lkddi/chatroom
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
50fc8044028865366ee2ecf502228cac232699ab
chatroom/app/Http/Controllers/AuthController.php
lkddi 50fc804402 feat: 实现挂机修仙、排行榜、大厅重构与全站留言板系统 
- (Phase 8) 后台各维度管理与配置
- (Phase 9) 全自动静默挂机修仙升级
- (Phase 9) 四大维度风云排行榜页面
- (Phase 10) 全站留言板与悄悄话私信功能
- 运行 Pint 代码格式化
2026-02-26 13:35:38 +08:00

122 lines
3.6 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
/**
* 文件功能:认证控制器 (处理登录即注册等逻辑)
*
* @author ChatRoom Laravel
*
* @version 1.0.0
*/
namespace App\Http\Controllers;
use App\Http\Requests\LoginRequest;
use App\Models\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class AuthController extends Controller
{
/**
* 处理用户登录/注册尝试。
* 逻辑:
* 1. 如果用户已存在验证密码。为了兼容老数据库先验证Bcrypt再退化验证MD5。如果MD5正确则升级为Bcrypt。
* 2. 如果用户不存在,直接注册新用户并登录。
*/
public function login(LoginRequest $request): JsonResponse
{
$credentials = $request->validated();
$username = $credentials['username'];
$password = $credentials['password'];
$ip = $request->ip();
$user = User::where('username', $username)->first();
if ($user) {
// 用户存在,验证密码
if (Hash::check($password, $user->password)) {
// Bcrypt 验证通过
$this->performLogin($user, $ip);
return response()->json(['status' => 'success', 'message' => '登录成功']);
}
// 退化为 MD5 验证(兼容原 ASP 系统的老密码)
if (md5($password) === $user->password) {
// MD5 验证通过,升级密码为 Bcrypt
$user->password = Hash::make($password);
$user->save();
$this->performLogin($user, $ip);
return response()->json(['status' => 'success', 'message' => '登录成功,且安全策略已自动升级']);
}
// 密码错误
return response()->json([
'status' => 'error',
'message' => '密码错误,请重试。',
], 422);
}
// --- 核心:第一次登录即为注册 ---
$newUser = User::create([
'username' => $username,
'password' => Hash::make($password),
'first_ip' => $ip,
'last_ip' => $ip,
'user_level' => 1, // 默认普通用户等级
'sex' => '保密', // 默认性别
// 如果原表里还有其他必填字段,在这里初始化默认值
]);
$this->performLogin($newUser, $ip);
return response()->json(['status' => 'success', 'message' => '注册并登录成功!']);
}
/**
* 执行实际的登录操作并记录时间、IP 等。
*/
private function performLogin(User $user, string $ip): void
{
Auth::login($user);
// 更新最后登录IP和时间
$user->update([
'last_ip' => $ip,
'log_time' => now(),
'in_time' => now(),
]);
// 可选:将用户登录状态也同步写入原有的 IpLog 模型,以便数据归档查询
\App\Models\IpLog::create([
'ip' => $ip,
'sdate' => now(),
'uuname' => $user->username,
]);
}
/**
* 退出登录
*/
public function logout(Request $request): JsonResponse
{
if (Auth::check()) {
$user = Auth::user();
// 记录退出时间
$user->update(['out_time' => now()]);
}
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return response()->json(['status' => 'success', 'message' => '已成功退出。']);
}
}
Reference in New Issue View Git Blame Copy Permalink