post('phone', ''); $password = $request->post('password', ''); if ($phone === '' || $password === '') { return $this->fail('请填写手机号和密码'); } $logic = new UserLogic(); $data = $logic->login($phone, $password); return $this->success([ 'user' => $data['user'], 'user-token' => $data['user-token'], 'user_id' => $data['user_id'], ]); } /** * 注册 * POST /api/user/register * body: phone (+60), password, nickname(可选) */ public function register(Request $request): Response { $phone = $request->post('phone', ''); $password = $request->post('password', ''); $nickname = $request->post('nickname'); if ($phone === '' || $password === '') { return $this->fail('请填写手机号和密码'); } $logic = new UserLogic(); $data = $logic->register($phone, $password, $nickname ? (string) $nickname : null); return $this->success([ 'user' => $data['user'], 'user-token' => $data['user-token'], 'user_id' => $data['user_id'], ]); } /** * 退出登录 * POST /api/user/logout * header: user-token（或 Authorization: Bearer ） * 将当前 user-token 加入黑名单，之后该 token 无法再用于获取 user_id */ public function logout(Request $request): Response { $token = $request->header('user-token'); if (empty($token)) { $auth = $request->header('authorization'); if ($auth && stripos($auth, 'Bearer ') === 0) { $token = trim(substr($auth, 7)); } } if (empty($token)) { return $this->fail('请携带 user-token'); } if (UserLogic::logout($token)) { return $this->success('已退出登录'); } return $this->fail('退出失败或 token 已失效'); } }