两个简单的信息库校验

app/Http/ApiControllers/LoginController.php

@@ -7,6 +7,7 @@ namespace App\Http\ApiControllers;
 use App\User;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use Illuminate\Http\Response;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 
@@ -88,6 +89,55 @@ class LoginController
         }
     }
 
+    public function getUserInfo(Request $request)
+    {
+        $userName = $request->get('username','');
+        $password = $request->get('password','');
+        $users = User::query()->where("name",$userName)->orWhereHas("userDetail",function ($query)use($userName){
+            $query->where("mobile_phone",$userName);
+        })->get();
+        $user = null;
+        foreach ($users as $item){
+            if (Hash::check($password,$item->password)){
+                $user = $item;
+                break;
+            }
+        }
+        if (!$user){
+            return response("用户不存在或密码错误", 401);
+        }
+        $user->load("userDetail");
+        return response()->json([
+            "username" => $user->name,
+            "name" => $user->userDetail->full_name ?? "",
+            "sex" => $user->userDetail->gender ?? "",
+            "id_card" => $user->userDetail->identity_number ?? "",
+            "phone" => $user->userDetail->mobile_phone ?? "",
+        ]);
+    }
+
+    public function resetNameOrPwd(Request $request)
+    {
+        $userId = $request->get('id');
+        $userName = $request->get('username');
+        $password = $request->get('password');
+        $user = null;
+        if (!$userId || (!$userName && !$password) || !$user = User::query()->find($userId)){
+            return response("参数错误或用户不存在", 401);
+        }
+        $update = [];
+        if ($userName) {
+            $update["name"] = $userName;
+        }
+        if ($password) {
+            $update["password"] = Hash::make($password);
+        }
+        if ($user->update($update)) {
+            return response("OK");
+        }
+        return response("用户信息修改失败", 410);
+    }
+
     private function getMenu($user)
     {
         Auth::setUser($user);

app/Http/Kernel.php

@@ -2,6 +2,7 @@
 
 namespace App\Http;
 
+use App\Http\Middleware\AccessRestriction;
 use App\Http\Middleware\AuthorizingApi;
 use App\Http\Middleware\CheckCsrfToken;
 use App\Http\Middleware\LogPostRequest;
@@ -77,6 +78,7 @@ class Kernel extends HttpKernel
         'procurement.auth.api' => \App\Http\Middleware\ProcurementApiAuth::class,
         'check.token' => CheckCsrfToken::class,
         'authorizing' => AuthorizingApi::class,
+        'access.restriction' => AccessRestriction::class,
     ];
 
     /**

app/Http/Middleware/AccessRestriction.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class AccessRestriction
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $ip=[
+            '192.168.135.1',
+            '101.133.135.193'
+        ];
+        if(in_array($request->getClientIp(), $ip)){
+            return $next($request);
+        } else {
+            $request->headers->set('Accept', 'application/json');
+            return response('无权限访问', 403);
+        }
+    }
+}

routes/api.php

@@ -13,6 +13,9 @@ use Illuminate\Support\Facades\Route;
 | is assigned the "api" middleware group. Enjoy building your API!
 |
 */
+Route::get("getUserInfo", 'LoginController@getUserInfo')->middleware("access.restriction");
+Route::get("resetNameOrPwd", 'LoginController@resetNameOrPwd')->middleware("access.restriction");
+
 
 Route::prefix("v1")->group(function (){
     Route::middleware('throttle:' . config('api.rate_limits.sign'))