Merge branch 'master' of git.076.ne.jp:076/community/076Server

このコミットが含まれているのは:
テクニカル諏訪子 2018-11-27 15:50:37 +09:00
コミット d1c307ec43
2個のファイルの変更117行の追加0行の削除

ファイルの表示

@ -422,6 +422,120 @@ class AuthController extends Controller {
return array();
}
function CheckEmail($email) {
$get = DB::table('users')
->where('email', $email)
->count();
if ($get == 0) return 0;
else return 1;
}
public function SendReset(Request $request) {
$exist = $this->CheckEmail($request->email);
if ($exist == 0) {
return 0;
}
else {
$check = DB::table('usr_resets')
->select('token')
->where('email', $request->email)
->count();
if ($check > 0) {
DB::table('usr_resets')
->where('email', $request->email)
->delete();
}
$token = bin2hex(random_bytes(32));
$due = time() + (1 * 24 * 60 * 60);
DB::table('usr_resets')
->insert([
'email' => $request->email,
'token' => $token,
'due_date' => $due
]);
$get = DB::table('usr_resetmails')
->select('sender', 'sendname', 'subject', 'message')
->first();
$user = DB::table('users')
->select('username')
->where('email', $request->email)
->first();
$mess = str_replace('{user}', $user->username, $get->message);
$mess2 = str_replace('{link}', $token, $mess);
$mess2 = mb_convert_encoding($mess2, "ISO-2022-JP", "AUTO");
$subj = mb_convert_encoding($get->subject, "ISO-2022-JP", "AUTO");
$headers = "MIME-Version: 1.0"."\r\n";
$headers .= "Content-Type: text/plain; charset=ISO-2022-JP"."\r\n";
$headers .= "To: ".$request->email."\r\n";
$headers .= "From: ".mb_convert_encoding($get->sendname,"ISO-2022-JP","AUTO")." <".$get->sender.">"."\r\n";
mb_language("ja");
$res = mail(
$request->email,
$subj,
$mess2,
$headers,
"-f".$get->sender
);
return 1;
}
}
public function ConfirmReset($token) {
$get = DB::table('usr_resets')
->select('*')
->where('token', $token)
->first();
$within24hour = time() + (1 * 24 * 60 * 60);
if (empty($get)) {
return 0;
}
else {
if ($get->due_date > $within24hour) {
return 0;
}
else {
return 1;
}
}
}
public function PasswordReset(Request $request) {
if (empty($request->password)) {
return 0;
}
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$passwd = hash('sha256', $request->password . $salt);
for ($round = 0; $round < 65536; $round++) {
$passwd = hash('sha256', $passwd . $salt);
}
$res = DB::table('users')
->where('email', $request->email)
->update([
'password' => $passwd,
'salt' => $salt
]);
return 1;
}
public function recover(Request $request) {
$user = User::where('email', $request->email)->first();

ファイルの表示

@ -22,6 +22,9 @@ $api->version('v1', function ($api) {
$api->post('/auth/login', 'AuthController@login');
$api->post('/auth/register', 'AuthController@register');
$api->post('/auth/recover', 'AuthController@recover');
$api->post('/auth/sendreset', 'AuthController@SendReset');
$api->get('/auth/confirmreset/{token}', 'AuthController@ConfirmReset');
$api->post('/auth/passwordreset', 'AuthController@PasswordReset');
$api->post('/auth/checkauth', 'AuthController@checkAuth');
});
});