['tags'])) {
+            $params['tags'] = json_encode($params['tags']);
+        }
+
+        if ($request->input('id')) {
+            $server = ServerShadowsocks::find($request->input('id'));
+            if (!$server) {
+                abort(500, '服务器不存在');
+            }
+            try {
+                $server->update($params);
+            } catch (\Exception $e) {
+                abort(500, '保存失败');
+            }
+            return response([
+                'data' => true
+            ]);
+        }
+
+        if (!ServerShadowsocks::create($params)) {
+            abort(500, '创建失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function drop(Request $request)
+    {
+        if ($request->input('id')) {
+            $server = ServerShadowsocks::find($request->input('id'));
+            if (!$server) {
+                abort(500, '节点ID不存在');
+            }
+        }
+        return response([
+            'data' => $server->delete()
+        ]);
+    }
+
+    public function update(ServerShadowsocksUpdate $request)
+    {
+        $params = $request->only([
+            'show',
+        ]);
+
+        $server = ServerShadowsocks::find($request->input('id'));
+
+        if (!$server) {
+            abort(500, '该服务器不存在');
+        }
+        try {
+            $server->update($params);
+        } catch (\Exception $e) {
+            abort(500, '保存失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function copy(Request $request)
+    {
+        $server = ServerShadowsocks::find($request->input('id'));
+        $server->show = 0;
+        if (!$server) {
+            abort(500, '服务器不存在');
+        }
+        if (!ServerShadowsocks::create($server->toArray())) {
+            abort(500, '复制失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+}
--- a/app/Http/Controllers/Admin/Server/TrojanController.php
+++ b/app/Http/Controllers/Admin/Server/TrojanController.php
@ -0,0 +1,104 @@
+<?php
+
+namespace App\Http\Controllers\Admin\Server;
+
+use App\Http\Requests\Admin\ServerTrojanSave;
+use App\Http\Requests\Admin\ServerTrojanUpdate;
+use App\Services\ServerService;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\ServerTrojan;
+
+class TrojanController extends Controller
+{
+    public function save(ServerTrojanSave $request)
+    {
+        $params = $request->validated();
+        $params['group_id'] = json_encode($params['group_id']);
+        if (isset($params['tags'])) {
+            $params['tags'] = json_encode($params['tags']);
+        }
+
+        if ($request->input('id')) {
+            $server = ServerTrojan::find($request->input('id'));
+            if (!$server) {
+                abort(500, '服务器不存在');
+            }
+            try {
+                $server->update($params);
+            } catch (\Exception $e) {
+                abort(500, '保存失败');
+            }
+            return response([
+                'data' => true
+            ]);
+        }
+
+        if (!ServerTrojan::create($params)) {
+            abort(500, '创建失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function drop(Request $request)
+    {
+        if ($request->input('id')) {
+            $server = ServerTrojan::find($request->input('id'));
+            if (!$server) {
+                abort(500, '节点ID不存在');
+            }
+        }
+        return response([
+            'data' => $server->delete()
+        ]);
+    }
+
+    public function update(ServerTrojanUpdate $request)
+    {
+        $params = $request->only([
+            'show',
+        ]);
+
+        $server = ServerTrojan::find($request->input('id'));
+
+        if (!$server) {
+            abort(500, '该服务器不存在');
+        }
+        try {
+            $server->update($params);
+        } catch (\Exception $e) {
+            abort(500, '保存失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function copy(Request $request)
+    {
+        $server = ServerTrojan::find($request->input('id'));
+        $server->show = 0;
+        if (!$server) {
+            abort(500, '服务器不存在');
+        }
+        if (!ServerTrojan::create($server->toArray())) {
+            abort(500, '复制失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+    public function viewConfig(Request $request)
+    {
+        $serverService = new ServerService();
+        $config = $serverService->getTrojanConfig($request->input('node_id'), 23333);
+        return response([
+            'data' => $config
+        ]);
+    }
+}
--- a/app/Http/Controllers/Admin/Server/V2rayController.php
+++ b/app/Http/Controllers/Admin/Server/V2rayController.php
@ -0,0 +1,129 @@
+<?php
+
+namespace App\Http\Controllers\Admin\Server;
+
+use App\Http\Requests\Admin\ServerV2raySave;
+use App\Http\Requests\Admin\ServerV2rayUpdate;
+use App\Services\ServerService;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Server;
+
+class V2rayController extends Controller
+{
+    public function save(ServerV2raySave $request)
+    {
+        $params = $request->validated();
+        $params['group_id'] = json_encode($params['group_id']);
+        if (isset($params['tags'])) {
+            $params['tags'] = json_encode($params['tags']);
+        }
+
+        if (isset($params['dnsSettings'])) {
+            if (!is_object(json_decode($params['dnsSettings']))) {
+                abort(500, 'DNS规则配置格式不正确');
+            }
+        }
+
+        if (isset($params['ruleSettings'])) {
+            if (!is_object(json_decode($params['ruleSettings']))) {
+                abort(500, '审计规则配置格式不正确');
+            }
+        }
+
+        if (isset($params['networkSettings'])) {
+            if (!is_object(json_decode($params['networkSettings']))) {
+                abort(500, '传输协议配置格式不正确');
+            }
+        }
+
+        if (isset($params['tlsSettings'])) {
+            if (!is_object(json_decode($params['tlsSettings']))) {
+                abort(500, 'TLS配置格式不正确');
+            }
+        }
+
+        if ($request->input('id')) {
+            $server = Server::find($request->input('id'));
+            if (!$server) {
+                abort(500, '服务器不存在');
+            }
+            try {
+                $server->update($params);
+            } catch (\Exception $e) {
+                abort(500, '保存失败');
+            }
+            return response([
+                'data' => true
+            ]);
+        }
+
+        if (!Server::create($params)) {
+            abort(500, '创建失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function drop(Request $request)
+    {
+        if ($request->input('id')) {
+            $server = Server::find($request->input('id'));
+            if (!$server) {
+                abort(500, '节点ID不存在');
+            }
+        }
+        return response([
+            'data' => $server->delete()
+        ]);
+    }
+
+    public function update(ServerV2rayUpdate $request)
+    {
+        $params = $request->only([
+            'show',
+        ]);
+
+        $server = Server::find($request->input('id'));
+
+        if (!$server) {
+            abort(500, '该服务器不存在');
+        }
+        try {
+            $server->update($params);
+        } catch (\Exception $e) {
+            abort(500, '保存失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function copy(Request $request)
+    {
+        $server = Server::find($request->input('id'));
+        $server->show = 0;
+        if (!$server) {
+            abort(500, '服务器不存在');
+        }
+        if (!Server::create($server->toArray())) {
+            abort(500, '复制失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function viewConfig(Request $request)
+    {
+        $serverService = new ServerService();
+        $config = $serverService->getV2RayConfig($request->input('node_id'), 23333);
+        return response([
+            'data' => $config
+        ]);
+    }
+}
--- a/app/Http/Controllers/Admin/ServerController.php
+++ b/app/Http/Controllers/Admin/ServerController.php
@ -1,144 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Admin;
-
-use App\Http\Requests\Admin\ServerSave;
-use App\Http\Requests\Admin\ServerUpdate;
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\ServerGroup;
-use App\Models\Server;
-use App\Models\Plan;
-use App\Models\User;
-use Illuminate\Support\Facades\Redis;
-
-class ServerController extends Controller
-{
-    public function fetch (Request $request) {
-        $server = Server::get();
-        for ($i = 0; $i < count($server); $i++) {
-            if (!empty($server[$i]['tags'])) {
-                $server[$i]['tags'] = json_decode($server[$i]['tags']);
-            }
-            $server[$i]['group_id'] = json_decode($server[$i]['group_id']);
-            $server[$i]['last_check_at'] = Redis::get('server_last_check_at_' . $server[$i]['id']);
-        }
-        return response([
-            'data' => $server
-        ]);
-    }
-    
-    public function save (ServerSave $request) {
-        if ($request->input('id')) {
-            $server = Server::find($request->input('id'));
-            if (!$server) {
-                abort(500, '服务器不存在');
-            }
-        } else {
-            $server = new Server();
-        }
-        $server->group_id = json_encode($request->input('group_id'));
-        $server->name = $request->input('name');
-        $server->host = $request->input('host');
-        $server->port = $request->input('port');
-        $server->server_port = $request->input('server_port');
-        $server->tls = $request->input('tls');
-        $server->tags = $request->input('tags') ? json_encode($request->input('tags')) : NULL;
-        $server->rate = $request->input('rate');
-        $server->network = $request->input('network');
-        if ($request->input('settings')) {
-            if (!is_object(json_decode($request->input('settings')))) {
-                abort(500, '传输协议配置格式不正确');
-            }
-            $server->settings = $request->input('settings');
-        }
-        return response([
-            'data' => $server->save()
-        ]);
-    }
-    
-    public function groupFetch (Request $request) {
-        if ($request->input('group_id')) {
-            return response([
-                'data' => [ServerGroup::find($request->input('group_id'))]
-            ]);
-        }
-        return response([
-            'data' => ServerGroup::get()
-        ]);
-    }
-
-    public function groupSave (Request $request) {
-        if (empty($request->input('name'))) {
-            abort(500, '组名不能为空');
-        }
-        
-        if ($request->input('id')) {
-            $serverGroup = ServerGroup::find($request->input('id'));
-        } else {
-            $serverGroup = new ServerGroup();
-        }
-
-        $serverGroup->name = $request->input('name');
-        return response([
-            'data' => $serverGroup->save()
-        ]);
-    }
-
-    public function groupDrop (Request $request) {
-        if ($request->input('id')) {
-            $serverGroup = ServerGroup::find($request->input('id'));
-            if (!$serverGroup) {
-                abort(500, '组不存在');
-            }
-        }
-
-        $servers = Server::all();
-        foreach ($servers as $server) {
-            $groupId = json_decode($server->group_id);
-            if (in_array($request->input('id'), $groupId)) {
-                abort(500, '该组已被节点所使用，无法删除');
-            }
-        }
-
-        if (Plan::where('group_id', $request->input('id'))->first()) {
-            abort(500, '该组已被订阅所使用，无法删除');
-        }
-        if (User::where('group_id', $request->input('id'))->first()) {
-            abort(500, '该组已被用户所使用，无法删除');
-        }
-        return response([
-            'data' => $serverGroup->delete()
-        ]);
-    }
-    
-    public function drop (Request $request) {
-        if ($request->input('id')) {
-            $server = Server::find($request->input('id'));
-            if (!$server) {
-                abort(500, '节点ID不存在');
-            }
-        }
-        return response([
-            'data' => $server->delete()
-        ]);
-    }
-
-    public function update (ServerUpdate $request) {
-        $updateData = $request->only([
-            'show',
-        ]);
-        
-        $server = Server::find($request->input('id'));
-        if (!$server) {
-            abort(500, '该服务器不存在');
-        }
-        if (!$server->update($updateData)) {
-            abort(500, '保存失败');
-        }
-
-        return response([
-            'data' => true
-        ]);
-    }
-}
--- a/app/Http/Controllers/Admin/StatController.php
+++ b/app/Http/Controllers/Admin/StatController.php
@ -2,6 +2,9 @@

 namespace App\Http\Controllers\Admin;

+use App\Models\ServerShadowsocks;
+use App\Models\ServerTrojan;
+use App\Services\ServerService;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\ServerGroup;
@ -10,23 +13,113 @@ use App\Models\Plan;
 use App\Models\User;
 use App\Models\Ticket;
 use App\Models\Order;
-use Illuminate\Support\Facades\Redis;
+use App\Models\StatOrder;
+use App\Models\StatServer;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\DB;

 class StatController extends Controller
 {
-    public function getOverride (Request $request) {
+    public function getOverride(Request $request)
+    {
        return response([
            'data' => [
-                'month_income' => Redis::get('month_income'),
-                'month_register_total' => Redis::get('month_register_total'),
+                'month_income' => Order::where('created_at', '>=', strtotime(date('Y-m-1')))
+                    ->where('created_at', '<', time())
+                    ->whereNotIn('status', [0, 2])
+                    ->sum('total_amount'),
+                'month_register_total' => User::where('created_at', '>=', strtotime(date('Y-m-1')))
+                    ->where('created_at', '<', time())
+                    ->count(),
                'ticket_pendding_total' => Ticket::where('status', 0)
                    ->count(),
                'commission_pendding_total' => Order::where('commission_status', 0)
                    ->where('invite_user_id', '!=', NULL)
-                    ->where('status', 3)
+                    ->whereNotIn('status', [0, 2])
+                    ->where('commission_balance', '>', 0)
                    ->count(),
-                
+                'day_income' => Order::where('created_at', '>=', strtotime(date('Y-m-d')))
+                    ->where('created_at', '<', time())
+                    ->whereNotIn('status', [0, 2])
+                    ->sum('total_amount'),
+                'last_month_income' => Order::where('created_at', '>=', strtotime('-1 month', strtotime(date('Y-m-1'))))
+                    ->where('created_at', '<', strtotime(date('Y-m-1')))
+                    ->whereNotIn('status', [0, 2])
+                    ->sum('total_amount')
            ]
        ]);
    }
+
+    public function getOrder(Request $request)
+    {
+        $statistics = StatOrder::where('record_type', 'd')
+            ->limit(31)
+            ->orderBy('record_at', 'DESC')
+            ->get()
+            ->toArray();
+        $result = [];
+        foreach ($statistics as $statistic) {
+            $date = date('m-d', $statistic['record_at']);
+            array_push($result, [
+                'type' => '收款金额',
+                'date' => $date,
+                'value' => $statistic['order_amount'] / 100
+            ]);
+            array_push($result, [
+                'type' => '收款笔数',
+                'date' => $date,
+                'value' => $statistic['order_count']
+            ]);
+            array_push($result, [
+                'type' => '佣金金额',
+                'date' => $date,
+                'value' => $statistic['commission_amount'] / 100
+            ]);
+            array_push($result, [
+                'type' => '佣金笔数',
+                'date' => $date,
+                'value' => $statistic['commission_count']
+            ]);
+        }
+        $result = array_reverse($result);
+        return response([
+            'data' => $result
+        ]);
+    }
+
+    public function getServerLastRank()
+    {
+        $servers = [
+            'shadowsocks' => ServerShadowsocks::where('parent_id', null)->get()->toArray(),
+            'vmess' => Server::where('parent_id', null)->get()->toArray(),
+            'trojan' => ServerTrojan::where('parent_id', null)->get()->toArray()
+        ];
+        $timestamp = strtotime('-1 day', strtotime(date('Y-m-d')));
+        $statistics = StatServer::select([
+                'server_id',
+                'server_type',
+                'u',
+                'd',
+                DB::raw('(u+d) as total')
+            ])
+            ->where('record_at', '>=', $timestamp)
+            ->where('record_type', 'd')
+            ->limit(10)
+            ->orderBy('total', 'DESC')
+            ->get()
+            ->toArray();
+        foreach ($statistics as $k => $v) {
+            foreach ($servers[$v['server_type']] as $server) {
+                if ($server['id'] === $v['server_id']) {
+                    $statistics[$k]['server_name'] = $server['name'];
+                }
+            }
+            $statistics[$k]['total'] = $statistics[$k]['total'] / 1073741824;
+        }
+        array_multisort(array_column($statistics, 'total'), SORT_DESC, $statistics);
+        return response([
+            'data' => $statistics
+        ]);
+    }
 }
+
--- a/app/Http/Controllers/Admin/TicketController.php
+++ b/app/Http/Controllers/Admin/TicketController.php
@ -2,15 +2,20 @@

 namespace App\Http\Controllers\Admin;

+use App\Jobs\SendEmailJob;
+use App\Services\TicketService;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Ticket;
+use App\Models\User;
 use App\Models\TicketMessage;
+use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\DB;

 class TicketController extends Controller
 {
-    public function fetch (Request $request) {
+    public function fetch(Request $request)
+    {
        if ($request->input('id')) {
            $ticket = Ticket::where('id', $request->input('id'))
                ->first();
@ -29,53 +34,49 @@ class TicketController extends Controller
                'data' => $ticket
            ]);
        }
-        $ticket = Ticket::orderBy('created_at', 'DESC')
+        $current = $request->input('current') ? $request->input('current') : 1;
+        $pageSize = $request->input('pageSize') >= 10 ? $request->input('pageSize') : 10;
+        $model = Ticket::orderBy('created_at', 'DESC');
+        if ($request->input('status') !== NULL) {
+            $model->where('status', $request->input('status'));
+        }
+        $total = $model->count();
+        $res = $model->forPage($current, $pageSize)
            ->get();
-        for ($i = 0; $i < count($ticket); $i++) {
-            if ($ticket[$i]['last_reply_user_id'] == $request->session()->get('id')) {
-                $ticket[$i]['reply_status'] = 0;
+        for ($i = 0; $i < count($res); $i++) {
+            if ($res[$i]['last_reply_user_id'] == $request->session()->get('id')) {
+                $res[$i]['reply_status'] = 0;
            } else {
-                $ticket[$i]['reply_status'] = 1;
+                $res[$i]['reply_status'] = 1;
            }
        }
        return response([
-            'data' => $ticket
+            'data' => $res,
+            'total' => $total
        ]);
    }

-    public function reply (Request $request) {
+    public function reply(Request $request)
+    {
        if (empty($request->input('id'))) {
            abort(500, '参数错误');
        }
        if (empty($request->input('message'))) {
            abort(500, '消息不能为空');
        }
-        $ticket = Ticket::where('id', $request->input('id'))
-            ->first();
-        if (!$ticket) {
-            abort(500, '工单不存在');
-        }
-        if ($ticket->status) {
-            abort(500, '工单已关闭，无法回复');
-        }
-        DB::beginTransaction();
-        $ticketMessage = TicketMessage::create([
-            'user_id' => $request->session()->get('id'),
-            'ticket_id' => $ticket->id,
-            'message' => $request->input('message')
-        ]);
-        $ticket->last_reply_user_id = $request->session()->get('id');
-        if (!$ticketMessage || !$ticket->save()) {
-            DB::rollback();
-            abort(500, '工单回复失败');
-        }
-        DB::commit();
+        $ticketService = new TicketService();
+        $ticketService->replyByAdmin(
+            $request->input('id'),
+            $request->input('message'),
+            $request->session()->get('id')
+        );
        return response([
            'data' => true
        ]);
    }

-    public function close (Request $request) {
+    public function close(Request $request)
+    {
        if (empty($request->input('id'))) {
            abort(500, '参数错误');
        }
--- a/app/Http/Controllers/Admin/UserController.php
+++ b/app/Http/Controllers/Admin/UserController.php
@ -2,22 +2,62 @@

 namespace App\Http\Controllers\Admin;

+use App\Http\Requests\Admin\UserFetch;
+use App\Http\Requests\Admin\UserGenerate;
+use App\Http\Requests\Admin\UserSendMail;
 use App\Http\Requests\Admin\UserUpdate;
+use App\Jobs\SendEmailJob;
+use App\Utils\Helper;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Order;
 use App\Models\User;
 use App\Models\Plan;
+use Illuminate\Support\Facades\DB;

 class UserController extends Controller
 {
-    public function fetch (Request $request) {
+    public function resetSecret(Request $request)
+    {
+        $user = User::find($request->input('id'));
+        if (!$user) abort(500, '用户不存在');
+        $user->token = Helper::guid();
+        $user->uuid = Helper::guid(true);
+        return response([
+            'data' => $user->save()
+        ]);
+    }
+
+    private function filter(Request $request, $builder)
+    {
+        if ($request->input('filter')) {
+            foreach ($request->input('filter') as $filter) {
+                if ($filter['key'] === 'invite_by_email') {
+                    $user = User::where('email', $filter['value'])->first();
+                    if (!$user) continue;
+                    $builder->where('invite_user_id', $user->id);
+                    continue;
+                }
+                if ($filter['key'] === 'd' || $filter['key'] === 'transfer_enable') {
+                    $filter['value'] = $filter['value'] * 1073741824;
+                }
+                if ($filter['condition'] === '模糊') {
+                    $filter['condition'] = 'like';
+                    $filter['value'] = "%{$filter['value']}%";
+                }
+                $builder->where($filter['key'], $filter['condition'], $filter['value']);
+            }
+        }
+    }
+
+    public function fetch(UserFetch $request)
+    {
        $current = $request->input('current') ? $request->input('current') : 1;
        $pageSize = $request->input('pageSize') >= 10 ? $request->input('pageSize') : 10;
-        $userModel = User::orderBy('created_at', 'DESC');
-        if ($request->input('email')) {
-            $userModel->where('email', $request->input('email'));
-        }
+        $sortType = in_array($request->input('sort_type'), ['ASC', 'DESC']) ? $request->input('sort_type') : 'DESC';
+        $sort = $request->input('sort') ? $request->input('sort') : 'created_at';
+        $userModel = User::orderBy($sort, $sortType);
+        $this->filter($request, $userModel);
        $total = $userModel->count();
        $res = $userModel->forPage($current, $pageSize)
            ->get();
@ -28,6 +68,7 @@ class UserController extends Controller
                    $res[$i]['plan_name'] = $plan[$k]['name'];
                }
            }
+            $res[$i]['subscribe_url'] = config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL'))) . '/api/v1/client/subscribe?token=' . $res[$i]['token'];
        }
        return response([
            'data' => $res,
@ -35,57 +76,219 @@ class UserController extends Controller
        ]);
    }

-    public function id2UserInfo ($id) {
-        if (empty($id)) {
+    public function getUserInfoById(Request $request)
+    {
+        if (empty($request->input('id'))) {
            abort(500, '参数错误');
        }
        return response([
-            'data' => User::select([
-                'email',
-                'u',
-                'd',
-                'transfer_enable',
-                'expired_at'
-            ])->find($id)
+            'data' => User::find($request->input('id'))
        ]);
    }

-    public function update (UserUpdate $request) {
-    	$updateData = $request->only([
-    		'email',
-    		'password',
-    		'transfer_enable',
-    		'expired_at',
-            'banned',
-            'plan_id',
-            'commission_rate',
-    		'is_admin'
-		]);
+    public function update(UserUpdate $request)
+    {
+        $params = $request->validated();
        $user = User::find($request->input('id'));
        if (!$user) {
            abort(500, '用户不存在');
        }
-        if (User::where('email', $updateData['email'])->first() && $user->email !== $updateData['email']) {
+        if (User::where('email', $params['email'])->first() && $user->email !== $params['email']) {
            abort(500, '邮箱已被使用');
        }
-        if (isset($updateData['password'])) {
-        	$updateData['password'] = password_hash($updateData['password'], PASSWORD_DEFAULT);
+        if (isset($params['password'])) {
+            $params['password'] = password_hash($params['password'], PASSWORD_DEFAULT);
+            $params['password_algo'] = NULL;
        } else {
-        	unset($updateData['password']);
+            unset($params['password']);
        }
-        $updateData['transfer_enable'] = $updateData['transfer_enable'] * 1073741824;
-        if (isset($updateData['plan_id'])) {
-            $plan = Plan::find($updateData['plan_id']);
+        if (isset($params['plan_id'])) {
+            $plan = Plan::find($params['plan_id']);
            if (!$plan) {
                abort(500, '订阅计划不存在');
            }
-            $updateData['group_id'] = $plan->group_id;
+            $params['group_id'] = $plan->group_id;
        }
-        if (!$user->update($updateData)) {
+
+        try {
+            $user->update($params);
+        } catch (\Exception $e) {
            abort(500, '保存失败');
        }
        return response([
            'data' => true
        ]);
    }
+
+    public function dumpCSV(Request $request)
+    {
+        $userModel = User::orderBy('id', 'asc');
+        $this->filter($request, $userModel);
+        $res = $userModel->get();
+        $plan = Plan::get();
+        for ($i = 0; $i < count($res); $i++) {
+            for ($k = 0; $k < count($plan); $k++) {
+                if ($plan[$k]['id'] == $res[$i]['plan_id']) {
+                    $res[$i]['plan_name'] = $plan[$k]['name'];
+                }
+            }
+        }
+
+        $data = "邮箱,余额,推广佣金,总流量,剩余流量,套餐到期时间,订阅计划,订阅地址\r\n";
+        $baseUrl = config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL')));
+        foreach($res as $user) {
+            $expireDate = $user['expired_at'] === NULL ? '长期有效' : date('Y-m-d H:i:s', $user['expired_at']);
+            $balance = $user['balance'] / 100;
+            $commissionBalance = $user['commission_balance'] / 100;
+            $transferEnable = $user['transfer_enable'] ? $user['transfer_enable'] / 1073741824 : 0;
+            $notUseFlow = (($user['transfer_enable'] - ($user['u'] + $user['d'])) / 1073741824) ?? 0;
+            $planName = $user['plan_name'] ?? '无订阅';
+            $subscribeUrl = $baseUrl . '/api/v1/client/subscribe?token=' . $user['token'];
+            $data .= "{$user['email']},{$balance},{$commissionBalance},{$transferEnable},{$notUseFlow},{$expireDate},{$planName},{$subscribeUrl}\r\n";
+        }
+        echo "\xEF\xBB\xBF" . $data;
+    }
+
+    public function generate(UserGenerate $request)
+    {
+        if ($request->input('email_prefix')) {
+            if ($request->input('plan_id')) {
+                $plan = Plan::find($request->input('plan_id'));
+                if (!$plan) {
+                    abort(500, '订阅计划不存在');
+                }
+            }
+            $user = [
+                'email' => $request->input('email_prefix') . '@' . $request->input('email_suffix'),
+                'plan_id' => isset($plan->id) ? $plan->id : NULL,
+                'group_id' => isset($plan->group_id) ? $plan->group_id : NULL,
+                'transfer_enable' => isset($plan->transfer_enable) ? $plan->transfer_enable * 1073741824 : 0,
+                'expired_at' => $request->input('expired_at') ?? NULL,
+                'uuid' => Helper::guid(true),
+                'token' => Helper::guid()
+            ];
+            $user['password'] = password_hash($request->input('password') ?? $user['email'], PASSWORD_DEFAULT);
+            if (!User::create($user)) {
+                abort(500, '生成失败');
+            }
+            return response([
+                'data' => true
+            ]);
+        }
+        if ($request->input('generate_count')) {
+            $this->multiGenerate($request);
+        }
+    }
+
+    private function multiGenerate(Request $request)
+    {
+        if ($request->input('plan_id')) {
+            $plan = Plan::find($request->input('plan_id'));
+            if (!$plan) {
+                abort(500, '订阅计划不存在');
+            }
+        }
+        $users = [];
+        for ($i = 0;$i < $request->input('generate_count');$i++) {
+            $user = [
+                'email' => Helper::randomChar(6) . '@' . $request->input('email_suffix'),
+                'plan_id' => isset($plan->id) ? $plan->id : NULL,
+                'group_id' => isset($plan->group_id) ? $plan->group_id : NULL,
+                'transfer_enable' => isset($plan->transfer_enable) ? $plan->transfer_enable * 1073741824 : 0,
+                'expired_at' => $request->input('expired_at') ?? NULL,
+                'uuid' => Helper::guid(true),
+                'token' => Helper::guid(),
+                'created_at' => time(),
+                'updated_at' => time()
+            ];
+            $user['password'] = password_hash($request->input('password') ?? $user['email'], PASSWORD_DEFAULT);
+            array_push($users, $user);
+        }
+        DB::beginTransaction();
+        if (!User::insert($users)) {
+            DB::rollBack();
+            abort(500, '生成失败');
+        }
+        DB::commit();
+        $data = "账号,密码,过期时间,UUID,创建时间,订阅地址\r\n";
+        $baseUrl = config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL')));
+        foreach($users as $user) {
+            $expireDate = $user['expired_at'] === NULL ? '长期有效' : date('Y-m-d H:i:s', $user['expired_at']);
+            $createDate = date('Y-m-d H:i:s', $user['created_at']);
+            $password = $request->input('password') ?? $user['email'];
+            $subscribeUrl = $baseUrl . '/api/v1/client/subscribe?token=' . $user['token'];
+            $data .= "{$user['email']},{$password},{$expireDate},{$user['uuid']},{$createDate},{$subscribeUrl}\r\n";
+        }
+        echo $data;
+    }
+
+    public function sendMail(UserSendMail $request)
+    {
+        $sortType = in_array($request->input('sort_type'), ['ASC', 'DESC']) ? $request->input('sort_type') : 'DESC';
+        $sort = $request->input('sort') ? $request->input('sort') : 'created_at';
+        $builder = User::orderBy($sort, $sortType);
+        $this->filter($request, $builder);
+        $users = $builder->get();
+        foreach ($users as $user) {
+            SendEmailJob::dispatch([
+                'email' => $user->email,
+                'subject' => $request->input('subject'),
+                'template_name' => 'notify',
+                'template_value' => [
+                    'name' => config('v2board.app_name', 'V2Board'),
+                    'url' => config('v2board.app_url'),
+                    'content' => $request->input('content')
+                ]
+            ]);
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function ban(Request $request)
+    {
+        $sortType = in_array($request->input('sort_type'), ['ASC', 'DESC']) ? $request->input('sort_type') : 'DESC';
+        $sort = $request->input('sort') ? $request->input('sort') : 'created_at';
+        $builder = User::orderBy($sort, $sortType);
+        $this->filter($request, $builder);
+        try {
+            $builder->update([
+                'banned' => 1
+            ]);
+        } catch (\Exception $e) {
+            abort(500, '处理失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function setInviteUser(Request $request)
+    {
+        $request->validate([
+            'user_id' => 'required|integer',
+            'invite_user' => 'required',
+        ], [
+            'user_id.required' => '用户ID不能为空',
+            'user_id.integer' => '用户ID参数有误',
+            'invite_user.required' => '邀请人不能为空'
+        ]);
+
+        $user = User::find($request->input('user_id'));
+        if (!$user) abort(500, '用户不存在');
+        if (strpos($request->input('invite_user'), '@') !== -1) {
+            $inviteUser = User::where('email', $request->input('invite_user'))->first();
+        } else {
+            $inviteUser = User::find($request->input('invite_user'));
+        }
+        if (!$inviteUser) abort(500, '邀请人不存在');
+        $user->invite_user_id = $inviteUser->id;
+
+        return response([
+            'data' => $user->save()
+        ]);
+    }
 }
--- a/app/Http/Controllers/AppController.php
+++ b/app/Http/Controllers/AppController.php
@ -1,102 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\User;
-use App\Models\Plan;
-use App\Models\Server;
-use App\Models\Notice;
-use App\Utils\Helper;
-
-class AppController extends Controller
-{
-    CONST CLIENT_CONFIG = '{"policy":{"levels":{"0":{"uplinkOnly":0}}},"dns":{"servers":["114.114.114.114","8.8.8.8"]},"outboundDetour":[{"protocol":"freedom","tag":"direct","settings":{}}],"inbound":{"listen":"0.0.0.0","port":31211,"protocol":"socks","settings":{"auth":"noauth","udp":true,"ip":"127.0.0.1"}},"inboundDetour":[{"listen":"0.0.0.0","allocate":{"strategy":"always","refresh":5,"concurrency":3},"port":31210,"protocol":"http","tag":"httpDetour","domainOverride":["http","tls"],"streamSettings":{},"settings":{"timeout":0}}],"routing":{"strategy":"rules","settings":{"domainStrategy":"IPIfNonMatch","rules":[{"port":"1-52","type":"field","outboundTag":"direct"},{"port":"54-79","type":"field","outboundTag":"direct"},{"port":"81-442","type":"field","outboundTag":"direct"},{"port":"444-65535","type":"field","outboundTag":"direct"},{"type":"field","ip":["0.0.0.0/8","10.0.0.0/8","100.64.0.0/10","127.0.0.0/8","169.254.0.0/16","172.16.0.0/12","192.0.0.0/24","192.0.2.0/24","192.168.0.0/16","198.18.0.0/15","198.51.100.0/24","203.0.113.0/24","::1/128","fc00::/7","fe80::/10"],"outboundTag":"direct"},{"type":"field","ip":["geoip:cn"],"outboundTag":"direct"}]}},"outbound":{"tag":"proxy","sendThrough":"0.0.0.0","mux":{"enabled":false,"concurrency":8},"protocol":"vmess","settings":{"vnext":[{"address":"server","port":443,"users":[{"id":"uuid","alterId":2,"security":"auto","level":0}],"remark":"remark"}]},"streamSettings":{"network":"tcp","tcpSettings":{"header":{"type":"none"}},"security":"none","tlsSettings":{"allowInsecure":true,"allowInsecureCiphers":true},"kcpSettings":{"header":{"type":"none"},"mtu":1350,"congestion":false,"tti":20,"uplinkCapacity":5,"writeBufferSize":1,"readBufferSize":1,"downlinkCapacity":20},"wsSettings":{"path":"","headers":{"Host":"server.cc"}}}}}';
-    CONST SOCKS_PORT = 10010;
-    CONST HTTP_PORT = 10011;
-
-    public function data (Request $request) {
-        $user = $request->user;
-        $nodes = [];
-        if ($user->plan_id) {
-            $user['plan'] = Plan::find($user->plan_id);
-            if (!$user['plan']) {
-                abort(500, '订阅计划不存在');
-            }
-            if ($user->expired_at > time()) {
-                $servers = Server::where('show', 1)
-                    ->orderBy('name')
-                    ->get();
-                foreach ($servers as $item) {
-                    $groupId = json_decode($item['group_id']);
-                    if (in_array($user->group_id, $groupId)) {
-                        array_push($nodes, $item);
-                    }
-                }
-            }
-        }
-        return response([
-            'data' => [
-                'nodes' => $nodes,
-                'u' => $user->u,
-                'd' => $user->d,
-                'transfer_enable' => $user->transfer_enable,
-                'expired_at' => $user->expired_at,
-                'plan' => isset($user['plan']) ? $user['plan'] : false,
-                'notice' => Notice::orderBy('created_at', 'DESC')->first()
-            ]
-        ]);
-    }
-
-    public function config (Request $request) {
-        if (empty($request->input('server_id'))) {
-            abort(500, '参数错误');
-        }
-        $user = $request->user;
-        if ($user->expired_at < time()) {
-            abort(500, '订阅计划已过期');
-        }
-        $server = Server::where('show', 1)
-            ->where('id', $request->input('server_id'))
-            ->first();
-        if (!$server) {
-            abort(500, '服务器不存在');
-        }
-        $json = json_decode(self::CLIENT_CONFIG);
-        //socks
-        $json->inbound->port = (int)self::SOCKS_PORT;
-        //http
-        $json->inboundDetour[0]->port = (int)self::HTTP_PORT;
-        //other
-        $json->outbound->settings->vnext[0]->address = (string)$server->host;
-        $json->outbound->settings->vnext[0]->port = (int)$server->port;
-        $json->outbound->settings->vnext[0]->users[0]->id = (string)$user->v2ray_uuid;
-        $json->outbound->settings->vnext[0]->users[0]->alterId = (int)$user->v2ray_alter_id;
-        $json->outbound->settings->vnext[0]->remark = (string)$server->name;
-        $json->outbound->streamSettings->network = $server->network;
-        if ($server->settings) {
-            switch ($server->network) {
-                case 'tcp': $json->outbound->streamSettings->tcpSettings = json_decode($server->settings);
-                    break;
-                case 'kcp': $json->outbound->streamSettings->kcpSettings = json_decode($server->settings);
-                    break;
-                case 'ws': $json->outbound->streamSettings->wsSettings = json_decode($server->settings);
-                    break;
-                case 'http': $json->outbound->streamSettings->httpSettings = json_decode($server->settings);
-                    break;
-                case 'domainsocket': $json->outbound->streamSettings->dsSettings = json_decode($server->settings);
-                    break;
-                case 'quic': $json->outbound->streamSettings->quicSettings = json_decode($server->settings);
-                    break;
-            }
-        }
-        if ($request->input('is_global')) {
-            $json->routing->settings->rules[5]->outboundTag = 'proxy';
-        }
-        if ($server->tls) {
-            $json->outbound->streamSettings->security = "tls";
-        }
-        die(json_encode($json, JSON_UNESCAPED_UNICODE));
-    }
-}
--- a/app/Http/Controllers/Client/AppController.php
+++ b/app/Http/Controllers/Client/AppController.php
@ -0,0 +1,145 @@
+<?php
+
+namespace App\Http\Controllers\Client;
+
+use App\Http\Controllers\Controller;
+use App\Services\ServerService;
+use App\Services\UserService;
+use App\Utils\Clash;
+use Illuminate\Http\Request;
+use App\Models\Server;
+use Symfony\Component\Yaml\Yaml;
+
+class AppController extends Controller
+{
+    CONST CLIENT_CONFIG = '{"policy":{"levels":{"0":{"uplinkOnly":0}}},"dns":{"servers":["114.114.114.114","8.8.8.8"]},"outboundDetour":[{"protocol":"freedom","tag":"direct","settings":{}}],"inbound":{"listen":"0.0.0.0","port":31211,"protocol":"socks","settings":{"auth":"noauth","udp":true,"ip":"127.0.0.1"}},"inboundDetour":[{"listen":"0.0.0.0","allocate":{"strategy":"always","refresh":5,"concurrency":3},"port":31210,"protocol":"http","tag":"httpDetour","domainOverride":["http","tls"],"streamSettings":{},"settings":{"timeout":0}}],"routing":{"strategy":"rules","settings":{"domainStrategy":"IPIfNonMatch","rules":[{"type":"field","ip":["geoip:cn"],"outboundTag":"direct"},{"type":"field","ip":["0.0.0.0/8","10.0.0.0/8","100.64.0.0/10","127.0.0.0/8","169.254.0.0/16","172.16.0.0/12","192.0.0.0/24","192.0.2.0/24","192.168.0.0/16","198.18.0.0/15","198.51.100.0/24","203.0.113.0/24","::1/128","fc00::/7","fe80::/10"],"outboundTag":"direct"}]}},"outbound":{"tag":"proxy","sendThrough":"0.0.0.0","mux":{"enabled":false,"concurrency":8},"protocol":"vmess","settings":{"vnext":[{"address":"server","port":443,"users":[{"id":"uuid","alterId":2,"security":"auto","level":0}],"remark":"remark"}]},"streamSettings":{"network":"tcp","tcpSettings":{"header":{"type":"none"}},"security":"none","tlsSettings":{"allowInsecure":true,"allowInsecureCiphers":true},"kcpSettings":{"header":{"type":"none"},"mtu":1350,"congestion":false,"tti":20,"uplinkCapacity":5,"writeBufferSize":1,"readBufferSize":1,"downlinkCapacity":20},"wsSettings":{"path":"","headers":{"Host":"server.cc"}}}}}';
+    CONST SOCKS_PORT = 10010;
+    CONST HTTP_PORT = 10011;
+
+    public function getConfig(Request $request)
+    {
+        $servers = [];
+        $user = $request->user;
+        $userService = new UserService();
+        if ($userService->isAvailable($user)) {
+            $serverService = new ServerService();
+            $servers = $serverService->getAvailableServers($user);
+        }
+        $config = Yaml::parseFile(base_path() . '/resources/rules/app.clash.yaml');
+        $proxy = [];
+        $proxies = [];
+
+        foreach ($servers as $item) {
+            if ($item['type'] === 'shadowsocks') {
+                array_push($proxy, Clash::buildShadowsocks($user['uuid'], $item));
+                array_push($proxies, $item['name']);
+            }
+            if ($item['type'] === 'v2ray') {
+                array_push($proxy, Clash::buildVmess($user['uuid'], $item));
+                array_push($proxies, $item['name']);
+            }
+            if ($item['type'] === 'trojan') {
+                array_push($proxy, Clash::buildTrojan($user['uuid'], $item));
+                array_push($proxies, $item['name']);
+            }
+        }
+
+        $config['proxies'] = array_merge($config['proxies'] ? $config['proxies'] : [], $proxy);
+        foreach ($config['proxy-groups'] as $k => $v) {
+            $config['proxy-groups'][$k]['proxies'] = array_merge($config['proxy-groups'][$k]['proxies'], $proxies);
+        }
+        die(Yaml::dump($config));
+    }
+
+    public function getVersion(Request $request)
+    {
+        if (strpos($request->header('user-agent'), 'tidalab/4.0.0') !== false
+            || strpos($request->header('user-agent'), 'tunnelab/4.0.0') !== false
+        ) {
+            if (strpos($request->header('user-agent'), 'Win64') !== false) {
+                return response([
+                    'data' => [
+                        'version' => config('v2board.windows_version'),
+                        'download_url' => config('v2board.windows_download_url')
+                    ]
+                ]);
+            } else {
+                return response([
+                    'data' => [
+                        'version' => config('v2board.macos_version'),
+                        'download_url' => config('v2board.macos_download_url')
+                    ]
+                ]);
+            }
+            return;
+        }
+        return response([
+            'data' => [
+                'windows_version' => config('v2board.windows_version'),
+                'windows_download_url' => config('v2board.windows_download_url'),
+                'macos_version' => config('v2board.macos_version'),
+                'macos_download_url' => config('v2board.macos_download_url'),
+                'android_version' => config('v2board.android_version'),
+                'android_download_url' => config('v2board.android_download_url')
+            ]
+        ]);
+    }
+
+    public function config(Request $request)
+    {
+        if (empty($request->input('server_id'))) {
+            abort(500, '参数错误');
+        }
+        $user = $request->user;
+        if ($user->expired_at < time() && $user->expired_at !== NULL) {
+            abort(500, '订阅计划已过期');
+        }
+        $server = Server::where('show', 1)
+            ->where('id', $request->input('server_id'))
+            ->first();
+        if (!$server) {
+            abort(500, '服务器不存在');
+        }
+        $json = json_decode(self::CLIENT_CONFIG);
+        //socks
+        $json->inbound->port = (int)self::SOCKS_PORT;
+        //http
+        $json->inboundDetour[0]->port = (int)self::HTTP_PORT;
+        //other
+        $json->outbound->settings->vnext[0]->address = (string)$server->host;
+        $json->outbound->settings->vnext[0]->port = (int)$server->port;
+        $json->outbound->settings->vnext[0]->users[0]->id = (string)$user->uuid;
+        $json->outbound->settings->vnext[0]->users[0]->alterId = (int)$server->alter_id;
+        $json->outbound->settings->vnext[0]->remark = (string)$server->name;
+        $json->outbound->streamSettings->network = $server->network;
+        if ($server->networkSettings) {
+            switch ($server->network) {
+                case 'tcp':
+                    $json->outbound->streamSettings->tcpSettings = json_decode($server->networkSettings);
+                    break;
+                case 'kcp':
+                    $json->outbound->streamSettings->kcpSettings = json_decode($server->networkSettings);
+                    break;
+                case 'ws':
+                    $json->outbound->streamSettings->wsSettings = json_decode($server->networkSettings);
+                    break;
+                case 'http':
+                    $json->outbound->streamSettings->httpSettings = json_decode($server->networkSettings);
+                    break;
+                case 'domainsocket':
+                    $json->outbound->streamSettings->dsSettings = json_decode($server->networkSettings);
+                    break;
+                case 'quic':
+                    $json->outbound->streamSettings->quicSettings = json_decode($server->networkSettings);
+                    break;
+            }
+        }
+        if ($request->input('is_global')) {
+            $json->routing->settings->rules[0]->outboundTag = 'proxy';
+        }
+        if ($server->tls) {
+            $json->outbound->streamSettings->security = "tls";
+        }
+        die(json_encode($json, JSON_UNESCAPED_UNICODE));
+    }
+}
--- a/app/Http/Controllers/Client/ClientController.php
+++ b/app/Http/Controllers/Client/ClientController.php
@ -0,0 +1,282 @@
+<?php
+
+namespace App\Http\Controllers\Client;
+
+use App\Http\Controllers\Controller;
+use App\Services\ServerService;
+use App\Utils\Clash;
+use App\Utils\QuantumultX;
+use App\Utils\Shadowrocket;
+use App\Utils\Surge;
+use App\Utils\Surfboard;
+use App\Utils\URLSchemes;
+use Illuminate\Http\Request;
+use App\Models\Server;
+use App\Utils\Helper;
+use Symfony\Component\Yaml\Yaml;
+use App\Services\UserService;
+
+class ClientController extends Controller
+{
+    public function subscribe(Request $request)
+    {
+        $flag = $request->input('flag')
+            ?? (isset($_SERVER['HTTP_USER_AGENT'])
+                ? $_SERVER['HTTP_USER_AGENT']
+                : '');
+        $flag = strtolower($flag);
+        $user = $request->user;
+        // account not expired and is not banned.
+        $userService = new UserService();
+        if ($userService->isAvailable($user)) {
+            $serverService = new ServerService();
+            $servers = $serverService->getAvailableServers($user);
+            if ($flag) {
+                if (strpos($flag, 'quantumult%20x') !== false) {
+                    die($this->quantumultX($user, $servers));
+                }
+                if (strpos($flag, 'quantumult') !== false) {
+                    die($this->quantumult($user, $servers));
+                }
+                if (strpos($flag, 'clash') !== false) {
+                    die($this->clash($user, $servers));
+                }
+                if (strpos($flag, 'surfboard') !== false) {
+                    die($this->surfboard($user, $servers));
+                }
+                if (strpos($flag, 'surge') !== false) {
+                    die($this->surge($user, $servers));
+                }
+                if (strpos($flag, 'shadowrocket') !== false) {
+                    die($this->shadowrocket($user, $servers));
+                }
+                if (strpos($flag, 'shadowsocks') !== false) {
+                    die($this->shaodowsocksSIP008($user, $servers));
+                }
+            }
+            die($this->origin($user, $servers));
+        }
+    }
+    // TODO: Ready to stop support
+    private function quantumult($user, $servers = [])
+    {
+        $uri = '';
+        header('subscription-userinfo: upload=' . $user['u'] . '; download=' . $user['d'] . ';total=' . $user['transfer_enable']);
+        foreach ($servers as $item) {
+            if ($item['type'] === 'v2ray') {
+                $str = '';
+                $str .= $item['name'] . '= vmess, ' . $item['host'] . ', ' . $item['port'] . ', chacha20-ietf-poly1305, "' . $user['uuid'] . '", over-tls=' . ($item['tls'] ? "true" : "false") . ', certificate=0, group=' . config('v2board.app_name', 'V2Board');
+                if ($item['network'] === 'ws') {
+                    $str .= ', obfs=ws';
+                    if ($item['networkSettings']) {
+                        $wsSettings = json_decode($item['networkSettings'], true);
+                        if (isset($wsSettings['path'])) $str .= ', obfs-path="' . $wsSettings['path'] . '"';
+                        if (isset($wsSettings['headers']['Host'])) $str .= ', obfs-header="Host:' . $wsSettings['headers']['Host'] . '"';
+                    }
+                }
+                $uri .= "vmess://" . base64_encode($str) . "\r\n";
+            }
+        }
+        return base64_encode($uri);
+    }
+
+    private function shadowrocket($user, $servers = [])
+    {
+        $uri = '';
+        //display remaining traffic and expire date
+        $upload = round($user['u'] / (1024*1024*1024), 2);
+        $download = round($user['d'] / (1024*1024*1024), 2);
+        $totalTraffic = round($user['transfer_enable'] / (1024*1024*1024), 2);
+        $expiredDate = date('Y-m-d', $user['expired_at']);
+        $uri .= "STATUS=🚀↑:{$upload}GB,↓:{$download}GB,TOT:{$totalTraffic}GB💡Expires:{$expiredDate}\r\n";
+        foreach ($servers as $item) {
+            if ($item['type'] === 'shadowsocks') {
+                $uri .= Shadowrocket::buildShadowsocks($user['uuid'], $item);
+            }
+            if ($item['type'] === 'v2ray') {
+                $uri .= Shadowrocket::buildVmess($user['uuid'], $item);
+            }
+            if ($item['type'] === 'trojan') {
+                $uri .= Shadowrocket::buildTrojan($user['uuid'], $item);
+            }
+        }
+        return base64_encode($uri);
+    }
+
+    private function quantumultX($user, $servers = [])
+    {
+        $uri = '';
+        header("subscription-userinfo: upload={$user['u']}; download={$user['d']}; total={$user['transfer_enable']}; expire={$user['expired_at']}");
+        foreach ($servers as $item) {
+            if ($item['type'] === 'shadowsocks') {
+                $uri .= QuantumultX::buildShadowsocks($user['uuid'], $item);
+            }
+            if ($item['type'] === 'v2ray') {
+                $uri .= QuantumultX::buildVmess($user['uuid'], $item);
+            }
+            if ($item['type'] === 'trojan') {
+                $uri .= QuantumultX::buildTrojan($user['uuid'], $item);
+            }
+        }
+        return base64_encode($uri);
+    }
+
+    private function origin($user, $servers = [])
+    {
+        $uri = '';
+        foreach ($servers as $item) {
+            if ($item['type'] === 'shadowsocks') {
+                $uri .= URLSchemes::buildShadowsocks($item, $user);
+            }
+            if ($item['type'] === 'v2ray') {
+                $uri .= URLSchemes::buildVmess($item, $user);
+            }
+            if ($item['type'] === 'trojan') {
+                $uri .= URLSchemes::buildTrojan($item, $user);
+            }
+        }
+        return base64_encode($uri);
+    }
+
+    private function shaodowsocksSIP008($user, $servers = [])
+    {
+        $configs = [];
+        $subs = [];
+        $subs['servers'] = [];
+        $subs['bytes_used'] = '';
+        $subs['bytes_remaining'] = '';
+
+        $bytesUsed = $user['u'] + $user['d'];
+        $bytesRemaining = $user['transfer_enable'] - $bytesUsed;
+
+        foreach ($servers as $item) {
+            if ($item['type'] === 'shadowsocks') {
+                array_push($configs, URLSchemes::buildShadowsocksSIP008($item, $user));
+            }
+        }
+
+        $subs['version'] = 1;
+        $subs['bytes_used'] = $bytesUsed;
+        $subs['bytes_remaining'] = $bytesRemaining;
+        $subs['servers'] = array_merge($subs['servers'] ? $subs['servers'] : [], $configs);
+
+        return json_encode($subs, JSON_UNESCAPED_SLASHES|JSON_PRETTY_PRINT);
+    }
+
+    private function surge($user, $servers = [])
+    {
+        $proxies = '';
+        $proxyGroup = '';
+
+        foreach ($servers as $item) {
+            if ($item['type'] === 'shadowsocks') {
+                // [Proxy]
+                $proxies .= Surge::buildShadowsocks($user['uuid'], $item);
+                // [Proxy Group]
+                $proxyGroup .= $item['name'] . ', ';
+            }
+            if ($item['type'] === 'v2ray') {
+                // [Proxy]
+                $proxies .= Surge::buildVmess($user['uuid'], $item);
+                // [Proxy Group]
+                $proxyGroup .= $item['name'] . ', ';
+            }
+            if ($item['type'] === 'trojan') {
+                // [Proxy]
+                $proxies .= Surge::buildTrojan($user['uuid'], $item);
+                // [Proxy Group]
+                $proxyGroup .= $item['name'] . ', ';
+            }
+        }
+
+        $defaultConfig = base_path() . '/resources/rules/default.surge.conf';
+        $customConfig = base_path() . '/resources/rules/custom.surge.conf';
+        if (\File::exists($customConfig)) {
+            $config = file_get_contents("$customConfig");
+        } else {
+            $config = file_get_contents("$defaultConfig");
+        }
+
+        // Subscription link
+        $subsURL = config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL'))) . '/api/v1/client/subscribe?token=' . $user['token'];
+
+        $config = str_replace('$subs_link', $subsURL, $config);
+        $config = str_replace('$proxies', $proxies, $config);
+        $config = str_replace('$proxy_group', rtrim($proxyGroup, ', '), $config);
+        return $config;
+    }
+
+    private function surfboard($user, $servers = [])
+    {
+        $proxies = '';
+        $proxyGroup = '';
+
+        foreach ($servers as $item) {
+            if ($item['type'] === 'shadowsocks') {
+                // [Proxy]
+                $proxies .= Surfboard::buildShadowsocks($user['uuid'], $item);
+                // [Proxy Group]
+                $proxyGroup .= $item['name'] . ', ';
+            }
+            if ($item['type'] === 'v2ray') {
+                // [Proxy]
+                $proxies .= Surfboard::buildVmess($user['uuid'], $item);
+                // [Proxy Group]
+                $proxyGroup .= $item['name'] . ', ';
+            }
+        }
+
+        $defaultConfig = base_path() . '/resources/rules/default.surfboard.conf';
+        $customConfig = base_path() . '/resources/rules/custom.surfboard.conf';
+        if (\File::exists($customConfig)) {
+            $config = file_get_contents("$customConfig");
+        } else {
+            $config = file_get_contents("$defaultConfig");
+        }
+
+        // Subscription link
+        $subsURL = config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL'))) . '/api/v1/client/subscribe?token=' . $user['token'];
+
+        $config = str_replace('$subs_link', $subsURL, $config);
+        $config = str_replace('$proxies', $proxies, $config);
+        $config = str_replace('$proxy_group', rtrim($proxyGroup, ', '), $config);
+        return $config;
+    }
+
+    private function clash($user, $servers = [])
+    {
+        $defaultConfig = base_path() . '/resources/rules/default.clash.yaml';
+        $customConfig = base_path() . '/resources/rules/custom.clash.yaml';
+        if (\File::exists($customConfig)) {
+            $config = Yaml::parseFile($customConfig);
+        } else {
+            $config = Yaml::parseFile($defaultConfig);
+        }
+        $proxy = [];
+        $proxies = [];
+
+        foreach ($servers as $item) {
+            if ($item['type'] === 'shadowsocks') {
+                array_push($proxy, Clash::buildShadowsocks($user['uuid'], $item));
+                array_push($proxies, $item['name']);
+            }
+            if ($item['type'] === 'v2ray') {
+                array_push($proxy, Clash::buildVmess($user['uuid'], $item));
+                array_push($proxies, $item['name']);
+            }
+            if ($item['type'] === 'trojan') {
+                array_push($proxy, Clash::buildTrojan($user['uuid'], $item));
+                array_push($proxies, $item['name']);
+            }
+        }
+
+        $config['proxies'] = array_merge($config['proxies'] ? $config['proxies'] : [], $proxy);
+        foreach ($config['proxy-groups'] as $k => $v) {
+            if (!is_array($config['proxy-groups'][$k]['proxies'])) continue;
+            $config['proxy-groups'][$k]['proxies'] = array_merge($config['proxy-groups'][$k]['proxies'], $proxies);
+        }
+        $yaml = Yaml::dump($config);
+        $yaml = str_replace('$app_name', config('v2board.app_name', 'V2Board'), $yaml);
+        return $yaml;
+    }
+}
--- a/app/Http/Controllers/ClientController.php
+++ b/app/Http/Controllers/ClientController.php
@ -1,143 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\User;
-use App\Models\Plan;
-use App\Models\Server;
-use App\Utils\Helper;
-use Symfony\Component\Yaml\Yaml;
-
-class ClientController extends Controller
-{
-    public function subscribe (Request $request) {
-        $user = $request->user;
-        $server = [];
-        if ($user->expired_at > time()) {
-          $servers = Server::where('show', 1)
-            ->orderBy('name')
-            ->get();
-          foreach ($servers as $item) {
-              $groupId = json_decode($item['group_id']);
-              if (in_array($user->group_id, $groupId)) {
-                  array_push($server, $item);
-              }
-          }
-        }
-        if(isset($_SERVER['HTTP_USER_AGENT'])) {
-          if(strpos($_SERVER['HTTP_USER_AGENT'], 'Quantumult%20X') !== false) {
-            die($this->quantumultX($user, $server));
-          }
-          if(strpos($_SERVER['HTTP_USER_AGENT'], 'Quantumult') !== false) {
-            die($this->quantumult($user, $server));
-          }
-          if(strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'clash') !== false) {
-            die($this->clash($user, $server));
-          }
-        }
-        die($this->origin($user, $server));
-    }
-
-    private function quantumultX ($user, $server) {
-      $uri = '';
-      foreach($server as $item) {
-        $uri .= "vmess=".$item->host.":".$item->port.", method=none, password=".$user->v2ray_uuid.", fast-open=false, udp-relay=false, tag=".$item->name;
-        if ($item->network == 'ws') {
-          $uri .= ', obfs=ws';
-          if ($item->settings) {
-            $wsSettings = json_decode($item->settings);
-            if ($wsSettings->path) $uri .= ', obfs-uri='.$wsSettings->path;
-          }
-        }
-        $uri .= "\r\n";
-      }
-      return base64_encode($uri);
-    }
-
-    private function quantumult ($user, $server) {
-      $uri = '';
-      header('subscription-userinfo: upload='.$user->u.'; download='.$user->d.';total='.$user->transfer_enable);
-      foreach($server as $item) {
-        $str = '';
-        $str .= $item->name.'= vmess, '.$item->host.', '.$item->port.', chacha20-ietf-poly1305, "'.$user->v2ray_uuid.'", over-tls='.($item->tls?"true":"false").', certificate=0, group='.config('v2board.app_name', 'V2Board');
-        if ($item->network === 'ws') {
-          $str .= ', obfs=ws';
-          if ($item->settings) {
-            $wsSettings = json_decode($item->settings);
-            if ($wsSettings->path) $str .= ', obfs-path="'.$wsSettings->path.'"';
-            if ($wsSettings->headers->Host) $str .= ', obfs-header="Host:'.$wsSettings->headers->Host.'"';
-          }
-        }
-        $uri .= "vmess://".base64_encode($str)."\r\n";
-      }
-      return base64_encode($uri);
-    }
-
-    private function origin ($user, $server) {
-      $uri = '';
-      foreach($server as $item) {
-        $uri .= Helper::buildVmessLink($item, $user);
-      }
-      return base64_encode($uri);
-    }
-
-    private function clash ($user, $server) {
-      $proxy = [];
-      $proxyGroup = [];
-      $proxies = [];
-      foreach ($server as $item) {
-        $array = [];
-        $array['name'] = $item->name;
-        $array['type'] = 'vmess';
-        $array['server'] = $item->host;
-        $array['port'] = $item->port;
-        $array['uuid'] = $user->v2ray_uuid;
-        $array['alterId'] = $user->v2ray_alter_id;
-        $array['cipher'] = 'auto';
-        if ($item->tls) {
-          $array['tls'] = true;
-        }
-        if ($item->network == 'ws') {
-          $array['network'] = $item->network;
-          if ($item->settings) {
-            $wsSettings = json_decode($item->settings);
-            if ($wsSettings->path) $array['ws-path'] = $wsSettings->path;
-            if ($wsSettings->headers->Host) $array['ws-headers'] = [
-              'Host' => $wsSettings->headers->Host
-            ];
-          }
-        }
-        array_push($proxy, $array);
-        array_push($proxies, $item->name);
-      }
-      array_push($proxyGroup, [
-        'name' => config('v2board.app_name', 'V2Board'),
-        'type' => 'select',
-        'proxies' => $proxies
-      ]);
-      
-      $config = [
-        'port' => 7890,
-        'socks-port' => 0,
-        'allow-lan' => false,
-        'mode' => 'Rule',
-        'log-level' => 'info',
-        'external-controller' => '0.0.0.0:9090',
-        'secret' => '',
-        'Proxy' => $proxy,
-        'Proxy Group' => $proxyGroup,
-        'Rule' => [
-          'DOMAIN-SUFFIX,google.com,'.config('v2board.app_name', 'V2Board'),
-          'DOMAIN-KEYWORD,google,'.config('v2board.app_name', 'V2Board'),
-          'DOMAIN,google.com,'.config('v2board.app_name', 'V2Board'),
-          'DOMAIN-SUFFIX,ad.com,REJECT',
-          'IP-CIDR,127.0.0.0/8,DIRECT',
-          'GEOIP,CN,DIRECT',
-          'MATCH,'.config('v2board.app_name', 'V2Board')
-        ]
-      ];
-      return Yaml::dump($config);
-    }
-}
--- a/app/Http/Controllers/Guest/CommController.php
+++ b/app/Http/Controllers/Guest/CommController.php
@ -0,0 +1,18 @@
+<?php
+
+namespace App\Http\Controllers\Guest;
+
+use App\Utils\Dict;
+use App\Http\Controllers\Controller;
+
+class CommController extends Controller
+{
+    public function config()
+    {
+        return response([
+            'data' => [
+                'tos_url' => config('v2board.tos_url')
+            ]
+        ]);
+    }
+}
--- a/app/Http/Controllers/Guest/OrderController.php
+++ b/app/Http/Controllers/Guest/OrderController.php
@ -1,104 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Guest;
-
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\Order;
-use Omnipay\Omnipay;
-use Illuminate\Support\Facades\Log;
-use Illuminate\Support\Facades\Redis;
-
-class OrderController extends Controller
-{
-    public function alipayNotify (Request $request) {
-        Log::info('alipayNotifyData: ' . json_encode($_POST));
-        $gateway = Omnipay::create('Alipay_AopF2F');
-        $gateway->setSignType('RSA2'); //RSA/RSA2
-        $gateway->setAppId(config('v2board.alipay_appid'));
-        $gateway->setPrivateKey(config('v2board.alipay_privkey')); // 可以是路径，也可以是密钥内容
-        $gateway->setAlipayPublicKey(config('v2board.alipay_pubkey')); // 可以是路径，也可以是密钥内容
-        $request = $gateway->completePurchase();
-        $request->setParams($_POST); //Optional
-        try {
-            /** @var \Omnipay\Alipay\Responses\AopCompletePurchaseResponse $response */
-            $response = $request->send();
-            
-            if($response->isPaid()){
-                $order = Order::where('trade_no', $_POST['out_trade_no'])->first();
-                if (!$order) {
-                    abort(500, 'fail');
-                }
-                if ($order->status == 1) {
-                    die('success');
-                }
-                $order->status = 1;
-                $order->callback_no = $_POST['trade_no'];
-                if (!$order->save()) {
-                    abort(500, 'fail');
-                }
-                /**
-                 * Payment is successful
-                 */
-                die('success'); //The response should be 'success' only
-            }else{
-                /**
-                 * Payment is not successful
-                 */
-                die('fail');
-            }
-        } catch (Exception $e) {
-            /**
-             * Payment is not successful
-             */
-            die('fail');
-        }
-    }
-
-    public function stripeNotify (Request $request) {
-        Log::info('stripeNotifyData: ' . json_encode($request->input()));
-
-        \Stripe\Stripe::setApiKey(config('v2board.stripe_sk_live'));
-        try {
-            $event = \Stripe\Webhook::constructEvent(
-                file_get_contents('php://input'),
-                $_SERVER['HTTP_STRIPE_SIGNATURE'],
-                config('v2board.stripe_webhook_key')
-            );
-        } catch (\Stripe\Error\SignatureVerification $e) {
-            abort(400);
-        }
-        switch ($event->type) {
-            case 'source.chargeable':
-                $source = $event->data->object;
-                $charge = \Stripe\Charge::create([
-                    'amount' => $source['amount'],
-                    'currency' => $source['currency'],
-                    'source' => $source['id'],
-                ]);
-                if ($charge['status'] == 'succeeded') {
-                    $trade_no = Redis::get($source['id']);
-                    if (!$trade_no) {
-                        abort(500, 'redis is not found trade no by stripe source id.');
-                    }
-                    $order = Order::where('trade_no', $trade_no)->first();
-                    if (!$order) {
-                        abort(500, 'order is not found');
-                    }
-                    if ($order->status !== 0) {
-                        die('order is paid');
-                    }
-                    $order->status = 1;
-                    $order->callback_no = $source['id'];
-                    if (!$order->save()) {
-                        abort(500, 'fail');
-                    }
-                    Redis::del($source['id']);
-                    die('success');
-                }
-                break;
-            default:
-                abort(500, 'event is not support');
-        }
-    }
-}
--- a/app/Http/Controllers/Guest/PaymentController.php
+++ b/app/Http/Controllers/Guest/PaymentController.php
@ -0,0 +1,49 @@
+<?php
+
+namespace App\Http\Controllers\Guest;
+
+use App\Models\Order;
+use App\Services\OrderService;
+use App\Services\PaymentService;
+use App\Services\TelegramService;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+
+class PaymentController extends Controller
+{
+    public function notify($method, $uuid, Request $request)
+    {
+        try {
+            $paymentService = new PaymentService($method, null, $uuid);
+            $verify = $paymentService->notify($request->input());
+            if (!$verify) abort(500, 'verify error');
+            if (!$this->handle($verify['trade_no'], $verify['callback_no'])) {
+                abort(500, 'handle error');
+            }
+            die('success');
+        } catch (\Exception $e) {
+            abort(500, 'fail');
+        }
+    }
+
+    private function handle($tradeNo, $callbackNo)
+    {
+        $order = Order::where('trade_no', $tradeNo)->first();
+        if (!$order) {
+            abort(500, 'order is not found');
+        }
+        if ($order->status === 1) return true;
+        $orderService = new OrderService($order);
+        if (!$orderService->success($callbackNo)) {
+            return false;
+        }
+        $telegramService = new TelegramService();
+        $message = sprintf(
+            "💰成功收款%s元\n———————————————\n订单号：%s",
+            $order->total_amount / 100,
+            $order->trade_no
+        );
+        $telegramService->sendMessageWithAdmin($message);
+        return true;
+    }
+}
--- a/app/Http/Controllers/Guest/PlanController.php
+++ b/app/Http/Controllers/Guest/PlanController.php
@ -8,7 +8,8 @@ use App\Models\Plan;

 class PlanController extends Controller
 {
-    public function fetch (Request $request) {
+    public function fetch(Request $request)
+    {
        $plan = Plan::where('show', 1)->get();
        return response([
            'data' => $plan
--- a/app/Http/Controllers/Guest/TelegramController.php
+++ b/app/Http/Controllers/Guest/TelegramController.php
@ -0,0 +1,199 @@
+<?php
+
+namespace App\Http\Controllers\Guest;
+
+use App\Services\TelegramService;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Utils\Helper;
+use App\Services\TicketService;
+
+class TelegramController extends Controller
+{
+    protected $msg;
+
+    public function __construct(Request $request)
+    {
+        if ($request->input('access_token') !== md5(config('v2board.telegram_bot_token'))) {
+            abort(500, 'authentication failed');
+        }
+    }
+
+    public function webhook(Request $request)
+    {
+        $this->msg = $this->getMessage($request->input());
+        if (!$this->msg) return;
+        try {
+            switch($this->msg->message_type) {
+                case 'send':
+                    $this->fromSend();
+                    break;
+                case 'reply':
+                    $this->fromReply();
+                    break;
+            }
+        } catch (\Exception $e) {
+            $telegramService = new TelegramService();
+            $telegramService->sendMessage($this->msg->chat_id, $e->getMessage());
+        }
+    }
+
+    private function fromSend()
+    {
+        switch($this->msg->command) {
+            case '/bind': $this->bind();
+                break;
+            case '/traffic': $this->traffic();
+                break;
+            case '/getlatesturl': $this->getLatestUrl();
+                break;
+            case '/unbind': $this->unbind();
+                break;
+            default: $this->help();
+        }
+    }
+
+    private function fromReply()
+    {
+        // ticket
+        if (preg_match("/[#](.*)/", $this->msg->reply_text, $match)) {
+            $this->replayTicket($match[1]);
+        }
+    }
+
+    private function getMessage(array $data)
+    {
+        if (!isset($data['message'])) return false;
+        $obj = new \StdClass();
+        $obj->is_private = $data['message']['chat']['type'] === 'private' ? true : false;
+        if (!isset($data['message']['text'])) return false;
+        $text = explode(' ', $data['message']['text']);
+        $obj->command = $text[0];
+        $obj->args = array_slice($text, 1);
+        $obj->chat_id = $data['message']['chat']['id'];
+        $obj->message_id = $data['message']['message_id'];
+        $obj->message_type = !isset($data['message']['reply_to_message']['text']) ? 'send' : 'reply';
+        $obj->text = $data['message']['text'];
+        if ($obj->message_type === 'reply') {
+            $obj->reply_text = $data['message']['reply_to_message']['text'];
+        }
+        return $obj;
+    }
+
+    private function bind()
+    {
+        $msg = $this->msg;
+        if (!$msg->is_private) return;
+        if (!isset($msg->args[0])) {
+            abort(500, '参数有误，请携带订阅地址发送');
+        }
+        $subscribeUrl = $msg->args[0];
+        $subscribeUrl = parse_url($subscribeUrl);
+        parse_str($subscribeUrl['query'], $query);
+        $token = $query['token'];
+        if (!$token) {
+            abort(500, '订阅地址无效');
+        }
+        $user = User::where('token', $token)->first();
+        if (!$user) {
+            abort(500, '用户不存在');
+        }
+        if ($user->telegram_id) {
+            abort(500, '该账号已经绑定了Telegram账号');
+        }
+        $user->telegram_id = $msg->chat_id;
+        if (!$user->save()) {
+            abort(500, '设置失败');
+        }
+        $telegramService = new TelegramService();
+        $telegramService->sendMessage($msg->chat_id, '绑定成功');
+    }
+
+    private function unbind()
+    {
+        $msg = $this->msg;
+        if (!$msg->is_private) return;
+        $user = User::where('telegram_id', $msg->chat_id)->first();
+        $telegramService = new TelegramService();
+        if (!$user) {
+            $this->help();
+            $telegramService->sendMessage($msg->chat_id, '没有查询到您的用户信息，请先绑定账号', 'markdown');
+            return;
+        }
+        $user->telegram_id = NULL;
+        if (!$user->save()) {
+            abort(500, '解绑失败');
+        }
+        $telegramService->sendMessage($msg->chat_id, '解绑成功', 'markdown');
+    }
+
+    private function help()
+    {
+        $msg = $this->msg;
+        if (!$msg->is_private) return;
+        $telegramService = new TelegramService();
+        $commands = [
+            '/bind 订阅地址 - 绑定你的' . config('v2board.app_name', 'V2Board') . '账号',
+            '/traffic - 查询流量信息',
+            '/getlatesturl - 获取最新的' . config('v2board.app_name', 'V2Board') . '网址',
+            '/unbind - 解除绑定'
+        ];
+        $text = implode(PHP_EOL, $commands);
+        $telegramService->sendMessage($msg->chat_id, "你可以使用以下命令进行操作：\n\n$text", 'markdown');
+    }
+
+    private function traffic()
+    {
+        $msg = $this->msg;
+        if (!$msg->is_private) return;
+        $user = User::where('telegram_id', $msg->chat_id)->first();
+        $telegramService = new TelegramService();
+        if (!$user) {
+            $this->help();
+            $telegramService->sendMessage($msg->chat_id, '没有查询到您的用户信息，请先绑定账号', 'markdown');
+            return;
+        }
+        $transferEnable = Helper::trafficConvert($user->transfer_enable);
+        $up = Helper::trafficConvert($user->u);
+        $down = Helper::trafficConvert($user->d);
+        $remaining = Helper::trafficConvert($user->transfer_enable - ($user->u + $user->d));
+        $text = "🚥流量查询\n———————————————\n计划流量：`{$transferEnable}`\n已用上行：`{$up}`\n已用下行：`{$down}`\n剩余流量：`{$remaining}`";
+        $telegramService->sendMessage($msg->chat_id, $text, 'markdown');
+    }
+
+    private function getLatestUrl()
+    {
+        $msg = $this->msg;
+        $user = User::where('telegram_id', $msg->chat_id)->first();
+        $telegramService = new TelegramService();
+        $text = sprintf(
+            "%s的最新网址是：%s",
+            config('v2board.app_name', 'V2Board'),
+            config('v2board.app_url')
+        );
+        $telegramService->sendMessage($msg->chat_id, $text, 'markdown');
+    }
+
+    private function replayTicket($ticketId)
+    {
+        $msg = $this->msg;
+        if (!$msg->is_private) return;
+        $user = User::where('telegram_id', $msg->chat_id)->first();
+        if (!$user) {
+            abort(500, '用户不存在');
+        }
+        $ticketService = new TicketService();
+        if ($user->is_admin || $user->is_staff) {
+            $ticketService->replyByAdmin(
+                $ticketId,
+                $msg->text,
+                $user->id
+            );
+        }
+        $telegramService = new TelegramService();
+        $telegramService->sendMessage($msg->chat_id, "#`{$ticketId}` 的工单已回复成功", 'markdown');
+    }
+
+
+}
--- a/app/Http/Controllers/NoticeController.php
+++ b/app/Http/Controllers/NoticeController.php
@ -1,17 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\Notice;
-use App\Utils\Helper;
-
-class NoticeController extends Controller
-{
-    public function fetch (Request $request) {
-        return response([
-            'data' => Notice::orderBy('created_at', 'DESC')->first()
-        ]);
-    }
-}
--- a/app/Http/Controllers/OrderController.php
+++ b/app/Http/Controllers/OrderController.php
@ -1,265 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use App\Http\Requests\OrderSave;
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use Illuminate\Support\Facades\Redis;
-use App\Models\Order;
-use App\Models\Plan;
-use App\Models\User;
-use App\Utils\Helper;
-use Omnipay\Omnipay;
-use Stripe\Stripe;
-use Stripe\Source;
-
-class OrderController extends Controller
-{
-    public function fetch (Request $request) {
-        $order = Order::where('user_id', $request->session()->get('id'))
-            ->orderBy('created_at', 'DESC')
-            ->get();
-        $plan = Plan::get();
-        for($i = 0; $i < count($order); $i++) {
-            for($x = 0; $x < count($plan); $x++) {
-                if ($order[$i]['plan_id'] === $plan[$x]['id']) {
-                    $order[$i]['plan'] = $plan[$x];
-                }
-            }
-        }
-        return response([
-            'data' => $order
-        ]);
-    }
-    
-    public function details (Request $request) {
-        $order = Order::where('user_id', $request->session()->get('id'))
-            ->where('trade_no', $request->input('trade_no'))
-            ->first();
-        if (!$order) {
-            abort(500, '订单不存在');
-        }
-        $order['plan'] = Plan::find($order->plan_id);
-        $order['update_fee'] = config('v2board.plan_update_fee', 0.5);
-        if (!$order['plan']) {
-            abort(500, '订阅不存在');
-        }
-        return response([
-            'data' => $order
-        ]);
-    }
-    
-    public function save (OrderSave $request) {
-        $plan = Plan::find($request->input('plan_id'));
-        $user = User::find($request->session()->get('id'));
-        
-        if (!$plan) {
-            abort(500, '该订阅不存在');
-        }
-        
-        if (!($plan->show || $user->plan_id == $plan->id)) {
-            abort(500, '该订阅已售罄');
-        }
-
-        if (!$plan->show && !$plan->renew) {
-            abort(500, '该订阅无法续费，请更换其他订阅');
-        }
-
-        if (!(int)$plan[$request->input('cycle')]) {
-            abort(500, '该订阅周期无法进行购买，请选择其他周期');
-        }
-        
-        $order = new Order();
-        $order->user_id = $request->session()->get('id');
-        $order->plan_id = $plan->id;
-        $order->cycle = $request->input('cycle');
-        $order->trade_no = Helper::guid();
-        $order->total_amount = $plan[$request->input('cycle')];
-        if ($user->expired_at > time() && $order->plan_id !== $user->plan_id) {
-            $order->type = 3;
-            if (!(int)config('v2board.plan_is_update', 1)) abort(500, '目前不允许更改订阅，请联系管理员');
-            $order->total_amount = $order->total_amount + (ceil(($user->expired_at - time()) / 86400) * config('v2board.plan_update_fee', 0.5) * 100);
-        } else if ($user->expired_at > time() && $order->plan_id == $user->plan_id) {
-            $order->type = 2;
-        } else {
-            $order->type = 1;
-        }
-        if ($user->invite_user_id) {
-            $order->invite_user_id = $user->invite_user_id;
-            $inviter = User::find($user->invite_user_id);
-            if ($inviter && $inviter->commission_rate) {
-                $order->commission_balance = $order->total_amount * ($inviter->commission_rate / 100);
-            } else {
-                $order->commission_balance = $order->total_amount * (config('v2board.invite_commission', 10) / 100);
-            }
-        }
-        if (!$order->save()) {
-            abort(500, '订单创建失败');
-        }
-        
-        return response([
-            'data' => $order->trade_no
-        ]);
-    }
-
-    public function checkout (Request $request) {
-        $tradeNo = $request->input('trade_no');
-        $method = $request->input('method');
-        $order = Order::where('trade_no', $tradeNo)
-            ->where('user_id', $request->session()->get('id'))
-            ->where('status', 0)
-            ->first();
-        if (!$order) {
-            abort(500, '订单不存在或以支付');
-        }
-        switch ($method) {
-            // return type => 0: QRCode / 1: URL
-            case 0:
-                // alipayF2F
-                if (!(int)config('v2board.alipay_enable')) {
-                    abort(500, '支付方式不可用');
-                }
-                return response([
-                    'type' => 0,
-                    'data' => $this->alipayF2F($tradeNo, $order->total_amount)
-                ]);
-            case 2:
-                // stripeAlipay
-                if (!(int)config('v2board.stripe_alipay_enable')) {
-                    abort(500, '支付方式不可用');
-                }
-                return response([
-                    'type' => 1,
-                    'data' => $this->stripeAlipay($order)
-                ]);
-            case 3:
-                // stripeWepay
-                if (!(int)config('v2board.stripe_wepay_enable')) {
-                    abort(500, '支付方式不可用');
-                }
-                return response([
-                    'type' => 0,
-                    'data' => $this->stripeWepay($order)
-                ]);
-            default:
-                abort(500, '支付方式不存在');
-        }
-    }
-
-    public function check (Request $request) {
-        $tradeNo = $request->input('trade_no');
-        $order = Order::where('trade_no', $tradeNo)
-            ->where('user_id', $request->session()->get('id'))
-            ->first();
-        if (!$order) {
-            abort(500, '订单不存在');
-        }
-        return response([
-            'data' => $order->status
-        ]);
-    }
-
-    public function getPaymentMethod () {
-        $data = [];
-        if ((int)config('v2board.alipay_enable')) {
-            $alipayF2F = new \StdClass();
-            $alipayF2F->name = '支付宝';
-            $alipayF2F->method = 0;
-            $alipayF2F->icon = 'alipay';
-            array_push($data, $alipayF2F);
-        }
-
-        if ((int)config('v2board.stripe_alipay_enable')) {
-            $stripeAlipay = new \StdClass();
-            $stripeAlipay->name = '支付宝';
-            $stripeAlipay->method = 2;
-            $stripeAlipay->icon = 'alipay';
-            array_push($data, $stripeAlipay);
-        }
-
-        if ((int)config('v2board.stripe_wepay_enable')) {
-            $stripeWepay = new \StdClass();
-            $stripeWepay->name = '微信';
-            $stripeWepay->method = 3;
-            $stripeWepay->icon = 'wechat';
-            array_push($data, $stripeWepay);
-        }
-
-        return response([
-            'data' => $data
-        ]);
-    }
-
-    private function alipayF2F ($tradeNo, $totalAmount) {
-        $gateway = Omnipay::create('Alipay_AopF2F');
-        $gateway->setSignType('RSA2'); //RSA/RSA2
-        $gateway->setAppId(config('v2board.alipay_appid'));
-        $gateway->setPrivateKey(config('v2board.alipay_privkey')); // 可以是路径，也可以是密钥内容
-        $gateway->setAlipayPublicKey(config('v2board.alipay_pubkey')); // 可以是路径，也可以是密钥内容
-        $gateway->setNotifyUrl(url('/api/v1/guest/order/alipayNotify'));
-        $request = $gateway->purchase();
-        $request->setBizContent([
-            'subject'      => config('v2board.app_name', 'V2Board') . ' - 订阅',
-            'out_trade_no' => $tradeNo,
-            'total_amount' => $totalAmount / 100
-        ]);
-        /** @var \Omnipay\Alipay\Responses\AopTradePreCreateResponse $response */
-        $response = $request->send();
-        $result = $response->getAlipayResponse();
-        if ($result['code'] !== '10000') {
-        	abort(500, $result['sub_msg']);
-        }
-        // 获取收款二维码内容
-        return $response->getQrCode();
-    }
-
-    private function stripeAlipay ($order) {
-        $exchange = Helper::exchange('CNY', 'HKD');
-        if (!$exchange) {
-            abort(500, '货币转换超时，请稍后再试');
-        }
-        Stripe::setApiKey(config('v2board.stripe_sk_live'));
-        $source = Source::create([
-            'amount' => floor($order->total_amount * $exchange),
-            'currency' => 'hkd',
-            'type' => 'alipay',
-            'redirect' => [
-                'return_url' => config('v2board.app_url', env('APP_URL')) . '/#/order'
-            ]
-        ]);
-        if (!$source['redirect']['url']) {
-            abort(500, '支付网关请求失败');
-        }
-        
-        if (!Redis::set($source['id'], $order->trade_no)) {
-            abort(500, '订单创建失败');
-        }
-        Redis::expire($source['id'], 3600);
-        return $source['redirect']['url'];
-    }
-
-    private function stripeWepay ($order) {
-        $exchange = Helper::exchange('CNY', 'HKD');
-        if (!$exchange) {
-            abort(500, '货币转换超时，请稍后再试');
-        }
-        Stripe::setApiKey(config('v2board.stripe_sk_live'));
-        $source = Source::create([
-            'amount' => floor($order->total_amount * $exchange),
-            'currency' => 'hkd',
-            'type' => 'wechat',
-            'redirect' => [
-                'return_url' => config('v2board.app_url', env('APP_URL')) . '/#/order'
-            ]
-        ]);
-        if (!$source['wechat']['qr_code_url']) {
-            abort(500, '支付网关请求失败');
-        }
-        if (!Redis::set($source['id'], $order->trade_no)) {
-            abort(500, '订单创建失败');
-        }
-        Redis::expire($source['id'], 3600);
-        return $source['wechat']['qr_code_url'];
-    }
-}
--- a/app/Http/Controllers/Passport/AuthController.php
+++ b/app/Http/Controllers/Passport/AuthController.php
@ -0,0 +1,261 @@
+<?php
+
+namespace App\Http\Controllers\Passport;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Passport\AuthRegister;
+use App\Http\Requests\Passport\AuthForget;
+use App\Http\Requests\Passport\AuthLogin;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Cache;
+use App\Models\Plan;
+use App\Models\User;
+use App\Models\InviteCode;
+use App\Utils\Helper;
+use App\Utils\Dict;
+use App\Utils\CacheKey;
+use ReCaptcha\ReCaptcha;
+
+class AuthController extends Controller
+{
+    public function register(AuthRegister $request)
+    {
+        if ((int)config('v2board.recaptcha_enable', 0)) {
+            $recaptcha = new ReCaptcha(config('v2board.recaptcha_key'));
+            $recaptchaResp = $recaptcha->verify($request->input('recaptcha_data'));
+            if (!$recaptchaResp->isSuccess()) {
+                abort(500, '验证码有误');
+            }
+        }
+        if ((int)config('v2board.email_whitelist_enable', 0)) {
+            if (!Helper::emailSuffixVerify(
+                $request->input('email'),
+                config('v2board.email_whitelist_suffix', Dict::EMAIL_WHITELIST_SUFFIX_DEFAULT))
+            ) {
+                abort(500, '邮箱后缀不处于白名单中');
+            }
+        }
+        if ((int)config('v2board.email_gmail_limit_enable', 0)) {
+            $prefix = explode('@', $request->input('email'))[0];
+            if (strpos($prefix, '.') !== false || strpos($prefix, '+') !== false) {
+                abort(500, '不支持Gmail别名邮箱');
+            }
+        }
+        if ((int)config('v2board.stop_register', 0)) {
+            abort(500, '本站已关闭注册');
+        }
+        if ((int)config('v2board.invite_force', 0)) {
+            if (empty($request->input('invite_code'))) {
+                abort(500, '必须使用邀请码才可以注册');
+            }
+        }
+        if ((int)config('v2board.email_verify', 0)) {
+            if (empty($request->input('email_code'))) {
+                abort(500, '邮箱验证码不能为空');
+            }
+            if (Cache::get(CacheKey::get('EMAIL_VERIFY_CODE', $request->input('email'))) !== $request->input('email_code')) {
+                abort(500, '邮箱验证码有误');
+            }
+        }
+        $email = $request->input('email');
+        $password = $request->input('password');
+        $exist = User::where('email', $email)->first();
+        if ($exist) {
+            abort(500, '邮箱已存在系统中');
+        }
+        $user = new User();
+        $user->email = $email;
+        $user->password = password_hash($password, PASSWORD_DEFAULT);
+        $user->uuid = Helper::guid(true);
+        $user->token = Helper::guid();
+        if ($request->input('invite_code')) {
+            $inviteCode = InviteCode::where('code', $request->input('invite_code'))
+                ->where('status', 0)
+                ->first();
+            if (!$inviteCode) {
+                if ((int)config('v2board.invite_force', 0)) {
+                    abort(500, '邀请码无效');
+                }
+            } else {
+                $user->invite_user_id = $inviteCode->user_id ? $inviteCode->user_id : null;
+                if (!(int)config('v2board.invite_never_expire', 0)) {
+                    $inviteCode->status = 1;
+                    $inviteCode->save();
+                }
+            }
+        }
+
+        // try out
+        if ((int)config('v2board.try_out_plan_id', 0)) {
+            $plan = Plan::find(config('v2board.try_out_plan_id'));
+            if ($plan) {
+                $user->transfer_enable = $plan->transfer_enable * 1073741824;
+                $user->plan_id = $plan->id;
+                $user->group_id = $plan->group_id;
+                $user->expired_at = time() + (config('v2board.try_out_hour', 1) * 3600);
+            }
+        }
+
+        if (!$user->save()) {
+            abort(500, '注册失败');
+        }
+        if ((int)config('v2board.email_verify', 0)) {
+            Cache::forget(CacheKey::get('EMAIL_VERIFY_CODE', $request->input('email')));
+        }
+        $request->session()->put('email', $user->email);
+        $request->session()->put('id', $user->id);
+        return response()->json([
+            'data' => true
+        ]);
+    }
+
+    public function login(AuthLogin $request)
+    {
+        $email = $request->input('email');
+        $password = $request->input('password');
+
+        $user = User::where('email', $email)->first();
+        if (!$user) {
+            abort(500, '用户名或密码错误');
+        }
+        if (!Helper::multiPasswordVerify(
+            $user->password_algo,
+            $password,
+            $user->password)
+        ) {
+            abort(500, '用户名或密码错误');
+        }
+
+        if ($user->banned) {
+            abort(500, '该账户已被停止使用');
+        }
+
+        $data = [
+            'token' => $user->token,
+            'auth_data' => base64_encode("{$user->email}:{$user->password}")
+        ];
+        $request->session()->put('email', $user->email);
+        $request->session()->put('id', $user->id);
+        if ($user->is_admin) {
+            $request->session()->put('is_admin', true);
+            $data['is_admin'] = true;
+        }
+        if ($user->is_staff) {
+            $request->session()->put('is_staff', true);
+            $data['is_staff'] = true;
+        }
+        return response([
+            'data' => $data
+        ]);
+    }
+
+    public function token2Login(Request $request)
+    {
+        if ($request->input('token')) {
+            $redirect = '/#/login?verify=' . $request->input('token') . '&redirect=' . ($request->input('redirect') ? $request->input('redirect') : 'dashboard');
+            if (config('v2board.app_url')) {
+                $location = config('v2board.app_url') . $redirect;
+            } else {
+                $location = url($redirect);
+            }
+            return redirect()->to($location)->send();
+        }
+
+        if ($request->input('verify')) {
+            $key =  CacheKey::get('TEMP_TOKEN', $request->input('verify'));
+            $userId = Cache::get($key);
+            if (!$userId) {
+                abort(500, '令牌有误');
+            }
+            $user = User::find($userId);
+            if (!$user) {
+                abort(500, '用户不存在');
+            }
+            if ($user->banned) {
+                abort(500, '该账户已被停止使用');
+            }
+            $request->session()->put('email', $user->email);
+            $request->session()->put('id', $user->id);
+            if ($user->is_admin) {
+                $request->session()->put('is_admin', true);
+            }
+            Cache::forget($key);
+            return response([
+                'data' => true
+            ]);
+        }
+    }
+
+    public function getTempToken(Request $request)
+    {
+        $user = User::where('token', $request->input('token'))->first();
+        if (!$user) {
+            abort(500, '令牌有误');
+        }
+
+        $code = Helper::guid();
+        $key = CacheKey::get('TEMP_TOKEN', $code);
+        Cache::put($key, $user->id, 60);
+        return response([
+            'data' => $code
+        ]);
+    }
+
+    public function getQuickLoginUrl(Request $request)
+    {
+        $authData = explode(':', base64_decode($request->input('auth_data')));
+        $user = User::where('email', $authData[0])
+            ->where('password', $authData[1])
+            ->first();
+        if (!$user) {
+            abort(500, '令牌有误');
+        }
+
+        $code = Helper::guid();
+        $key = CacheKey::get('TEMP_TOKEN', $code);
+        Cache::put($key, $user->id, 60);
+        $redirect = '/#/login?verify=' . $code . '&redirect=' . ($request->input('redirect') ? $request->input('redirect') : 'dashboard');
+        if (config('v2board.app_url')) {
+            $url = config('v2board.app_url') . $redirect;
+        } else {
+            $url = url($redirect);
+        }
+        return response([
+            'data' => $url
+        ]);
+    }
+
+    public function check(Request $request)
+    {
+        $data = [
+            'is_login' => $request->session()->get('id') ? true : false
+        ];
+        if ($request->session()->get('is_admin')) {
+            $data['is_admin'] = true;
+        }
+        return response([
+            'data' => $data
+        ]);
+    }
+
+    public function forget(AuthForget $request)
+    {
+        if (Cache::get(CacheKey::get('EMAIL_VERIFY_CODE', $request->input('email'))) !== $request->input('email_code')) {
+            abort(500, '邮箱验证码有误');
+        }
+        $user = User::where('email', $request->input('email'))->first();
+        if (!$user) {
+            abort(500, '该邮箱不存在系统中');
+        }
+        $user->password = password_hash($request->input('password'), PASSWORD_DEFAULT);
+        $user->password_algo = NULL;
+        if (!$user->save()) {
+            abort(500, '重置失败');
+        }
+        Cache::forget(CacheKey::get('EMAIL_VERIFY_CODE', $request->input('email')));
+        return response([
+            'data' => true
+        ]);
+    }
+
+}
--- a/app/Http/Controllers/Passport/CommController.php
+++ b/app/Http/Controllers/Passport/CommController.php
@ -7,52 +7,93 @@ use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use Illuminate\Http\Exceptions\HttpResponseException;
 use Illuminate\Support\Facades\Mail;
-use Illuminate\Support\Facades\Redis;
+use App\Utils\Helper;
+use Illuminate\Support\Facades\Cache;
+use App\Jobs\SendEmailJob;
+use App\Models\InviteCode;
+use App\Utils\Dict;
+use App\Utils\CacheKey;
+use ReCaptcha\ReCaptcha;

 class CommController extends Controller
 {
-    public function config () {
+    public function config()
+    {
        return response([
            'data' => [
                'isEmailVerify' => (int)config('v2board.email_verify', 0) ? 1 : 0,
-                'isInviteForce' => (int)config('v2board.invite_force', 0) ? 1 : 0
+                'isInviteForce' => (int)config('v2board.invite_force', 0) ? 1 : 0,
+                'emailWhitelistSuffix' => (int)config('v2board.email_whitelist_enable', 0)
+                    ? $this->getEmailSuffix()
+                    : 0,
+                'isRecaptcha' => (int)config('v2board.recaptcha_enable', 0) ? 1 : 0,
+                'recaptchaSiteKey' => config('v2board.recaptcha_site_key'),
+                'appDescription' => config('v2board.app_description'),
+                'appUrl' => config('v2board.app_url')
            ]
        ]);
    }

-    private function isEmailVerify () {
+    private function isEmailVerify()
+    {
        return response([
            'data' => (int)config('v2board.email_verify', 0) ? 1 : 0
        ]);
    }

-    public function sendEmailVerify (CommSendEmailVerify $request) {
+    public function sendEmailVerify(CommSendEmailVerify $request)
+    {
+        if ((int)config('v2board.recaptcha_enable', 0)) {
+            $recaptcha = new ReCaptcha(config('v2board.recaptcha_key'));
+            $recaptchaResp = $recaptcha->verify($request->input('recaptcha_data'));
+            if (!$recaptchaResp->isSuccess()) {
+                abort(500, '验证码有误');
+            }
+        }
        $email = $request->input('email');
-        $redisKey = 'sendEmailVerify:' . $email;
-        if (Redis::get($redisKey)) {
-            abort(500, '验证码已发送，请过一会在请求');
+        if (Cache::get(CacheKey::get('LAST_SEND_EMAIL_VERIFY_TIMESTAMP', $email))) {
+            abort(500, '验证码已发送，请过一会再请求');
        }
        $code = rand(100000, 999999);
        $subject = config('v2board.app_name', 'V2Board') . '邮箱验证码';
-        Mail::send(
-            'mail.sendEmailVerify', 
-            [
-                'code' => $code,
-                'name' => config('v2board.app_name', 'V2Board')
-            ],
-            function ($message) use($email, $subject) { 
-                $message->to($email)->subject($subject); 
-            }
-        );
-        if (count(Mail::failures()) >= 1) {
-            // 发送失败
-            abort(500, '发送失败');
-        }

-        Redis::set($redisKey, $code);
-        Redis::expire($redisKey, 600);
+        SendEmailJob::dispatch([
+            'email' => $email,
+            'subject' => $subject,
+            'template_name' => 'verify',
+            'template_value' => [
+                'name' => config('v2board.app_name', 'V2Board'),
+                'code' => $code,
+                'url' => config('v2board.app_url')
+            ]
+        ]);
+
+        Cache::put(CacheKey::get('EMAIL_VERIFY_CODE', $email), $code, 300);
+        Cache::put(CacheKey::get('LAST_SEND_EMAIL_VERIFY_TIMESTAMP', $email), time(), 60);
        return response([
            'data' => true
        ]);
    }
+
+    public function pv(Request $request)
+    {
+        $inviteCode = InviteCode::where('code', $request->input('invite_code'))->first();
+        if ($inviteCode) {
+            $inviteCode->pv = $inviteCode->pv + 1;
+            $inviteCode->save();
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    private function getEmailSuffix()
+    {
+        $suffix = config('v2board.email_whitelist_suffix', Dict::EMAIL_WHITELIST_SUFFIX_DEFAULT);
+        if (!is_array($suffix)) {
+            return preg_split('/,/', $suffix);
+        }
+        return $suffix;
+    }
 }
--- a/app/Http/Controllers/Passport/ForgetController.php
+++ b/app/Http/Controllers/Passport/ForgetController.php
@ -1,29 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Passport;
-
-use App\Http\Requests\Passport\ForgetIndex;
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\User;
-use Illuminate\Support\Facades\Mail;
-use Illuminate\Support\Facades\Redis;
-
-class ForgetController extends Controller
-{
-    public function index (ForgetIndex $request) {
-        $redisKey = 'sendEmailVerify:' . $request->input('email');
-        if (Redis::get($redisKey) !== $request->input('email_code')) {
-            abort(500, '邮箱验证码有误');
-        }
-        $user = User::where('email', $request->input('email'))->first();
-        $user->password = password_hash($request->input('password'), PASSWORD_DEFAULT);
-        if (!$user->save()) {
-            abort(500, '重置失败');
-        }
-        Redis::del($redisKey);
-        return response([
-            'data' => true
-        ]);
-    }
-}
--- a/app/Http/Controllers/Passport/LoginController.php
+++ b/app/Http/Controllers/Passport/LoginController.php
@ -1,57 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Passport;
-
-use Illuminate\Http\Request;
-use App\Http\Requests\Passport\LoginIndex;
-use App\Http\Controllers\Controller;
-use App\Models\User;
-
-class LoginController extends Controller
-{
-    public function index (LoginIndex $request) {
-        $email = $request->input('email');
-        $password = $request->input('password');
-        
-        $user = User::where('email', $email)->first();
-        if (!$user) {
-            abort(500, '用户名或密码错误');
-        }
-        if (!password_verify($password, $user->password)) {
-            abort(500, '用户名或密码错误');
-        }
-        
-        $request->session()->put('email', $user->email);
-        $request->session()->put('id', $user->id);
-        if ($user->is_admin) {
-            $request->session()->put('is_admin', true);
-        }
-        return response([
-            'data' => [
-                'is_admin' => $user->is_admin ? 2 : 1,
-                'token' => $user->token
-            ]
-        ]);
-    }
-
-    public function token2Login (Request $request) {
-        if (empty($request->input('token'))) {
-            abort(500, '参数错误');
-        }
-        $redirect = $request->input('redirect') ? $request->input('redirect') : 'dashboard';
-        $user = User::where('token', $request->input('token'))->first();
-        if ($user) {
-            $request->session()->put('email', $user->email);
-            $request->session()->put('id', $user->id);
-            if ($user->is_admin) {
-                $request->session()->put('is_admin', true);
-            }
-        }
-        if (config('v2board.app_url')) {
-            $location = config('v2board.app_url') . '/#/' . $redirect;
-        } else {
-            $location = url('/#/' . $redirect);
-        }
-        header('Location:' . $location);
-    }
-}
--- a/app/Http/Controllers/Passport/RegisterController.php
+++ b/app/Http/Controllers/Passport/RegisterController.php
@ -1,73 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Passport;
-
-use App\Http\Requests\Passport\RegisterIndex;
-use App\Http\Requests\Passport\RegisterSendEmailVerify;
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\User;
-use Illuminate\Http\Exceptions\HttpResponseException;
-use Illuminate\Support\Facades\Redis;
-use App\Utils\Helper;
-use App\Models\InviteCode;
-
-class RegisterController extends Controller
-{
-    public function index (RegisterIndex $request) {
-        if ((int)config('v2board.stop_register', 0)) {
-            abort(500, '本站已关闭注册');
-        }
-        if ((int)config('v2board.invite_force', 0)) {
-            if (empty($request->input('invite_code'))) {
-                abort(500, '必须使用邀请码才可以注册');
-            }
-        }
-        if ((int)config('v2board.email_verify', 0)) {
-            $redisKey = 'sendEmailVerify:' . $request->input('email');
-            if (empty($request->input('email_code'))) {
-                abort(500, '邮箱验证码不能为空');
-            }
-            if (Redis::get($redisKey) !== $request->input('email_code')) {
-                abort(500, '邮箱验证码有误');
-            }
-        }
-        $email = $request->input('email');
-        $password = $request->input('password');
-        $exist = User::where('email', $email)->first();
-        if ($exist) {
-            abort(500, '邮箱已存在系统中');
-        }
-        $user = new User();
-        $user->email = $email;
-        $user->password = password_hash($password, PASSWORD_DEFAULT);
-        $user->v2ray_uuid = Helper::guid(true);
-        $user->token = Helper::guid();
-        if ($request->input('invite_code')) {
-            $inviteCode = InviteCode::where('code', $request->input('invite_code'))
-                ->where('status', 0)
-                ->first();
-            if (!$inviteCode) {
-                if ((int)config('v2board.invite_force', 0)) {
-                    abort(500, '邀请码无效');
-                }
-            } else {
-                $user->invite_user_id = $inviteCode->user_id ? $inviteCode->user_id : null;
-                if (!(int)config('v2board.invite_never_expire', env('V2BOARD_INVITE_NEVER_EXPIRE'))) {
-                    $inviteCode->status = 1;
-                    $inviteCode->save();
-                }
-            }
-        }
-
-        if (!$user->save()) {
-            abort(500, '注册失败');
-        }
-        if ((int)config('v2board.email_verify', 0)) {
-            Redis::del($redisKey);
-        }
-        return response()->json([
-            'data' => true
-        ]);
-    }
-}
--- a/app/Http/Controllers/PlanController.php
+++ b/app/Http/Controllers/PlanController.php
@ -1,23 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\Plan;
-
-class PlanController extends Controller
-{
-    public function fetch (Request $request) {
-        if (empty($request->input('plan_id'))) {
-            abort(500, '参数错误');
-        }
-        $plan = Plan::find($request->input('plan_id'));
-        if (!$plan) {
-            abort(500, '该订阅不存在');
-        }
-        return response([
-            'data' => $plan
-        ]);
-    }
-}
--- a/app/Http/Controllers/Server/Controller.php
+++ b/app/Http/Controllers/Server/Controller.php
@ -1,18 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Server;
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller as BaseController;
-
-class Controller extends BaseController
-{
-    public function __construct(Request $request) {
-        $token = $request->input('token');
-        if (empty($token)) {
-            abort(500, 'token is null');
-        }
-        if ($token !== config('v2board.server_token')) {
-            abort(500, 'token is error');
-        }
-    }
-}
--- a/app/Http/Controllers/Server/DeepbworkController.php
+++ b/app/Http/Controllers/Server/DeepbworkController.php
@ -2,51 +2,56 @@

 namespace App\Http\Controllers\Server;

+use App\Services\ServerService;
+use App\Services\UserService;
+use App\Utils\CacheKey;
 use Illuminate\Http\Request;
-use App\Http\Controllers\Server\Controller;
+use App\Http\Controllers\Controller;
 use App\Models\User;
-use App\Models\Plan;
 use App\Models\Server;
 use App\Models\ServerLog;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Log;
-use Illuminate\Support\Facades\Redis;
+use Illuminate\Support\Facades\Cache;

+/*
+ * V2ray Aurora
+ * Github: https://github.com/tokumeikoi/aurora
+ */
 class DeepbworkController extends Controller
 {
-    CONST SERVER_CONFIG = '{"api":{"services":["HandlerService","StatsService"],"tag":"api"},"stats":{},"inbound":{"port":443,"protocol":"vmess","settings":{"clients":[]},"streamSettings":{"network":"tcp"},"tag":"proxy"},"inboundDetour":[{"listen":"0.0.0.0","port":23333,"protocol":"dokodemo-door","settings":{"address":"0.0.0.0"},"tag":"api"}],"log":{"loglevel":"debug","access":"access.log","error":"error.log"},"outbound":{"protocol":"freedom","settings":{}},"routing":{"settings":{"rules":[{"inboundTag":["api"],"outboundTag":"api","type":"field"}]},"strategy":"rules"},"policy":{"levels":{"0":{"handshake":4,"connIdle":300,"uplinkOnly":5,"downlinkOnly":30,"statsUserUplink":true,"statsUserDownlink":true}}}}';
+    public function __construct(Request $request)
+    {
+        $token = $request->input('token');
+        if (empty($token)) {
+            abort(500, 'token is null');
+        }
+        if ($token !== config('v2board.server_token')) {
+            abort(500, 'token is error');
+        }
+    }
+
    // 后端获取用户
-    public function user (Request $request) {
+    public function user(Request $request)
+    {
        $nodeId = $request->input('node_id');
        $server = Server::find($nodeId);
        if (!$server) {
            abort(500, 'fail');
        }
-        Redis::set('server_last_check_at_' . $server->id, time());
-        $users = User::whereIn('group_id', json_decode($server->group_id))
-            ->select([
-                'id',
-                'email',
-                't',
-                'u',
-                'd',
-                'transfer_enable',
-                'enable',
-                'v2ray_uuid',
-                'v2ray_alter_id',
-                'v2ray_level'
-            ])
-            ->get();
+        Cache::put(CacheKey::get('SERVER_V2RAY_LAST_CHECK_AT', $server->id), time(), 3600);
+        $serverService = new ServerService();
+        $users = $serverService->getAvailableUsers(json_decode($server->group_id));
        $result = [];
        foreach ($users as $user) {
            $user->v2ray_user = [
-                "uuid" => $user->v2ray_uuid,
-                "email" => sprintf("%s@v2panel.user", $user->v2ray_uuid),
-                "alter_id" => $user->v2ray_alter_id,
-                "level" => $user->v2ray_level,
+                "uuid" => $user->uuid,
+                "email" => sprintf("%s@v2board.user", $user->uuid),
+                "alter_id" => $server->alter_id,
+                "level" => 0,
            ];
-            unset($user['v2ray_uuid']);
-            unset($user['v2ray_alter_id']);
-            unset($user['v2ray_level']);
+            unset($user['uuid']);
+            unset($user['email']);
            array_push($result, $user);
        }
        return response([
@ -56,76 +61,58 @@ class DeepbworkController extends Controller
    }

    // 后端提交数据
-    public function submit (Request $request) {
-		Log::info('serverSubmitData:' . $request->input('node_id') . ':' . file_get_contents('php://input'));
+    public function submit(Request $request)
+    {
+//         Log::info('serverSubmitData:' . $request->input('node_id') . ':' . file_get_contents('php://input'));
        $server = Server::find($request->input('node_id'));
        if (!$server) {
-        	return response([
-        		'ret' => 1,
-        		'msg' => 'ok'
-        	]);
+            return response([
+                'ret' => 0,
+                'msg' => 'server is not found'
+            ]);
        }
        $data = file_get_contents('php://input');
        $data = json_decode($data, true);
-        foreach ($data as $item) {
-        	$u = $item['u'] * $server->rate;
-			$d = $item['d'] * $server->rate;
-			$user = User::find($item['user_id']);
-			$user->t = time();
-			$user->u = $user->u + $u;
-			$user->d = $user->d + $d;
-            $user->save();
-            
-            $serverLog = new ServerLog();
-            $serverLog->user_id = $item['user_id'];
-            $serverLog->server_id = $request->input('node_id');
-            $serverLog->u = $item['u'];
-            $serverLog->d = $item['d'];
-            $serverLog->rate = $server->rate;
-            $serverLog->save();
+        Cache::put(CacheKey::get('SERVER_V2RAY_ONLINE_USER', $server->id), count($data), 3600);
+        Cache::put(CacheKey::get('SERVER_V2RAY_LAST_PUSH_AT', $server->id), time(), 3600);
+        $userService = new UserService();
+        DB::beginTransaction();
+        try {
+            foreach ($data as $item) {
+                $u = $item['u'] * $server->rate;
+                $d = $item['d'] * $server->rate;
+                if (!$userService->trafficFetch($u, $d, $item['user_id'], $server, 'vmess')) {
+                    continue;
+                }
+            }
+        } catch (\Exception $e) {
+            DB::rollBack();
+            return response([
+                'ret' => 0,
+                'msg' => 'user fetch fail'
+            ]);
        }
+        DB::commit();

-    	return response([
-    		'ret' => 1,
-    		'msg' => 'ok'
-    	]);
+        return response([
+            'ret' => 1,
+            'msg' => 'ok'
+        ]);
    }

    // 后端获取配置
-    public function config (Request $request) {
+    public function config(Request $request)
+    {
        $nodeId = $request->input('node_id');
        $localPort = $request->input('local_port');
        if (empty($nodeId) || empty($localPort)) {
-            abort(1000, '参数错误');
+            abort(500, '参数错误');
        }
-        $server = Server::find($nodeId);
-        if (!$server) {
-            abort(1001, '节点不存在');
-        }
-        $json = json_decode(self::SERVER_CONFIG);
-        $json->inboundDetour[0]->port = (int)$localPort;
-        $json->inbound->port = (int)$server->server_port;
-        $json->inbound->streamSettings->network = $server->network;
-        if ($server->settings) {
-            switch ($server->network) {
-                case 'tcp': $json->inbound->streamSettings->tcpSettings = json_decode($server->settings);
-                    break;
-                case 'kcp': $json->inbound->streamSettings->kcpSettings = json_decode($server->settings);
-                    break;
-                case 'ws': $json->inbound->streamSettings->wsSettings = json_decode($server->settings);
-                    break;
-                case 'http': $json->inbound->streamSettings->httpSettings = json_decode($server->settings);
-                    break;
-                case 'domainsocket': $json->inbound->streamSettings->dsSettings = json_decode($server->settings);
-                    break;
-                case 'quic': $json->inbound->streamSettings->quicSettings = json_decode($server->settings);
-                    break;
-            }
-        }
-        if ((int)$server->tls) {
-            $json->inbound->streamSettings->security = "tls";
-            $tls = (object) array("certificateFile" => "/home/v2ray.crt", "keyFile" => "/home/v2ray.key");
-            $json->inbound->streamSettings->tlsSettings->certificates[0] = $tls;
+        $serverService = new ServerService();
+        try {
+            $json = $serverService->getV2RayConfig($nodeId, $localPort);
+        } catch (\Exception $e) {
+            abort(500, $e->getMessage());
        }

        die(json_encode($json, JSON_UNESCAPED_UNICODE));
--- a/app/Http/Controllers/Server/PoseidonController.php
+++ b/app/Http/Controllers/Server/PoseidonController.php
@ -0,0 +1,158 @@
+<?php
+
+namespace App\Http\Controllers\Server;
+
+use App\Services\ServerService;
+use App\Services\UserService;
+use App\Utils\CacheKey;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Models\Plan;
+use App\Models\Server;
+use App\Models\ServerLog;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Cache;
+
+/*
+ * V2ray Poseidon
+ * Github: https://github.com/ColetteContreras/trojan-poseidon
+ */
+class PoseidonController extends Controller
+{
+    public $poseidonVersion;
+
+    public function __construct(Request $request)
+    {
+        $this->poseidonVersion = $request->input('poseidon_version');
+    }
+
+    // 后端获取用户
+    public function user(Request $request)
+    {
+        if ($r = $this->verifyToken($request)) { return $r; }
+
+        $nodeId = $request->input('node_id');
+        $server = Server::find($nodeId);
+        if (!$server) {
+            return $this->error("server could not be found", 404);
+        }
+        Cache::put(CacheKey::get('SERVER_V2RAY_LAST_CHECK_AT', $server->id), time(), 3600);
+        $serverService = new ServerService();
+        $users = $serverService->getAvailableUsers(json_decode($server->group_id));
+        $result = [];
+        foreach ($users as $user) {
+            $user->v2ray_user = [
+                "uuid" => $user->uuid,
+                "email" => sprintf("%s@v2board.user", $user->uuid),
+                "alter_id" => $server->alter_id,
+                "level" => 0,
+            ];
+            unset($user['uuid']);
+            unset($user['email']);
+            array_push($result, $user);
+        }
+
+        return $this->success($result);
+    }
+
+    // 后端提交数据
+    public function submit(Request $request)
+    {
+        if ($r = $this->verifyToken($request)) { return $r; }
+        $server = Server::find($request->input('node_id'));
+        if (!$server) {
+            return $this->error("server could not be found", 404);
+        }
+        $data = file_get_contents('php://input');
+        $data = json_decode($data, true);
+        Cache::put(CacheKey::get('SERVER_V2RAY_ONLINE_USER', $server->id), count($data), 3600);
+        Cache::put(CacheKey::get('SERVER_V2RAY_LAST_PUSH_AT', $server->id), time(), 3600);
+        $userService = new UserService();
+        foreach ($data as $item) {
+            $u = $item['u'] * $server->rate;
+            $d = $item['d'] * $server->rate;
+            if (!$userService->trafficFetch($u, $d, $item['user_id'], $server, 'vmess')) {
+                return $this->error("user fetch fail", 500);
+            }
+        }
+
+        return $this->success('');
+    }
+
+    // 后端获取配置
+    public function config(Request $request)
+    {
+        if ($r = $this->verifyToken($request)) { return $r; }
+
+        $nodeId = $request->input('node_id');
+        $localPort = $request->input('local_port');
+        if (empty($nodeId) || empty($localPort)) {
+            return $this->error('invalid parameters', 400);
+        }
+
+        $serverService = new ServerService();
+        try {
+            $json = $serverService->getV2RayConfig($nodeId, $localPort);
+            $json->poseidon = [
+              'license_key' => (string)config('v2board.server_license'),
+            ];
+            if ($this->poseidonVersion >= 'v1.5.0') {
+                // don't need it after v1.5.0
+                unset($json->inboundDetour);
+                unset($json->stats);
+                unset($json->api);
+                array_shift($json->routing->rules);
+            }
+
+            foreach($json->policy->levels as &$level) {
+                $level->handshake = 2;
+                $level->uplinkOnly = 2;
+                $level->downlinkOnly = 2;
+                $level->connIdle = 60;
+            }
+
+            return $this->success($json);
+        } catch (\Exception $e) {
+            return $this->error($e->getMessage(), 500);
+        }
+    }
+
+    protected function verifyToken(Request $request)
+    {
+        $token = $request->input('token');
+        if (empty($token)) {
+            return $this->error("token must be set");
+        }
+        if ($token !== config('v2board.server_token')) {
+            return $this->error("invalid token");
+        }
+    }
+
+    protected function error($msg, int $status = 400) {
+        return response([
+            'msg' => $msg,
+        ], $status);
+    }
+
+    protected function success($data) {
+         $req = request();
+        // Only for "GET" method
+        if (!$req->isMethod('GET') || !$data) {
+            return response([
+                'msg' => 'ok',
+                'data' => $data,
+            ]);
+        }
+
+        $etag = sha1(json_encode($data));
+        if ($etag == $req->header("IF-NONE-MATCH")) {
+            return response(null, 304);
+        }
+
+        return response([
+            'msg' => 'ok',
+            'data' => $data,
+        ])->header('ETAG', $etag);
+    }
+}
--- a/app/Http/Controllers/Server/ShadowsocksTidalabController.php
+++ b/app/Http/Controllers/Server/ShadowsocksTidalabController.php
@ -0,0 +1,98 @@
+<?php
+
+namespace App\Http\Controllers\Server;
+
+use App\Models\ServerShadowsocks;
+use App\Services\ServerService;
+use App\Services\UserService;
+use App\Utils\CacheKey;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Models\ServerLog;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Cache;
+
+/*
+ * Tidal Lab Shadowsocks
+ * Github: https://github.com/tokumeikoi/tidalab-ss
+ */
+class ShadowsocksTidalabController extends Controller
+{
+    public function __construct(Request $request)
+    {
+        $token = $request->input('token');
+        if (empty($token)) {
+            abort(500, 'token is null');
+        }
+        if ($token !== config('v2board.server_token')) {
+            abort(500, 'token is error');
+        }
+    }
+
+    // 后端获取用户
+    public function user(Request $request)
+    {
+        $nodeId = $request->input('node_id');
+        $server = ServerShadowsocks::find($nodeId);
+        if (!$server) {
+            abort(500, 'fail');
+        }
+        Cache::put(CacheKey::get('SERVER_SHADOWSOCKS_LAST_CHECK_AT', $server->id), time(), 3600);
+        $serverService = new ServerService();
+        $users = $serverService->getAvailableUsers(json_decode($server->group_id));
+        $result = [];
+        foreach ($users as $user) {
+            array_push($result, [
+                'id' => $user->id,
+                'port' => $server->server_port,
+                'cipher' => $server->cipher,
+                'secret' => $user->uuid
+            ]);
+        }
+        return response([
+            'data' => $result
+        ]);
+    }
+
+    // 后端提交数据
+    public function submit(Request $request)
+    {
+//         Log::info('serverSubmitData:' . $request->input('node_id') . ':' . file_get_contents('php://input'));
+        $server = ServerShadowsocks::find($request->input('node_id'));
+        if (!$server) {
+            return response([
+                'ret' => 0,
+                'msg' => 'server is not found'
+            ]);
+        }
+        $data = file_get_contents('php://input');
+        $data = json_decode($data, true);
+        Cache::put(CacheKey::get('SERVER_SHADOWSOCKS_ONLINE_USER', $server->id), count($data), 3600);
+        Cache::put(CacheKey::get('SERVER_SHADOWSOCKS_LAST_PUSH_AT', $server->id), time(), 3600);
+        $userService = new UserService();
+        DB::beginTransaction();
+        try {
+            foreach ($data as $item) {
+                $u = $item['u'] * $server->rate;
+                $d = $item['d'] * $server->rate;
+                if (!$userService->trafficFetch((float)$u, (float)$d, (int)$item['user_id'], $server, 'shadowsocks')) {
+                    continue;
+                }
+            }
+        } catch (\Exception $e) {
+            DB::rollBack();
+            return response([
+                'ret' => 0,
+                'msg' => 'user fetch fail'
+            ]);
+        }
+        DB::commit();
+
+        return response([
+            'ret' => 1,
+            'msg' => 'ok'
+        ]);
+    }
+}
--- a/app/Http/Controllers/Server/TrojanTidalabController.php
+++ b/app/Http/Controllers/Server/TrojanTidalabController.php
@ -0,0 +1,117 @@
+<?php
+
+namespace App\Http\Controllers\Server;
+
+use App\Services\ServerService;
+use App\Services\UserService;
+use App\Utils\CacheKey;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Models\ServerTrojan;
+use App\Models\ServerLog;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Cache;
+
+/*
+ * Tidal Lab Trojan
+ * Github: https://github.com/tokumeikoi/tidalab-trojan
+ */
+class TrojanTidalabController extends Controller
+{
+    public function __construct(Request $request)
+    {
+        $token = $request->input('token');
+        if (empty($token)) {
+            abort(500, 'token is null');
+        }
+        if ($token !== config('v2board.server_token')) {
+            abort(500, 'token is error');
+        }
+    }
+
+    // 后端获取用户
+    public function user(Request $request)
+    {
+        $nodeId = $request->input('node_id');
+        $server = ServerTrojan::find($nodeId);
+        if (!$server) {
+            abort(500, 'fail');
+        }
+        Cache::put(CacheKey::get('SERVER_TROJAN_LAST_CHECK_AT', $server->id), time(), 3600);
+        $serverService = new ServerService();
+        $users = $serverService->getAvailableUsers(json_decode($server->group_id));
+        $result = [];
+        foreach ($users as $user) {
+            $user->trojan_user = [
+                "password" => $user->uuid,
+            ];
+            unset($user['uuid']);
+            unset($user['email']);
+            array_push($result, $user);
+        }
+        return response([
+            'msg' => 'ok',
+            'data' => $result,
+        ]);
+    }
+
+    // 后端提交数据
+    public function submit(Request $request)
+    {
+        // Log::info('serverSubmitData:' . $request->input('node_id') . ':' . file_get_contents('php://input'));
+        $server = ServerTrojan::find($request->input('node_id'));
+        if (!$server) {
+            return response([
+                'ret' => 0,
+                'msg' => 'server is not found'
+            ]);
+        }
+        $data = file_get_contents('php://input');
+        $data = json_decode($data, true);
+        Cache::put(CacheKey::get('SERVER_TROJAN_ONLINE_USER', $server->id), count($data), 3600);
+        Cache::put(CacheKey::get('SERVER_TROJAN_LAST_PUSH_AT', $server->id), time(), 3600);
+        $userService = new UserService();
+        DB::beginTransaction();
+        try {
+            foreach ($data as $item) {
+                $u = $item['u'] * $server->rate;
+                $d = $item['d'] * $server->rate;
+                if (!$userService->trafficFetch($u, $d, $item['user_id'], $server, 'trojan')) {
+                    continue;
+                }
+            }
+        } catch (\Exception $e) {
+            DB::rollBack();
+            return response([
+                'ret' => 0,
+                'msg' => 'user fetch fail'
+            ]);
+        }
+        DB::commit();
+
+        return response([
+            'ret' => 1,
+            'msg' => 'ok'
+        ]);
+    }
+
+    // 后端获取配置
+    public function config(Request $request)
+    {
+        $nodeId = $request->input('node_id');
+        $localPort = $request->input('local_port');
+        if (empty($nodeId) || empty($localPort)) {
+            abort(500, '参数错误');
+        }
+        $serverService = new ServerService();
+        try {
+            $json = $serverService->getTrojanConfig($nodeId, $localPort);
+        } catch (\Exception $e) {
+            abort(500, $e->getMessage());
+        }
+
+        die(json_encode($json, JSON_UNESCAPED_UNICODE));
+    }
+}
--- a/app/Http/Controllers/ServerController.php
+++ b/app/Http/Controllers/ServerController.php
@ -1,64 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Redis;
-use App\Http\Controllers\Controller;
-use App\Models\Server;
-use App\Models\ServerLog;
-use App\Models\User;
-
-use App\Utils\Helper;
-
-class ServerController extends Controller {
-    public function fetch (Request $request) {
-        $user = User::find($request->session()->get('id'));
-        $server = [];
-        if ($user->expired_at > time()) {
-            $servers = Server::where('show', 1)
-                ->orderBy('name')
-                ->get();
-            foreach ($servers as $item) {
-                $groupId = json_decode($item['group_id']);
-                if (in_array($user->group_id, $groupId)) {
-                    array_push($server, $item);
-                }
-            }
-        }
-        for ($i = 0; $i < count($server); $i++) {
-            $server[$i]['link'] = Helper::buildVmessLink($server[$i], $user);
-            $server[$i]['last_check_at'] = Redis::get('server_last_check_at_' . $server[$i]['id']);
-        }
-        return response([
-            'data' => $server
-        ]);
-    }
-
-    public function logFetch (Request $request) {
-    	$type = $request->input('type') ? $request->input('type') : 0;
-        $current = $request->input('current') ? $request->input('current') : 1;
-        $pageSize = $request->input('pageSize') >= 10 ? $request->input('pageSize') : 10;
-        $serverLogModel = ServerLog::where('user_id', $request->session()->get('id'))
-            ->orderBy('created_at', 'DESC');
-    	switch ($type) {
-    		case 0: $serverLogModel->where('created_at', '>=', strtotime(date('Y-m-d')));
-    			break;
-    		case 1: $serverLogModel->where('created_at', '>=', strtotime(date('Y-m-d')) - 604800);
-    			break;
-    		case 2: $serverLogModel->where('created_at', '>=', strtotime(date('Y-m-1')));
-    	}
-    	$sum = [
-    		'u' => $serverLogModel->sum('u'),
-    		'd' => $serverLogModel->sum('d')
-    	];
-        $total = $serverLogModel->count();
-        $res = $serverLogModel->forPage($current, $pageSize)
-            ->get();
-        return response([
-            'data' => $res,
-            'total' => $total,
-            'sum' => $sum
-        ]);
-    }
-}
--- a/app/Http/Controllers/Staff/NoticeController.php
+++ b/app/Http/Controllers/Staff/NoticeController.php
@ -0,0 +1,59 @@
+<?php
+
+namespace App\Http\Controllers\Staff;
+
+use App\Http\Requests\Admin\NoticeSave;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Notice;
+use Illuminate\Support\Facades\Cache;
+
+class NoticeController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        return response([
+            'data' => Notice::orderBy('id', 'DESC')->get()
+        ]);
+    }
+
+    public function save(NoticeSave $request)
+    {
+        $data = $request->only([
+            'title',
+            'content',
+            'img_url'
+        ]);
+        if (!$request->input('id')) {
+            if (!Notice::create($data)) {
+                abort(500, '保存失败');
+            }
+        } else {
+            try {
+                Notice::find($request->input('id'))->update($data);
+            } catch (\Exception $e) {
+                abort(500, '保存失败');
+            }
+        }
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function drop(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, '参数错误');
+        }
+        $notice = Notice::find($request->input('id'));
+        if (!$notice) {
+            abort(500, '公告不存在');
+        }
+        if (!$notice->delete()) {
+            abort(500, '删除失败');
+        }
+        return response([
+            'data' => true
+        ]);
+    }
+}
--- a/app/Http/Controllers/Staff/PlanController.php
+++ b/app/Http/Controllers/Staff/PlanController.php
@ -0,0 +1,41 @@
+<?php
+
+namespace App\Http\Controllers\Staff;
+
+use App\Http\Requests\Admin\PlanSave;
+use App\Http\Requests\Admin\PlanSort;
+use App\Http\Requests\Admin\PlanUpdate;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Plan;
+use App\Models\Order;
+use App\Models\User;
+use Illuminate\Support\Facades\DB;
+
+class PlanController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        $counts = User::select(
+            DB::raw("plan_id"),
+            DB::raw("count(*) as count")
+        )
+            ->where('plan_id', '!=', NULL)
+            ->where(function ($query) {
+                $query->where('expired_at', '>=', time())
+                    ->orWhere('expired_at', NULL);
+            })
+            ->groupBy("plan_id")
+            ->get();
+        $plans = Plan::orderBy('sort', 'ASC')->get();
+        foreach ($plans as $k => $v) {
+            $plans[$k]->count = 0;
+            foreach ($counts as $kk => $vv) {
+                if ($plans[$k]->id === $counts[$kk]->plan_id) $plans[$k]->count = $counts[$kk]->count;
+            }
+        }
+        return response([
+            'data' => $plans
+        ]);
+    }
+}
--- a/app/Http/Controllers/Staff/TicketController.php
+++ b/app/Http/Controllers/Staff/TicketController.php
@ -0,0 +1,92 @@
+<?php
+
+namespace App\Http\Controllers\Staff;
+
+use App\Services\TicketService;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Ticket;
+use App\Models\TicketMessage;
+
+class TicketController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        if ($request->input('id')) {
+            $ticket = Ticket::where('id', $request->input('id'))
+                ->first();
+            if (!$ticket) {
+                abort(500, '工单不存在');
+            }
+            $ticket['message'] = TicketMessage::where('ticket_id', $ticket->id)->get();
+            for ($i = 0; $i < count($ticket['message']); $i++) {
+                if ($ticket['message'][$i]['user_id'] !== $ticket->user_id) {
+                    $ticket['message'][$i]['is_me'] = true;
+                } else {
+                    $ticket['message'][$i]['is_me'] = false;
+                }
+            }
+            return response([
+                'data' => $ticket
+            ]);
+        }
+        $current = $request->input('current') ? $request->input('current') : 1;
+        $pageSize = $request->input('pageSize') >= 10 ? $request->input('pageSize') : 10;
+        $model = Ticket::orderBy('created_at', 'DESC');
+        if ($request->input('status') !== NULL) {
+            $model->where('status', $request->input('status'));
+        }
+        $total = $model->count();
+        $res = $model->forPage($current, $pageSize)
+            ->get();
+        for ($i = 0; $i < count($res); $i++) {
+            if ($res[$i]['last_reply_user_id'] == $request->session()->get('id')) {
+                $res[$i]['reply_status'] = 0;
+            } else {
+                $res[$i]['reply_status'] = 1;
+            }
+        }
+        return response([
+            'data' => $res,
+            'total' => $total
+        ]);
+    }
+
+    public function reply(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, '参数错误');
+        }
+        if (empty($request->input('message'))) {
+            abort(500, '消息不能为空');
+        }
+        $ticketService = new TicketService();
+        $ticketService->replyByAdmin(
+            $request->input('id'),
+            $request->input('message'),
+            $request->session()->get('id')
+        );
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function close(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, '参数错误');
+        }
+        $ticket = Ticket::where('id', $request->input('id'))
+            ->first();
+        if (!$ticket) {
+            abort(500, '工单不存在');
+        }
+        $ticket->status = 1;
+        if (!$ticket->save()) {
+            abort(500, '关闭失败');
+        }
+        return response([
+            'data' => true
+        ]);
+    }
+}
--- a/app/Http/Controllers/Staff/UserController.php
+++ b/app/Http/Controllers/Staff/UserController.php
@ -0,0 +1,107 @@
+<?php
+
+namespace App\Http\Controllers\Staff;
+
+use App\Http\Requests\Admin\UserSendMail;
+use App\Http\Requests\Staff\UserUpdate;
+use App\Jobs\SendEmailJob;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Models\Plan;
+
+class UserController extends Controller
+{
+    public function getUserInfoById(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, '参数错误');
+        }
+        $user = User::where('is_admin', 0)
+            ->where('id', $request->input('id'))
+            ->where('is_staff', 0)
+            ->first();
+        if (!$user) abort(500, '用户不存在');
+        return response([
+            'data' => $user
+        ]);
+    }
+
+    public function update(UserUpdate $request)
+    {
+        $params = $request->validated();
+        $user = User::find($request->input('id'));
+        if (!$user) {
+            abort(500, '用户不存在');
+        }
+        if (User::where('email', $params['email'])->first() && $user->email !== $params['email']) {
+            abort(500, '邮箱已被使用');
+        }
+        if (isset($params['password'])) {
+            $params['password'] = password_hash($params['password'], PASSWORD_DEFAULT);
+            $params['password_algo'] = NULL;
+        } else {
+            unset($params['password']);
+        }
+        if (isset($params['plan_id'])) {
+            $plan = Plan::find($params['plan_id']);
+            if (!$plan) {
+                abort(500, '订阅计划不存在');
+            }
+            $params['group_id'] = $plan->group_id;
+        }
+
+        try {
+            $user->update($params);
+        } catch (\Exception $e) {
+            abort(500, '保存失败');
+        }
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function sendMail(UserSendMail $request)
+    {
+        $sortType = in_array($request->input('sort_type'), ['ASC', 'DESC']) ? $request->input('sort_type') : 'DESC';
+        $sort = $request->input('sort') ? $request->input('sort') : 'created_at';
+        $builder = User::orderBy($sort, $sortType);
+        $this->filter($request, $builder);
+        $users = $builder->get();
+        foreach ($users as $user) {
+            SendEmailJob::dispatch([
+                'email' => $user->email,
+                'subject' => $request->input('subject'),
+                'template_name' => 'notify',
+                'template_value' => [
+                    'name' => config('v2board.app_name', 'V2Board'),
+                    'url' => config('v2board.app_url'),
+                    'content' => $request->input('content')
+                ]
+            ]);
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function ban(Request $request)
+    {
+        $sortType = in_array($request->input('sort_type'), ['ASC', 'DESC']) ? $request->input('sort_type') : 'DESC';
+        $sort = $request->input('sort') ? $request->input('sort') : 'created_at';
+        $builder = User::orderBy($sort, $sortType);
+        $this->filter($request, $builder);
+        try {
+            $builder->update([
+                'banned' => 1
+            ]);
+        } catch (\Exception $e) {
+            abort(500, '处理失败');
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+}
--- a/app/Http/Controllers/TicketController.php
+++ b/app/Http/Controllers/TicketController.php
@ -1,139 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use App\Http\Requests\TicketSave;
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\Ticket;
-use App\Models\TicketMessage;
-use App\Utils\Helper;
-use Illuminate\Support\Facades\DB;
-
-class TicketController extends Controller
-{
-    public function fetch (Request $request) {
-        if ($request->input('id')) {
-            $ticket = Ticket::where('id', $request->input('id'))
-                ->where('user_id', $request->session()->get('id'))
-                ->first();
-            if (!$ticket) {
-                abort(500, '工单不存在');
-            }
-            $ticket['message'] = TicketMessage::where('ticket_id', $ticket->id)->get();
-            for ($i = 0; $i < count($ticket['message']); $i++) {
-                if ($ticket['message'][$i]['user_id'] == $ticket->user_id) {
-                    $ticket['message'][$i]['is_me'] = true;
-                } else {
-                    $ticket['message'][$i]['is_me'] = false;
-                }
-            }
-            return response([
-                'data' => $ticket
-            ]);
-        }
-        $ticket = Ticket::where('user_id', $request->session()->get('id'))
-            ->orderBy('created_at', 'DESC')
-            ->get();
-        for ($i = 0; $i < count($ticket); $i++) {
-            if ($ticket[$i]['last_reply_user_id'] == $request->session()->get('id')) {
-                $ticket[$i]['reply_status'] = 0;
-            } else {
-                $ticket[$i]['reply_status'] = 1;
-            }
-        }
-        return response([
-            'data' => $ticket
-        ]);
-    }
-
-    public function save (TicketSave $request) {
-        DB::beginTransaction();
-        $ticket = Ticket::create(array_merge($request->only([
-            'subject',
-            'level'
-        ]), [
-            'user_id' => $request->session()->get('id'),
-            'last_reply_user_id' => $request->session()->get('id')
-        ]));
-        if (!$ticket) {
-            DB::rollback();
-            abort(500, '工单创建失败');
-        }
-        $ticketMessage = TicketMessage::create([
-            'user_id' => $request->session()->get('id'),
-            'ticket_id' => $ticket->id,
-            'message' => $request->input('message')
-        ]);
-        if (!$ticketMessage) {
-            DB::rollback();
-            abort(500, '工单创建失败');
-        }
-        DB::commit();
-        return response([
-            'data' => true
-        ]);
-    }
-
-    public function reply (Request $request) {
-        if (empty($request->input('id'))) {
-            abort(500, '参数错误');
-        }
-        if (empty($request->input('message'))) {
-            abort(500, '消息不能为空');
-        }
-        $ticket = Ticket::where('id', $request->input('id'))
-            ->where('user_id', $request->session()->get('id'))
-            ->first();
-        if (!$ticket) {
-            abort(500, '工单不存在');
-        }
-        if ($ticket->status) {
-            abort(500, '工单已关闭，无法回复');
-        }
-        if ($request->session()->get('id') == $this->getLastMessage($ticket->id)->user_id) {
-            abort(500, '请等待技术支持回复');
-        }
-        DB::beginTransaction();
-        $ticketMessage = TicketMessage::create([
-            'user_id' => $request->session()->get('id'),
-            'ticket_id' => $ticket->id,
-            'message' => $request->input('message')
-        ]);
-        $ticket->last_reply_user_id = $request->session()->get('id');
-        if (!$ticketMessage || !$ticket->save()) {
-            DB::rollback();
-            abort(500, '工单回复失败');
-        }
-        DB::commit();
-        return response([
-            'data' => true
-        ]);
-    }
-
-
-    public function close (Request $request) {
-        if (empty($request->input('id'))) {
-            abort(500, '参数错误');
-        }
-        $ticket = Ticket::where('id', $request->input('id'))
-            ->where('user_id', $request->session()->get('id'))
-            ->first();
-        if (!$ticket) {
-            abort(500, '工单不存在');
-        }
-        $ticket->status = 1;
-        if (!$ticket->save()) {
-            abort(500, '关闭失败');
-        }
-        return response([
-            'data' => true
-        ]);
-    }
-
-    private function getLastMessage ($ticketId) {
-        return TicketMessage::where('ticket_id', $ticketId)
-            ->orderBy('id', 'DESC')
-            ->first();
-    }
-}
--- a/app/Http/Controllers/TutorialController.php
+++ b/app/Http/Controllers/TutorialController.php
@ -1,35 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\User;
-
-class TutorialController extends Controller
-{
-    public function getSubscribeUrl (Request $request) {
-        $user = User::find($request->session()->get('id'));
-        return response([
-            'data' => [
-                'subscribe_url' => config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL'))) . '/api/v1/client/subscribe?token=' . $user['token']
-            ]
-        ]);
-    }
-
-    public function getAppleID (Request $request) {
-        $user = User::find($request->session()->get('id'));
-        if ($user->expired_at < time()) {
-            return response([
-                'data' => [
-                ]
-            ]);
-        }
-        return response([
-            'data' => [
-                'apple_id' => config('v2board.apple_id'),
-                'apple_id_password' => config('v2board.apple_id_password')
-            ]
-        ]);
-    }
-}
--- a/app/Http/Controllers/User/CommController.php
+++ b/app/Http/Controllers/User/CommController.php
@ -0,0 +1,35 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Models\Payment;
+use App\Utils\Dict;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+
+class CommController extends Controller
+{
+    public function config()
+    {
+        return response([
+            'data' => [
+                'is_telegram' => (int)config('v2board.telegram_bot_enable', 0),
+                'stripe_pk' => config('v2board.stripe_pk_live'),
+                'withdraw_methods' => config('v2board.commission_withdraw_method', Dict::WITHDRAW_METHOD_WHITELIST_DEFAULT),
+                'withdraw_close' => (int)config('v2board.withdraw_close_enable', 0)
+            ]
+        ]);
+    }
+
+    public function getStripePublicKey(Request $request)
+    {
+        $payment = Payment::where('id', $request->input('id'))
+            ->where('payment', 'StripeCredit')
+            ->first();
+        if (!$payment) abort(500, 'payment is not found');
+        $config = json_decode($payment->config, true);
+        return response([
+            'data' => $config['stripe_pk_live']
+        ]);
+    }
+}
--- a/app/Http/Controllers/User/CouponController.php
+++ b/app/Http/Controllers/User/CouponController.php
@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+use App\Models\Coupon;
+
+class CouponController extends Controller
+{
+    public function check(Request $request)
+    {
+        if (empty($request->input('code'))) {
+            abort(500, __('user.coupon.check.coupon_not_empty'));
+        }
+        $coupon = Coupon::where('code', $request->input('code'))->first();
+        if (!$coupon) {
+            abort(500, __('user.coupon.check.coupon_invalid'));
+        }
+        if ($coupon->limit_use <= 0 && $coupon->limit_use !== NULL) {
+            abort(500, __('user.coupon.check.coupon_not_available_by_number'));
+        }
+        if (time() < $coupon->started_at) {
+            abort(500, __('user.coupon.check.coupon_not_available_by_time'));
+        }
+        if (time() > $coupon->ended_at) {
+            abort(500, __('user.coupon.check.coupon_expired'));
+        }
+        if ($coupon->limit_plan_ids) {
+            $limitPlanIds = json_decode($coupon->limit_plan_ids);
+            if (!in_array($request->input('plan_id'), $limitPlanIds)) {
+                abort(500, __('user.coupon.check.coupon_limit_plan'));
+            }
+        }
+        return response([
+            'data' => $coupon
+        ]);
+    }
+}
--- a/app/Http/Controllers/User/InviteController.php
+++ b/app/Http/Controllers/User/InviteController.php
@ -1,9 +1,9 @@
 <?php

-namespace App\Http\Controllers;
+namespace App\Http\Controllers\User;

-use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
 use App\Models\User;
 use App\Models\Order;
 use App\Models\InviteCode;
@ -11,9 +11,10 @@ use App\Utils\Helper;

 class InviteController extends Controller
 {
-    public function save (Request $request) {
+    public function save(Request $request)
+    {
        if (InviteCode::where('user_id', $request->session()->get('id'))->where('status', 0)->count() >= config('v2board.invite_gen_limit', 5)) {
-            abort(500, '已达到创建数量上限');
+            abort(500, __('user.invite.save.invite_create_limit'));
        }
        $inviteCode = new InviteCode();
        $inviteCode->user_id = $request->session()->get('id');
@ -23,9 +24,11 @@ class InviteController extends Controller
        ]);
    }

-    public function details (Request $request) {
+    public function details(Request $request)
+    {
        return response([
            'data' => Order::where('invite_user_id', $request->session()->get('id'))
+                ->where('commission_balance', '>', 0)
                ->where('status', 3)
                ->select([
                    'id',
@ -38,11 +41,12 @@ class InviteController extends Controller
        ]);
    }

-    public function fetch (Request $request) {
+    public function fetch(Request $request)
+    {
        $codes = InviteCode::where('user_id', $request->session()->get('id'))
            ->where('status', 0)
            ->get();
-        $commission_rate = config('v2board.invite_commission');
+        $commission_rate = config('v2board.invite_commission', 10);
        $user = User::find($request->session()->get('id'));
        if ($user->commission_rate) {
            $commission_rate = $user->commission_rate;
@ -52,7 +56,7 @@ class InviteController extends Controller
            (int)User::where('invite_user_id', $request->session()->get('id'))->count(),
            //有效的佣金
            (int)Order::where('status', 3)
-                ->where('commission_status', 1)
+                ->where('commission_status', 2)
                ->where('invite_user_id', $request->session()->get('id'))
                ->sum('commission_balance'),
            //确认中的佣金
@ -61,7 +65,9 @@ class InviteController extends Controller
                ->where('invite_user_id', $request->session()->get('id'))
                ->sum('commission_balance'),
            //佣金比例
-            (int)$commission_rate
+            (int)$commission_rate,
+            //可用佣金
+            (int)$user->commission_balance
        ];
        return response([
            'data' => [
--- a/app/Http/Controllers/User/KnowledgeController.php
+++ b/app/Http/Controllers/User/KnowledgeController.php
@ -0,0 +1,69 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Services\UserService;
+use Illuminate\Http\Request;
+use App\Models\Knowledge;
+
+class KnowledgeController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        if ($request->input('id')) {
+            $knowledge = Knowledge::where('id', $request->input('id'))
+                ->where('show', 1)
+                ->first()
+                ->toArray();
+            if (!$knowledge) abort(500, __('user.knowledge.fetch.knowledge_not_exist'));
+            $user = User::find($request->session()->get('id'));
+            $userService = new UserService();
+            if ($userService->isAvailable($user)) {
+                $appleId = config('v2board.apple_id');
+                $appleIdPassword = config('v2board.apple_id_password');
+            } else {
+                $appleId = __('user.knowledge.fetch.apple_id_must_be_plan');
+                $appleIdPassword = __('user.knowledge.fetch.apple_id_must_be_plan');
+                $this->formatAccessData($knowledge['body']);
+            }
+            $subscribeUrl = config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL'))) . '/api/v1/client/subscribe?token=' . $user['token'];
+            $knowledge['body'] = str_replace('{{siteName}}', config('v2board.app_name', 'V2Board'), $knowledge['body']);
+            $knowledge['body'] = str_replace('{{appleId}}', $appleId, $knowledge['body']);
+            $knowledge['body'] = str_replace('{{appleIdPassword}}', $appleIdPassword, $knowledge['body']);
+            $knowledge['body'] = str_replace('{{subscribeUrl}}', $subscribeUrl, $knowledge['body']);
+            $knowledge['body'] = str_replace('{{urlEncodeSubscribeUrl}}', urlencode($subscribeUrl), $knowledge['body']);
+            $knowledge['body'] = str_replace(
+                '{{safeBase64SubscribeUrl}}',
+                str_replace(
+                    array('+', '/', '='),
+                    array('-', '_', ''),
+                    base64_encode($subscribeUrl)
+                ),
+                $knowledge['body']
+            );
+            return response([
+                'data' => $knowledge
+            ]);
+        }
+        $knowledges = Knowledge::select(['id', 'category', 'title', 'updated_at'])
+            ->where('language', $request->input('language'))
+            ->where('show', 1)
+            ->orderBy('sort', 'ASC')
+            ->get()
+            ->groupBy('category');
+        return response([
+            'data' => $knowledges
+        ]);
+    }
+
+    private function formatAccessData(&$body)
+    {
+        function getBetween($input, $start, $end){$substr = substr($input, strlen($start)+strpos($input, $start),(strlen($input) - strpos($input, $end))*(-1));return $substr;}
+        $accessData = getBetween($body, '<!--access start-->', '<!--access end-->');
+        if ($accessData) {
+            $body = str_replace($accessData, '<div class="v2board-no-access">'. __('user.knowledge.formatAccessData.no_access') .'</div>', $body);
+        }
+    }
+}
--- a/app/Http/Controllers/User/NoticeController.php
+++ b/app/Http/Controllers/User/NoticeController.php
@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+use App\Models\Notice;
+use App\Utils\Helper;
+
+class NoticeController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        $current = $request->input('current') ? $request->input('current') : 1;
+        $pageSize = 5;
+        $model = Notice::orderBy('created_at', 'DESC');
+        $total = $model->count();
+        $res = $model->forPage($current, $pageSize)
+            ->get();
+        return response([
+            'data' => $res,
+            'total' => $total
+        ]);
+    }
+}
--- a/app/Http/Controllers/User/OrderController.php
+++ b/app/Http/Controllers/User/OrderController.php
@ -0,0 +1,246 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\User\OrderSave;
+use App\Models\Payment;
+use App\Services\CouponService;
+use App\Services\OrderService;
+use App\Services\PaymentService;
+use App\Services\UserService;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\DB;
+use App\Models\Order;
+use App\Models\Plan;
+use App\Models\User;
+use App\Utils\Helper;
+use Omnipay\Omnipay;
+use Stripe\Stripe;
+use Stripe\Source;
+use Library\BitpayX;
+use Library\MGate;
+use Library\Epay;
+
+class OrderController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        $model = Order::where('user_id', $request->session()->get('id'))
+            ->orderBy('created_at', 'DESC');
+        if ($request->input('status') !== null) {
+            $model->where('status', $request->input('status'));
+        }
+        $order = $model->get();
+        $plan = Plan::get();
+        for ($i = 0; $i < count($order); $i++) {
+            for ($x = 0; $x < count($plan); $x++) {
+                if ($order[$i]['plan_id'] === $plan[$x]['id']) {
+                    $order[$i]['plan'] = $plan[$x];
+                }
+            }
+        }
+        return response([
+            'data' => $order->makeHidden(['id', 'user_id'])
+        ]);
+    }
+
+    public function details(Request $request)
+    {
+        $order = Order::where('user_id', $request->session()->get('id'))
+            ->where('trade_no', $request->input('trade_no'))
+            ->first();
+        if (!$order) {
+            abort(500, __('user.order.details.order_not_exist'));
+        }
+        $order['plan'] = Plan::find($order->plan_id);
+        $order['try_out_plan_id'] = (int)config('v2board.try_out_plan_id');
+        if (!$order['plan']) {
+            abort(500, __('user.order.details.plan_not_exist'));
+        }
+        return response([
+            'data' => $order
+        ]);
+    }
+
+    public function save(OrderSave $request)
+    {
+        $userService = new UserService();
+        if ($userService->isNotCompleteOrderByUserId($request->session()->get('id'))) {
+            abort(500, __('user.order.save.exist_open_order'));
+        }
+
+        $plan = Plan::find($request->input('plan_id'));
+        $user = User::find($request->session()->get('id'));
+
+        if (!$plan) {
+            abort(500, __('user.order.save.plan_not_exist'));
+        }
+
+        if ((!$plan->show && !$plan->renew) || (!$plan->show && $user->plan_id !== $plan->id)) {
+            if ($request->input('cycle') !== 'reset_price') {
+                abort(500, __('user.order.save.plan_stop_sell'));
+            }
+        }
+
+        if (!$plan->renew && $user->plan_id == $plan->id && $request->input('cycle') !== 'reset_price') {
+            abort(500, __('user.order.save.plan_stop_renew'));
+        }
+
+        if ($plan[$request->input('cycle')] === NULL) {
+            abort(500, __('user.order.save.plan_stop'));
+        }
+
+        if ($request->input('cycle') === 'reset_price') {
+            if ($user->expired_at <= time() || !$user->plan_id) {
+                abort(500, __('user.order.save.plan_exist_not_buy_package'));
+            }
+        }
+
+        if (!$plan->show && $plan->renew && !$userService->isAvailable($user)) {
+            abort(500, __('user.order.save.plan_expired'));
+        }
+
+        DB::beginTransaction();
+        $order = new Order();
+        $orderService = new OrderService($order);
+        $order->user_id = $request->session()->get('id');
+        $order->plan_id = $plan->id;
+        $order->cycle = $request->input('cycle');
+        $order->trade_no = Helper::guid();
+        $order->total_amount = $plan[$request->input('cycle')];
+
+        if ($request->input('coupon_code')) {
+            $couponService = new CouponService($request->input('coupon_code'));
+            if (!$couponService->use($order)) {
+                DB::rollBack();
+                abort(500, __('user.order.save.coupon_use_failed'));
+            }
+            $order->coupon_id = $couponService->getId();
+        }
+
+        $orderService->setVipDiscount($user);
+        $orderService->setOrderType($user);
+        $orderService->setInvite($user);
+
+        if ($user->balance && $order->total_amount > 0) {
+            $remainingBalance = $user->balance - $order->total_amount;
+            $userService = new UserService();
+            if ($remainingBalance > 0) {
+                if (!$userService->addBalance($order->user_id, - $order->total_amount)) {
+                    DB::rollBack();
+                    abort(500, __('user.order.save.insufficient_balance'));
+                }
+                $order->balance_amount = $order->total_amount;
+                $order->total_amount = 0;
+            } else {
+                if (!$userService->addBalance($order->user_id, - $user->balance)) {
+                    DB::rollBack();
+                    abort(500, __('user.order.save.insufficient_balance'));
+                }
+                $order->balance_amount = $user->balance;
+                $order->total_amount = $order->total_amount - $user->balance;
+            }
+        }
+
+        if (!$order->save()) {
+            DB::rollback();
+            abort(500, __('user.order.save.order_create_failed'));
+        }
+
+        DB::commit();
+
+        return response([
+            'data' => $order->trade_no
+        ]);
+    }
+
+    public function checkout(Request $request)
+    {
+        $tradeNo = $request->input('trade_no');
+        $method = $request->input('method');
+        $order = Order::where('trade_no', $tradeNo)
+            ->where('user_id', $request->session()->get('id'))
+            ->where('status', 0)
+            ->first();
+        if (!$order) {
+            abort(500, __('user.order.checkout.order_not_exist_or_paid'));
+        }
+        // free process
+        if ($order->total_amount <= 0) {
+            $order->total_amount = 0;
+            $order->status = 1;
+            $order->save();
+            return response([
+                'type' => -1,
+                'data' => true
+            ]);
+        }
+        $payment = Payment::find($method);
+        if (!$payment || $payment->enable !== 1) abort(500, __('user.order.checkout.pay_method_not_use'));
+        $paymentService = new PaymentService($payment->payment, $payment->id);
+        $result = $paymentService->pay([
+            'trade_no' => $tradeNo,
+            'total_amount' => $order->total_amount,
+            'user_id' => $order->user_id,
+            'stripe_token' => $request->input('token')
+        ]);
+        $order->update(['payment_id' => $method]);
+        return response([
+            'type' => $result['type'],
+            'data' => $result['data']
+        ]);
+    }
+
+    public function check(Request $request)
+    {
+        $tradeNo = $request->input('trade_no');
+        $order = Order::where('trade_no', $tradeNo)
+            ->where('user_id', $request->session()->get('id'))
+            ->first();
+        if (!$order) {
+            abort(500, __('user.order.check.order_not_exist'));
+        }
+        return response([
+            'data' => $order->status
+        ]);
+    }
+
+    public function getPaymentMethod()
+    {
+        $methods = Payment::select([
+            'id',
+            'name',
+            'payment'
+        ])
+            ->where('enable', 1)->get();
+
+        return response([
+            'data' => $methods
+        ]);
+    }
+
+    public function cancel(Request $request)
+    {
+        if (empty($request->input('trade_no'))) {
+            abort(500, __('user.order.cancel.params_wrong'));
+        }
+        $order = Order::where('trade_no', $request->input('trade_no'))
+            ->where('user_id', $request->session()->get('id'))
+            ->first();
+        if (!$order) {
+            abort(500, __('user.order.cancel.order_not_exist'));
+        }
+        if ($order->status !== 0) {
+            abort(500, __('user.order.cancel.only_cancel_pending_order'));
+        }
+        $orderService = new OrderService($order);
+        if (!$orderService->cancel()) {
+            abort(500, __('user.order.cancel.cancel_failed'));
+        }
+        return response([
+            'data' => true
+        ]);
+    }
+}
--- a/app/Http/Controllers/User/PlanController.php
+++ b/app/Http/Controllers/User/PlanController.php
@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+use App\Models\Plan;
+
+class PlanController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        if ($request->input('id')) {
+            $plan = Plan::where('id', $request->input('id'))
+                ->first();
+            if (!$plan) {
+                abort(500, __('user.plan.fetch.plan_not_exist'));
+            }
+            return response([
+                'data' => $plan
+            ]);
+        }
+        $plan = Plan::where('show', 1)
+            ->orderBy('sort', 'ASC')
+            ->get();
+        return response([
+            'data' => $plan
+        ]);
+    }
+}
--- a/app/Http/Controllers/User/ServerController.php
+++ b/app/Http/Controllers/User/ServerController.php
@ -0,0 +1,58 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use App\Services\ServerService;
+use App\Services\UserService;
+use App\Utils\CacheKey;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Cache;
+use App\Models\Server;
+use App\Models\ServerLog;
+use App\Models\User;
+
+use App\Utils\Helper;
+
+class ServerController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        $user = User::find($request->session()->get('id'));
+        $servers = [];
+        $userService = new UserService();
+        if ($userService->isAvailable($user)) {
+            $serverService = new ServerService();
+            $servers = $serverService->getAvailableServers($user);
+        }
+        return response([
+            'data' => $servers
+        ]);
+    }
+
+    public function logFetch(Request $request)
+    {
+        $type = $request->input('type') ? $request->input('type') : 0;
+        $current = $request->input('current') ? $request->input('current') : 1;
+        $pageSize = $request->input('pageSize') >= 10 ? $request->input('pageSize') : 10;
+        $serverLogModel = ServerLog::where('user_id', $request->session()->get('id'))
+            ->orderBy('created_at', 'DESC');
+        switch ($type) {
+            case 0:
+                $serverLogModel->where('created_at', '>=', strtotime(date('Y-m-d')));
+                break;
+            case 1:
+                $serverLogModel->where('created_at', '>=', strtotime(date('Y-m-d')) - 604800);
+                break;
+            case 2:
+                $serverLogModel->where('created_at', '>=', strtotime(date('Y-m-1')));
+        }
+        $total = $serverLogModel->count();
+        $res = $serverLogModel->forPage($current, $pageSize)
+            ->get();
+        return response([
+            'data' => $res,
+            'total' => $total
+        ]);
+    }
+}
--- a/app/Http/Controllers/User/TelegramController.php
+++ b/app/Http/Controllers/User/TelegramController.php
@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use App\Services\TelegramService;
+
+class TelegramController extends Controller
+{
+    public function getBotInfo()
+    {
+        $telegramService = new TelegramService();
+        $response = $telegramService->getMe();
+        return response([
+            'data' => [
+                'username' => $response->result->username
+            ]
+        ]);
+    }
+}
--- a/app/Http/Controllers/User/TicketController.php
+++ b/app/Http/Controllers/User/TicketController.php
@ -0,0 +1,210 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\User\TicketSave;
+use App\Http\Requests\User\TicketWithdraw;
+use App\Jobs\SendTelegramJob;
+use App\Models\User;
+use App\Services\TelegramService;
+use App\Utils\Dict;
+use Illuminate\Http\Request;
+use App\Models\Ticket;
+use App\Models\TicketMessage;
+use Illuminate\Support\Facades\DB;
+
+class TicketController extends Controller
+{
+    public function fetch(Request $request)
+    {
+        if ($request->input('id')) {
+            $ticket = Ticket::where('id', $request->input('id'))
+                ->where('user_id', $request->session()->get('id'))
+                ->first();
+            if (!$ticket) {
+                abort(500, __('user.ticket.fetch.ticket_not_exist'));
+            }
+            $ticket['message'] = TicketMessage::where('ticket_id', $ticket->id)->get();
+            for ($i = 0; $i < count($ticket['message']); $i++) {
+                if ($ticket['message'][$i]['user_id'] == $ticket->user_id) {
+                    $ticket['message'][$i]['is_me'] = true;
+                } else {
+                    $ticket['message'][$i]['is_me'] = false;
+                }
+            }
+            return response([
+                'data' => $ticket
+            ]);
+        }
+        $ticket = Ticket::where('user_id', $request->session()->get('id'))
+            ->orderBy('created_at', 'DESC')
+            ->get();
+        for ($i = 0; $i < count($ticket); $i++) {
+            if ($ticket[$i]['last_reply_user_id'] == $request->session()->get('id')) {
+                $ticket[$i]['reply_status'] = 0;
+            } else {
+                $ticket[$i]['reply_status'] = 1;
+            }
+        }
+        return response([
+            'data' => $ticket
+        ]);
+    }
+
+    public function save(TicketSave $request)
+    {
+        DB::beginTransaction();
+        if ((int)Ticket::where('status', 0)->where('user_id', $request->session()->get('id'))->count()) {
+            abort(500, __('user.ticket.save.exist_other_open_ticket'));
+        }
+        $ticket = Ticket::create(array_merge($request->only([
+            'subject',
+            'level'
+        ]), [
+            'user_id' => $request->session()->get('id'),
+            'last_reply_user_id' => $request->session()->get('id')
+        ]));
+        if (!$ticket) {
+            DB::rollback();
+            abort(500, __('user.ticket.save.ticket_create_failed'));
+        }
+        $ticketMessage = TicketMessage::create([
+            'user_id' => $request->session()->get('id'),
+            'ticket_id' => $ticket->id,
+            'message' => $request->input('message')
+        ]);
+        if (!$ticketMessage) {
+            DB::rollback();
+            abort(500, __('user.ticket.save.ticket_create_failed'));
+        }
+        DB::commit();
+        $this->sendNotify($ticket, $ticketMessage);
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function reply(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, __('user.ticket.reply.params_wrong'));
+        }
+        if (empty($request->input('message'))) {
+            abort(500, __('user.ticket.reply.message_not_empty'));
+        }
+        $ticket = Ticket::where('id', $request->input('id'))
+            ->where('user_id', $request->session()->get('id'))
+            ->first();
+        if (!$ticket) {
+            abort(500, __('user.ticket.reply.ticket_not_exist'));
+        }
+        if ($ticket->status) {
+            abort(500, __('user.ticket.reply.ticket_close_not_reply'));
+        }
+        if ($request->session()->get('id') == $this->getLastMessage($ticket->id)->user_id) {
+            abort(500, __('user.ticket.reply.wait_reply'));
+        }
+        DB::beginTransaction();
+        $ticketMessage = TicketMessage::create([
+            'user_id' => $request->session()->get('id'),
+            'ticket_id' => $ticket->id,
+            'message' => $request->input('message')
+        ]);
+        $ticket->last_reply_user_id = $request->session()->get('id');
+        if (!$ticketMessage || !$ticket->save()) {
+            DB::rollback();
+            abort(500, __('user.ticket.reply.ticket_reply_failed'));
+        }
+        DB::commit();
+        $this->sendNotify($ticket, $ticketMessage);
+        return response([
+            'data' => true
+        ]);
+    }
+
+
+    public function close(Request $request)
+    {
+        if (empty($request->input('id'))) {
+            abort(500, __('user.ticket.close.params_wrong'));
+        }
+        $ticket = Ticket::where('id', $request->input('id'))
+            ->where('user_id', $request->session()->get('id'))
+            ->first();
+        if (!$ticket) {
+            abort(500, __('user.ticket.close.ticket_not_exist'));
+        }
+        $ticket->status = 1;
+        if (!$ticket->save()) {
+            abort(500, __('user.ticket.close.close_failed'));
+        }
+        return response([
+            'data' => true
+        ]);
+    }
+
+    private function getLastMessage($ticketId)
+    {
+        return TicketMessage::where('ticket_id', $ticketId)
+            ->orderBy('id', 'DESC')
+            ->first();
+    }
+
+    public function withdraw(TicketWithdraw $request)
+    {
+        if ((int)config('v2board.withdraw_close_enable', 0)) {
+            abort(500, 'user.ticket.withdraw.not_support_withdraw');
+        }
+        if (!in_array(
+            $request->input('withdraw_method'),
+            config(
+                'v2board.commission_withdraw_method',
+                Dict::WITHDRAW_METHOD_WHITELIST_DEFAULT
+            )
+        )) {
+            abort(500, __('user.ticket.withdraw.not_support_withdraw_method'));
+        }
+        $user = User::find($request->session()->get('id'));
+        $limit = config('v2board.commission_withdraw_limit', 100);
+        if ($limit > ($user->commission_balance / 100)) {
+            abort(500, __('user.ticket.withdraw.system_require_withdraw_limit', ['limit' => $limit]));
+        }
+        DB::beginTransaction();
+        $subject = __('user.ticket.withdraw.ticket_subject');
+        $ticket = Ticket::create([
+            'subject' => $subject,
+            'level' => 2,
+            'user_id' => $request->session()->get('id'),
+            'last_reply_user_id' => $request->session()->get('id')
+        ]);
+        if (!$ticket) {
+            DB::rollback();
+            abort(500, __('user.ticket.withdraw.ticket_create_failed'));
+        }
+        $message = __('user.ticket.withdraw.ticket_message', [
+            'method' => $request->input('withdraw_method'),
+            'account' => $request->input('withdraw_account')
+        ]);
+        $ticketMessage = TicketMessage::create([
+            'user_id' => $request->session()->get('id'),
+            'ticket_id' => $ticket->id,
+            'message' => $message
+        ]);
+        if (!$ticketMessage) {
+            DB::rollback();
+            abort(500, __('user.ticket.withdraw.ticket_create_failed'));
+        }
+        DB::commit();
+        $this->sendNotify($ticket, $ticketMessage);
+        return response([
+            'data' => true
+        ]);
+    }
+
+    private function sendNotify(Ticket $ticket, TicketMessage $ticketMessage)
+    {
+        $telegramService = new TelegramService();
+        $telegramService->sendMessageWithAdmin("📮工单提醒 #{$ticket->id}\n———————————————\n主题：\n`{$ticket->subject}`\n内容：\n`{$ticketMessage->message}`", true);
+    }
+}
--- a/app/Http/Controllers/User/UserController.php
+++ b/app/Http/Controllers/User/UserController.php
@ -0,0 +1,207 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\User\UserTransfer;
+use App\Http\Requests\User\UserUpdate;
+use App\Http\Requests\User\UserChangePassword;
+use Illuminate\Http\Request;
+use App\Models\User;
+use App\Models\Plan;
+use App\Models\Server;
+use App\Models\Ticket;
+use App\Utils\Helper;
+use App\Models\Order;
+use App\Models\ServerLog;
+
+class UserController extends Controller
+{
+    public function logout(Request $request)
+    {
+        $request->session()->flush();
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function changePassword(UserChangePassword $request)
+    {
+        $user = User::find($request->session()->get('id'));
+        if (!$user) {
+            abort(500, __('user.user.changePassword.user_not_exist'));
+        }
+        if (!Helper::multiPasswordVerify(
+            $user->password_algo,
+            $request->input('old_password'),
+            $user->password)
+        ) {
+            abort(500, __('user.user.changePassword.old_password_wrong'));
+        }
+        $user->password = password_hash($request->input('new_password'), PASSWORD_DEFAULT);
+        $user->password_algo = NULL;
+        if (!$user->save()) {
+            abort(500, __('user.user.changePassword.save_failed'));
+        }
+        $request->session()->flush();
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function info(Request $request)
+    {
+        $user = User::where('id', $request->session()->get('id'))
+            ->select([
+                'email',
+                'transfer_enable',
+                'last_login_at',
+                'created_at',
+                'banned',
+                'remind_expire',
+                'remind_traffic',
+                'expired_at',
+                'balance',
+                'commission_balance',
+                'plan_id',
+                'discount',
+                'commission_rate',
+                'telegram_id'
+            ])
+            ->first();
+        if (!$user) {
+            abort(500, __('user.user.info.user_not_exist'));
+        }
+        $user['avatar_url'] = 'https://cdn.v2ex.com/gravatar/' . md5($user->email) . '?s=64&d=identicon';
+        return response([
+            'data' => $user
+        ]);
+    }
+
+    public function getStat(Request $request)
+    {
+        $stat = [
+            Order::where('status', 0)
+                ->where('user_id', $request->session()->get('id'))
+                ->count(),
+            Ticket::where('status', 0)
+                ->where('user_id', $request->session()->get('id'))
+                ->count(),
+            User::where('invite_user_id', $request->session()->get('id'))
+                ->count()
+        ];
+        return response([
+            'data' => $stat
+        ]);
+    }
+
+    public function getSubscribe(Request $request)
+    {
+        $user = User::where('id', $request->session()->get('id'))
+            ->select([
+                'id',
+                'plan_id',
+                'token',
+                'expired_at',
+                'u',
+                'd',
+                'transfer_enable',
+                'email'
+            ])
+            ->first();
+        if (!$user) {
+            abort(500, __('user.user.getSubscribe.user_not_exist'));
+        }
+        if ($user->plan_id) {
+            $user['plan'] = Plan::find($user->plan_id);
+            if (!$user['plan']) {
+                abort(500, __('user.user.getSubscribe.plan_not_exist'));
+            }
+        }
+        $user['subscribe_url'] = config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL'))) . '/api/v1/client/subscribe?token=' . $user['token'];
+        $user['reset_day'] = $this->getResetDay($user);
+        return response([
+            'data' => $user
+        ]);
+    }
+
+    public function resetSecurity(Request $request)
+    {
+        $user = User::find($request->session()->get('id'));
+        if (!$user) {
+            abort(500, __('user.user.resetSecurity.user_not_exist'));
+        }
+        $user->uuid = Helper::guid(true);
+        $user->token = Helper::guid();
+        if (!$user->save()) {
+            abort(500, __('user.user.resetSecurity.reset_failed'));
+        }
+        return response([
+            'data' => config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL'))) . '/api/v1/client/subscribe?token=' . $user->token
+        ]);
+    }
+
+    public function update(UserUpdate $request)
+    {
+        $updateData = $request->only([
+            'remind_expire',
+            'remind_traffic'
+        ]);
+
+        $user = User::find($request->session()->get('id'));
+        if (!$user) {
+            abort(500, __('user.user.update.user_not_exist'));
+        }
+        try {
+            $user->update($updateData);
+        } catch (\Exception $e) {
+            abort(500, __('user.user.update.save_failed'));
+        }
+
+        return response([
+            'data' => true
+        ]);
+    }
+
+    public function transfer(UserTransfer $request)
+    {
+        $user = User::find($request->session()->get('id'));
+        if (!$user) {
+            abort(500, __('user.user.transfer.user_not_exist'));
+        }
+        if ($request->input('transfer_amount') > $user->commission_balance) {
+            abort(500, __('user.user.transfer.insufficient_commission_balance'));
+        }
+        $user->commission_balance = $user->commission_balance - $request->input('transfer_amount');
+        $user->balance = $user->balance + $request->input('transfer_amount');
+        if (!$user->save()) {
+            abort(500, __('user.user.transfer.transfer_failed'));
+        }
+        return response([
+            'data' => true
+        ]);
+    }
+
+    private function getResetDay(User $user)
+    {
+        if ($user->expired_at <= time() || $user->expired_at === NULL) return null;
+        $day = date('d', $user->expired_at);
+        $today = date('d');
+        $lastDay = date('d', strtotime('last day of +0 months'));
+
+        if ((int)config('v2board.reset_traffic_method') === 0) {
+            return $lastDay - $today;
+        }
+        if ((int)config('v2board.reset_traffic_method') === 1) {
+            if ((int)$day >= (int)$today && (int)$day >= (int)$lastDay) {
+                return $lastDay - $today;
+            }
+            if ((int)$day >= (int)$today) {
+                return $day - $today;
+            } else {
+                return $lastDay - $today + $day;
+            }
+        }
+        return null;
+    }
+}
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@ -1,126 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use App\Http\Requests\UserUpdate;
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\User;
-use App\Models\Plan;
-use App\Models\Server;
-use App\Models\Ticket;
-use App\Utils\Helper;
-use App\Models\Order;
-use App\Models\ServerLog;
-
-class UserController extends Controller
-{
-    public function logout (Request $request) {
-        return response([
-            'data' => $request->session()->flush()
-        ]);
-    }
-
-    public function changePassword (Request $request) {
-        if (empty($request->input('old_password'))) {
-            abort(500, '旧密码不能为空');
-        }
-        if (empty($request->input('new_password'))) {
-            abort(500, '新密码不能为空');
-        }
-        $user = User::find($request->session()->get('id'));
-        if (!password_verify($request->input('old_password'), $user->password)) {
-            abort(500, '旧密码有误');
-        }
-        $user->password = password_hash($request->input('new_password'), PASSWORD_DEFAULT);
-        if (!$user->save()) {
-            abort(500, '保存失败');
-        }
-        $request->session()->flush();
-        return response([
-            'data' => true
-        ]);
-    }
-    
-    public function info (Request $request) {
-        $user = User::where('id', $request->session()->get('id'))
-            ->select([
-                'email',
-                'last_login_at',
-                'created_at',
-                'enable',
-                'is_admin',
-                'remind_expire',
-                'remind_traffic',
-                'expired_at',
-                'balance',
-                'commission_balance'
-            ])
-            ->first();
-        $user['avatar_url'] = 'https://cdn.v2ex.com/gravatar/' . md5($user->email) . '?s=64&d=identicon';
-        return response([
-            'data' => $user
-        ]);
-    }
-
-    public function getStat (Request $request) {
-        $stat = [
-            Order::where('status', 0)
-                ->where('user_id', $request->session()->get('id'))
-                ->count(),
-            Ticket::where('status', 0)
-                ->where('user_id', $request->session()->get('id'))
-                ->count(),
-            User::where('invite_user_id', $request->session()->get('id'))
-                ->count()
-        ];
-        return response([
-            'data' => $stat
-        ]);
-    }
-
-    public function getSubscribe (Request $request) {
-        $user = User::find($request->session()->get('id'));
-        if ($user->plan_id) {
-            $user['plan'] = Plan::find($user->plan_id);
-            if (!$user['plan']) {
-                abort(500, '订阅计划不存在');
-            }
-        }
-        $user['subscribe_url'] = config('v2board.subscribe_url', config('v2board.app_url', env('APP_URL'))) . '/api/v1/client/subscribe?token=' . $user['token'];
-        return response([
-            'data' => $user
-        ]);
-    }
-    
-    public function resetSecurity (Request $request) {
-        $user = User::find($request->session()->get('id'));
-        $user->v2ray_uuid = Helper::guid(true);
-        $user->token = Helper::guid();
-        if (!$user->save()) {
-            abort(500, '重置失败');
-        }
-        return response([
-            'data' => true
-        ]);
-    }
-
-    public function update (UserUpdate $request) {
-        $updateData = $request->only([
-            'remind_expire',
-            'remind_traffic'
-        ]);
-        
-        $user = User::find($request->session()->get('id'));
-        if (!$user) {
-            abort(500, '该用户不存在');
-        }
-        if (!$user->update($updateData)) {
-            abort(500, '保存失败');
-        }
-
-        return response([
-            'data' => true
-        ]);
-    }
-}
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -43,7 +43,7 @@ class Kernel extends HttpKernel
            \Illuminate\Session\Middleware\StartSession::class,
            \App\Http\Middleware\ForceJson::class,
            \App\Http\Middleware\CORS::class,
-            'throttle:60,1',
+            \App\Http\Middleware\Language::class,
            'bindings',
        ],
    ];
@ -68,7 +68,7 @@ class Kernel extends HttpKernel
        'user' => \App\Http\Middleware\User::class,
        'admin' => \App\Http\Middleware\Admin::class,
        'client' => \App\Http\Middleware\Client::class,
-        'server' => \App\Http\Middleware\Server::class,
+        'staff' => \App\Http\Middleware\Staff::class,
    ];

    /**
--- a/app/Http/Middleware/Admin.php
+++ b/app/Http/Middleware/Admin.php
@ -9,8 +9,8 @@ class Admin
    /**
     * Handle an incoming request.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@ -9,12 +9,12 @@ class Authenticate extends Middleware
    /**
     * Get the path the user should be redirected to when they are not authenticated.
     *
-     * @param  \Illuminate\Http\Request  $request
+     * @param \Illuminate\Http\Request $request
     * @return string
     */
    protected function redirectTo($request)
    {
-        if (! $request->expectsJson()) {
+        if (!$request->expectsJson()) {
            return route('login');
        }
    }
--- a/app/Http/Middleware/CORS.php
+++ b/app/Http/Middleware/CORS.php
@ -9,9 +9,9 @@ class CORS
    public function handle($request, Closure $next)
    {
        $origin = $request->header('origin');
-        if(empty($origin)){
+        if (empty($origin)) {
            $referer = $request->header('referer');
-            if(!empty($referer)&&preg_match("/^((https|http):\/\/)?([^\/]+)/i", $referer, $matches)){
+            if (!empty($referer) && preg_match("/^((https|http):\/\/)?([^\/]+)/i", $referer, $matches)) {
                $origin = $matches[0];
            }
        }
--- a/app/Http/Middleware/Client.php
+++ b/app/Http/Middleware/Client.php
@ -10,8 +10,8 @@ class Client
    /**
     * Handle an incoming request.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
--- a/app/Http/Middleware/ForceJson.php
+++ b/app/Http/Middleware/ForceJson.php
@ -9,9 +9,9 @@ class ForceJson
    /**
     * Handle an incoming request.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
-     * @param  string|null  $guard
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure $next
+     * @param string|null $guard
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = null)
--- a/app/Http/Middleware/Language.php
+++ b/app/Http/Middleware/Language.php
@ -0,0 +1,17 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\App;
+
+class Language
+{
+    public function handle($request, Closure $next)
+    {
+        if ($request->header('content-language')) {
+            App::setLocale($request->header('content-language'));
+        }
+        return $next($request);
+    }
+}
--- a/app/Http/Middleware/RedirectIfAuthenticated.php
+++ b/app/Http/Middleware/RedirectIfAuthenticated.php
@ -10,9 +10,9 @@ class RedirectIfAuthenticated
    /**
     * Handle an incoming request.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
-     * @param  string|null  $guard
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure $next
+     * @param string|null $guard
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = null)
--- a/app/Http/Middleware/Server.php
+++ b/app/Http/Middleware/Server.php
@ -1,28 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Closure;
-use App\Models\User;
-
-class Server
-{
-    /**
-     * Handle an incoming request.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
-     * @return mixed
-     */
-    public function handle($request, Closure $next)
-    {
-        $token = $request->input('token');
-        if (empty($token)) {
-            abort(500, 'token is null');
-        }
-        if ($token !== config('v2board.server_token')) {
-            abort(500, 'token is error');
-        }
-        return $next($request);
-    }
-}
--- a/app/Http/Middleware/Staff.php
+++ b/app/Http/Middleware/Staff.php
@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class Staff
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if (!$request->session()->get('is_staff')) {
+            abort(403, '权限不足');
+        }
+        return $next($request);
+    }
+}
--- a/app/Http/Middleware/User.php
+++ b/app/Http/Middleware/User.php
@ -9,12 +9,28 @@ class User
    /**
     * Handle an incoming request.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
+        if ($request->input('auth_data')) {
+            $authData = explode(':', base64_decode($request->input('auth_data')));
+            $user = \App\Models\User::where('password', $authData[1])
+                ->where('email', $authData[0])
+                ->first();
+            if ($user) {
+                $request->session()->put('email', $user->email);
+                $request->session()->put('id', $user->id);
+            }
+        }
+//        if ($request->input('lang')) {
+//            $request->session()->put('lang', $request->input('lang'));
+//        }
+//        if ($request->session()->get('lang')) {
+//            App::setLocale($request->session()->get('lang'));
+//        }
        if (!$request->session()->get('id')) {
            abort(403, '未登录或登陆已过期');
        }
--- a/app/Http/Requests/Admin/ConfigSave.php
+++ b/app/Http/Requests/Admin/ConfigSave.php
@ -6,37 +6,6 @@ use Illuminate\Foundation\Http\FormRequest;

 class ConfigSave extends FormRequest
 {
-    public static function filter() {
-        return [
-            'invite_force',
-            'invite_commission',
-            'invite_gen_limit',
-            'invite_never_expire',
-            'stop_register',
-            'email_verify',
-            'app_name',
-            'app_url',
-            'subscribe_url',
-            'plan_update_fee',
-            'plan_is_update',
-            // server
-            'server_token',
-            // alipay
-            'alipay_enable',
-            'alipay_appid',
-            'alipay_pubkey',
-            'alipay_privkey',
-            // stripe
-            'stripe_sk_live',
-            'stripe_pk_live',
-            'stripe_alipay_enable',
-            'stripe_wepay_enable',
-            'stripe_webhook_key',
-            // tutorial
-            'apple_id',
-            'apple_id_password'
-        ];
-    }
    /**
     * Get the validation rules that apply to the request.
     *
@ -45,34 +14,116 @@ class ConfigSave extends FormRequest
    public function rules()
    {
        return [
+            // invite & commission
+            'safe_mode_enable' => 'in:0,1',
            'invite_force' => 'in:0,1',
            'invite_commission' => 'integer',
            'invite_gen_limit' => 'integer',
            'invite_never_expire' => 'in:0,1',
+            'commission_first_time_enable' => 'in:0,1',
+            'commission_auto_check_enable' => 'in:0,1',
+            'commission_withdraw_limit' => 'nullable|numeric',
+            'commission_withdraw_method' => 'nullable|array',
+            'withdraw_close_enable' => 'in:0,1',
+            // site
            'stop_register' => 'in:0,1',
            'email_verify' => 'in:0,1',
-            'app_url' => 'url',
-            'subscribe_url' => 'url',
-            'plan_update_fee' => 'numeric',
-            'plan_is_update' => 'in:0,1',
+            'app_name' => '',
+            'app_description' => '',
+            'app_url' => 'nullable|url',
+            'subscribe_url' => 'nullable|url',
+            'try_out_enable' => 'in:0,1',
+            'try_out_plan_id' => 'integer',
+            'try_out_hour' => 'numeric',
+            'email_whitelist_enable' => 'in:0,1',
+            'email_whitelist_suffix' => 'nullable|array',
+            'email_gmail_limit_enable' => 'in:0,1',
+            'recaptcha_enable' => 'in:0,1',
+            'recaptcha_key' => '',
+            'recaptcha_site_key' => '',
+            'tos_url' => 'nullable|url',
+            // subscribe
+            'plan_change_enable' => 'in:0,1',
+            'reset_traffic_method' => 'in:0,1',
+            'renew_reset_traffic_enable' => 'in:0,1',
+            'surplus_enable' => 'in:0,1',
            // server
-            'server_token' => 'min:16',
+            'server_token' => 'nullable|min:16',
+            'server_license' => 'nullable',
+            'server_log_enable' => 'in:0,1',
+            'server_v2ray_domain' => '',
+            'server_v2ray_protocol' => '',
            // alipay
            'alipay_enable' => 'in:0,1',
-            'alipay_appid' => 'integer|min:16',
+            'alipay_appid' => 'nullable|integer|min:16',
            'alipay_pubkey' => 'max:2048',
            'alipay_privkey' => 'max:2048',
            // stripe
            'stripe_alipay_enable' => 'in:0,1',
            'stripe_wepay_enable' => 'in:0,1',
+            'stripe_card_enable' => 'in:0,1',
+            'stripe_sk_live' => '',
+            'stripe_pk_live' => '',
+            'stripe_webhook_key' => '',
+            'stripe_currency' => 'in:hkd,usd,sgd,eur,gbp,jpy,cad',
+            // bitpayx
+            'bitpayx_name' => '',
+            'bitpayx_enable' => 'in:0,1',
+            'bitpayx_appsecret' => '',
+            // mGate
+            'mgate_name' => '',
+            'mgate_enable' => 'in:0,1',
+            'mgate_url' => 'nullable|url',
+            'mgate_app_id' => '',
+            'mgate_app_secret' => '',
+            // Epay
+            'epay_name' => '',
+            'epay_enable' => 'in:0,1',
+            'epay_url' => 'nullable|url',
+            'epay_pid' => '',
+            'epay_key' => '',
+            // frontend
+            'frontend_theme_sidebar' => 'in:dark,light',
+            'frontend_theme_header' => 'in:dark,light',
+            'frontend_theme_color' => 'in:default,darkblue,black',
+            'frontend_background_url' => 'nullable|url',
+            'frontend_admin_path' => '',
+            'frontend_customer_service_method' => '',
+            'frontend_customer_service_id' => '',
            // tutorial
-            'apple_id' => 'email'
+            'apple_id' => 'nullable|email',
+            'apple_id_password' => '',
+            // email
+            'email_template' => '',
+            'email_host' => '',
+            'email_port' => '',
+            'email_username' => '',
+            'email_password' => '',
+            'email_encryption' => '',
+            'email_from_address' => '',
+            // telegram
+            'telegram_bot_enable' => 'in:0,1',
+            'telegram_bot_token' => '',
+            'telegram_discuss_id' => '',
+            'telegram_channel_id' => '',
+            // app
+            'windows_version' => '',
+            'windows_download_url' => '',
+            'macos_version' => '',
+            'macos_download_url' => '',
+            'android_version' => '',
+            'android_download_url' => ''
        ];
    }

    public function messages()
    {
+        // illiteracy prompt
        return [
+            'app_url.url' => '站点URL格式不正确，必须携带http(s)://',
+            'subscribe_url.url' => '订阅URL格式不正确，必须携带http(s)://',
+            'server_token.min' => '通讯密钥长度必须大于16位',
+            'tos_url.url' => '服务条款URL格式不正确'
        ];
    }
 }
--- a/app/Http/Requests/Admin/CouponGenerate.php
+++ b/app/Http/Requests/Admin/CouponGenerate.php
@ -0,0 +1,47 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class CouponGenerate extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'generate_count' => 'nullable|integer|max:500',
+            'name' => 'required',
+            'type' => 'required|in:1,2',
+            'value' => 'required|integer',
+            'started_at' => 'required|integer',
+            'ended_at' => 'required|integer',
+            'limit_use' => 'nullable|integer',
+            'limit_plan_ids' => 'nullable|array',
+            'code' => ''
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'generate_count.integer' => '生成数量必须为数字',
+            'generate_count.max' => '生成数量最大为500个',
+            'name.required' => '名称不能为空',
+            'type.required' => '类型不能为空',
+            'type.in' => '类型格式有误',
+            'value.required' => '金额或比例不能为空',
+            'value.integer' => '金额或比例格式有误',
+            'started_at.required' => '开始时间不能为空',
+            'started_at.integer' => '开始时间格式有误',
+            'ended_at.required' => '结束时间不能为空',
+            'ended_at.integer' => '结束时间格式有误',
+            'limit_use.integer' => '使用次数格式有误',
+            'limit_plan_ids.array' => '指定订阅格式有误'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/CouponSave.php
+++ b/app/Http/Requests/Admin/CouponSave.php
@ -0,0 +1,44 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class CouponSave extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'name' => 'required',
+            'type' => 'required|in:1,2',
+            'value' => 'required|integer',
+            'started_at' => 'required|integer',
+            'ended_at' => 'required|integer',
+            'limit_use' => 'nullable|integer',
+            'limit_plan_ids' => 'nullable|array',
+            'code' => ''
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'name.required' => '名称不能为空',
+            'type.required' => '类型不能为空',
+            'type.in' => '类型格式有误',
+            'value.required' => '金额或比例不能为空',
+            'value.integer' => '金额或比例格式有误',
+            'started_at.required' => '开始时间不能为空',
+            'started_at.integer' => '开始时间格式有误',
+            'ended_at.required' => '结束时间不能为空',
+            'ended_at.integer' => '结束时间格式有误',
+            'limit_use.integer' => '使用次数格式有误',
+            'limit_plan_ids.array' => '指定订阅格式有误'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/KnowledgeCategorySave.php
+++ b/app/Http/Requests/Admin/KnowledgeCategorySave.php
@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class KnowledgeCategorySave extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'name' => 'required',
+            'language' => 'required'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'name.required' => '分类名称不能为空',
+            'language.required' => '分类语言不能为空'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/KnowledgeCategorySort.php
+++ b/app/Http/Requests/Admin/KnowledgeCategorySort.php
@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class KnowledgeCategorySort extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'knowledge_category_ids' => 'required|array'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'knowledge_category_ids.required' => '分类不能为空',
+            'knowledge_category_ids.array' => '分类格式有误'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/KnowledgeSave.php
+++ b/app/Http/Requests/Admin/KnowledgeSave.php
@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class KnowledgeSave extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'category' => 'required',
+            'language' => 'required',
+            'title' => 'required',
+            'body' => 'required'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'title.required' => '标题不能为空',
+            'category.required' => '分类不能为空',
+            'body.required' => '内容不能为空',
+            'language.required' => '语言不能为空'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/KnowledgeSort.php
+++ b/app/Http/Requests/Admin/KnowledgeSort.php
@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class KnowledgeSort extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'knowledge_ids' => 'required|array'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'knowledge_ids.required' => '知识ID不能为空',
+            'knowledge_ids.array' => '知识ID格式有误'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/MailSend.php
+++ b/app/Http/Requests/Admin/MailSend.php
@ -0,0 +1,34 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class MailSend extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'type' => 'required|in:1,2,3,4',
+            'subject' => 'required',
+            'content' => 'required',
+            'receiver' => 'array'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'type.required' => '发送类型不能为空',
+            'type.in' => '发送类型格式有误',
+            'subject.required' => '主题不能为空',
+            'content.required' => '内容不能为空',
+            'receiver.array' => '收件人格式有误'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/NoticeSave.php
+++ b/app/Http/Requests/Admin/NoticeSave.php
@ -16,7 +16,7 @@ class NoticeSave extends FormRequest
        return [
            'title' => 'required',
            'content' => 'required',
-            'img_url' => 'url'
+            'img_url' => 'nullable|url'
        ];
    }

--- a/app/Http/Requests/Admin/OrderAssign.php
+++ b/app/Http/Requests/Admin/OrderAssign.php
@ -0,0 +1,34 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class OrderAssign extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'plan_id' => 'required',
+            'email' => 'required',
+            'total_amount' => 'required',
+            'cycle' => 'required|in:month_price,quarter_price,half_year_price,year_price,two_year_price,three_year_price,onetime_price,reset_price'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'plan_id.required' => '订阅不能为空',
+            'email.required' => '邮箱不能为空',
+            'total_amount.required' => '支付金额不能为空',
+            'cycle.required' => '订阅周期不能为空',
+            'cycle.in' => '订阅周期格式有误'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/OrderFetch.php
+++ b/app/Http/Requests/Admin/OrderFetch.php
@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class OrderFetch extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'filter.*.key' => 'required|in:email,trade_no,status,commission_status,user_id,invite_user_id',
+            'filter.*.condition' => 'required|in:>,<,=,>=,<=,模糊,!=',
+            'filter.*.value' => ''
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'filter.*.key.required' => '过滤键不能为空',
+            'filter.*.key.in' => '过滤键参数有误',
+            'filter.*.condition.required' => '过滤条件不能为空',
+            'filter.*.condition.in' => '过滤条件参数有误',
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/OrderUpdate.php
+++ b/app/Http/Requests/Admin/OrderUpdate.php
@ -15,7 +15,7 @@ class OrderUpdate extends FormRequest
    {
        return [
            'status' => 'in:0,1,2,3',
-            'commission_status' => 'in:0,1'
+            'commission_status' => 'in:0,1,3'
        ];
    }

@ -23,7 +23,7 @@ class OrderUpdate extends FormRequest
    {
        return [
            'status.in' => '销售状态格式不正确',
-            'commission_status.in' => '续费状态格式不正确'
+            'commission_status.in' => '佣金状态格式不正确'
        ];
    }
 }
--- a/app/Http/Requests/Admin/PlanSave.php
+++ b/app/Http/Requests/Admin/PlanSave.php
@ -15,12 +15,17 @@ class PlanSave extends FormRequest
    {
        return [
            'name' => 'required',
+            'content' => '',
            'group_id' => 'required',
            'transfer_enable' => 'required',
-            'month_price' => 'required|numeric',
-            'quarter_price' => 'required|numeric',
-            'half_year_price' => 'required|numeric',
-            'year_price' => 'required|numeric'
+            'month_price' => 'nullable|integer',
+            'quarter_price' => 'nullable|integer',
+            'half_year_price' => 'nullable|integer',
+            'year_price' => 'nullable|integer',
+            'two_year_price' => 'nullable|integer',
+            'three_year_price' => 'nullable|integer',
+            'onetime_price' => 'nullable|integer',
+            'reset_price' => 'nullable|integer'
        ];
    }

@ -28,12 +33,18 @@ class PlanSave extends FormRequest
    {
        return [
            'name.required' => '套餐名称不能为空',
+            'type.required' => '套餐类型不能为空',
+            'type.in' => '套餐类型格式有误',
            'group_id.required' => '权限组不能为空',
            'transfer_enable.required' => '流量不能为空',
-            'month_price.required' => '月付金额不能为空',
-            'quarter_price.required' => '季付金额不能为空',
-            'half_year_price.required' => '半年付金额不能为空',
-            'year_price.required' => '年付金额不能为空'
+            'month_price.integer' => '月付金额格式有误',
+            'quarter_price.integer' => '季付金额格式有误',
+            'half_year_price.integer' => '半年付金额格式有误',
+            'year_price.integer' => '年付金额格式有误',
+            'two_year_price.integer' => '两年付金额格式有误',
+            'three_year_price.integer' => '三年付金额格式有误',
+            'onetime_price.integer' => '一次性金额有误',
+            'reset_price.integer' => '流量重置包金额有误'
        ];
    }
 }
--- a/app/Http/Requests/Admin/PlanSort.php
+++ b/app/Http/Requests/Admin/PlanSort.php
@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class PlanSort extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'plan_ids' => 'required|array'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'plan_ids.required' => '订阅计划ID不能为空',
+            'plan_ids.array' => '订阅计划ID格式有误'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/ServerShadowsocksSave.php
+++ b/app/Http/Requests/Admin/ServerShadowsocksSave.php
@ -0,0 +1,46 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class ServerShadowsocksSave extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'show' => '',
+            'name' => 'required',
+            'group_id' => 'required|array',
+            'parent_id' => 'nullable|integer',
+            'host' => 'required',
+            'port' => 'required',
+            'server_port' => 'required',
+            'cipher' => 'required|in:aes-128-gcm,aes-256-gcm,chacha20-ietf-poly1305',
+            'tags' => 'nullable|array',
+            'rate' => 'required|numeric'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'name.required' => '节点名称不能为空',
+            'group_id.required' => '权限组不能为空',
+            'group_id.array' => '权限组格式不正确',
+            'parent_id.integer' => '父节点格式不正确',
+            'host.required' => '节点地址不能为空',
+            'port.required' => '连接端口不能为空',
+            'server_port.required' => '后端服务端口不能为空',
+            'cipher.required' => '加密方式不能为空',
+            'tags.array' => '标签格式不正确',
+            'rate.required' => '倍率不能为空',
+            'rate.numeric' => '倍率格式不正确'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/ServerShadowsocksUpdate.php
+++ b/app/Http/Requests/Admin/ServerShadowsocksUpdate.php
@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class ServerShadowsocksUpdate extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+
+    public function rules()
+    {
+        return [
+            'show' => 'in:0,1'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'show.in' => '显示状态格式不正确'
+        ];
+    }
+}
--- a/app/Http/Requests/Admin/ServerTrojanSave.php
+++ b/app/Http/Requests/Admin/ServerTrojanSave.php
@ -0,0 +1,47 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class ServerTrojanSave extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'show' => '',
+            'name' => 'required',
+            'group_id' => 'required|array',
+            'parent_id' => 'nullable|integer',
+            'host' => 'required',
+            'port' => 'required',
+            'server_port' => 'required',
+            'allow_insecure' => 'nullable|in:0,1',
+            'server_name' => 'nullable',
+            'tags' => 'nullable|array',
+            'rate' => 'required|numeric'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'name.required' => '节点名称不能为空',
+            'group_id.required' => '权限组不能为空',
+            'group_id.array' => '权限组格式不正确',
+            'parent_id.integer' => '父节点格式不正确',
+            'host.required' => '节点地址不能为空',
+            'port.required' => '连接端口不能为空',
+            'server_port.required' => '后端服务端口不能为空',
+            'allow_insecure.in' => '允许不安全格式不正确',
+            'tags.array' => '标签格式不正确',
+            'rate.required' => '倍率不能为空',
+            'rate.numeric' => '倍率格式不正确'
+        ];
+    }
+}
--- a/Show More
+++ b/Show More