Skip to content

Commit

Permalink
Merge pull request #1 from NimaQu/master
Browse files Browse the repository at this point in the history 
Merge from upstream
  • Loading branch information
@neoFelhz
neoFelhz committed May 11, 2018
2 parents 660cc28 + 11fca1d commit 4306caa
Show file tree
Hide file tree
Showing 17 changed files with 890 additions and 436 deletions.
10 changes: 10 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,10 @@ Wiki已经启用,欢迎为此面板维护wiki

- 为面板增加 v2Ray 功能

[**NeverBehave**](https://github.com/NeverBehave)

- 添加 Telegram OAuth

##### 还有所有被引用过代码的同学,以及所有提交过issue的同学。

#### 关于捐赠
Expand All @@ -82,3 +86,9 @@ Wiki已经启用,欢迎为此面板维护wiki

- [黛米付-支付接入](https://www.daimiyun.cn/register.php?aff=624)
- [冲上云霄云主机](http://console.soar-clouds.com/aff.php?aff=94)


##### Miku


- [qazCloud | 高速云端数据传输服务](https://www.qaz.cloud)
179 changes: 116 additions & 63 deletions app/Controllers/AuthController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,12 +27,11 @@
/**
* AuthController
*/

class AuthController extends BaseController
{
public function login()
{
$uid = time().rand(1, 10000) ;
$uid = time() . rand(1, 10000);
if (Config::get('enable_geetest_login') == 'true') {
$GtSdk = Geetest::get($uid);
} else {
Expand All @@ -49,13 +48,19 @@ public function login()
$login_number = '';
}

return $this->view()->assign('geetest_html', $GtSdk)->assign('login_token', $login_token)->assign('login_number', $login_number)->assign('telegram_bot', Config::get('telegram_bot'))->display('auth/login.tpl');
return $this->view()
->assign('geetest_html', $GtSdk)
->assign('login_token', $login_token)
->assign('login_number', $login_number)
->assign('telegram_bot', Config::get('telegram_bot'))
->assign('base_url', Config::get('baseUrl'))
->display('auth/login.tpl');
}

public function loginHandle($request, $response, $args)
{
// $data = $request->post('sdf');
$email = $request->getParam('email');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
$code = $request->getParam('code');
Expand Down Expand Up @@ -84,22 +89,22 @@ public function loginHandle($request, $response, $args)
$rs['msg'] = "邮箱或者密码错误.";


$loginip=new LoginIp();
$loginip->ip=$_SERVER["REMOTE_ADDR"];
$loginip->userid=$user->id;
$loginip->datetime=time();
$loginip->type=1;
$loginip = new LoginIp();
$loginip->ip = $_SERVER["REMOTE_ADDR"];
$loginip->userid = $user->id;
$loginip->datetime = time();
$loginip->type = 1;
$loginip->save();

return $response->getBody()->write(json_encode($rs));
}
// @todo
$time = 3600*24;
$time = 3600 * 24;
if ($rememberMe) {
$time = 3600*24*7;
$time = 3600 * 24 * 7;
}

if ($user->ga_enable==1) {
if ($user->ga_enable == 1) {
$ga = new GA();
$rcode = $ga->verifyCode($user->ga_token, $code);

Expand All @@ -114,11 +119,11 @@ public function loginHandle($request, $response, $args)
$rs['ret'] = 1;
$rs['msg'] = "欢迎回来";

$loginip=new LoginIp();
$loginip->ip=$_SERVER["REMOTE_ADDR"];
$loginip->userid=$user->id;
$loginip->datetime=time();
$loginip->type=0;
$loginip = new LoginIp();
$loginip->ip = $_SERVER["REMOTE_ADDR"];
$loginip->userid = $user->id;
$loginip->datetime = time();
$loginip->type = 0;
$loginip->save();

Wecenter::add($user, $passwd);
Expand All @@ -130,8 +135,8 @@ public function loginHandle($request, $response, $args)
public function qrcode_loginHandle($request, $response, $args)
{
// $data = $request->post('sdf');
$token = $request->getParam('token');
$number = $request->getParam('number');
$token = $request->getParam('token');
$number = $request->getParam('number');

$ret = TelegramSessionManager::step2_verify_login_session($token, $number);
if (!$ret) {
Expand All @@ -144,22 +149,27 @@ public function qrcode_loginHandle($request, $response, $args)
// Handle Login
$user = User::where('id', '=', $ret)->first();
// @todo
$time = 3600*24;
$time = 3600 * 24;

Auth::login($user->id, $time);
$rs['ret'] = 1;
$rs['msg'] = "欢迎回来";

$loginip=new LoginIp();
$loginip->ip=$_SERVER["REMOTE_ADDR"];
$loginip->userid=$user->id;
$loginip->datetime=time();
$loginip->type=0;
$loginip->save();
$this->logUserIp($user->id, $_SERVER["REMOTE_ADDR"]);

return $response->getBody()->write(json_encode($rs));
}

private function logUserIp($id, $ip)
{
$loginip = new LoginIp();
$loginip->ip = $ip;
$loginip->userid = $id;
$loginip->datetime = time();
$loginip->type = 0;
$loginip->save();
}

public function register($request, $response, $next)
{
$ary = $request->getQueryParams();
Expand All @@ -169,7 +179,7 @@ public function register($request, $response, $next)
$code = $antiXss->xss_clean($ary['code']);
}

$uid = time().rand(1, 10000) ;
$uid = time() . rand(1, 10000);

if (Config::get('enable_geetest_reg') == 'true') {
$GtSdk = Geetest::get($uid);
Expand All @@ -178,17 +188,16 @@ public function register($request, $response, $next)
}



return $this->view()->assign('enable_invite_code', Config::get('enable_invite_code'))->assign('geetest_html', $GtSdk)->assign('enable_email_verify', Config::get('enable_email_verify'))->assign('code', $code)->display('auth/register.tpl');
}


public function sendVerify($request, $response, $next)
{
if (Config::get('enable_email_verify')=='true') {
if (Config::get('enable_email_verify') == 'true') {
$email = $request->getParam('email');

if ($email=="") {
if ($email == "") {
$res['ret'] = 0;
$res['msg'] = "未填写邮箱";
return $response->getBody()->write(json_encode($res));
Expand All @@ -203,22 +212,22 @@ public function sendVerify($request, $response, $next)


$user = User::where('email', '=', $email)->first();
if ($user!=null) {
if ($user != null) {
$res['ret'] = 0;
$res['msg'] = "此邮箱已经注册";
return $response->getBody()->write(json_encode($res));
}

$ipcount = EmailVerify::where('ip', '=', $_SERVER["REMOTE_ADDR"])->where('expire_in', '>', time())->count();
if ($ipcount>=(int)Config::get('email_verify_iplimit')) {
if ($ipcount >= (int)Config::get('email_verify_iplimit')) {
$res['ret'] = 0;
$res['msg'] = "此IP请求次数过多";
return $response->getBody()->write(json_encode($res));
}


$mailcount = EmailVerify::where('email', '=', $email)->where('expire_in', '>', time())->count();
if ($mailcount>=3) {
if ($mailcount >= 3) {
$res['ret'] = 0;
$res['msg'] = "此邮箱请求次数过多";
return $response->getBody()->write(json_encode($res));
Expand All @@ -233,11 +242,11 @@ public function sendVerify($request, $response, $next)
$ev->code = $code;
$ev->save();

$subject = Config::get('appName')."- 验证邮件";
$subject = Config::get('appName') . "- 验证邮件";

try {
Mail::send($email, $subject, 'auth/verify.tpl', [
"code" => $code,"expire" => date("Y-m-d H:i:s", time() + Config::get('email_verify_ttl'))
"code" => $code, "expire" => date("Y-m-d H:i:s", time() + Config::get('email_verify_ttl'))
], [
//BASE_PATH.'/public/assets/email/styles.css'
]);
Expand All @@ -253,8 +262,8 @@ public function sendVerify($request, $response, $next)

public function registerHandle($request, $response, $next)
{
$name = $request->getParam('name');
$email = $request->getParam('email');
$name = $request->getParam('name');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
$repasswd = $request->getParam('repasswd');
Expand All @@ -276,13 +285,13 @@ public function registerHandle($request, $response, $next)
//dumplin:1、enable_invite_code为true则注册必须要填邀请码;2、邀请人等级为0则邀请码不可用;3、邀请人invite_num为可邀请次数,填负数则为无限
$c = InviteCode::where('code', $code)->first();
if ($c == null) {
if (Config::get('enable_invite_code')=='true') {
if (Config::get('enable_invite_code') == 'true') {
$res['ret'] = 0;
$res['msg'] = "邀请码无效";
return $response->getBody()->write(json_encode($res));
}
} else if ($c->user_id != 0) {
$gift_user=User::where("id", "=", $c->user_id)->first();
$gift_user = User::where("id", "=", $c->user_id)->first();
if ($gift_user == null) {
$res['ret'] = 0;
$res['msg'] = "邀请人不存在";
Expand Down Expand Up @@ -312,7 +321,7 @@ public function registerHandle($request, $response, $next)
return $response->getBody()->write(json_encode($res));
}

if (Config::get('enable_email_verify')=='true') {
if (Config::get('enable_email_verify') == 'true') {
$mailcount = EmailVerify::where('email', '=', $email)->where('code', '=', $emailcode)->where('expire_in', '>', time())->first();
if ($mailcount == null) {
$res['ret'] = 0;
Expand All @@ -322,7 +331,7 @@ public function registerHandle($request, $response, $next)
}

// check pwd length
if (strlen($passwd)<8) {
if (strlen($passwd) < 8) {
$res['ret'] = 0;
$res['msg'] = "密码请大于8位";
return $response->getBody()->write(json_encode($res));
Expand All @@ -335,7 +344,7 @@ public function registerHandle($request, $response, $next)
return $response->getBody()->write(json_encode($res));
}

if ($imtype==""||$wechat=="") {
if ($imtype == "" || $wechat == "") {
$res['ret'] = 0;
$res['msg'] = "请填上你的联络方式";
return $response->getBody()->write(json_encode($res));
Expand All @@ -347,7 +356,7 @@ public function registerHandle($request, $response, $next)
$res['msg'] = "此联络方式已注册";
return $response->getBody()->write(json_encode($res));
}
if (Config::get('enable_email_verify')=='true') {
if (Config::get('enable_email_verify') == 'true') {
EmailVerify::where('email', '=', $email)->delete();
}
// do reg user
Expand All @@ -371,47 +380,47 @@ public function registerHandle($request, $response, $next)
$user->obfs_param = Config::get('reg_obfs_param');
$user->forbidden_ip = Config::get('reg_forbidden_ip');
$user->forbidden_port = Config::get('reg_forbidden_port');
$user->im_type = $imtype;
$user->im_value = $antiXss->xss_clean($wechat);
$user->im_type = $imtype;
$user->im_value = $antiXss->xss_clean($wechat);
$user->transfer_enable = Tools::toGB(Config::get('defaultTraffic'));
$user->invite_num = Config::get('inviteNum');
$user->auto_reset_day = Config::get('reg_auto_reset_day');
$user->auto_reset_bandwidth = Config::get('reg_auto_reset_bandwidth');
$user->money=0;
$user->money = 0;

//dumplin:填写邀请人,写入邀请奖励
$user->ref_by =0;
$user->ref_by = 0;
if ($c != null) {
if ($c->user_id != 0) {
$gift_user=User::where("id", "=", $c->user_id)->first();
$gift_user = User::where("id", "=", $c->user_id)->first();
$user->ref_by = $c->user_id;
$user->money=Config::get('invite_get_money');
$gift_user->transfer_enable=($gift_user->transfer_enable+Config::get('invite_gift')*1024*1024*1024);
$user->money = Config::get('invite_get_money');
$gift_user->transfer_enable = ($gift_user->transfer_enable + Config::get('invite_gift') * 1024 * 1024 * 1024);
$gift_user->invite_num -= 1;
$gift_user->save();
}
}

$user->class_expire=date("Y-m-d H:i:s", time()+Config::get('user_class_expire_default')*3600);
$user->class_expire = date("Y-m-d H:i:s", time() + Config::get('user_class_expire_default') * 3600);
$user->class = Config::get('user_class_default');
$user->node_connector=Config::get('user_conn');
$user->node_speedlimit=Config::get('user_speedlimit');
$user->expire_in=date("Y-m-d H:i:s", time()+Config::get('user_expire_in_default')*86400);
$user->reg_date=date("Y-m-d H:i:s");
$user->reg_ip=$_SERVER["REMOTE_ADDR"];
$user->plan='A';
$user->theme=Config::get('theme');
$user->node_connector = Config::get('user_conn');
$user->node_speedlimit = Config::get('user_speedlimit');
$user->expire_in = date("Y-m-d H:i:s", time() + Config::get('user_expire_in_default') * 86400);
$user->reg_date = date("Y-m-d H:i:s");
$user->reg_ip = $_SERVER["REMOTE_ADDR"];
$user->plan = 'A';
$user->theme = Config::get('theme');

$group=Config::get('ramdom_group');
$Garray=explode(",", $group);
$group = Config::get('ramdom_group');
$Garray = explode(",", $group);

$user->node_group=$Garray[rand(0, count($Garray)-1)];
$user->node_group = $Garray[rand(0, count($Garray) - 1)];

$ga = new GA();
$secret = $ga->createSecret();

$user->ga_token=$secret;
$user->ga_enable=0;
$user->ga_token = $secret;
$user->ga_enable = 0;


if ($user->save()) {
Expand Down Expand Up @@ -447,4 +456,48 @@ public function qrcode_check($request, $response, $args)
return $response->getBody()->write(json_encode($res));
}
}

public function telegram_oauth($request, $response, $args)
{
if (Config::get('enable_telegram') == 'true') {
$auth_data = $request->getQueryParams();
if ($this->telegram_oauth_check($auth_data) === true) { // Looks good, proceed.
$telegram_id = $auth_data['id'];
$user = User::query()->where('telegram_id', $telegram_id)->firstOrFail(); // Welcome Back :)

Auth::login($user->id, 3600);
$this->logUserIp($user->id, $_SERVER["REMOTE_ADDR"]);

// 登陆成功!
return $this->view()->assign('title', '欢迎回来')->assign('message', '正在前往仪表盘')->assign('redirect', '/user')->display('telegram_success.tpl');
}
// 验证失败
return $this->view()->assign('title', '登陆超时或非法构造信息')->assign('message', '很抱歉带来的不便,请重新试试')->assign('redirect', '/auth/login')->display('telegram_error.tpl');
}
return $response->withRedirect('/404');
}

private function telegram_oauth_check($auth_data)
{
$check_hash = $auth_data['hash'];
$bot_token = Config::get('telegram_token');;
unset($auth_data['hash']);
$data_check_arr = [];
foreach ($auth_data as $key => $value) {
$data_check_arr[] = $key . '=' . $value;
}
sort($data_check_arr);
$data_check_string = implode("\n", $data_check_arr);
$secret_key = hash('sha256', $bot_token, true);
$hash = hash_hmac('sha256', $data_check_string, $secret_key);
if (strcmp($hash, $check_hash) !== 0) {
return false; // Bad Data :(
}

if ((time() - $auth_data['auth_date']) > 300) { // Expire @ 5mins
return false;
}

return true; // Good to Go
}
}
Loading

0 comments on commit 4306caa

Please sign in to comment.