dafuweng-saiadmin6.x/server/app/api/controller/UserController.php

<?php
declare(strict_types=1);

namespace app\api\controller;

use support\Request;
use support\Response;
use app\api\cache\UserCache;
use app\api\logic\UserLogic;
use plugin\saiadmin\basic\OpenController;

/**
 * API 用户登录/注册
 * 需先携带 auth-token，登录/注册成功后返回 user-token 与用户信息，用户信息已写入 Redis（key=base64(user_id)，value=加密）
 */
class UserController extends OpenController
{
    /**
     * 登录
     * POST /api/user/login
     * body: phone (+60), password
     */
    public function login(Request $request): Response
    {
        $phone = $request->post('phone', '');
        $password = $request->post('password', '');
        if ($phone === '' || $password === '') {
            return $this->fail('请填写手机号和密码');
        }
        $logic = new UserLogic();
        $data = $logic->login($phone, $password);
        return $this->success([
            'user' => $data['user'],
            'user-token' => $data['user-token'],
            'user_id' => $data['user_id'],
        ]);
    }

    /**
     * 注册
     * POST /api/user/register
     * body: phone (+60), password, nickname(可选)
     */
    public function register(Request $request): Response
    {
        $phone = $request->post('phone', '');
        $password = $request->post('password', '');
        $nickname = $request->post('nickname');
        if ($phone === '' || $password === '') {
            return $this->fail('请填写手机号和密码');
        }
        $logic = new UserLogic();
        $data = $logic->register($phone, $password, $nickname ? (string) $nickname : null);
        return $this->success([
            'user' => $data['user'],
            'user-token' => $data['user-token'],
            'user_id' => $data['user_id'],
        ]);
    }

    /**
     * 退出登录
     * POST /api/user/logout
     * header: user-token（或 Authorization: Bearer <user-token>）
     * 将当前 user-token 加入黑名单，之后该 token 无法再用于获取 user_id
     */
    public function logout(Request $request): Response
    {
        $token = $request->header('user-token');
        if (empty($token)) {
            $auth = $request->header('authorization');
            if ($auth && stripos($auth, 'Bearer ') === 0) {
                $token = trim(substr($auth, 7));
            }
        }
        if (empty($token)) {
            return $this->fail('请携带 user-token');
        }
        if (UserLogic::logout($token)) {
            return $this->success('已退出登录');
        }
        return $this->fail('退出失败或 token 已失效');
    }

    /**
     * 获取当前用户信息
     * GET /api/user/info
     * header: user-token（或 Authorization: Bearer <user-token>）
     * 返回：id, username, phone, uid, name, coin, total_draw_count
     */
    public function info(Request $request): Response
    {
        $token = $request->header('user-token');
        if (empty($token)) {
            $auth = $request->header('authorization');
            if ($auth && stripos($auth, 'Bearer ') === 0) {
                $token = trim(substr($auth, 7));
            }
        }
        if (empty($token)) {
            return $this->fail('请携带 user-token');
        }
        $userId = UserLogic::getUserIdFromToken($token);
        if ($userId === null) {
            return $this->fail('user-token 无效或已过期');
        }
        $user = UserLogic::getCachedUser($userId);
        if (empty($user)) {
            return $this->fail('用户不存在');
        }
        $fields = ['id', 'username', 'phone', 'uid', 'name', 'coin', 'total_draw_count'];
        $info = [];
        foreach ($fields as $field) {
            if (array_key_exists($field, $user)) {
                $info[$field] = $user[$field];
            }
        }
        return $this->success($info);
    }

    /**
     * 获取钱包余额（仅读缓存，不查库，低延迟）
     * GET /api/user/balance
     * header: user-token（或 Authorization: Bearer <user-token>）
     * 返回：coin, phone, username（登录时已写入缓存，本接口只从缓存读取）
     */
    public function balance(Request $request): Response
    {
        $token = $request->header('user-token');
        if (empty($token)) {
            $auth = $request->header('authorization');
            if ($auth && stripos($auth, 'Bearer ') === 0) {
                $token = trim(substr($auth, 7));
            }
        }
        if (empty($token)) {
            return $this->fail('请携带 user-token');
        }
        $userId = UserLogic::getUserIdFromToken($token);
        if ($userId === null) {
            return $this->fail('user-token 无效或已过期');
        }
        $user = UserCache::getUser($userId);
        if (empty($user)) {
            return $this->fail('缓存已过期，请重新登录');
        }
        $coin = $user['coin'] ?? null;
        if (is_string($coin) && is_numeric($coin)) {
            $coin = str_contains($coin, '.') ? (float) $coin : (int) $coin;
        }
        return $this->success([
            'coin' => $coin,
            'phone' => $user['phone'] ?? '',
            'username' => $user['username'] ?? '',
        ]);
    }
}