From b32dc237f5fae722095b7c916f0f7515fda8c6d7 Mon Sep 17 00:00:00 2001
From: fthvgb1 <fthvgb1@163.com>
Date: Sun, 3 Jun 2018 17:37:54 +0800
Subject: [PATCH] =?UTF-8?q?=E7=94=A8=E6=88=B7=E6=B3=A8=E5=86=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Http/Controllers/Api/UsersController.php | 26 +++++++++++++
 app/Http/Requests/UserRequest.php            | 41 ++++++++++++++++++++
 app/Models/User.php                          |  2 +-
 config/api.php                               | 16 ++++++++
 routes/api.php                               | 17 +++++++-
 5 files changed, 99 insertions(+), 3 deletions(-)
 create mode 100644 app/Http/Controllers/Api/UsersController.php
 create mode 100644 app/Http/Requests/UserRequest.php

diff --git a/app/Http/Controllers/Api/UsersController.php b/app/Http/Controllers/Api/UsersController.php
new file mode 100644
index 0000000..93f91d0
--- /dev/null
+++ b/app/Http/Controllers/Api/UsersController.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Http\Requests\UserRequest;
+use App\Models\User;
+use Illuminate\Support\Facades\Cache;
+
+class UsersController extends Controller
+{
+    public function store(UserRequest $request)
+    {
+        $verifyData = Cache::get($request->get('verification_key'), '');
+        if (!$verifyData) {
+            return $this->response->error('验证码失效', 422);
+        }
+        if (!hash_equals($verifyData['code'], $request->get('verification_code'))) {
+            return $this->response->errorUnauthorized('验证码错误');
+        }
+        $user = User::create($request->all(['name', 'phone', 'password']));
+        // 清除验证码缓存
+        \Cache::forget($request->verification_key);
+
+        return $this->response->created();
+    }
+}
diff --git a/app/Http/Requests/UserRequest.php b/app/Http/Requests/UserRequest.php
new file mode 100644
index 0000000..d87d013
--- /dev/null
+++ b/app/Http/Requests/UserRequest.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UserRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'name' => 'required|string|max:255',
+            'password' => 'required|string|min:6',
+            'verification_key' => 'required|string',
+            'verification_code' => 'required|string',
+        ];
+    }
+
+    public function attributes()
+    {
+        return [
+            'verification_key' => '短信验证码 key',
+            'verification_code' => '短信验证码',
+        ];
+    }
+}
diff --git a/app/Models/User.php b/app/Models/User.php
index 60d45ba..7f4eb8e 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -29,7 +29,7 @@ class User extends Authenticatable
      * @var array
      */
     protected $fillable = [
-        'name', 'email', 'password', 'introduction', 'avatar '
+        'name', 'phone', 'email', 'password', 'introduction', 'avatar '
     ];
 
     /**
diff --git a/config/api.php b/config/api.php
index d6e8836..ae7fdda 100644
--- a/config/api.php
+++ b/config/api.php
@@ -229,4 +229,20 @@ return [
 
     ],
 
+
+    /*
+    * 接口频率限制
+    */
+    'rate_limits' => [
+        // 访问频率限制，次数/分钟
+        'access' => [
+            'expires' => env('RATE_LIMITS_EXPIRES', 1),
+            'limit' => env('RATE_LIMITS', 60),
+        ],
+        // 登录相关，次数/分钟
+        'sign' => [
+            'expires' => env('SIGN_RATE_LIMITS_EXPIRES', 1),
+            'limit' => env('SIGN_RATE_LIMITS', 10),
+        ],
+    ],
 ];
diff --git a/routes/api.php b/routes/api.php
index 05ec45f..ec34650 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -13,8 +13,21 @@
 $api = app('Dingo\Api\Routing\Router');
 
 $api->version('v1', ['namespace' => 'App\Http\Controllers\Api'], function ($api) {
-    $api->post('verificationCodes', 'VerificationCodesController@store')
-        ->name('api.verificationCodes.store');
+    $api->group([
+        'middleware' => 'api.throttle',
+        'limit' => config('api.rate_limits.sign.limit'),
+        'expires' => config('api.rate_limits.sign.expires'),
+    ], function ($api) {
+        // 短信验证码
+        $api->post('verificationCodes', 'VerificationCodesController@store')
+            ->name('api.verificationCodes.store');
+        // 用户注册
+        $api->post('users', 'UsersController@store')
+            ->name('api.users.store');
+    });
+
+
+
 });
 
 /*$api->version('v2', function ($api) {