update user api

2026-03-06 15:29:04 +08:00
parent e6130d76c7
commit 3eb517bc3a
8 changed files with 412 additions and 11 deletions
@@ -0,0 +1,244 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Controller\Api\V1;
+
+use App\Controller\AbstractController;
+use App\Model\User;
+use Hyperf\HttpServer\Contract\RequestInterface;
+use Hyperf\HttpServer\Contract\ResponseInterface;
+use Qbhy\HyperfAuth\AuthManager;
+use Carbon\Carbon;
+use Hyperf\HttpServer\Annotation\Controller;
+use Hyperf\HttpServer\Annotation\RequestMapping;
+use Hyperf\HttpServer\Annotation\Middleware;
+use Qbhy\HyperfAuth\AuthMiddleware;
+
+
+ #[Controller]
+class AuthController extends AbstractController
+{
+    /**
+     * 用户注册
+     */
+    #[RequestMapping(path:'/register', methods:'post')]
+    public function register(RequestInterface $request, ResponseInterface $response)
+    {
+        $username = $request->input('username');
+        $password = $request->input('password');
+        $email = $request->input('email');
+
+        // 验证用户是否已存在
+        if (User::query()->where('username', $username)->exists()) {
+            return $response->json([
+                'code' => 400,
+                'message' => '用户名已存在',
+            ]);
+        }
+
+        if (User::query()->where('email', $email)->exists()) {
+            return $response->json([
+                'code' => 400,
+                'message' => '邮箱已被注册',
+            ]);
+        }
+
+        // 创建用户
+        $user = User::create([
+            'username' => $username,
+            'password' => $password,  // 自动加密
+            'email' => $email,
+            'status' => 1,
+        ]);
+
+        return $response->json([
+            'code' => 0,
+            'message' => '注册成功',
+            'data' => [
+                'id' => $user->id,
+                'username' => $user->username,
+                'email' => $user->email,
+            ],
+        ]);
+    }
+
+    /**
+     * 用户登录
+     */
+    #[RequestMapping(path:'/login', methods:'post')]
+    public function login(RequestInterface $request, ResponseInterface $response, AuthManager $auth)
+    {
+        $username = $request->input('username');
+        $password = $request->input('password');
+
+        // 查找用户
+        $user = User::query()->where('username', $username)->first();
+
+        if (!$user) {
+            return $response->json([
+                'code' => 401,
+                'message' => '用户名或密码错误',
+            ]);
+        }
+
+        // 验证密码
+        if (!$user->verifyPassword($password)) {
+            return $response->json([
+                'code' => 401,
+                'message' => '用户名或密码错误',
+            ]);
+        }
+
+        // 检查用户状态
+        if ($user->status !== 1) {
+            return $response->json([
+                'code' => 403,
+                'message' => '账号已被禁用',
+            ]);
+        }
+
+        // 生成 Access Token
+        $token = $auth->guard('jwt')->login($user);
+
+        // 生成 Refresh Token
+        $refreshToken = bin2hex(random_bytes(32));
+        $user->refresh_token = $refreshToken;
+        $user->refresh_token_expires_at = Carbon::now()->addDays(30);
+        $user->save();
+
+        return $response->json([
+            'code' => 0,
+            'message' => '登录成功',
+            'data' => [
+                'access_token' => $token,
+                'refresh_token' => $refreshToken,
+                'token_type' => 'Bearer',
+                'expires_in' => 7200,  // 2 小时
+                'user' => [
+                    'id' => $user->id,
+                    'username' => $user->username,
+                    'email' => $user->email,
+                ],
+            ],
+        ]);
+    }
+
+    /**
+     * 刷新 Access Token
+     */
+    #[RequestMapping(path:'/refresh', methods:'get')]
+    #[Middleware(AuthMiddleware::class)]
+    public function refresh(RequestInterface $request, ResponseInterface $response, AuthManager $auth)
+    {
+        $refreshToken = $request->input('refresh_token');
+
+        if (!$refreshToken) {
+            return $response->json([
+                'code' => 400,
+                'message' => '缺少 refresh_token 参数',
+            ]);
+        }
+
+        // 查找用户
+        $user = User::query()->where('refresh_token', $refreshToken)->first();
+
+        if (!$user) {
+            return $response->json([
+                'code' => 401,
+                'message' => '无效的 refresh_token',
+            ]);
+        }
+
+        // 验证 refresh token 是否过期
+        if (!$user->isRefreshTokenValid()) {
+            return $response->json([
+                'code' => 401,
+                'message' => 'refresh_token 已过期，请重新登录',
+            ]);
+        }
+
+        // 检查用户状态
+        if ($user->status !== 1) {
+            return $response->json([
+                'code' => 403,
+                'message' => '账号已被禁用',
+            ]);
+        }
+
+        // 生成新的 Access Token
+        $token = $auth->guard('jwt')->login($user);
+
+        // 可选：生成新的 Refresh Token（更安全）
+        $newRefreshToken = bin2hex(random_bytes(32));
+        $user->refresh_token = $newRefreshToken;
+        $user->refresh_token_expires_at = Carbon::now()->addDays(30);
+        $user->save();
+
+        return $response->json([
+            'code' => 0,
+            'message' => 'Token 刷新成功',
+            'data' => [
+                'access_token' => $token,
+                'refresh_token' => $newRefreshToken,
+                'token_type' => 'Bearer',
+                'expires_in' => 7200,
+            ],
+        ]);
+    }
+
+    /**
+     * 获取当前用户信息
+     */
+    #[RequestMapping(path:'/me', methods:'get')]
+    #[Middleware(AuthMiddleware::class)]
+    public function me(AuthManager $auth, ResponseInterface $response)
+    {
+        $user = $auth->guard('jwt')->user();
+
+        if (!$user) {
+            return $response->json([
+                'code' => 401,
+                'message' => '未授权',
+            ]);
+        }
+
+        return $response->json([
+            'code' => 0,
+            'message' => '获取成功',
+            'data' => [
+                'id' => $user->id,
+                'username' => $user->username,
+                'email' => $user->email,
+                'status' => $user->status,
+                'ext' => $user->ext,
+                'created_at' => $user->created_at->toDateTimeString(),
+            ],
+        ]);
+    }
+
+    /**
+     * 退出登录
+     */
+    #[RequestMapping(path:'/logout', methods:'get')]
+    #[Middleware(AuthMiddleware::class)]
+    public function logout(AuthManager $auth, ResponseInterface $response)
+    {
+        $user = $auth->guard('jwt')->user();
+
+        if ($user instanceof User) {
+            // 清除 refresh token
+            $user->refresh_token = null;
+            $user->refresh_token_expires_at = null;
+            $user->save();
+        }
+
+        // 注销当前 token
+        $auth->guard('jwt')->logout();
+
+        return $response->json([
+            'code' => 0,
+            'message' => '退出成功',
+        ]);
+    }
+}
@@ -0,0 +1,93 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Controller\Api\V1;
+
+use App\Controller\AbstractController;
+use App\Middleware\AuthMiddleware;
+use App\Model\User;
+use Hyperf\HttpServer\Annotation\Controller;
+use Hyperf\HttpServer\Annotation\Middleware;
+use Hyperf\HttpServer\Annotation\RequestMapping;
+
+#[Controller(prefix: "/api/v1/users")]
+class UserController extends AbstractController
+{
+    /**
+     * 用户列表
+     *
+     * 支持分页、按 username/email 模糊搜索、按 status 精确筛选
+     */
+    #[RequestMapping(path: "", methods: "GET")]
+    #[Middleware(AuthMiddleware::class)]
+    public function index(): array
+    {
+        $page = max(1, (int) $this->request->input('page', 1));
+        $per_page = min(100, max(1, (int) $this->request->input('per_page', 15)));
+
+        $query = User::query();
+
+        // 按 username 模糊搜索
+        $username = $this->request->input('username');
+        if ($username !== null && $username !== '') {
+            $query->where('username', 'like', '%' . $username . '%');
+        }
+
+        // 按 email 模糊搜索
+        $email = $this->request->input('email');
+        if ($email !== null && $email !== '') {
+            $query->where('email', 'like', '%' . $email . '%');
+        }
+
+        // 按 status 精确筛选
+        $status = $this->request->input('status');
+        if ($status !== null && $status !== '') {
+            $query->where('status', (int) $status);
+        }
+
+        // 按 created_at 降序排序
+        $query->orderBy('created_at', 'desc');
+
+        $total = $query->count();
+        $items = $query->offset(($page - 1) * $per_page)
+            ->limit($per_page)
+            ->get();
+
+        return [
+            'code' => 0,
+            'message' => '获取成功',
+            'data' => [
+                'items' => $items,
+                'total' => $total,
+                'page' => $page,
+                'per_page' => $per_page,
+            ],
+        ];
+    }
+
+    /**
+     * 用户详情
+     *
+     * @param int $id 用户 ID
+     */
+    #[RequestMapping(path: "{id}", methods: "GET")]
+    #[Middleware(AuthMiddleware::class)]
+    public function show(int $id): \Psr\Http\Message\ResponseInterface|array
+    {
+        $user = User::query()->find($id);
+
+        if (!$user) {
+            return $this->response->json([
+                'code' => 404,
+                'message' => '用户不存在',
+            ])->withStatus(404);
+        }
+
+        return [
+            'code' => 0,
+            'message' => '获取成功',
+            'data' => $user,
+        ];
+    }
+}