Merge remote-tracking branch 'origin/master'

app/Http/Controllers/Api/Auth/AuthController.php

@@ -2,13 +2,16 @@
 
 namespace App\Http\Controllers\Api\Auth;
 
+use App\Models\Company;
+use App\Models\Member;
+use App\Models\MemberInfo;
+use App\Models\ThirdToken;
 use App\Models\WechatAuth;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Api\ApiBaseController;
 use Illuminate\Support\Facades\Validator;
 use App\Services\Auth\AuthService;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Session;
 use App\Services\Common\WechatService;
 
 class AuthController extends ApiBaseController
@@ -84,7 +87,7 @@ class AuthController extends ApiBaseController
         $state = $request->input('state', '');
 
         //存参数
-        $auth = WechatAuth::create(['url'=>$url,'state'=>$state]);
+        $auth = WechatAuth::create(['url' => $url, 'state' => $state]);
 
         //微信授权
         $wechat_url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid={$app_id}&redirect_uri={$redirect_uri}&response_type=code&scope=snsapi_userinfo&state={$auth['id']}#wechat_redirect";
@@ -101,19 +104,19 @@ class AuthController extends ApiBaseController
         $wechatUser      = $officialAccount->oauth->user()->getOriginal();
 
         //回调
-        $id = $request->input('state');
-        $auth = WechatAuth::where('id',$id)->first();
+        $id                  = $request->input('state');
+        $auth                = WechatAuth::where('id', $id)->first();
         $wechatUser['state'] = $auth['state'];
         unset($wechatUser['privilege']);
 
         //循环拼接表单项
-        $formItemString = '' ;
-        foreach ( $wechatUser  as  $key => $value ){
-            $formItemString .= "<input name='{$key}' type='text' value='{$value}'/>" ;
+        $formItemString = '';
+        foreach ($wechatUser as $key => $value) {
+            $formItemString .= "<input name='{$key}' type='text' value='{$value}'/>";
         }
 
         //构造表单并跳转
-        $content =<<<EOF
+        $content = <<<EOF
 <form style= 'display:none'  name= 'submit_form'  id= 'submit_form'  action= '{$auth["url"]}'  method= 'post' >
 { $formItemString }
 </form>
@@ -122,7 +125,7 @@ document.submit_form.submit();
 </script>
 EOF;
 
-        exit ( $content );
+        exit ($content);
     }
 
     public function test(Request $request)
@@ -130,4 +133,68 @@ EOF;
         dd($request->post());
     }
 
+    /**
+     * 根据token获取信息
+     */
+    public function getInfoByToken(Request $request)
+    {
+        $token = $request->header('token');
+        if (empty($token)) {
+            return response()->json([
+                'code'    => 2,
+                'message' => '请输入token',
+            ]);
+        }
+
+        $token_info = ThirdToken::where('token', $token)->first();
+        if (empty($token_info)) {
+            return response()->json([
+                'code'    => 2,
+                'message' => 'token错误',
+            ]);
+        }
+
+        $expire = strtotime($token_info['expire_at']);
+        if ($expire < time()) {
+            return response()->json([
+                'code'    => 2,
+                'message' => 'token已过期',
+            ]);
+        }
+
+        $token_info->expire_at = date('Y-m-d H:i:s', time() + 7200);
+        $token_info->save();
+
+        if ($token_info['type'] == 1) {
+            $member      = Member::where('id', $token_info['type_id'])->first();
+            $member_info = MemberInfo::where('uid', $token_info['type_id'])->first();
+            $info        = [
+                'id'       => $token_info['type_id'],
+                'type'     => 1,
+                'realname' => $member_info['realname'],
+                'avatar'   => $member['avatars'] ? upload_asset($member['avatars']) : '',
+                'sex'      => $member_info['sex'],
+                'mobile'   => $member['mobile'],
+                'email'    => $member['email'],
+            ];
+        } elseif ($token_info['type'] == 2) {
+            $company = Company::where('id', $token_info['type_id'])->first();
+            $info    = [
+                'id'          => $token_info['type_id'],
+                'type'        => 2,
+                'companyname' => $company['companyname'],
+                'logo'        => $company['logo'] ? upload_asset($company['logo']) : '',
+                'mobile'      => $company['mobile'],
+                'email'       => $company['email'],
+                'address'     => $company['address'],
+                'contact'     => $company['contact'],
+            ];
+        }
+
+        return response()->json([
+            'code'    => 1,
+            'data'    => $info,
+            'message' => '成功',
+        ]);
+    }
 }

app/Http/Controllers/Mobile/Auth/LoginController.php

@@ -7,6 +7,7 @@ use App\Http\Controllers\Mobile\MobileBaseController;
 use App\Services\Auth\AuthService;
 use App\Services\Common\GeetestService;
 use App\Services\Common\SmsService;
+use App\Services\CommonService;
 use App\Validators\AuthValidatorRequest;
 use Closure;
 use Illuminate\Support\Facades\Auth;
@@ -96,16 +97,16 @@ class LoginController extends MobileBaseController
             );
 
             $redis = Cache::getRedis();
-            $value = $redis->get('user_'.$request->account);
+            $value = $redis->get('user_' . $request->account);
             //dd($value);
-            if(!$value){
+            if (!$value) {
                 $value = 0;
             }
-            if($value >= 5){
-                $redis->expire('user_'.$request->account,900);
+            if ($value >= 5) {
+                $redis->expire('user_' . $request->account, 900);
                 return $this->sendErrorResponse("连续登录失败5次，请15分钟后再尝试！", $data);
             }
-            $redis->set('user_'.$request->account,++$value);
+            $redis->set('user_' . $request->account, ++$value);
 
             return $this->sendErrorResponse("账号或密码错误或密码已超过90天未修改，请使用找回密码功能", $data);
 
@@ -114,9 +115,12 @@ class LoginController extends MobileBaseController
             Auth::guard('web-member')->logout();
             return $this->sendErrorResponse("你的账号处于封禁状态, 请联系管理员");
         }
+        $token = CommonService::createToken(1, $member->id);
         return $this->sendSuccessResponse([
             'redirect_url' => url($request->session()
-                ->pull('url.intended', route($this->sub_site . 'mobile.person.index')))]);
+                ->pull('url.intended', route($this->sub_site . 'mobile.person.index'))),
+            'token'        => $token,
+        ]);
     }
 
     public function loginBySms(AuthValidatorRequest $request)
@@ -144,9 +148,12 @@ class LoginController extends MobileBaseController
             Auth::guard('web-member')->logout();
             return $this->sendErrorResponse("你的账号处于封禁状态, 请联系管理员");
         }
+        $token = CommonService::createToken(1, $member->id);
         return $this->sendSuccessResponse([
             'redirect_url' => url($request->session()
-                ->pull('url.intended', route($this->sub_site . 'mobile.person.index')))]);
+                ->pull('url.intended', route($this->sub_site . 'mobile.person.index'))),
+            'token'        => $token,
+        ]);
     }
 
 
@@ -163,17 +170,17 @@ class LoginController extends MobileBaseController
             $data['is_need_geetest'] = $this->geetestService->isNeedGeetest(
                 config('aix.system.site_safety.site_vo_code.members_login')
             );
-            $redis = Cache::getRedis();
-            $value = $redis->get('user_'.$request->account);
+            $redis                   = Cache::getRedis();
+            $value                   = $redis->get('user_' . $request->account);
             //dd($value);
-            if(!$value){
+            if (!$value) {
                 $value = 0;
             }
-            if($value >= 5){
-                $redis->expire('user_'.$request->account,900);
+            if ($value >= 5) {
+                $redis->expire('user_' . $request->account, 900);
                 return $this->sendErrorResponse("连续登录失败5次，请15分钟后再尝试！", $data);
             }
-            $redis->set('user_'.$request->account,++$value);
+            $redis->set('user_' . $request->account, ++$value);
 
             return $this->sendErrorResponse("账号或密码错误或密码已超过90天未修改，请使用找回密码功能", $data);
         }
@@ -181,9 +188,11 @@ class LoginController extends MobileBaseController
             Auth::guard('web-company')->logout();
             return $this->sendErrorResponse("你的账号处于封禁状态, 请联系管理员");
         }
+        $token = CommonService::createToken(2, $company->id);
         return $this->sendSuccessResponse([
-            'redirect_url' => url($request->session()->pull('url.intended', route($this->sub_site . 'mobile.firm.index'))
-            )]);
+            'redirect_url' => url($request->session()->pull('url.intended', route($this->sub_site . 'mobile.firm.index'))),
+            'token'        => $token,
+        ]);
     }
 
     public function logout()

app/Http/Kernel.php

@@ -65,23 +65,24 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $routeMiddleware = [
-        'auth'              => \Illuminate\Auth\Middleware\Authenticate::class,
-        'auth.basic'        => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
-        'bindings'          => \Illuminate\Routing\Middleware\SubstituteBindings::class,
-        'can'               => \Illuminate\Auth\Middleware\Authorize::class,
-        'guest'             => \App\Http\Middleware\RedirectIfAuthenticated::class,
-        'personAuth'        => \App\Http\Middleware\PersonAuth::class,
-        'aioPersonAuth'     => \App\Http\Middleware\AioPersonAuth::class,
-        'MobilePersonAuth'  => \App\Http\Middleware\MobilePersonAuth::class,
-        'companyAuth'       => \App\Http\Middleware\CompanyAuth::class,
-        'companyInfoAuth'   => \App\Http\Middleware\companyInfoAuth::class,
-        'MobileCompanyAuth' => \App\Http\Middleware\MobileCompanyAuth::class,
-        'MobileActiveForm'  => \App\Http\Middleware\MobileActiveForm::class,
-        'throttle'          => \Illuminate\Routing\Middleware\ThrottleRequests::class,
-        'Jobfair'           => \App\Http\Middleware\Jobfair::class,
-        'PadAuth'           => \App\Http\Middleware\PadAuth::class,
+        'auth'                     => \Illuminate\Auth\Middleware\Authenticate::class,
+        'auth.basic'               => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
+        'bindings'                 => \Illuminate\Routing\Middleware\SubstituteBindings::class,
+        'can'                      => \Illuminate\Auth\Middleware\Authorize::class,
+        'guest'                    => \App\Http\Middleware\RedirectIfAuthenticated::class,
+        'personAuth'               => \App\Http\Middleware\PersonAuth::class,
+        'crossDomain'              => \App\Http\Middleware\CrossDomain::class,
+        'aioPersonAuth'            => \App\Http\Middleware\AioPersonAuth::class,
+        'MobilePersonAuth'         => \App\Http\Middleware\MobilePersonAuth::class,
+        'companyAuth'              => \App\Http\Middleware\CompanyAuth::class,
+        'companyInfoAuth'          => \App\Http\Middleware\companyInfoAuth::class,
+        'MobileCompanyAuth'        => \App\Http\Middleware\MobileCompanyAuth::class,
+        'MobileActiveForm'         => \App\Http\Middleware\MobileActiveForm::class,
+        'throttle'                 => \Illuminate\Routing\Middleware\ThrottleRequests::class,
+        'Jobfair'                  => \App\Http\Middleware\Jobfair::class,
+        'PadAuth'                  => \App\Http\Middleware\PadAuth::class,
         'jkq.mobile.OfficialCheck' => OfficialCheck::class,
-        'jkq.mobile.WechatCheck' => WechatCheck::class,
-        'jkq.mobile.SubSite' => SubSite::class,
+        'jkq.mobile.WechatCheck'   => WechatCheck::class,
+        'jkq.mobile.SubSite'       => SubSite::class,
     ];
 }

app/Http/Middleware/CrossDomain.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class CrossDomain
+{
+
+    public function handle($request, Closure $next)
+    {
+        header('Access-Control-Allow-Origin: *');
+        return $next($request);
+    }
+}

app/Models/ThirdToken.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+
+class ThirdToken extends Model
+{
+    protected $table = 'third_token';
+
+    protected $fillable = [
+        'type',
+        'type_id',
+        'token',
+        'expire_at',
+    ];
+}

app/Services/CommonService.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Services;
+
+use App\Models\ThirdToken;
+
+class CommonService
+{
+    public static function createToken($type, $type_id, $v = 1)
+    {
+        $key   = mt_rand();
+        $hash  = hash_hmac("sha1", $v . mt_rand() . time(), $key, true);
+        $token = str_replace('=', '', strtr(base64_encode($hash), '+/', '-_'));
+
+        ThirdToken::create([
+            'type'      => $type,
+            'type_id'   => $type_id,
+            'token'     => $token,
+            'expire_at' => date('Y-m-d H:i:s', time() + 7200),
+        ]);
+
+        return $token;
+    }
+}

public/index.php

@@ -6,7 +6,9 @@
  * @package  Laravel
  * @author   Taylor Otwell <taylor@laravel.com>
  */
-
+header('Access-Control-Allow-Origin: https://rencai.jiangzi.xin');
+header("Access-Control-Allow-Methods:GET, POST, OPTIONS, DELETE");
+header("Access-Control-Allow-Headers:*");
 define('LARAVEL_START', microtime(true));
 
 /*

public/themes/default/views/mobile/app/auth/login.blade.php

@@ -217,7 +217,7 @@
                         success: function (data) {
                             //console.log(data);
                             qsToast({type:2,context: "登录成功, 正在跳转..."});
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;
                         },
                         error: function (errorData) {
                             //console.log(errorData);
@@ -259,7 +259,7 @@
                             //console.log(data);
                             $("#message_mobile").addClass("successinfo");
                             $("#message_mobile").text("登录成功, 正在跳转...");
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;
                         },
                         error: function (errorData) {
                             //console.log(errorData);
@@ -302,7 +302,7 @@
                             //console.log(data);
                             $("#message_company").addClass("successinfo");
                             $("#message_company").text("登录成功, 正在跳转...");
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;
                         },
                         error: function (errorData) {
                             //console.log(errorData);

public/themes/default/views/mobile/app/auth/login_company.blade.php

@@ -215,7 +215,7 @@
                         success: function (data) {
                             //console.log(data);
                             qsToast({type:2,context: "登录成功, 正在跳转..."});
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;;
                         },
                         error: function (errorData) {
                             //console.log(errorData);
@@ -257,7 +257,7 @@
                             //console.log(data);
                             $("#message_mobile").addClass("successinfo");
                             $("#message_mobile").text("登录成功, 正在跳转...");
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;;
                         },
                         error: function (errorData) {
                             //console.log(errorData);
@@ -293,7 +293,7 @@
                         success: function (data) {
                             //console.log(data);
                             qsToast({type:2,context: "登录成功, 正在跳转..."});
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;;
                         },
                         error: function (errorData) {
                             //console.log(errorData);

public/themes/default/views/mobile/app/auth/login_mobile.blade.php

@@ -233,7 +233,7 @@
                         success: function (data) {
                             //console.log(data);
                             qsToast({type:2,context: "登录成功, 正在跳转..."});
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;;
                         },
                         error: function (errorData) {
                             //console.log(errorData);
@@ -268,7 +268,7 @@
                         success: function (data) {
                             //console.log(data);
                             qsToast({type:2,context: "登录成功, 正在跳转..."});
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;;
                         },
                         error: function (errorData) {
                             var response=$.parseJSON(errorData.response);
@@ -310,7 +310,7 @@
                             //console.log(data);
                             $("#message_company").addClass("successinfo");
                             $("#message_company").text("登录成功, 正在跳转...");
-                            location.href=data.data.redirect_url;
+                            location.href=data.data.redirect_url+'?token='+data.data.token;;
                         },
                         error: function (errorData) {
                             //console.log(errorData);

routes/api.php

@@ -107,6 +107,7 @@ Route::group([
     $router->get('wechat_auth', 'Api\Auth\AuthController@wechatAuth')->name('api.auth.wechat_auth');
     $router->get('wechat_auth_back', 'Api\Auth\AuthController@wechatAuthBack')->name('api.auth.wechat_auth_back');
     $router->post('test', 'Api\Auth\AuthController@test')->name('api.auth.test');
+    $router->post('getInfoByToken', 'Api\Auth\AuthController@getInfoByToken')->name('api.auth.getInfoByToken');
 });
 
 /*抖音招聘*/