feat: 登录大厅未设邮箱且未绑微信强引导弹窗并适配会话级防骚扰

This commit is contained in:
pllx
2026-07-01 11:24:30 +08:00
parent 563ac99348
commit 0006b7bcf6
2 changed files with 143 additions and 0 deletions
+51
View File
@@ -285,6 +285,57 @@
</div>
</div>
{{-- ═══════════ 账号安全绑定强引导(邮箱/微信二选一) ═══════════ --}}
@if (empty(Auth::user()->email) && empty(Auth::user()->wxid))
<div id="security-bind-modal" style="display: none; position: fixed; inset: 0; background: rgba(15, 23, 42, 0.85); backdrop-filter: blur(5px); z-index: 20000; align-items: center; justify-content: center; padding: 20px;">
<div style="background: #1e293b; border: 2px solid #c6a35b; border-radius: 8px; max-width: 440px; width: 100%; padding: 24px; box-shadow: 0 10px 30px rgba(0,0,0,0.6); position: relative; color: #f8fafc; text-align: left;">
<h3 style="font-family: 'Noto Serif SC', serif; font-size: 18px; color: #c6a35b; margin-top: 0; margin-bottom: 14px; display: flex; align-items: center; gap: 8px;">
🛡️ 账号安全绑定提醒
</h3>
<p style="font-size: 13.5px; line-height: 1.6; color: #cbd5e1; margin-bottom: 22px;">
检测到您的账号<strong>尚未设置邮箱</strong>,也<strong>未绑定微信</strong><br>
为了在您遗忘密码时能够自主找回,建议您至少绑定其中一项。您可前往设置录入邮箱,或者<strong>扫码添加并私聊我们的微信助手【小小】完成绑定</strong>
</p>
<div style="display: flex; flex-direction: column; gap: 10px;">
<button onclick="openSecuritySettings()" style="height: 42px; background: linear-gradient(90deg, #8d342d, #b91c1c); color: #fff; border: none; border-radius: 4px; font-weight: bold; cursor: pointer; font-size: 13.5px; transition: opacity 0.2s;">
立即前往设置(查看微信小小二维码)
</button>
<button onclick="closeSecurityBindModal()" style="height: 38px; background: transparent; color: #94a3b8; border: 1px solid #475569; border-radius: 4px; cursor: pointer; font-size: 12.5px; transition: background 0.2s;">
暂不设置,以后再说
</button>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function () {
// 本次浏览器标签页会话期间仅强提醒一次,防止频繁刷新/切房骚扰
if (!sessionStorage.getItem('security_bind_notified')) {
const modal = document.getElementById('security-bind-modal');
if (modal) {
modal.style.display = 'flex';
sessionStorage.setItem('security_bind_notified', '1');
}
}
});
function openSecuritySettings() {
closeSecurityBindModal();
// 自动拉起页面右侧的个人设置面板,里面包含微信绑定的二维码和绑定码
const settingsModal = document.getElementById('settings-modal');
if (settingsModal) {
settingsModal.style.display = 'flex';
}
}
function closeSecurityBindModal() {
const modal = document.getElementById('security-bind-modal');
if (modal) {
modal.style.display = 'none';
}
}
</script>
@endif
</body>
</html>
+92
View File
@@ -0,0 +1,92 @@
<?php
/**
* 文件功能:大厅安全绑定强引导(邮箱/微信二选一)提示弹窗 Feature 测试
*
* @author ChatRoom Laravel
*
* @version 1.0.0
*/
namespace Tests\Feature;
use App\Models\Room;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
class SecurityBindAlertTest extends TestCase
{
use RefreshDatabase;
/**
* 创建测试用房间,防范 Room 未配置 Factory
*/
protected function createRoom(): Room
{
return Room::query()->create([
'room_name' => '大厅',
'room_owner' => '站长',
'room_des' => '欢迎光临',
'permit_level' => 0,
]);
}
/**
* 测试当用户邮箱和微信均未绑定时,进入聊天室大厅页面会渲染安全绑定遮罩弹窗提示
*/
public function test_shows_bind_alert_modal_when_user_has_no_email_and_no_wechat(): void
{
$user = User::factory()->create([
'email' => null,
'wxid' => null,
]);
$room = $this->createRoom();
$response = $this->actingAs($user)->get(route('chat.room', $room->id));
$response->assertStatus(200);
$response->assertSee('security-bind-modal');
$response->assertSee('账号安全绑定提醒');
$response->assertSee('立即前往设置(查看微信小小二维码)');
}
/**
* 测试当用户已经设置了邮箱时,进入聊天室大厅页面不会弹出安全绑定提醒
*/
public function test_does_not_show_bind_alert_when_user_has_email(): void
{
$user = User::factory()->create([
'email' => 'has.email@example.com',
'wxid' => null,
]);
$room = $this->createRoom();
$response = $this->actingAs($user)->get(route('chat.room', $room->id));
$response->assertStatus(200);
$response->assertDontSee('security-bind-modal');
$response->assertDontSee('账号安全绑定提醒');
}
/**
* 测试当用户已经绑定了微信时,进入聊天室大厅页面不会弹出安全提醒
*/
public function test_does_not_show_bind_alert_when_user_has_wechat(): void
{
$user = User::factory()->create([
'email' => null,
'wxid' => 'wxid_test_123',
]);
$room = $this->createRoom();
$response = $this->actingAs($user)->get(route('chat.room', $room->id));
$response->assertStatus(200);
$response->assertDontSee('security-bind-modal');
$response->assertDontSee('账号安全绑定提醒');
}
}