diff --git a/app/Domains/Company/Http/Controllers/AccountController.php b/app/Domains/Company/Http/Controllers/AccountController.php index 465cfd16..b0606b3c 100644 --- a/app/Domains/Company/Http/Controllers/AccountController.php +++ b/app/Domains/Company/Http/Controllers/AccountController.php @@ -3,6 +3,7 @@ namespace App\Domains\Company\Http\Controllers; use App\Core\Controller; use Illuminate\Http\Request; +use App\Domains\Sms\Services\SmsService; use App\Domains\Virtual\Services\CompanyAccountService; class AccountController extends Controller @@ -25,39 +26,17 @@ class AccountController extends Controller * * @return \Illuminate\Http\Response */ - public function passwordByOld() + public function password() { - $oldPassword = $this->request->get('old_password'); - $password = $this->request->get('password'); + $newPassword = $this->request->get('new_password'); - if ($this->account->password !== md5($oldPassword . $this->account->salt)) { - return err('原密码不正确'); - } - - if ($this->account->password === md5($password . $this->account->salt)) { + if ($this->account->password === md5($newPassword . $this->account->salt)) { return err('密码未修改'); } $attributes = [ 'id' => $this->account->id, - 'password' => $password, - ]; - - $account = $this->companyAccountService->store($attributes); - - return res($account, '修改成功'); - } - - /** - * 修改密码. - * - * @return \Illuminate\Http\Response - */ - public function password() - { - $attributes = [ - 'id' => $this->account->id, - 'password' => $this->request->get('password'), + 'password' => $newPassword, ]; $account = $this->companyAccountService->store($attributes); @@ -81,4 +60,48 @@ class AccountController extends Controller return res($account, '修改成功'); } + + /** + * 找回密码 + * + * @return void + */ + public function resetStep1() + { + $username = $this->request->get('username'); + + if (!$this->account = $this->companyAccountService->fetch($username)) { + return err('用户名不存在'); + } + + if (empty($this->account->mobile)) { + return err('用户未绑定手机号'); + } + + $freqsecs = app(SmsService::class)->sendVcode($this->account->mobile, '密码找回'); + + return res(['freg' => $freqsecs], '发送成功'); + } + + /** + * 找回密码 + * + * @return void + */ + public function resetStep2() + { + $username = $this->request->get('username'); + + if (!$this->account = $this->companyAccountService->fetch($username)) { + return err('用户名不存在'); + } + + if (empty($this->account->mobile)) { + return err('用户未绑定手机号'); + } + + app(SmsService::class)->verifyCode($this->account->mobile, $this->request->get('verify_code')); + + return $this->password(); + } } diff --git a/app/Domains/Company/Http/Middleware/PasswordAuthenticate.php b/app/Domains/Company/Http/Middleware/PasswordAuthenticate.php new file mode 100644 index 00000000..e9ec5a0e --- /dev/null +++ b/app/Domains/Company/Http/Middleware/PasswordAuthenticate.php @@ -0,0 +1,24 @@ +user('company'); + $password = $request->get('password', ''); + + if ($account->password !== md5($password . $account->salt)) { + throw new NotAllowedException('密码不正确'); + } + + return $next($request); + } +} diff --git a/app/Domains/Company/Providers/CompanyServiceProvider.php b/app/Domains/Company/Providers/CompanyServiceProvider.php index 694fb05c..98862991 100644 --- a/app/Domains/Company/Providers/CompanyServiceProvider.php +++ b/app/Domains/Company/Providers/CompanyServiceProvider.php @@ -29,5 +29,6 @@ class CompanyServiceProvider extends ServiceProvider public function register() { $this->app->register(RouteServiceProvider::class); + $this->app->register(MiddlewareServiceProvider::class); } } diff --git a/app/Domains/Company/Providers/MiddlewareServiceProvider.php b/app/Domains/Company/Providers/MiddlewareServiceProvider.php new file mode 100644 index 00000000..d27cb7ff --- /dev/null +++ b/app/Domains/Company/Providers/MiddlewareServiceProvider.php @@ -0,0 +1,29 @@ + + */ +class MiddlewareServiceProvider extends ServiceProvider +{ + /** + * 全局中间件 + * + * @var array + */ + protected $middleware = []; + + /** + * 路由中间件 + * + * @var array + */ + protected $routeMiddleware = [ + 'company_password' => \App\Domains\Company\Http\Middleware\PasswordAuthenticate::class, + ]; +} diff --git a/app/Domains/Company/Routes/api.php b/app/Domains/Company/Routes/api.php index 6a3b6eb8..5543ca80 100644 --- a/app/Domains/Company/Routes/api.php +++ b/app/Domains/Company/Routes/api.php @@ -5,8 +5,10 @@ $router->group(['prefix' => 'companies', 'as' => 'companies', 'middleware' => [' // The controllers live in Domains/Company/Http/Controllers $router->get('/', ['as' => 'index', 'uses' => 'AccountController@index']); - $router->post('/account/password_by_old', ['as' => 'account.passwordByOld', 'uses' => 'AccountController@passwordByOld']); - $router->post('/account/password', ['as' => 'account.password', 'uses' => 'AccountController@password', 'middleware' => ['verify_code']]); + $router->get('/account/reset', ['as' => 'account.resetStep1', 'uses' => 'AccountController@resetStep1', 'middleware' => ['captcha']]); + $router->post('/account/reset', ['as' => 'account.resetStep2', 'uses' => 'AccountController@resetStep2']); + $router->post('/account/password_by_old', ['as' => 'account.passwordByOld', 'uses' => 'AccountController@password', 'middleware' => ['company_password']]); + $router->post('/account/password_by_sms', ['as' => 'account.passwordBySms', 'uses' => 'AccountController@password', 'middleware' => ['verify_code']]); $router->post('/account/mobile', ['as' => 'account.mobile', 'uses' => 'AccountController@mobile', 'middleware' => ['verify_code']]); /** diff --git a/app/Domains/Sms/Services/SmsService.php b/app/Domains/Sms/Services/SmsService.php index 91f7db0b..c85af515 100755 --- a/app/Domains/Sms/Services/SmsService.php +++ b/app/Domains/Sms/Services/SmsService.php @@ -72,7 +72,7 @@ class SmsService extends Service $freqsecs = 60; // 重试时间 $verifyCode = rand(100000, 999999); - $message = new VcodeMessage(['code' => $code, 'product' => $product]); + $message = new VcodeMessage(['code' => $verifyCode, 'product' => $product]); $this->send($mobile, $message); Cache::put(self::$cacheVcodePrefix.$mobile, [