diff --git a/app/Http/Admin/Controllers/SettingController.php b/app/Http/Admin/Controllers/SettingController.php index 24c70aa3..71e41fc0 100644 --- a/app/Http/Admin/Controllers/SettingController.php +++ b/app/Http/Admin/Controllers/SettingController.php @@ -298,4 +298,33 @@ class SettingController extends Controller } } + /** + * @Route("/oauth", name="admin.setting.oauth") + */ + public function oauthAction() + { + $settingService = new SettingService(); + + if ($this->request->isPost()) { + + $section = $this->request->getPost('section', 'string'); + + $data = $this->request->getPost(); + + $settingService->updateSettings($section, $data); + + return $this->jsonSuccess(['msg' => '更新配置成功']); + + } else { + + $qqAuth = $settingService->getQQAuthSettings(); + $weixinAuth = $settingService->getWeixinAuthSettings(); + $weiboAuth = $settingService->getWeiboAuthSettings(); + + $this->view->setVar('qq_auth', $qqAuth); + $this->view->setVar('weixin_auth', $weixinAuth); + $this->view->setVar('weibo_auth', $weiboAuth); + } + } + } diff --git a/app/Http/Admin/Services/AuthNode.php b/app/Http/Admin/Services/AuthNode.php index 43fb64fd..427c9924 100644 --- a/app/Http/Admin/Services/AuthNode.php +++ b/app/Http/Admin/Services/AuthNode.php @@ -744,6 +744,12 @@ class AuthNode extends Service 'type' => 'menu', 'route' => 'admin.setting.im', ], + [ + 'id' => '5-1-12', + 'title' => '开放登录', + 'type' => 'menu', + 'route' => 'admin.setting.oauth', + ], ], ], ], diff --git a/app/Http/Admin/Services/Setting.php b/app/Http/Admin/Services/Setting.php index b75f2f77..45c11719 100644 --- a/app/Http/Admin/Services/Setting.php +++ b/app/Http/Admin/Services/Setting.php @@ -9,6 +9,33 @@ use App\Repos\Vip as VipRepo; class Setting extends Service { + public function getQQAuthSettings() + { + $oauth = $this->getSettings('oauth.qq'); + + $oauth['redirect_uri'] = $oauth['redirect_uri'] ?: kg_full_url(['for' => 'home.oauth.qq_callback']); + + return $oauth; + } + + public function getWeixinAuthSettings() + { + $oauth = $this->getSettings('oauth.weixin'); + + $oauth['redirect_uri'] = $oauth['redirect_uri'] ?: kg_full_url(['for' => 'home.oauth.weixin_callback']); + + return $oauth; + } + + public function getWeiboAuthSettings() + { + $oauth = $this->getSettings('oauth.weibo'); + + $oauth['redirect_uri'] = $oauth['redirect_uri'] ?: kg_full_url(['for' => 'home.oauth.weibo_callback']); + + return $oauth; + } + public function getAlipaySettings() { $alipay = $this->getSettings('pay.alipay'); diff --git a/app/Http/Admin/Views/setting/oauth.volt b/app/Http/Admin/Views/setting/oauth.volt new file mode 100644 index 00000000..15b714b7 --- /dev/null +++ b/app/Http/Admin/Views/setting/oauth.volt @@ -0,0 +1,24 @@ +{% extends 'templates/main.volt' %} + +{% block content %} + +
+ +
+
+ {{ partial('setting/oauth_qq') }} +
+
+ {{ partial('setting/oauth_weixin') }} +
+
+ {{ partial('setting/oauth_weibo') }} +
+
+
+ +{% endblock %} \ No newline at end of file diff --git a/app/Http/Admin/Views/setting/oauth_qq.volt b/app/Http/Admin/Views/setting/oauth_qq.volt new file mode 100644 index 00000000..2f0d2f9a --- /dev/null +++ b/app/Http/Admin/Views/setting/oauth_qq.volt @@ -0,0 +1,35 @@ +
+
+ +
+ + +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ + + +
+
+
\ No newline at end of file diff --git a/app/Http/Admin/Views/setting/oauth_weibo.volt b/app/Http/Admin/Views/setting/oauth_weibo.volt new file mode 100644 index 00000000..c7ca6bae --- /dev/null +++ b/app/Http/Admin/Views/setting/oauth_weibo.volt @@ -0,0 +1,35 @@ +
+
+ +
+ + +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ + + +
+
+
\ No newline at end of file diff --git a/app/Http/Admin/Views/setting/oauth_weixin.volt b/app/Http/Admin/Views/setting/oauth_weixin.volt new file mode 100644 index 00000000..4c08c355 --- /dev/null +++ b/app/Http/Admin/Views/setting/oauth_weixin.volt @@ -0,0 +1,35 @@ +
+
+ +
+ + +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ + + +
+
+
\ No newline at end of file diff --git a/app/Http/Home/Controllers/ConnectController.php b/app/Http/Home/Controllers/ConnectController.php new file mode 100644 index 00000000..d5dc0a74 --- /dev/null +++ b/app/Http/Home/Controllers/ConnectController.php @@ -0,0 +1,149 @@ +getAuthorizeUrl(ConnectModel::PROVIDER_QQ); + + return $this->response->redirect($url, true); + } + + /** + * @Get("/weixin", name="home.oauth.weixin") + */ + public function weixinAction() + { + $service = new ConnectService(); + + $url = $service->getAuthorizeUrl(ConnectModel::PROVIDER_WEIXIN); + + return $this->response->redirect($url, true); + } + + /** + * @Get("/weibo", name="home.oauth.weibo") + */ + public function weiboAction() + { + $service = new ConnectService(); + + $url = $service->getAuthorizeUrl(ConnectModel::PROVIDER_WEIBO); + + return $this->response->redirect($url, true); + } + + /** + * @Get("/qq/callback", name="home.oauth.qq_callback") + */ + public function qqCallbackAction() + { + $service = new ConnectService(); + + if ($this->authUser->id > 0) { + + $service->bindUser(ConnectModel::PROVIDER_QQ); + + return $this->response->redirect(['for' => 'home.uc.account']); + } + + $captcha = $service->getSettings('captcha'); + + $this->view->pick('connect/bind'); + $this->view->setVar('captcha', $captcha); + $this->view->setVar('provider', ConnectModel::PROVIDER_QQ); + } + + /** + * @Get("/weixin/callback", name="home.oauth.weixin_callback") + */ + public function weixinCallbackAction() + { + $service = new ConnectService(); + + if ($this->authUser->id > 0) { + + $service->bindUser(ConnectModel::PROVIDER_WEIXIN); + + return $this->response->redirect(['for' => 'home.uc.account']); + } + + $captcha = $service->getSettings('captcha'); + + $this->view->pick('connect/bind'); + $this->view->setVar('captcha', $captcha); + $this->view->setVar('provider', ConnectModel::PROVIDER_QQ); + } + + /** + * @Get("/weibo/callback", name="home.oauth.weibo_callback") + */ + public function weiboCallbackAction() + { + $service = new ConnectService(); + + if ($this->authUser->id > 0) { + + $service->bindUser(ConnectModel::PROVIDER_WEIBO); + + return $this->response->redirect(['for' => 'home.uc.account']); + } + + $captcha = $service->getSettings('captcha'); + + $this->view->pick('connect/bind'); + $this->view->setVar('captcha', $captcha); + $this->view->setVar('provider', ConnectModel::PROVIDER_QQ); + } + + /** + * @Get("/weibo/refuse", name="home.oauth.weibo_refuse") + */ + public function weiboRefuseAction() + { + return $this->response->redirect(['for' => 'home.account.login']); + } + + /** + * @Post("/bind/login", name="home.oauth.bind_login") + */ + public function bindLoginAction() + { + $service = new ConnectService(); + + $service->bindLogin(); + + $location = $this->url->get(['for' => 'home.uc.index']); + + return $this->jsonSuccess(['location' => $location]); + } + + /** + * @Post("/bind/register", name="home.oauth.bind_register") + */ + public function bindRegisterAction() + { + $service = new ConnectService(); + + $service->bindRegister(); + + $location = $this->url->get(['for' => 'home.uc.index']); + + return $this->jsonSuccess(['location' => $location]); + } + +} diff --git a/app/Http/Home/Controllers/UserConsoleController.php b/app/Http/Home/Controllers/UserConsoleController.php index 5e159e0e..fcd07636 100644 --- a/app/Http/Home/Controllers/UserConsoleController.php +++ b/app/Http/Home/Controllers/UserConsoleController.php @@ -3,6 +3,8 @@ namespace App\Http\Home\Controllers; use App\Services\Logic\User\Console\AccountInfo as AccountInfoService; +use App\Services\Logic\User\Console\ConnectDelete as ConnectDeleteService; +use App\Services\Logic\User\Console\ConnectList as ConnectListService; use App\Services\Logic\User\Console\ConsultList as ConsultListService; use App\Services\Logic\User\Console\CourseList as CourseListService; use App\Services\Logic\User\Console\FavoriteList as FavoriteListService; @@ -59,13 +61,17 @@ class UserConsoleController extends Controller */ public function accountAction() { + $type = $this->request->getQuery('type', 'string', 'info'); + $service = new AccountInfoService(); $captcha = $service->getSettings('captcha'); $account = $service->handle(); - $type = $this->request->getQuery('type', 'string', 'info'); + $service = new ConnectListService(); + + $connects = $service->handle(); if ($type == 'info') { $this->view->pick('user/console/account_info'); @@ -79,6 +85,7 @@ class UserConsoleController extends Controller $this->view->setVar('captcha', $captcha); $this->view->setVar('account', $account); + $this->view->setVar('connects', $connects); } /** @@ -207,4 +214,23 @@ class UserConsoleController extends Controller return $this->jsonSuccess($content); } + /** + * @Post("/connect/{id:[0-9]+}/delete", name="home.uc.unconnect") + */ + public function deleteConnectAction($id) + { + $service = new ConnectDeleteService(); + + $service->handle($id); + + $location = $this->url->get(['for' => 'home.uc.account']); + + $content = [ + 'location' => $location, + 'msg' => '解除登录绑定成功', + ]; + + return $this->jsonSuccess($content); + } + } diff --git a/app/Http/Home/Services/Connect.php b/app/Http/Home/Services/Connect.php new file mode 100644 index 00000000..5cd53a95 --- /dev/null +++ b/app/Http/Home/Services/Connect.php @@ -0,0 +1,167 @@ +request->getPost(); + + $validator = new AccountValidator(); + + $user = $validator->checkUserLogin($post['account'], $post['password']); + + $openUser = $this->getOpenUserInfo($post['code'], $post['stats'], $post['provider']); + + $this->handleBindRelation($user, $openUser, $post['provider']); + + $this->auth->saveAuthInfo($user); + } + + public function bindRegister() + { + $post = $this->request->getPost(); + + $openUser = $this->getOpenUserInfo($post['code'], $post['state'], $post['provider']); + + $registerService = new RegisterService(); + + $account = $registerService->handle(); + + $userRepo = new UserRepo(); + + $user = $userRepo->findById($account->id); + + $this->handleBindRelation($user, $openUser, $post['provider']); + + $this->auth->saveAuthInfo($user); + } + + public function bindUser($provider) + { + $code = $this->request->getQuery('code', 'trim'); + $state = $this->request->getQuery('state', 'trim'); + + $user = $this->getLoginUser(); + + $openUser = $this->getOpenUserInfo($code, $state, $provider); + + $this->handleBindRelation($user, $openUser, $provider); + } + + public function getAuthorizeUrl($provider) + { + $auth = $this->getAuth($provider); + + return $auth->getAuthorizeUrl(); + } + + public function getAuth($provider) + { + $auth = null; + + switch ($provider) { + case ConnectModel::PROVIDER_QQ: + $auth = $this->getQQAuth(); + break; + case ConnectModel::PROVIDER_WEIXIN: + $auth = $this->getWeiXinAuth(); + break; + case ConnectModel::PROVIDER_WEIBO: + $auth = $this->getWeiBoAuth(); + break; + } + + if (!$auth) { + throw new \Exception('Invalid OAuth Provider'); + } + + return $auth; + } + + protected function getQQAuth() + { + $settings = $this->getSettings('oauth.qq'); + + return new QQAuth( + $settings['client_id'], + $settings['client_secret'], + $settings['redirect_uri'] + ); + } + + protected function getWeiXinAuth() + { + $settings = $this->getSettings('oauth.weixin'); + + return new WeiXinAuth( + $settings['client_id'], + $settings['client_secret'], + $settings['redirect_uri'] + ); + } + + protected function getWeiBoAuth() + { + $settings = $this->getSettings('oauth.weibo'); + + return new WeiBoAuth( + $settings['client_id'], + $settings['client_secret'], + $settings['redirect_uri'] + ); + } + + protected function getOpenUserInfo($code, $state, $provider) + { + $auth = $this->getAuth($provider); + + $auth->checkState($state); + + $token = $auth->getAccessToken($code); + + $openId = $auth->getOpenId($token); + + return $auth->getUserInfo($token, $openId); + } + + protected function handleBindRelation(UserModel $user, array $openUser, $provider) + { + $connectRepo = new ConnectRepo(); + + $connect = $connectRepo->findByOpenId($openUser['id'], $provider); + + if ($connect) { + + if ($connect->deleted == 1) { + $connect->deleted = 0; + $connect->update(); + } + + } else { + + $connect = new ConnectModel(); + + $connect->user_id = $user->id; + $connect->open_id = $openUser['id']; + $connect->open_name = $openUser['name']; + $connect->open_avatar = $openUser['avatar']; + $connect->provider = $provider; + + $connect->create(); + } + } + +} diff --git a/app/Http/Home/Views/account/login.volt b/app/Http/Home/Views/account/login.volt index edd461b6..d1066422 100644 --- a/app/Http/Home/Views/account/login.volt +++ b/app/Http/Home/Views/account/login.volt @@ -27,6 +27,11 @@ · 忘记密码 +
+ + + +
{% endblock %} diff --git a/app/Http/Home/Views/connect/bind.volt b/app/Http/Home/Views/connect/bind.volt new file mode 100644 index 00000000..ecb9d499 --- /dev/null +++ b/app/Http/Home/Views/connect/bind.volt @@ -0,0 +1,34 @@ +{% extends 'templates/main.volt' %} + +{% block content %} + +
+ 首页 + 登录绑定 +
+ +
+
+ +
+
+ {{ partial('connect/bind_login') }} +
+
+ {{ partial('connect/bind_register') }} +
+
+
+
+ +{% endblock %} + +{% block include_js %} + + {{ js_include('https://ssl.captcha.qq.com/TCaptcha.js',false) }} + {{ js_include('home/js/captcha.verify.js') }} + +{% endblock %} \ No newline at end of file diff --git a/app/Http/Home/Views/connect/bind_login.volt b/app/Http/Home/Views/connect/bind_login.volt new file mode 100644 index 00000000..fb082ed2 --- /dev/null +++ b/app/Http/Home/Views/connect/bind_login.volt @@ -0,0 +1,20 @@ +
+
+
+ +
+
+
+
+ +
+
+
+
+ + + + +
+
+
\ No newline at end of file diff --git a/app/Http/Home/Views/connect/bind_register.volt b/app/Http/Home/Views/connect/bind_register.volt new file mode 100644 index 00000000..c540997f --- /dev/null +++ b/app/Http/Home/Views/connect/bind_register.volt @@ -0,0 +1,31 @@ +
+
+
+ +
+
+
+
+ +
+
+
+
+ +
+
+ +
+
+
+
+ + + + + + + +
+
+
\ No newline at end of file diff --git a/app/Http/Home/Views/user/console/account_info.volt b/app/Http/Home/Views/user/console/account_info.volt index 958e8a33..c34cf069 100644 --- a/app/Http/Home/Views/user/console/account_info.volt +++ b/app/Http/Home/Views/user/console/account_info.volt @@ -2,6 +2,23 @@ {% block content %} + {%- macro connect_provider(item) %} + {% if item.provider == 1 %} + + {% elseif item.provider == 2 %} + + {% elseif item.provider == 3 %} + + {% endif %} + {%- endmacro %} + + {%- macro connect_user(item) %} + {% if item.open_avatar %} + + {% endif %} + {{ item.open_name }} + {%- endmacro %} + {% set edit_pwd_url = url({'for':'home.uc.account'},{'type':'password'}) %} {% set edit_phone_url = url({'for':'home.uc.account'},{'type':'phone'}) %} {% set edit_email_url = url({'for':'home.uc.account'},{'type':'email'}) %} @@ -43,6 +60,37 @@ {% endif %} +
+ 开放登录 +
+
已经绑定的第三方帐号
+
+ + + + + + + + + {% for connect in connects %} + {% set url = url({'for':'home.uc.unconnect','id':connect.id}) %} + + + + + + + + {% endfor %} +
序号提供方用户信息创建日期操作
{{ loop.index }}{{ connect_provider(connect) }}{{ connect_user(connect) }}{{ date('Y-m-d H:i',connect.create_time) }}解除绑定
+
+
支持绑定的第三方帐号
+
+ + + +
diff --git a/app/Library/OAuth.php b/app/Library/OAuth.php index 49879bc6..e885ea43 100644 --- a/app/Library/OAuth.php +++ b/app/Library/OAuth.php @@ -3,20 +3,22 @@ namespace App\Library; use GuzzleHttp\Client as HttpClient; +use Phalcon\Crypt; +use Phalcon\Di; abstract class OAuth { - protected $appId; - protected $appSecret; + protected $clientId; + protected $clientSecret; protected $redirectUri; protected $accessToken; protected $openId; - public function __construct($appId, $appSecret, $redirectUri) + public function __construct($clientId, $clientSecret, $redirectUri) { - $this->appId = $appId; - $this->appSecret = $appSecret; + $this->clientId = $clientId; + $this->clientSecret = $clientSecret; $this->redirectUri = $redirectUri; } @@ -42,6 +44,32 @@ abstract class OAuth return $response->getBody(); } + public function getState() + { + /** + * @var $crypt Crypt + */ + $crypt = Di::getDefault()->get('crypt'); + + return $crypt->encryptBase64(rand(1000, 9999)); + } + + public function checkState($state) + { + /** + * @var $crypt Crypt + */ + $crypt = Di::getDefault()->get('crypt'); + + $value = $crypt->decryptBase64($state); + + if ($value < 1000 || $value > 9999) { + throw new \Exception('Invalid OAuth State Value'); + } + + return true; + } + abstract public function getAuthorizeUrl(); abstract public function getAccessToken($code); diff --git a/app/Library/OAuth/QQ.php b/app/Library/OAuth/QQ.php index 3515a0d9..ba0ee84c 100644 --- a/app/Library/OAuth/QQ.php +++ b/app/Library/OAuth/QQ.php @@ -15,10 +15,11 @@ class QQ extends OAuth public function getAuthorizeUrl() { $params = [ - 'client_id' => $this->appId, + 'client_id' => $this->clientId, 'redirect_uri' => $this->redirectUri, + 'state' => $this->getState(), 'response_type' => 'code', - 'scope' => '', + 'scope' => 'get_user_info', ]; return self::AUTHORIZE_URL . '?' . http_build_query($params); @@ -28,8 +29,8 @@ class QQ extends OAuth { $params = [ 'code' => $code, - 'client_id' => $this->appId, - 'client_secret' => $this->appSecret, + 'client_id' => $this->clientId, + 'client_secret' => $this->clientSecret, 'redirect_uri' => $this->redirectUri, 'grant_type' => 'authorization_code', 'state' => 'ok', @@ -56,14 +57,14 @@ class QQ extends OAuth public function getUserInfo($accessToken, $openId) { $params = [ + 'oauth_consumer_key' => $this->clientId, 'access_token' => $accessToken, 'openid' => $openId, - 'oauth_consumer_key' => $this->appId, ]; $response = $this->httpGet(self::USER_INFO_URL, $params); - - $this->parseUserInfo($response); + + return $this->parseUserInfo($response); } protected function parseAccessToken($response) @@ -81,11 +82,11 @@ class QQ extends OAuth protected function parseOpenId($response) { - $result = $match = []; + $result = $matches = []; if (!empty($response)) { - preg_match('/callback\(\s+(.*?)\s+\)/i', $response, $match); - $result = json_decode($match[1], true); + preg_match('/callback\(\s+(.*?)\s+\)/i', $response, $matches); + $result = json_decode($matches[1], true); } if (!isset($result['openid'])) { @@ -98,16 +99,16 @@ class QQ extends OAuth protected function parseUserInfo($response) { $data = json_decode($response, true); - + if ($data['ret'] != 0) { throw new \Exception("Fetch User Info Failed:{$data['msg']}"); } - - $userInfo['type'] = 'QQ'; + + $userInfo['id'] = $this->openId; $userInfo['name'] = $data['nickname']; $userInfo['nick'] = $data['nickname']; - $userInfo['head'] = $data['figureurl_2']; - + $userInfo['avatar'] = $data['figureurl_2']; + return $userInfo; } diff --git a/app/Library/OAuth/WeiBo.php b/app/Library/OAuth/WeiBo.php index b7bc79ac..9ccb0268 100644 --- a/app/Library/OAuth/WeiBo.php +++ b/app/Library/OAuth/WeiBo.php @@ -14,8 +14,9 @@ class WeiBo extends OAuth public function getAuthorizeUrl() { $params = [ - 'client_id' => $this->appId, + 'client_id' => $this->clientId, 'redirect_uri' => $this->redirectUri, + 'state' => $this->getState(), 'response_type' => 'code', ]; @@ -26,8 +27,8 @@ class WeiBo extends OAuth { $params = [ 'code' => $code, - 'client_id' => $this->appId, - 'client_secret' => $this->appSecret, + 'client_id' => $this->clientId, + 'client_secret' => $this->clientSecret, 'redirect_uri' => $this->redirectUri, 'grant_type' => 'authorization_code', ]; @@ -72,16 +73,16 @@ class WeiBo extends OAuth private function parseUserInfo($response) { $data = json_decode($response, true); - + if ($data['error_code'] != 0) { throw new \Exception("Fetch User Info Failed:{$data['error']}"); } - - $userInfo['type'] = 'WEIBO'; + + $userInfo['id'] = $this->openId; $userInfo['name'] = $data['name']; $userInfo['nick'] = $data['screen_name']; - $userInfo['head'] = $data['avatar_large']; - + $userInfo['avatar'] = $data['avatar_large']; + return $userInfo; } diff --git a/app/Library/OAuth/WeiXin.php b/app/Library/OAuth/WeiXin.php index 4d741276..7be80e62 100644 --- a/app/Library/OAuth/WeiXin.php +++ b/app/Library/OAuth/WeiXin.php @@ -14,11 +14,11 @@ class WeiXin extends OAuth public function getAuthorizeUrl() { $params = [ - 'appid' => $this->appId, + 'appid' => $this->clientId, 'redirect_uri' => $this->redirectUri, + 'state' => $this->getState(), 'response_type' => 'code', 'scope' => 'snsapi_login', - 'state' => 'dev', ]; return self::AUTHORIZE_URL . '?' . http_build_query($params); @@ -28,8 +28,8 @@ class WeiXin extends OAuth { $params = [ 'code' => $code, - 'appid' => $this->appId, - 'secret' => $this->appSecret, + 'appid' => $this->clientId, + 'secret' => $this->clientSecret, 'grant_type' => 'authorization_code', ]; @@ -73,16 +73,16 @@ class WeiXin extends OAuth private function parseUserInfo($response) { $data = json_decode($response, true); - + if (isset($data['errcode']) && $data['errcode'] != 0) { throw new \Exception("Fetch User Info Failed:{$data['errmsg']}"); } - - $userInfo['type'] = 'WEIXIN'; + + $userInfo['id'] = $this->openId; $userInfo['name'] = $data['name']; $userInfo['nick'] = $data['screen_name']; - $userInfo['head'] = $data['avatar_large']; - + $userInfo['avatar'] = $data['avatar_large']; + return $userInfo; } diff --git a/app/Models/Connect.php b/app/Models/Connect.php new file mode 100644 index 00000000..4266e805 --- /dev/null +++ b/app/Models/Connect.php @@ -0,0 +1,104 @@ +addBehavior( + new SoftDelete([ + 'field' => 'deleted', + 'value' => 1, + ]) + ); + } + + public function beforeCreate() + { + $this->create_time = time(); + } + + public function beforeUpdate() + { + $this->update_time = time(); + } + +} diff --git a/app/Repos/Connect.php b/app/Repos/Connect.php new file mode 100644 index 00000000..e32c88a1 --- /dev/null +++ b/app/Repos/Connect.php @@ -0,0 +1,62 @@ +where('1 = 1'); + + if (isset($where['user_id'])) { + $query->andWhere('user_id = :user_id:', ['user_id' => $where['user_id']]); + } + + if (isset($where['provider'])) { + $query->andWhere('provider = :provider:', ['provider' => $where['provider']]); + } + + if (isset($where['deleted'])) { + $query->andWhere('deleted = :deleted:', ['deleted' => $where['deleted']]); + } + + $query->orderBy('id DESC'); + + return $query->execute(); + } + + /** + * @param int $id + * @return ConnectModel|Model|bool + */ + public function findById($id) + { + return ConnectModel::findFirst($id); + } + + /** + * @param string $openId + * @param int $provider + * @return ConnectModel|Model|bool + */ + public function findByOpenId($openId, $provider) + { + return ConnectModel::findFirst([ + 'conditions' => 'open_id = ?1 and provider = ?2', + 'bind' => [1 => $openId, 2 => $provider], + ]); + } + +} diff --git a/app/Services/Logic/User/Console/ConnectDelete.php b/app/Services/Logic/User/Console/ConnectDelete.php new file mode 100644 index 00000000..27d60489 --- /dev/null +++ b/app/Services/Logic/User/Console/ConnectDelete.php @@ -0,0 +1,26 @@ +getLoginUser(); + + $validator = new ConnectValidator(); + + $connect = $validator->checkConnect($id); + + $validator->checkOwner($user->id, $connect->user_id); + + $connect->deleted = 1; + + $connect->update(); + } + +} diff --git a/app/Services/Logic/User/Console/ConnectList.php b/app/Services/Logic/User/Console/ConnectList.php new file mode 100644 index 00000000..7c930e89 --- /dev/null +++ b/app/Services/Logic/User/Console/ConnectList.php @@ -0,0 +1,45 @@ +getLoginUser(); + + $params = [ + 'user_id' => $user->id, + 'deleted' => 0, + ]; + + $connectRepo = new ConnectRepo(); + + $connects = $connectRepo->findAll($params); + + if ($connects->count() == 0) { + return []; + } + + $items = []; + + foreach ($connects as $connect) { + $items[] = [ + 'id' => $connect->id, + 'open_id' => $connect->open_id, + 'open_name' => $connect->open_name, + 'open_avatar' => $connect->open_avatar, + 'provider' => $connect->provider, + 'create_time' => $connect->create_time, + 'update_time' => $connect->update_time, + ]; + } + + return $items; + } + +} diff --git a/app/Validators/Connect.php b/app/Validators/Connect.php new file mode 100644 index 00000000..cdcf4410 --- /dev/null +++ b/app/Validators/Connect.php @@ -0,0 +1,41 @@ +checkConnectById($id); + } + + public function checkConnectById($id) + { + $connectRepo = new ConnectRepo(); + + $connect = $connectRepo->findById($id); + + if (!$connect) { + throw new BadRequestException('connect.not_found'); + } + + return $connect; + } + + public function checkConnectByOpenId($openId, $provider) + { + $connectRepo = new ConnectRepo(); + + $connect = $connectRepo->findByOpenId($openId, $provider); + + if (!$connect) { + throw new BadRequestException('connect.not_found'); + } + + return $connect; + } +} diff --git a/db/migrations/20201205091213_create_connect_table.php b/db/migrations/20201205091213_create_connect_table.php new file mode 100644 index 00000000..53041625 --- /dev/null +++ b/db/migrations/20201205091213_create_connect_table.php @@ -0,0 +1,92 @@ +table('kg_connect', [ + 'id' => false, + 'primary_key' => ['id'], + 'engine' => 'InnoDB', + 'encoding' => 'utf8mb4', + 'collation' => 'utf8mb4_general_ci', + 'comment' => '', + 'row_format' => 'DYNAMIC', + ]) + ->addColumn('id', 'integer', [ + 'null' => false, + 'limit' => MysqlAdapter::INT_REGULAR, + 'identity' => 'enable', + 'comment' => '主键编号', + ]) + ->addColumn('user_id', 'integer', [ + 'null' => false, + 'default' => '0', + 'limit' => MysqlAdapter::INT_REGULAR, + 'comment' => '用户编号', + 'after' => 'id', + ]) + ->addColumn('open_id', 'string', [ + 'null' => false, + 'default' => '', + 'limit' => 50, + 'collation' => 'utf8mb4_general_ci', + 'encoding' => 'utf8mb4', + 'comment' => '开放ID', + 'after' => 'user_id', + ]) + ->addColumn('open_name', 'string', [ + 'null' => false, + 'default' => '', + 'limit' => 30, + 'collation' => 'utf8mb4_general_ci', + 'encoding' => 'utf8mb4', + 'comment' => '开放名称', + 'after' => 'open_id', + ]) + ->addColumn('open_avatar', 'string', [ + 'null' => false, + 'default' => '', + 'limit' => 150, + 'collation' => 'utf8mb4_general_ci', + 'encoding' => 'utf8mb4', + 'comment' => '开放头像', + 'after' => 'open_name', + ]) + ->addColumn('provider', 'integer', [ + 'null' => false, + 'default' => '0', + 'limit' => MysqlAdapter::INT_REGULAR, + 'comment' => '提供方', + 'after' => 'open_avatar', + ]) + ->addColumn('deleted', 'integer', [ + 'null' => false, + 'default' => '0', + 'limit' => MysqlAdapter::INT_REGULAR, + 'comment' => '删除标识', + 'after' => 'provider', + ]) + ->addColumn('create_time', 'integer', [ + 'null' => false, + 'default' => '0', + 'limit' => MysqlAdapter::INT_REGULAR, + 'comment' => '创建时间', + 'after' => 'deleted', + ]) + ->addColumn('update_time', 'integer', [ + 'null' => false, + 'default' => '0', + 'limit' => MysqlAdapter::INT_REGULAR, + 'comment' => '更新时间', + 'after' => 'create_time', + ]) + ->addIndex(['open_id', 'provider'], [ + 'name' => 'openid_provider', + 'unique' => false, + ]) + ->create(); + } +} diff --git a/db/migrations/20201205112717_insert_oauth_setting_data.php b/db/migrations/20201205112717_insert_oauth_setting_data.php new file mode 100644 index 00000000..40cfe6f2 --- /dev/null +++ b/db/migrations/20201205112717_insert_oauth_setting_data.php @@ -0,0 +1,85 @@ + 'oauth.qq', + 'item_key' => 'enabled', + 'item_value' => '0', + ], + [ + 'section' => 'oauth.qq', + 'item_key' => 'client_id', + 'item_value' => '', + ], + [ + 'section' => 'oauth.qq', + 'item_key' => 'client_secret', + 'item_value' => '', + ], + [ + 'section' => 'oauth.qq', + 'item_key' => 'redirect_uri', + 'item_value' => '', + ], + [ + 'section' => 'oauth.weixin', + 'item_key' => 'enabled', + 'item_value' => '0', + ], + [ + 'section' => 'oauth.weixin', + 'item_key' => 'client_id', + 'item_value' => '', + ], + [ + 'section' => 'oauth.weixin', + 'item_key' => 'client_secret', + 'item_value' => '', + ], + [ + 'section' => 'oauth.weixin', + 'item_key' => 'redirect_uri', + 'item_value' => '', + ], + [ + 'section' => 'oauth.weibo', + 'item_key' => 'enabled', + 'item_value' => '0', + ], + [ + 'section' => 'oauth.weibo', + 'item_key' => 'client_id', + 'item_value' => '', + ], + [ + 'section' => 'oauth.weibo', + 'item_key' => 'client_secret', + 'item_value' => '', + ], + [ + 'section' => 'oauth.weibo', + 'item_key' => 'redirect_uri', + 'item_value' => '', + ], + ]; + + $this->table('kg_setting')->insert($rows)->save(); + } + + public function down() + { + $this->execute("DELETE FROM kg_setting WHERE section = 'oauth.qq'"); + $this->execute("DELETE FROM kg_setting WHERE section = 'oauth.weixin'"); + $this->execute("DELETE FROM kg_setting WHERE section = 'oauth.weibo'"); + } + +} \ No newline at end of file diff --git a/public/static/home/css/common.css b/public/static/home/css/common.css index a78ec345..bf8478c5 100644 --- a/public/static/home/css/common.css +++ b/public/static/home/css/common.css @@ -1188,7 +1188,7 @@ } .login-wrap .link { - margin-bottom: 30px; + margin-bottom: 20px; font-size: 12px; text-align: center; } @@ -1202,6 +1202,26 @@ color: #999; } +.login-wrap .oauth { + text-align: center; +} + +.login-wrap .oauth a { + margin: 0 10px; +} + +.login-qq { + color: dodgerblue; +} + +.login-wechat { + color: green; +} + +.login-weibo { + color: red; +} + .user-profile { position: relative; } @@ -1537,9 +1557,12 @@ margin-right: 0; } +.security-item-list { + margin-top: -20px; +} + .security-item { - padding: 15px; - line-height: 50px; + line-height: 80px; border-bottom: 1px dashed #ccc; } @@ -1563,6 +1586,29 @@ float: right; } +.connect-list { + margin-bottom: 20px; +} + +.open-avatar img { + width: 16px; + height: 16px; + border-radius: 100%; +} + +.connect-tips { + color: #666; + margin-bottom: 20px; +} + +.oauth-list { + margin-bottom: 20px; +} + +.oauth-list a { + margin: 0 10px; +} + .order-filter { padding: 15px 20px; }