From 26c1e68c648a60b43909dd1aca2542225431e789 Mon Sep 17 00:00:00 2001 From: Jason Date: Fri, 2 Dec 2022 12:32:03 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E5=96=84=E6=8E=A5=E5=8F=A3=E9=80=BB?= =?UTF-8?q?=E8=BE=91=EF=BC=8C=E9=AA=8C=E8=AF=81=E7=A0=81=E6=8E=A5=E5=85=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Contracts/CanUseGoogle2FA.php | 9 +++ Http/Controllers/Api/SecretController.php | 97 +++++++++++++++++------ Http/Controllers/Api/SmsController.php | 30 +++++++ Routes/api.php | 7 +- Traits/WithGoogle2FA.php | 13 +++ 5 files changed, 130 insertions(+), 26 deletions(-) create mode 100644 Http/Controllers/Api/SmsController.php diff --git a/Contracts/CanUseGoogle2FA.php b/Contracts/CanUseGoogle2FA.php index eda4987..28d761f 100644 --- a/Contracts/CanUseGoogle2FA.php +++ b/Contracts/CanUseGoogle2FA.php @@ -25,4 +25,13 @@ interface CanUseGoogle2FA * @return string */ public function getNickname(): string; + + /** + * Notes : 获取绑定手机号 + * + * @Date : 2022/12/2 12:10 + * @Author : + * @return string + */ + public function getMobile(): string; } \ No newline at end of file diff --git a/Http/Controllers/Api/SecretController.php b/Http/Controllers/Api/SecretController.php index 9786c03..420039d 100644 --- a/Http/Controllers/Api/SecretController.php +++ b/Http/Controllers/Api/SecretController.php @@ -8,6 +8,7 @@ use Illuminate\Http\JsonResponse; use Illuminate\Http\Request; use Jason\Api\Api; use Modules\Google2FA\Models\Google2FA; +use Modules\User\Facades\Sms; class SecretController extends Controller { @@ -16,7 +17,7 @@ class SecretController extends Controller /** * @throws Exception */ - public function needInitialize() + protected function needInitialize() { $this->google2fa = Api::user()->google2fa; if (blank($this->google2fa)) { @@ -25,23 +26,67 @@ class SecretController extends Controller } /** - * Notes : 获取密钥 + * Notes : 短信验证码校验 + * + * @Date : 2022/12/2 12:12 + * @Author : + * @throws Exception + */ + protected function checkSmsVerify(): void + { + $verify = request('verify'); + if (strlen($verify) != Sms::getConfig('length')) { + throw new Exception('请输入短信验证码'); + } + $check = Sms::checkCode(Api::user()->getUsername(), $verify, 'G2FA'); + if (! $check) { + throw new Exception('短信验证码不正确'); + } + } + + /** + * Notes : 校验两步验证码 + * + * @Date : 2022/12/2 12:23 + * @Author : + * @return void + * @throws Exception + */ + public function checkG2FAVerify(): void + { + $this->needInitialize(); + $code = request('code'); + + if (strlen($code) != 6) { + throw new Exception('请输入动态口令'); + } + if (! $this->google2fa->verify($code)) { + if (config('app.debug')) { + throw new Exception('动态口令不正确'.app('g2fa')->getCurrentOtp($this->google2fa->google2fa_secret)); + } else { + throw new Exception('动态口令不正确'); + } + } + } + + /** + * Notes : 获取密钥-需要短信 * * @Date : 2022/12/1 14:31 * @Author : - * @param Request $request * @return JsonResponse * @throws Exception */ - public function index(Request $request): JsonResponse + public function index(): JsonResponse { $this->needInitialize(); + $this->checkSmsVerify(); return $this->success($this->google2fa->google2fa_secret); } /** - * Notes : 获取密钥二维码地址 + * Notes : 获取密钥二维码地址-需要短信 * * @Date : 2022/12/1 14:31 * @Author : @@ -51,12 +96,13 @@ class SecretController extends Controller public function qrCodeUrl(): JsonResponse { $this->needInitialize(); + $this->checkSmsVerify(); return $this->success($this->google2fa->getQrCodeUrl()); } /** - * Notes : 开启两步验证 + * Notes : 开启两步验证-需要短信 * * @Date : 2022/12/1 15:42 * @Author : @@ -66,6 +112,11 @@ class SecretController extends Controller public function open(): JsonResponse { $this->needInitialize(); + if ($this->google2fa->status) { + return $this->failed('请勿重复开启'); + } + + $this->checkSmsVerify(); if ($this->google2fa->open()) { return $this->success('两步验证开启成功'); @@ -75,45 +126,42 @@ class SecretController extends Controller } /** - * Notes : 关闭两步验证 + * Notes : 关闭两步验证-需要短信-需要动态口令 * - * @Date : 2022/12/1 15:43 + * @Date : 2022/12/2 12:20 * @Author : + * @return JsonResponse + * @throws Exception */ - public function close(Request $request) + public function close(): JsonResponse { $this->needInitialize(); - $verify = $request->verify; - - if (strlen($verify) != 6) { - return $this->failed('请输入动态口令'); - } - if (! $this->google2fa->verify($verify)) { - return $this->failed('动态口令不正确'); + if (! $this->google2fa->status) { + return $this->failed('请勿重复关闭'); } + $this->checkSmsVerify(); + $this->checkG2FAVerify(); if ($this->google2fa->close()) { - return $this->success('更新成功'); + return $this->success('关闭两步验证成功'); } else { - return $this->failed('更新失败'); + return $this->failed('关闭两步验证失败'); } } /** - * Notes : 更新密钥 + * Notes : 更新密钥-需要短信-需要动态口令 * * @Date : 2022/12/1 15:29 * @Author : - * @param Request $request * @return JsonResponse * @throws Exception */ - public function update(Request $request): JsonResponse + public function update(): JsonResponse { - // 短信验证码 - $verify = $request->verify; - $this->needInitialize(); + $this->checkSmsVerify(); + $this->checkG2FAVerify(); if ($this->google2fa->upgrade()) { return $this->success('更新成功'); @@ -121,5 +169,4 @@ class SecretController extends Controller return $this->failed('更新失败'); } } - } \ No newline at end of file diff --git a/Http/Controllers/Api/SmsController.php b/Http/Controllers/Api/SmsController.php new file mode 100644 index 0000000..d38f353 --- /dev/null +++ b/Http/Controllers/Api/SmsController.php @@ -0,0 +1,30 @@ + + */ + public function send() + { + $user = Api::user(); + + try { + Sms::sendVerificationCode($user->getMobile(), 'G2FA'); + return $this->success('验证码发送成功'); + } catch (InvalidArgumentException|NoGatewayAvailableException $e) { + return $this->failed($e->getMessage()); + } + } +} \ No newline at end of file diff --git a/Routes/api.php b/Routes/api.php index af33f22..8baabc0 100644 --- a/Routes/api.php +++ b/Routes/api.php @@ -4,7 +4,7 @@ use Illuminate\Routing\Router; use Illuminate\Support\Facades\Route; Route::group([ - 'middleware' =>config('api.route.middleware_auth'), + 'middleware' => config('api.route.middleware_auth'), ], function (Router $router) { $router->get('secret', 'SecretController@index'); $router->get('secret/qr_code_url', 'SecretController@qrCodeUrl'); @@ -15,4 +15,9 @@ Route::group([ * 更新密钥 */ $router->put('secret', 'SecretController@update'); + + /** + * 获取短信验证码 + */ + $router->post('sms', 'SmsController@send'); }); diff --git a/Traits/WithGoogle2FA.php b/Traits/WithGoogle2FA.php index 427d8e7..74dc87a 100644 --- a/Traits/WithGoogle2FA.php +++ b/Traits/WithGoogle2FA.php @@ -51,4 +51,17 @@ trait WithGoogle2FA { return 'NICK-NAME'; } + + /** + * Notes : 获取绑定手机号 + * + * @override + * @Date : 2022/12/2 12:11 + * @Author : + * @return string + */ + public function getMobile(): string + { + return 'MOBILE'; + } } \ No newline at end of file