xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
063cb983118d535026e5a796988d222b1fd9125f
lotteryLaravel/app/Http/Controllers/Api/V1/Admin/Auth/LoginController.php

88 lines
2.8 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
namespace App\Http\Controllers\Api\V1\Admin\Auth;
use App\Models\AdminUser;
use App\Lottery\ErrorCode;
use Illuminate\Support\Str;
use App\Support\ApiResponse;
use App\Support\AdminAuthorizationRegistry;
use Illuminate\Http\JsonResponse;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Hash;
use App\Services\AdminCaptchaService;
use App\Http\Requests\Admin\AdminLoginRequest;
/**
* POST /api/v1/admin/auth/login
*
* Body: account登录账号与 username 对应ASCII 仅存小写比对、password、captcha_key、captcha_code。
*/
final class LoginController extends Controller
{
public function __invoke(AdminLoginRequest $request, AdminCaptchaService $captcha): JsonResponse
{
$locale = $request->lotteryLocale();
$data = $request->validated();
if (! $captcha->verify($data['captcha_key'], $data['captcha_code'])) {
return ApiResponse::error(
trans('admin.invalid_captcha', [], $locale),
ErrorCode::AdminCaptchaInvalid->value,
null,
422,
);
}
$normalizedAccount = Str::lower(trim($data['account']));
/** @var AdminUser|null $admin */
$admin = AdminUser::query()->where('username', $normalizedAccount)->first();
$passwordOk = $admin !== null && Hash::check($data['password'], $admin->password);
if (! $passwordOk) {
/** 统一措辞,弱化枚举用户 */
return ApiResponse::error(
trans('admin.invalid_credentials', [], $locale),
ErrorCode::AdminCredentialsInvalid->value,
null,
401,
);
}
if ((int) $admin->status !== 0) {
return ApiResponse::error(
trans('admin.account_disabled', [], $locale),
ErrorCode::AdminAccountDisabled->value,
null,
403,
);
}
$ttlDays = (int) config('lottery.admin_api.token_ttl_days', 7);
$plainToken = $admin->createToken(
'admin-api',
['*'],
now()->addDays(max(1, $ttlDays)),
)->plainTextToken;
$admin->forceFill(['last_login_at' => now()])->save();
$permissionSlugs = $admin->fresh()->adminPermissionSlugs();
return ApiResponse::success([
'token' => $plainToken,
'token_type' => 'Bearer',
'admin' => [
'id' => $admin->id,
'username' => $admin->username,
'nickname' => $admin->name,
'email' => $admin->email,
'permissions' => $permissionSlugs,
'navigation' => AdminAuthorizationRegistry::visibleNavigationItems($permissionSlugs),
],
]);
}
}
Reference in New Issue View Git Blame Copy Permalink