From f941751304b022ab5a4f8a378758b148622ad8e4 Mon Sep 17 00:00:00 2001
From: kubbo <390378816@qq.com>
Date: Thu, 17 Apr 2025 16:07:34 +0800
Subject: [PATCH] =?UTF-8?q?feat(login):=20=E6=B7=BB=E5=8A=A0=E5=A5=B6?=
 =?UTF-8?q?=E6=98=94=E8=AE=BA=E5=9D=9B=E7=AC=AC=E4=B8=89=E6=96=B9=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=E6=94=AF=E6=8C=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 在登录页面增加奶昔论坛登录选项
- 实现奶昔论坛OAuth2.0认证流程
- 添加用户绑定和直接登录功能
- 优化登录界面布局和样式
---
 login.php          |  19 +++--
 naixi_callback.php | 183 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 197 insertions(+), 5 deletions(-)
 create mode 100644 naixi_callback.php

diff --git a/login.php b/login.php
index 4416d89..a80def3 100644
--- a/login.php
+++ b/login.php
@@ -6,7 +6,7 @@
  * @wx        123456
  * @qq        123456
  -->
-<?php
+ <?php
 
 include 'config.php';
 
@@ -98,10 +98,14 @@ $stmt->store_result();
             	    我已阅读并同意 <a href="javascript:void(0);" id="agree_btn">用户协议及隐私协议<a/>
                 </div>
             	<a href="javascript:process_login();" id="submitButton" class="button fit">登 录</a>
-                <div style="display:flex;justify-content:center" id="linuxdoConnect">
-                    <div style="display:flex;align-items:center;flex-direction:column;gap:4px;cursor:pointer">
+                <div style="display:flex;justify-content:center;gap:8px;font-size:12px" >
+                    <div style="display:flex;align-items:center;flex-direction:column;gap:4px;cursor:pointer" id="linuxdoConnect">
                         <img src="static/img/linuxdo_logo.png" style="width:60px;height:60px" alt="Linux.Do登录"/>
-                        <div>Linux.do登录</div>
+                        <div>Linux.do</div>
+                    </div>
+                    <div style="display:flex;align-items:center;flex-direction:column;gap:4px;cursor:pointer" id="naixiConnect">
+                        <img src="https://forum.naixi.net/favicon.ico" style="width:60px;height:60px" alt="奶昔登录"/>
+                        <div>奶昔登录</div>
                     </div>
                 </div>
             	<div class="forget_password">
@@ -127,8 +131,13 @@ $stmt->store_result();
                 switchBtn = $('#switchBtn');
             const linuxdoConnect = $("#linuxdoConnect")
                   linuxdoConnect.click(()=>{
-                    location.href="https://connect.linux.do/oauth2/authorize?response_type=code&client_id=tfKevot5lSwB5A5gcqPQMMhaXDLjib0P"
+                    location.href="https://connect.linux.do/oauth2/authorize?response_type=code&client_id=fqAFU2cQVWtM3CiSLWZEzHb1nFw6evlY"
                   })
+            const naixiConnect = $("#naixiConnect")
+                  naixiConnect.click(()=>{
+                    location.href="https://auth.naixi.net/login/oauth/authorize?client_id=6c597d1551b868dce9fe&redirect_uri=http://cq.eb.cx/naixi_callback&response_type=code&scope=profile&state=STATE"
+                  })
+                  
             var isPhone = isMobile(),
                 agent_id = getQueryString('agent_id'),
                 codeOpen = <?=$_CONFIG['code_open']?>,
diff --git a/naixi_callback.php b/naixi_callback.php
new file mode 100644
index 0000000..9e03c7f
--- /dev/null
+++ b/naixi_callback.php
@@ -0,0 +1,183 @@
+<?php
+
+// 奶昔论坛三方登录
+$_LINUXDO_CONNECT = [
+    'base'=>'https://auth.naixi.net',
+    'client_id' => '6c597d1551b868dce9fe',
+    'client_secret' => '065b759106ce704cb49082b9ebc790266f4e7105'
+];
+// cURL 函数
+function get_curl($url, $post = 0, $referer = 0, $cookie = 0, $header = 0, $ua = 0, $nobaody = 0, $addheader = 0)
+{
+    $ch = curl_init();
+    curl_setopt($ch, CURLOPT_URL, $url);
+    $httpheader[] = "Accept: */*";
+    $httpheader[] = "Accept-Encoding: gzip,deflate,sdch";
+    $httpheader[] = "Accept-Language: zh-CN,zh;q=0.8";
+    $httpheader[] = "Connection: close";
+    if ($header) {
+        $httpheader = array_merge($httpheader, $header);
+    }
+    curl_setopt($ch, CURLOPT_HTTPHEADER, $httpheader);
+    if ($post) {
+        curl_setopt($ch, CURLOPT_POST, 1);
+        curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
+    }
+    if ($header) {
+        curl_setopt($ch, CURLOPT_HEADER, false);
+    }
+    if ($cookie) {
+        curl_setopt($ch, CURLOPT_COOKIE, $cookie);
+    }
+    if ($referer) {
+        if ($referer == 1) {
+            curl_setopt($ch, CURLOPT_REFERER, '');
+        } else {
+            curl_setopt($ch, CURLOPT_REFERER, $referer);
+        }
+    }
+    if ($ua) {
+        curl_setopt($ch, CURLOPT_USERAGENT, $ua);
+    } else {
+        curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36");
+    }
+    if ($nobaody) {
+        curl_setopt($ch, CURLOPT_NOBODY, 1);
+    }
+    curl_setopt($ch, CURLOPT_ENCODING, "gzip");
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    $ret = curl_exec($ch);
+    curl_close($ch);
+    return $ret;
+}
+
+$code = $_GET['code'];
+$header = [];
+$post = http_build_query([
+    'grant_type' => 'authorization_code',
+    'code' => $code,
+    "client_id"=> $_LINUXDO_CONNECT["client_id"],
+    "client_secret"=> $_LINUXDO_CONNECT["client_secret"],
+]);
+
+$getTokenRes = get_curl($_LINUXDO_CONNECT["base"].'/api/login/oauth/access_token', $post, 0, 0, $header);
+
+$getTokenArr = json_decode($getTokenRes, true);
+
+if (isset($getTokenArr['access_token'])) {
+    $access_token = $getTokenArr['access_token'];
+
+    $header = [
+        'Authorization: Bearer ' . $access_token
+    ];
+
+    $getUserRes = get_curl($_LINUXDO_CONNECT["base"].'/api/userinfo', 0, 0, 0, $header);
+    $getUserArr = json_decode($getUserRes, true);
+} else {
+    $err = json_encode($getTokenArr);
+}
+
+?>
+<!DOCTYPE HTML>
+<html>
+
+<head>
+    <meta charset="UTF-8">
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+    <meta name="viewport"
+        content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" />
+    <meta name="applicable-device" content="mobile">
+    <meta name="apple-mobile-web-app-status-bar-style" content="black">
+    <meta name="apple-mobile-web-app-capable" content="yes" />
+
+    <meta name="full-screen" content="yes" />
+    <meta name="x5-fullscreen" content="true" />
+    <meta name="360-fullscreen" content="true" />
+
+    <meta name="screen-orientation" content="portrait">
+    <meta name="x5-orientation" content="portrait">
+    <meta name="x5-page-mode" content="app">
+
+    <title><?= $_CONFIG['game_name'] ?> <?= $_CONFIG['game_description'] ?></title>
+    <meta name="description" content="<?= $_CONFIG['game_name'] ?> <?= $_CONFIG['game_description'] ?>">
+    <meta name="keywords" content="<?= $_CONFIG['game_name'] ?>,<?= $_CONFIG['game_description'] ?>">
+
+    <link rel="stylesheet" href="static/css/login.css?v=1.1.6" />
+    <script>
+        const initPasswd = "H0CE3sheqe8sp"
+        function request(url, params) {
+            return fetch(url, params).then(res => res.json())
+        }
+        function handleBind(account, linuxdo_account) {
+            return request("/api?act=bind&account=" + account + "&connect_id=" + linuxdo_account+"&type=naixi").then(res => {
+                if (res.password) {
+                    alert("绑定成功,请点击确定开始游戏!")
+                    location.href = "/play?account=" + account + "&token=" + res.password;
+                }
+            })
+        }
+        function processLogin(params = {}, connect_id) {
+            const formData = new FormData();
+            formData.append("serverId", "1");
+            Object.entries(params).forEach(([key, value]) => formData.append(key, value));
+            request("/api?act=reg", { method: "POST", body: formData }).then(res => {
+                if (res.code == '0') {
+                    handleBind(params.account, connect_id)
+                } else {
+                    console.error(res)
+                    document.body.innerHTML = "授权失败"
+                    return
+                }
+            }).catch(err=>console.error(err))
+        }
+
+        function registerDirect() {
+            const linuxdo_account = document.getElementById("linuxdo").value;
+            processLogin({ type: "1", account: linuxdo_account, password: initPasswd, password2: initPasswd }, linuxdo_account)
+        }
+        function linkAccount() {
+            const account = document.getElementById("account").value;
+            const password = document.getElementById("password").value;
+            const linuxdo_account = document.getElementById("linuxdo").value;
+            processLogin({ type: "0", account, password, }, linuxdo_account)
+        }
+
+    </script>
+</head>
+
+<body>
+    <input type="hidden" id="linuxdo" value="<?= $getUserArr['email'] ?>">
+    <?php if (!empty($getUserArr['email'])) { ?>
+        <script>
+            const connectId = document.getElementById('linuxdo').value
+            request("/api?act=link&connect_id=" + connectId, { method: "POST" }).then(res => {
+                if (res.code == '0') {
+                    location.href = "/play?account=" + res.data.username + "&token=" + res.data.password;
+                } else {
+                    document.getElementById("bindBox").style.display = "block"
+                    const linkAccountBtn = document.getElementById("linkAccount");
+                    linkAccountBtn.addEventListener("click", linkAccount)
+                    const registerDirectBtn = document.getElementById("registerDirect");
+                    registerDirectBtn.addEventListener("click", registerDirect)
+                }
+            })
+
+        </script>
+        <div id="bindBox"
+            style="width:400px;position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);display:flex;justify-content:center;align-items:center;flex-direction:column;display:none;">
+            <!-- <div>当前尚未有你的游戏账号,请选择</div><br> -->
+            <button id="registerDirect" onclick="registerDirect" style="cursor:pointer;font-weight:bold">奶昔论坛账号登录</a><br>
+            <!-- <div>如果已有账号,请输入账号和密码</div><br>
+            <input type="text" id="account" placeholder="请输入账号" onKeyUp="value = value.replace(/[\W]/g, '')"
+                autocomplete="off" disableautocomplete><br>
+            <input type="password" id="password" placeholder="请输入密码"><br>
+            <button id="linkAccount">绑定并登录</button> -->
+        </div>
+    <?php } ?>
+    <?php if (!empty($err)) { ?>
+        授权发生异常:<?= $err ?>
+    <?php } ?>
+</body>
+
+</html>
\ No newline at end of file