input('username'); $password = $request->input('password'); $email = $request->input('email'); // 验证用户是否已存在 if (User::query()->where('username', $username)->exists()) { return $response->json([ 'code' => 400, 'message' => '用户名已存在', ]); } if (User::query()->where('email', $email)->exists()) { return $response->json([ 'code' => 400, 'message' => '邮箱已被注册', ]); } // 创建用户 $user = User::create([ 'username' => $username, 'password' => $password, // 自动加密 'email' => $email, 'status' => 1, ]); return $response->json([ 'code' => 0, 'message' => '注册成功', 'data' => [ 'id' => $user->id, 'username' => $user->username, 'email' => $user->email, ], ]); } /** * 用户登录 */ #[RequestMapping(path:'/login', methods:'post')] public function login(RequestInterface $request, ResponseInterface $response, AuthManager $auth) { $username = $request->input('username'); $password = $request->input('password'); // 查找用户 $user = User::query()->where('username', $username)->first(); if (!$user) { return $response->json([ 'code' => 401, 'message' => '用户名或密码错误', ]); } // 验证密码 if (!$user->verifyPassword($password)) { return $response->json([ 'code' => 401, 'message' => '用户名或密码错误', ]); } // 检查用户状态 if ($user->status !== 1) { return $response->json([ 'code' => 403, 'message' => '账号已被禁用', ]); } // 生成 Access Token $token = $auth->guard('jwt')->login($user); // 生成 Refresh Token $refreshToken = bin2hex(random_bytes(32)); $user->refresh_token = $refreshToken; $user->refresh_token_expires_at = Carbon::now()->addDays(30); $user->save(); return $response->json([ 'code' => 0, 'message' => '登录成功', 'data' => [ 'access_token' => $token, 'refresh_token' => $refreshToken, 'token_type' => 'Bearer', 'expires_in' => 7200, // 2 小时 'user' => [ 'id' => $user->id, 'username' => $user->username, 'email' => $user->email, ], ], ]); } /** * 刷新 Access Token */ #[RequestMapping(path:'/refresh', methods:'get')] #[Middleware(AuthMiddleware::class)] public function refresh(RequestInterface $request, ResponseInterface $response, AuthManager $auth) { $refreshToken = $request->input('refresh_token'); if (!$refreshToken) { return $response->json([ 'code' => 400, 'message' => '缺少 refresh_token 参数', ]); } // 查找用户 $user = User::query()->where('refresh_token', $refreshToken)->first(); if (!$user) { return $response->json([ 'code' => 401, 'message' => '无效的 refresh_token', ]); } // 验证 refresh token 是否过期 if (!$user->isRefreshTokenValid()) { return $response->json([ 'code' => 401, 'message' => 'refresh_token 已过期，请重新登录', ]); } // 检查用户状态 if ($user->status !== 1) { return $response->json([ 'code' => 403, 'message' => '账号已被禁用', ]); } // 生成新的 Access Token $token = $auth->guard('jwt')->login($user); // 可选：生成新的 Refresh Token（更安全） $newRefreshToken = bin2hex(random_bytes(32)); $user->refresh_token = $newRefreshToken; $user->refresh_token_expires_at = Carbon::now()->addDays(30); $user->save(); return $response->json([ 'code' => 0, 'message' => 'Token 刷新成功', 'data' => [ 'access_token' => $token, 'refresh_token' => $newRefreshToken, 'token_type' => 'Bearer', 'expires_in' => 7200, ], ]); } /** * 获取当前用户信息 */ #[RequestMapping(path:'/me', methods:'get')] #[Middleware(AuthMiddleware::class)] public function me(AuthManager $auth, ResponseInterface $response) { $user = $auth->guard('jwt')->user(); if (!$user) { return $response->json([ 'code' => 401, 'message' => '未授权', ]); } return $response->json([ 'code' => 0, 'message' => '获取成功', 'data' => [ 'id' => $user->id, 'username' => $user->username, 'email' => $user->email, 'status' => $user->status, 'ext' => $user->ext, 'created_at' => $user->created_at->toDateTimeString(), ], ]); } /** * 退出登录 */ #[RequestMapping(path:'/logout', methods:'get')] #[Middleware(AuthMiddleware::class)] public function logout(AuthManager $auth, ResponseInterface $response) { $user = $auth->guard('jwt')->user(); if ($user instanceof User) { // 清除 refresh token $user->refresh_token = null; $user->refresh_token_expires_at = null; $user->save(); } // 注销当前 token $auth->guard('jwt')->logout(); return $response->json([ 'code' => 0, 'message' => '退出成功', ]); } }