feat: release 6.9.0

Author: modstart

README.md

@@ -285,6 +285,20 @@ AdminMenu::register(function () {
 - [https://modstart.com/forum](https://modstart.com/forum)
 
 
+## ⭐️ 贡献代码
+
+系统接受 Github 和 Gitee 的 Pull Request，欢迎提交代码。
+
+文件 `/vendor/modstart/modstart` 底层代码修改，可以提交 PR 到以下仓库，该仓库会在每次发版自动合入所有系统。
+
+- `Github` [https://github.com/modstart-lib/modstart](https://github.com/modstart-lib/modstart)
+- `Gitee` [https://gitee.com/modstart-lib/modstart](https://gitee.com/modstart-lib/modstart)
+
+如果是非底层代码修改，可具体提交 PR 到以下仓库
+
+- `Github` [https://github.com/modstart/ModStartCMS](https://github.com/modstart/ModStartCMS)
+- `Gitee` [https://gitee.com/modstart/ModStartCMS](https://gitee.com/modstart/ModStartCMS)
+
 ## ✉️ 使用交流
 
 ### QQ交流群

module/AdminManager/Asset/entry/upgrade.js

@@ -179,7 +179,7 @@
                         class="tw-bg-white tw-rounded-sm tw-mb-2 tw-box tw-px-5 tw-py-3 tw-mb-3 tw-flex tw-items-center tw-zoom-in">
                         <div class="tw-w-10 tw-h-10 tw-flex-none tw-image-fit tw-rounded-full tw-overflow-hidden">
                             <div class="circle tw-border tw-border-gray-200 tw-border-solid tw-shadow ub-cover-1-1"
-                                 :style="{backgroundImage:`url(${memberUser.avatar||'/asset/image/avatar.png'})`}"></div>
+                                 :style="{backgroundImage:`url(${memberUser.avatar||'/asset/image/avatar.svg'})`}"></div>
                         </div>
                         <div class="tw-ml-4 tw-mr-auto">
                             <div class="tw-font-medium">{{memberUser.username || ''}}</div>

module/AdminManager/resources/asset/src/pages/Upgrade.vue

@@ -14,32 +14,41 @@ public function setting(AdminConfigBuilder $builder)
     {
         $captchaType = array_merge(['' => '默认'], CaptchaProvider::nameTitleMap());
         $builder->pageTitle('功能设置');
-        $builder->layoutPanel('登录注册', function ($builder) use ($captchaType) {
+        $builder->layoutPanel('登录', function ($builder) use ($captchaType) {
             /** @var HasFields $builder */
             $builder->switch('loginCaptchaEnable', '启用登录验证码')
                 ->when('=', true, function (Form $form) use ($captchaType) {
-                    $form->select('loginCaptchaProvider', '登录验证码类型')->options($captchaType);
+                    $form->select('loginCaptchaProvider', '登录验证码类型')->options($captchaType)
+                        ->help('用于 用户名密码登录（/login）、手机快捷登录（/login_phone） 的人机验证');
                 });
             $builder->switch('Member_LoginPhoneEnable', '启用手机快捷登录')
                 ->when('=', true, function (Form $form) {
-                    $form->text('Member_LoginPhoneNameSuggest', '快捷注册用户名前缀')
+                    $form->text('Member_LoginPhoneNameSuggest', '手机快捷登录用户名')
                         ->defaultValue('用户')
                         ->help(join('', [
-                            '<p>默认为"用户"，用户注册后自动设置用户名和昵称为 "用户xxxx"。可以使用占位符，如"用户{Phone}"表示注册后自动设置为"用户+手机号"。</p>',
-                            '<p>{Phone}用户手机 {Phone4}手机后4位 {Uid}用户ID，如冲突将会自动追加随机字符串</p>'
+                            '<p>默认为"用户"，用户注册后自动设置用户名和昵称为 "用户xxxx"。</p>',
+                            '<p>可使用占位符，如"用户{Phone}"表示注册后自动设置为"用户+手机号"，用户名如遇冲突将会自动追加随机字符串。</p>',
+                            '<p>其他占位符：{Phone}用户手机、{Phone4}手机后4位、{Uid}用户ID</p>',
                         ]));
-                    $form->switch('Member_LoginPhoneAutoRegister', '登录时自动注册')
-                        ->help('开启后，用户使用手机号登录时，如果用户不存在则自动注册');
-                });
+                    $form->switch('Member_LoginPhoneAutoRegister', '手机快捷登录自动注册')
+                        ->help('开启后，手机快捷登录遇用户不存在则自动注册，关闭表示手机号不存在不能登录');
+                })
+                ->help('开启手机快捷登录（/login_phone）');
             $builder->select('Member_LoginDefault', '默认登录方式')->options([
-                'default' => '用户名密码登录',
-                'phone' => '手机快捷登录',
+                'default' => '用户名密码登录 /login',
+                'phone' => '手机快捷登录 /login_phone',
             ]);
+
+        });
+        $builder->layoutPanel('注册', function ($builder) use ($captchaType) {
+            /** @var HasFields $builder */
+            $builder->select('Member_RegisterCaptchaProvider', '注册验证码类型')->options($captchaType)
+                ->help('用于 普通注册（/register）、手机快捷注册（/register_phone） 的人机验证');
             $builder->switch('registerDisable', '禁用注册')
                 ->when('!=', true, function ($builder) {
-                    $builder->switch('registerEmailEnable', '启用邮箱注册');
-                    $builder->switch('registerPhoneEnable', '启用手机注册');
-                    $builder->switch('Member_RegisterPhoneEnable', '启用手机快捷注册');
+                    $builder->switch('registerEmailEnable', '注册时填写邮箱');
+                    $builder->switch('registerPhoneEnable', '注册时填写手机');
+                    $builder->switch('Member_RegisterPhoneEnable', '启用手机快捷注册')->help('开启后用户可通过手机验证码快捷注册（/register_phone）');
                     $builder->select('Member_RegisterDefault', '默认注册方式')->options([
                         'default' => '用户名密码注册',
                         'phone' => '手机快捷注册',
@@ -49,32 +58,32 @@ public function setting(AdminConfigBuilder $builder)
                     $builder->switch('registerOauthEnable', '允许以授权方式注册');
                 });
             if (modstart_module_enabled('MemberOauth')) {
-                $builder->switch('Member_OauthBindPhoneEnable', '授权登录绑定手机');
-                $builder->switch('Member_OauthBindEmailEnable', '授权登录绑定邮箱');
+                $builder->switch('Member_OauthBindPhoneEnable', '授权登录需绑定手机');
+                $builder->switch('Member_OauthBindEmailEnable', '授权登录需绑定邮箱');
             }
             $builder->number('Member_UsernameMinLength', '用户名最小长度')->defaultValue(3);
-            $builder->button('', '保存')->forSubmit();
+
         });
-        $builder->layoutPanel('账号安全', function ($builder) {
-            $builder->switch('Member_ProfileEmailEnable', '开启邮箱绑定');
-            $builder->switch('Member_ProfilePhoneEnable', '开启手机绑定');
+        $builder->layoutPanel('找回密码', function ($builder) {
             $builder->switch('retrieveDisable', '禁用找回密码')
                 ->when('!=', true, function ($builder) {
                     $builder->switch('retrievePhoneEnable', '启用手机找回密码');
                     $builder->switch('retrieveEmailEnable', '启用邮箱找回密码');
                 });
-            $builder->button('', '保存')->forSubmit();
         });
-        $builder->layoutPanel('安全设置', function ($builder) {
+        $builder->layoutPanel('账号安全', function ($builder) {
+            $builder->switch('Member_ProfileEmailEnable', '开启邮箱绑定')->help('启用后用户中心增加邮箱绑定页面');
+            $builder->switch('Member_ProfilePhoneEnable', '开启手机绑定')->help('启用后用户中心增加手机绑定页面');
             $builder->switch('Member_LoginRedirectCheckEnable', '登录后跳转安全验证')
                 ->when('=', true, function (Form $form) {
                     $form->textarea('Member_LoginRedirectWhiteList', '白名单')->placeholder('请输入域名白名单，每行一个，如：www.example.com');
                 });
             $builder->switch('Member_DeleteEnable', '启用自助注销账号')
-                ->help('用户注销账号后，用户名会重置为随机字符串，已绑定的手机、邮箱均会解绑');
-            $builder->button('', '保存')->forSubmit();
+                ->help('开启后，用户中心可自主申请注销账号。用户注销账号后，用户名会重置为随机字符串，已绑定的手机、邮箱均会解绑');
+
         });
         $builder->formClass('wide');
+        $builder->contentFixedBottomContentSave();
         $builder->disableBoxWrap(true);
         $builder->showReset(false)->showSubmit(false);
         return $builder->perform();

module/Member/Admin/Controller/ConfigController.php

@@ -58,8 +58,8 @@ protected function crud(AdminCRUDBuilder $builder)
                 $builder->id('id', 'ID');
                 MemberAdminList::callGridField($builder);
                 $builder->display('avatar', '头像')->hookRendering(function (AbstractField $field, $item, $index) {
-                    $avatarSmall = AssetsUtil::fixOrDefault($item->avatar, 'asset/image/avatar.png');
-                    $avatarBig = AssetsUtil::fixOrDefault($item->avatarBig, 'asset/image/avatar.png');
+                    $avatarSmall = AssetsUtil::fixOrDefault($item->avatar, 'asset/image/avatar.svg');
+                    $avatarBig = AssetsUtil::fixOrDefault($item->avatarBig, 'asset/image/avatar.svg');
                     return AutoRenderedFieldValue::make("<a href='$avatarBig' class='tw-inline-block' data-image-preview>
                         <img src='$avatarSmall' class='tw-rounded-full tw-w-8 tw-h-8 tw-shadow'></a>");
                 });
@@ -221,6 +221,7 @@ public function edit(AdminDialogPage $page)
         }
         $form = Form::make('');
         $form->layoutPanel('基础', function (Form $form) {
+            $form->display('id', '用户ID')->addable(true);
             $form->text('username', '用户名');
             $form->text('phone', '手机');
             $form->text('email', '邮箱');
@@ -233,7 +234,7 @@ public function edit(AdminDialogPage $page)
             }
             if (ModuleManager::getModuleConfigBoolean('Member', 'vipEnable', false)) {
                 $form->radio('vipId', 'VIP')->options(MemberVipUtil::mapTitle())->required();
-                $form->date('vipExpire', 'VIP过期');
+                $form->date('vipExpire', 'VIP过期')->help('VIP过期留空表示永久');
             }
         });
         $form->item($memberUser)->fillFields();
@@ -285,7 +286,7 @@ public function search()
             return [
                 'value' => intval($item['id']),
                 'name' => htmlspecialchars(MemberUtil::viewName($item)),
-                'avatar' => AssetsUtil::fixOrDefault($item['avatar'], 'asset/image/avatar.png'),
+                'avatar' => AssetsUtil::fixOrDefault($item['avatar'], 'asset/image/avatar.svg'),
             ];
         }, $paginateData['records']);
         return Response::jsonSuccessData($records);

module/Member/Admin/Controller/MemberController.php

@@ -35,9 +35,6 @@ protected function crud(AdminCRUDBuilder $builder)
                 $builder->image('icon', '图标');
                 $builder->currency('price', '价格')->required();
                 $builder->number('vipDays', '时间')->required()->help('单位为天，365表示1年');
-                foreach (MemberVipBiz::all() as $biz) {
-                    $biz->vipField($builder);
-                }
                 $builder->text('desc', '简要说明')->required();
                 $builder->richHtml('content', '详细说明')->required();
                 if (ModuleManager::getModuleConfigBoolean('Member', 'creditEnable', false)) {
@@ -46,6 +43,11 @@ protected function crud(AdminCRUDBuilder $builder)
                         $form->number('creditPresentValue', '赠送积分数量');
                     })->optionsYesNo()->listable(false);
                 }
+                foreach (MemberVipBiz::all() as $biz) {
+                    $builder->layoutPanel($biz->title(), function ($builder) use ($biz) {
+                        $biz->vipField($builder);
+                    });
+                }
                 $builder->display('created_at', L('Created At'))->listable(false);
                 $builder->display('updated_at', L('Updated At'))->listable(false);
             })

module/Member/Admin/Controller/MemberVipSetController.php

@@ -22,8 +22,8 @@
 use Module\Member\Provider\RegisterProcessor\AbstractMemberRegisterProcessorProvider;
 use Module\Member\Provider\RegisterProcessor\MemberRegisterProcessorProvider;
 use Module\Member\Util\MemberUtil;
+use Module\Member\Util\SecurityUtil;
 use Module\Vendor\Email\MailSendJob;
-use Module\Vendor\Provider\Captcha\CaptchaProvider;
 use Module\Vendor\Session\SessionUtil;
 use Module\Vendor\Sms\SmsUtil;
 use Module\Vendor\Support\ResponseCodes;
@@ -231,11 +231,11 @@ public function oauthBind($oauthType = null)
         if (!Session::get('oauthBindCaptchaPass', false)) {
             if (!CaptchaFacade::check($captcha)) {
                 SessionUtil::atomicProduce('oauthBindCaptchaPassCount', 1);
-                return Response::generate(-1, '图片验证失败');
+                return Response::generate(-1, '请重新进行安全验证');
             }
         }
         if (!SessionUtil::atomicConsume('oauthBindCaptchaPassCount')) {
-            return Response::generate(-1, '请重新输入图片验证码');
+            return Response::generate(-1, '请进行安全验证');
         }
         if (modstart_config('Member_OauthBindPhoneEnable')) {
             if (empty($phone)) {
@@ -612,11 +612,11 @@ public function login()
         }
 
         if (modstart_config('loginCaptchaEnable', false)) {
-            $captchaProvider = modstart_config('loginCaptchaProvider', null);
+            $captchaProvider = SecurityUtil::loginCaptchaProvider();
             if ($captchaProvider) {
-                $ret = CaptchaProvider::get($captchaProvider)->validate();
+                $ret = $captchaProvider->validate();
                 if (Response::isError($ret)) {
-                    return $ret;
+                    return Response::generate(-1, $ret['msg']);
                 }
             } else {
                 if (!CaptchaFacade::check($input->getTrimString('captcha'))) {
@@ -750,9 +750,17 @@ public function loginPhoneVerify()
             return Response::generate(-1, '手机为空或格式不正确');
         }
 
-        $captcha = $input->getTrimString('captcha');
-        if (!CaptchaFacade::check($captcha)) {
-            return Response::generate(-1, '图片验证码错误');
+        $provider = SecurityUtil::loginCaptchaProvider();
+        if ($provider) {
+            $ret = $provider->validate();
+            if (Response::isError($ret)) {
+                return $ret;
+            }
+        } else {
+            $captcha = $input->getTrimString('captcha');
+            if (!CaptchaFacade::check($captcha)) {
+                return Response::generate(-1, '图片验证码错误');
+            }
         }
 
         $memberUser = MemberUtil::getByPhone($phone);
@@ -926,11 +934,11 @@ public function register()
         if (!Session::get('registerCaptchaPass', false)) {
             if (!CaptchaFacade::check($captcha)) {
                 SessionUtil::atomicProduce('registerCaptchaPassCount', 1);
-                return Response::generate(-1, '图片验证失败');
+                return Response::generate(-1, '请重新进行安全验证');
             }
         }
         if (!SessionUtil::atomicConsume('registerCaptchaPassCount')) {
-            return Response::generate(-1, '请重新输入图片验证码');
+            return Response::generate(-1, '请进行安全验证');
         }
 
         if (modstart_config('registerPhoneEnable')) {
@@ -1024,10 +1032,10 @@ public function registerEmailVerify()
         }
 
         if (!Session::get('registerCaptchaPass', false)) {
-            return Response::generate(-1, '请先验证图片验证码');
+            return Response::generate(-1, '请先进行安全验证');
         }
         if (!SessionUtil::atomicConsume('registerCaptchaPassCount')) {
-            return Response::generate(-1, '请重新输入图片验证码');
+            return Response::generate(-1, '请进行安全验证');
         }
 
         $memberUser = MemberUtil::getByEmail($email);
@@ -1074,10 +1082,10 @@ public function registerPhoneVerify()
         }
 
         if (!Session::get('registerCaptchaPass', false)) {
-            return Response::generate(-1, '请先验证图片验证码');
+            return Response::generate(-1, '请先进行安全验证');
         }
         if (!SessionUtil::atomicConsume('registerCaptchaPassCount')) {
-            return Response::generate(-1, '请重新输入图片验证码');
+            return Response::generate(-1, '请进行安全验证');
         }
 
         $memberUser = MemberUtil::getByPhone($phone);
@@ -1113,11 +1121,19 @@ public function registerPhoneVerify()
      */
     public function registerCaptchaVerify()
     {
-        $input = InputPackage::buildFromInput();
-        $captcha = $input->getTrimString('captcha');
-        if (!CaptchaFacade::check($captcha)) {
-            SessionUtil::atomicRemove('registerCaptchaPassCount');
-            return Response::generate(ResponseCodes::CAPTCHA_ERROR, '验证码错误');
+        $provider = SecurityUtil::registerCaptchaProvider();
+        if ($provider) {
+            $ret = $provider->validate();
+            if (Response::isError($ret)) {
+                return $ret;
+            }
+        } else {
+            $input = InputPackage::buildFromInput();
+            $captcha = $input->getTrimString('captcha');
+            if (!CaptchaFacade::check($captcha)) {
+                SessionUtil::atomicRemove('registerCaptchaPassCount');
+                return Response::generate(ResponseCodes::CAPTCHA_ERROR, '验证码错误');
+            }
         }
         Session::put('registerCaptchaPass', true);
         $registerCaptchaPassCount = 1;
@@ -1183,10 +1199,10 @@ public function oauthBindEmailVerify()
         }
 
         if (!Session::get('oauthBindCaptchaPass', false)) {
-            return Response::generate(-1, '请先验证图片验证码');
+            return Response::generate(-1, '请先进行安全验证');
         }
         if (!SessionUtil::atomicConsume('oauthBindCaptchaPassCount')) {
-            return Response::generate(-1, '请重新输入图片验证码');
+            return Response::generate(-1, '请进行安全验证');
         }
 
         $memberUser = MemberUtil::getByEmail($email);
@@ -1230,10 +1246,10 @@ public function oauthBindPhoneVerify()
         }
 
         if (!Session::get('oauthBindCaptchaPass', false)) {
-            return Response::generate(-1, '请先验证图片验证码');
+            return Response::generate(-1, '请先进行安全验证');
         }
         if (!SessionUtil::atomicConsume('oauthBindCaptchaPassCount')) {
-            return Response::generate(-1, '请重新输入图片验证码');
+            return Response::generate(-1, '请进行安全验证');
         }
 
         $memberUser = MemberUtil::getByPhone($phone);

module/Member/Api/Controller/AuthController.php

@@ -0,0 +1,24 @@
+<?php
+
+
+namespace Module\Member\Api\Controller;
+
+
+use Illuminate\Routing\Controller;
+use ModStart\Core\Input\Response;
+use Module\Member\Auth\MemberUser;
+use Module\Member\Support\MemberLoginCheck;
+use Module\MemberCert\Util\MemberCertUtil;
+
+class MemberController extends Controller implements MemberLoginCheck
+{
+    public function current()
+    {
+        $data = [];
+        $data['_certType'] = null;
+        if (modstart_module_enabled('MemberCert')) {
+            $data['_certType'] = MemberCertUtil::getCertType(MemberUser::id());
+        }
+        return Response::generateSuccessData($data);
+    }
+}