feat: G1/SP1 самозапись клиента с подтверждением почты 6-значным кодом

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Дмитрий
2026-06-18 19:33:33 +03:00
parent ae0a4174ea
commit 53fb7b7760
53 changed files with 3476 additions and 1119 deletions
@@ -7,7 +7,6 @@ namespace App\Http\Controllers\Api;
use App\Http\Controllers\Concerns\WritesAuthLog;
use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\LoginRequest;
use App\Http\Requests\Auth\RegisterRequest;
use App\Mail\SuspiciousLoginNotification;
use App\Models\Tenant;
use App\Models\User;
@@ -131,38 +130,6 @@ class AuthController extends Controller
]);
}
public function register(RegisterRequest $request): JsonResponse
{
// На MVP — attach нового user'а к первому tenant'у (для UI-разводки).
// Production: wizard с tenant_name + ИНН + создание Tenant + первый user owner-роли.
$tenant = Tenant::first();
if (! $tenant) {
return response()->json([
'message' => 'Tenants не настроены. Обратитесь к администратору.',
], 503);
}
$user = User::create([
'tenant_id' => $tenant->id,
'email' => $request->string('email')->toString(),
'password_hash' => Hash::make($request->string('password')->toString()),
'first_name' => 'Новый',
'last_name' => 'Пользователь',
'is_active' => true,
'totp_enabled' => false,
]);
Auth::login($user);
$request->session()->regenerate();
$this->logAuthEvent('register_success', $user->id, $user->tenant_id, $user->email, $request->ip(), $request->userAgent(), null);
return response()->json([
'user' => $this->userResource($user),
'requires_2fa' => false,
], 201);
}
public function me(Request $request): JsonResponse
{
/** @var User $user */
@@ -13,6 +13,7 @@ use App\Models\User;
use App\Repositories\PricingTierRepository;
use App\Services\Billing\BalanceToLeadsConverter;
use App\Services\Billing\BillingTopupService;
use App\Services\Billing\RunwayCalculator;
use Illuminate\Database\Eloquent\Collection;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
@@ -318,6 +319,6 @@ class BillingController extends Controller
{
// F3 (17.06.2026): единый источник расчёта — RunwayCalculator (общий с дашбордом),
// чтобы прогноз «хватит на дни» не расходился между биллингом и дашбордом.
return app(\App\Services\Billing\RunwayCalculator::class)->daysLeft((int) $tenant->id, $affordableLeads);
return app(RunwayCalculator::class)->daysLeft((int) $tenant->id, $affordableLeads);
}
}
@@ -6,6 +6,10 @@ namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\Tenant;
use App\Repositories\PricingTierRepository;
use App\Services\Billing\BalanceToLeadsConverter;
use App\Services\Billing\RunwayCalculator;
use Carbon\Carbon;
use Carbon\CarbonImmutable;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
@@ -108,15 +112,15 @@ class DashboardController extends Controller
// для рублёвых тенантов) → расходился с биллингом «0 дней ↔ N дней».
// Теперь — affordable leads от рублёвого баланса по тарифу
// (BalanceToLeadsConverter) + общий RunwayCalculator.
$activeTiers = app(\App\Repositories\PricingTierRepository::class)
->activeAt(\Carbon\Carbon::now('Europe/Moscow'));
$conversion = app(\App\Services\Billing\BalanceToLeadsConverter::class)->convert(
$activeTiers = app(PricingTierRepository::class)
->activeAt(Carbon::now('Europe/Moscow'));
$conversion = app(BalanceToLeadsConverter::class)->convert(
(string) $tenant->balance_rub,
(int) ($tenant->delivered_in_month ?? 0),
$activeTiers,
);
$affordableLeads = (int) $conversion['leads'];
$runwayDays = app(\App\Services\Billing\RunwayCalculator::class)
$runwayDays = app(RunwayCalculator::class)
->daysLeft($tenantId, $affordableLeads) ?? 0;
// --- средняя стоимость лида (F5): среднее фактически списанных rub-сумм
@@ -7,6 +7,7 @@ namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\ActivityLog;
use App\Models\Deal;
use App\Models\LeadCharge;
use App\Models\Project;
use App\Models\SupplierLeadCost;
use App\Models\User;
@@ -270,7 +271,7 @@ class DealController extends Controller
// F2: реальная стоимость лида — снимок списания из lead_charges
// (rub-провенанс). Запрос в транзакции, где выставлен app.current_tenant_id.
$charge = \App\Models\LeadCharge::query()
$charge = LeadCharge::query()
->where('tenant_id', $tenantId)
->where('deal_id', $id)
->first();
@@ -0,0 +1,121 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Concerns\WritesAuthLog;
use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\ConfirmEmailRequest;
use App\Http\Requests\Auth\RegisterRequest;
use App\Http\Requests\Auth\ResendCodeRequest;
use App\Models\User;
use App\Services\Auth\RegistrationException;
use App\Services\Auth\RegistrationService;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Auth;
/**
* Самозапись клиента (G1/SP1): register confirm-email (вход).
* Подтверждение почты 6-значным кодом; новый тенант создаётся в статусе
* pending_email_confirm, активируется и получает 300 при подтверждении.
*/
class RegistrationController extends Controller
{
use WritesAuthLog;
public function register(RegisterRequest $request, RegistrationService $service): JsonResponse
{
try {
$result = $service->register(
$request->string('email')->toString(),
$request->string('password')->toString(),
$request->input('captcha_token'),
$request->ip(),
);
} catch (RegistrationException $e) {
return $this->registrationError($e);
}
$payload = [
'status' => $result['status'],
'email' => $result['user']->email,
'expires_at' => $result['verification']->expires_at->toIso8601String(),
];
if ($result['dev_code'] !== null) {
$payload['_dev_plain_code'] = $result['dev_code'];
}
return response()->json($payload, 201);
}
public function confirmEmail(ConfirmEmailRequest $request, RegistrationService $service): JsonResponse
{
try {
$user = $service->confirm(
$request->string('email')->toString(),
$request->string('code')->toString(),
);
} catch (RegistrationException $e) {
$payload = ['message' => 'Код подтверждения недействителен.', 'reason' => $e->reason];
if ($e->attemptsRemaining !== null) {
$payload['attempts_remaining'] = $e->attemptsRemaining;
}
return response()->json($payload, 422);
}
Auth::login($user);
$request->session()->regenerate();
$this->logAuthEvent('register_success', $user->id, $user->tenant_id, $user->email, $request->ip(), $request->userAgent(), null);
return response()->json([
'user' => $this->userResource($user),
'requires_2fa' => false,
]);
}
public function resendCode(ResendCodeRequest $request, RegistrationService $service): JsonResponse
{
$devCode = $service->resend($request->string('email')->toString());
$payload = ['message' => 'Если аккаунт ожидает подтверждения, мы отправили новый код на указанный email.'];
if ($devCode !== null) {
$payload['_dev_plain_code'] = $devCode;
}
return response()->json($payload);
}
private function registrationError(RegistrationException $e): JsonResponse
{
$map = [
'captcha_failed' => ['captcha_token', 'Проверка «я не робот» не пройдена.'],
'email_taken' => ['email', 'Аккаунт с таким email уже существует.'],
];
[$field, $message] = $map[$e->reason] ?? ['email', 'Не удалось зарегистрировать аккаунт.'];
return response()->json([
'message' => $message,
'errors' => [$field => [$message]],
], 422);
}
/** @return array<string, mixed> */
private function userResource(User $user): array
{
return [
'id' => $user->id,
'email' => $user->email,
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'phone' => $user->phone,
'timezone' => $user->timezone,
'tenant_id' => $user->tenant_id,
'totp_enabled' => $user->totp_enabled,
'last_login_at' => $user->last_login_at,
'notification_preferences' => $user->notification_preferences,
'sound_enabled' => $user->sound_enabled,
];
}
}