chuanqi-client-config/naixi_callback.php

<?php

// 奶昔论坛三方登录
$_LINUXDO_CONNECT = [
    'base'=>'https://auth.naixi.net',
    'client_id' => '6c597d1551b868dce9fe',
    'client_secret' => '065b759106ce704cb49082b9ebc790266f4e7105'
];
// cURL 函数
function get_curl($url, $post = 0, $referer = 0, $cookie = 0, $header = 0, $ua = 0, $nobaody = 0, $addheader = 0)
{
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    $httpheader[] = "Accept: */*";
    $httpheader[] = "Accept-Encoding: gzip,deflate,sdch";
    $httpheader[] = "Accept-Language: zh-CN,zh;q=0.8";
    $httpheader[] = "Connection: close";
    if ($header) {
        $httpheader = array_merge($httpheader, $header);
    }
    curl_setopt($ch, CURLOPT_HTTPHEADER, $httpheader);
    if ($post) {
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
    }
    if ($header) {
        curl_setopt($ch, CURLOPT_HEADER, false);
    }
    if ($cookie) {
        curl_setopt($ch, CURLOPT_COOKIE, $cookie);
    }
    if ($referer) {
        if ($referer == 1) {
            curl_setopt($ch, CURLOPT_REFERER, '');
        } else {
            curl_setopt($ch, CURLOPT_REFERER, $referer);
        }
    }
    if ($ua) {
        curl_setopt($ch, CURLOPT_USERAGENT, $ua);
    } else {
        curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36");
    }
    if ($nobaody) {
        curl_setopt($ch, CURLOPT_NOBODY, 1);
    }
    curl_setopt($ch, CURLOPT_ENCODING, "gzip");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $ret = curl_exec($ch);
    curl_close($ch);
    return $ret;
}

$code = $_GET['code'];
$header = [];
$post = http_build_query([
    'grant_type' => 'authorization_code',
    'code' => $code,
    "client_id"=> $_LINUXDO_CONNECT["client_id"],
    "client_secret"=> $_LINUXDO_CONNECT["client_secret"],
]);

$getTokenRes = get_curl($_LINUXDO_CONNECT["base"].'/api/login/oauth/access_token', $post, 0, 0, $header);

$getTokenArr = json_decode($getTokenRes, true);

if (isset($getTokenArr['access_token'])) {
    $access_token = $getTokenArr['access_token'];

    $header = [
        'Authorization: Bearer ' . $access_token
    ];

    $getUserRes = get_curl($_LINUXDO_CONNECT["base"].'/api/userinfo', 0, 0, 0, $header);
    $getUserArr = json_decode($getUserRes, true);
} else {
    $err = json_encode($getTokenArr);
}

?>
<!DOCTYPE HTML>
<html>

<head>
    <meta charset="UTF-8">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

    <meta name="viewport"
        content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" />
    <meta name="applicable-device" content="mobile">
    <meta name="apple-mobile-web-app-status-bar-style" content="black">
    <meta name="apple-mobile-web-app-capable" content="yes" />

    <meta name="full-screen" content="yes" />
    <meta name="x5-fullscreen" content="true" />
    <meta name="360-fullscreen" content="true" />

    <meta name="screen-orientation" content="portrait">
    <meta name="x5-orientation" content="portrait">
    <meta name="x5-page-mode" content="app">

    <title><?= $_CONFIG['game_name'] ?> <?= $_CONFIG['game_description'] ?></title>
    <meta name="description" content="<?= $_CONFIG['game_name'] ?> <?= $_CONFIG['game_description'] ?>">
    <meta name="keywords" content="<?= $_CONFIG['game_name'] ?>,<?= $_CONFIG['game_description'] ?>">

    <link rel="stylesheet" href="static/css/login.css?v=1.1.6" />
    <script>
        const initPasswd = "H0CE3sheqe8sp"
        function request(url, params) {
            return fetch(url, params).then(res => res.json())
        }
        function handleBind(account, linuxdo_account) {
            return request("/api?act=bind&account=" + account + "&connect_id=" + linuxdo_account+"&type=naixi").then(res => {
                if (res.password) {
                    alert("绑定成功,请点击确定开始游戏!")
                    location.href = "/play?account=" + account + "&token=" + res.password;
                }
            })
        }
        function processLogin(params = {}, connect_id) {
            const formData = new FormData();
            formData.append("serverId", "1");
            Object.entries(params).forEach(([key, value]) => formData.append(key, value));
            request("/api?act=reg", { method: "POST", body: formData }).then(res => {
                if (res.code == '0') {
                    handleBind(params.account, connect_id)
                } else {
                    console.error(res)
                    document.body.innerHTML = "授权失败"
                    return
                }
            }).catch(err=>console.error(err))
        }

        function registerDirect() {
            const linuxdo_account = document.getElementById("linuxdo").value;
            processLogin({ type: "1", account: linuxdo_account, password: initPasswd, password2: initPasswd }, linuxdo_account)
        }
        function linkAccount() {
            const account = document.getElementById("account").value;
            const password = document.getElementById("password").value;
            const linuxdo_account = document.getElementById("linuxdo").value;
            processLogin({ type: "0", account, password, }, linuxdo_account)
        }

    </script>
</head>

<body>
    <input type="hidden" id="linuxdo" value="<?= $getUserArr['email'] ?>">
    <?php if (!empty($getUserArr['email'])) { ?>
        <script>
            const connectId = document.getElementById('linuxdo').value
            request("/api?act=link&connect_id=" + connectId, { method: "POST" }).then(res => {
                if (res.code == '0') {
                    location.href = "/play?account=" + res.data.username + "&token=" + res.data.password;
                } else {
                    document.getElementById("bindBox").style.display = "block"
                    const linkAccountBtn = document.getElementById("linkAccount");
                    linkAccountBtn.addEventListener("click", linkAccount)
                    const registerDirectBtn = document.getElementById("registerDirect");
                    registerDirectBtn.addEventListener("click", registerDirect)
                }
            })

        </script>
        <div id="bindBox"
            style="width:400px;position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);display:flex;justify-content:center;align-items:center;flex-direction:column;display:none;">
            <!-- <div>当前尚未有你的游戏账号,请选择</div><br> -->
            <button id="registerDirect" onclick="registerDirect" style="cursor:pointer;font-weight:bold">奶昔论坛账号登录</a><br>
            <!-- <div>如果已有账号,请输入账号和密码</div><br>
            <input type="text" id="account" placeholder="请输入账号" onKeyUp="value = value.replace(/[\W]/g, '')"
                autocomplete="off" disableautocomplete><br>
            <input type="password" id="password" placeholder="请输入密码"><br>
            <button id="linkAccount">绑定并登录</button> -->
        </div>
    <?php } ?>
    <?php if (!empty($err)) { ?>
        授权发生异常:<?= $err ?>
    <?php } ?>
</body>

</html>