feat: 登录大厅未设邮箱且未绑微信强引导弹窗并适配会话级防骚扰
This commit is contained in:
@@ -285,6 +285,57 @@
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{{-- ═══════════ 账号安全绑定强引导(邮箱/微信二选一) ═══════════ --}}
|
||||
@if (empty(Auth::user()->email) && empty(Auth::user()->wxid))
|
||||
<div id="security-bind-modal" style="display: none; position: fixed; inset: 0; background: rgba(15, 23, 42, 0.85); backdrop-filter: blur(5px); z-index: 20000; align-items: center; justify-content: center; padding: 20px;">
|
||||
<div style="background: #1e293b; border: 2px solid #c6a35b; border-radius: 8px; max-width: 440px; width: 100%; padding: 24px; box-shadow: 0 10px 30px rgba(0,0,0,0.6); position: relative; color: #f8fafc; text-align: left;">
|
||||
<h3 style="font-family: 'Noto Serif SC', serif; font-size: 18px; color: #c6a35b; margin-top: 0; margin-bottom: 14px; display: flex; align-items: center; gap: 8px;">
|
||||
🛡️ 账号安全绑定提醒
|
||||
</h3>
|
||||
<p style="font-size: 13.5px; line-height: 1.6; color: #cbd5e1; margin-bottom: 22px;">
|
||||
检测到您的账号<strong>尚未设置邮箱</strong>,也<strong>未绑定微信</strong>。<br>
|
||||
为了在您遗忘密码时能够自主找回,建议您至少绑定其中一项。您可前往设置录入邮箱,或者<strong>扫码添加并私聊我们的微信助手【小小】完成绑定</strong>。
|
||||
</p>
|
||||
<div style="display: flex; flex-direction: column; gap: 10px;">
|
||||
<button onclick="openSecuritySettings()" style="height: 42px; background: linear-gradient(90deg, #8d342d, #b91c1c); color: #fff; border: none; border-radius: 4px; font-weight: bold; cursor: pointer; font-size: 13.5px; transition: opacity 0.2s;">
|
||||
立即前往设置(查看微信小小二维码)
|
||||
</button>
|
||||
<button onclick="closeSecurityBindModal()" style="height: 38px; background: transparent; color: #94a3b8; border: 1px solid #475569; border-radius: 4px; cursor: pointer; font-size: 12.5px; transition: background 0.2s;">
|
||||
暂不设置,以后再说
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<script>
|
||||
document.addEventListener('DOMContentLoaded', function () {
|
||||
// 本次浏览器标签页会话期间仅强提醒一次,防止频繁刷新/切房骚扰
|
||||
if (!sessionStorage.getItem('security_bind_notified')) {
|
||||
const modal = document.getElementById('security-bind-modal');
|
||||
if (modal) {
|
||||
modal.style.display = 'flex';
|
||||
sessionStorage.setItem('security_bind_notified', '1');
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
function openSecuritySettings() {
|
||||
closeSecurityBindModal();
|
||||
// 自动拉起页面右侧的个人设置面板,里面包含微信绑定的二维码和绑定码
|
||||
const settingsModal = document.getElementById('settings-modal');
|
||||
if (settingsModal) {
|
||||
settingsModal.style.display = 'flex';
|
||||
}
|
||||
}
|
||||
|
||||
function closeSecurityBindModal() {
|
||||
const modal = document.getElementById('security-bind-modal');
|
||||
if (modal) {
|
||||
modal.style.display = 'none';
|
||||
}
|
||||
}
|
||||
</script>
|
||||
@endif
|
||||
|
||||
</body>
|
||||
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,92 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* 文件功能:大厅安全绑定强引导(邮箱/微信二选一)提示弹窗 Feature 测试
|
||||
*
|
||||
* @author ChatRoom Laravel
|
||||
*
|
||||
* @version 1.0.0
|
||||
*/
|
||||
|
||||
namespace Tests\Feature;
|
||||
|
||||
use App\Models\Room;
|
||||
use App\Models\User;
|
||||
use Illuminate\Foundation\Testing\RefreshDatabase;
|
||||
use Tests\TestCase;
|
||||
|
||||
class SecurityBindAlertTest extends TestCase
|
||||
{
|
||||
use RefreshDatabase;
|
||||
|
||||
/**
|
||||
* 创建测试用房间,防范 Room 未配置 Factory
|
||||
*/
|
||||
protected function createRoom(): Room
|
||||
{
|
||||
return Room::query()->create([
|
||||
'room_name' => '大厅',
|
||||
'room_owner' => '站长',
|
||||
'room_des' => '欢迎光临',
|
||||
'permit_level' => 0,
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* 测试当用户邮箱和微信均未绑定时,进入聊天室大厅页面会渲染安全绑定遮罩弹窗提示
|
||||
*/
|
||||
public function test_shows_bind_alert_modal_when_user_has_no_email_and_no_wechat(): void
|
||||
{
|
||||
$user = User::factory()->create([
|
||||
'email' => null,
|
||||
'wxid' => null,
|
||||
]);
|
||||
|
||||
$room = $this->createRoom();
|
||||
|
||||
$response = $this->actingAs($user)->get(route('chat.room', $room->id));
|
||||
|
||||
$response->assertStatus(200);
|
||||
$response->assertSee('security-bind-modal');
|
||||
$response->assertSee('账号安全绑定提醒');
|
||||
$response->assertSee('立即前往设置(查看微信小小二维码)');
|
||||
}
|
||||
|
||||
/**
|
||||
* 测试当用户已经设置了邮箱时,进入聊天室大厅页面不会弹出安全绑定提醒
|
||||
*/
|
||||
public function test_does_not_show_bind_alert_when_user_has_email(): void
|
||||
{
|
||||
$user = User::factory()->create([
|
||||
'email' => 'has.email@example.com',
|
||||
'wxid' => null,
|
||||
]);
|
||||
|
||||
$room = $this->createRoom();
|
||||
|
||||
$response = $this->actingAs($user)->get(route('chat.room', $room->id));
|
||||
|
||||
$response->assertStatus(200);
|
||||
$response->assertDontSee('security-bind-modal');
|
||||
$response->assertDontSee('账号安全绑定提醒');
|
||||
}
|
||||
|
||||
/**
|
||||
* 测试当用户已经绑定了微信时,进入聊天室大厅页面不会弹出安全提醒
|
||||
*/
|
||||
public function test_does_not_show_bind_alert_when_user_has_wechat(): void
|
||||
{
|
||||
$user = User::factory()->create([
|
||||
'email' => null,
|
||||
'wxid' => 'wxid_test_123',
|
||||
]);
|
||||
|
||||
$room = $this->createRoom();
|
||||
|
||||
$response = $this->actingAs($user)->get(route('chat.room', $room->id));
|
||||
|
||||
$response->assertStatus(200);
|
||||
$response->assertDontSee('security-bind-modal');
|
||||
$response->assertDontSee('账号安全绑定提醒');
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user