From 223ac0145383235e00f670119ebdb5e90a7950ea Mon Sep 17 00:00:00 2001 From: liuxiaoquan Date: Thu, 16 Mar 2023 11:45:33 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8F=98=E5=9F=BA=EF=BC=9A=E5=90=88=E5=B9=B6?= =?UTF-8?q?=E6=9C=80=E6=96=B0=E5=88=86=E6=94=AFlxq?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/admin/view/nk/user/auths.html | 1 - app/api/BaseController.php | 54 ++++++++++++++++++++++++++++++- app/api/controller/Userinfo.php | 2 +- app/api/middleware.php | 4 +++ 4 files changed, 58 insertions(+), 3 deletions(-) diff --git a/app/admin/view/nk/user/auths.html b/app/admin/view/nk/user/auths.html index 567cc53..9a18e30 100644 --- a/app/admin/view/nk/user/auths.html +++ b/app/admin/view/nk/user/auths.html @@ -132,7 +132,6 @@ height: 500 }); - if (area_id != 0) { street(area_id) } diff --git a/app/api/BaseController.php b/app/api/BaseController.php index 2809d68..255b64a 100644 --- a/app/api/BaseController.php +++ b/app/api/BaseController.php @@ -80,10 +80,10 @@ abstract class BaseController protected function initialize() { - //每页显示数据量 $this->pageSize = Request::param('page_size', \think\facade\Config::get('app.page_size')); +<<<<<<< HEAD // 暂时去除 ----------------------------------------------------- // $token = Request::header('x-Token'); // if ($token) { @@ -139,6 +139,58 @@ abstract class BaseController // } // 暂时去除 ----------------------------------------------------- +======= + $token = Request::header('x-Token'); + if ($token) { + if (strpos($token, 'Bearer') === 0){ + $token = trim(substr($token, 6)); + } + if (count(explode('.', $token)) != 3) { + return json(['code'=>404,'msg'=>'非法请求']); + } + $config = get_system_config('token'); + try { + JWT::$leeway = 60;//当前时间减去60,把时间留点余地 + $decoded = JWT::decode($token, new Key('ae47e94a7dcd1fdfacb499b60e361a8d', 'HS256')); //HS256方式,这里要和签发的时候对应 + $user=Db::connect('shop')->name('nk_user')->where('user_id',$decoded->jti[0])->find(); + if ($user && $user['n_user_id']!=0){ + $this->request->uid=$user['n_user_id']; + }else{ + $this->request->uid=$this->addUser($decoded->jti[0],$user); + } + //return (array)$decoded; +// $decoded_array = json_decode(json_encode($decoded),TRUE); +// $jwt_data = $decoded_array['data']; + + if (!$user){ + return json(['code'=>403,'msg'=>'签名错误']); + return false; + } + $user = Db::table('fa_user')->where('id',$user['n_user_id'])->find(); + //$request->uid = $jwt_data['userid']; + // define('JWT_UID', $user['id']); +// $response = $next($request); +// return $response; + //return $next($request); + } catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确 + return json(['code'=>403,'msg'=>'签名错误']); + }catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用 + return json(['code'=>401,'msg'=>'token失效']); + }catch(\Firebase\JWT\ExpiredException $e) { // token过期 + return json(['code'=>401,'msg'=>'token已过期']); + }catch(Exception $e) { //其他错误 + return json(['code'=>404,'msg'=>'非法请求']); + }catch(\UnexpectedValueException $e) { //其他错误 + return json(['code'=>404,'msg'=>'非法请求']); + } catch(\DomainException $e) { //其他错误 + return json(['code'=>404,'msg'=>'非法请求']); + } + }else{ + // define('JWT_UID', ''); + return json(['code'=>404,'msg'=>'token不能为空']); + } + +>>>>>>> 更新接口验证方式,统一改为:$this->request->参数 } /** diff --git a/app/api/controller/Userinfo.php b/app/api/controller/Userinfo.php index 7617a8b..a55f57a 100644 --- a/app/api/controller/Userinfo.php +++ b/app/api/controller/Userinfo.php @@ -104,7 +104,7 @@ class Userinfo extends BaseController $where['id'] = $this->request->uid; $post['user_id'] = $this->request->uid; $user = Db::table('fa_user')->where($where)->field('id,nickname,group_id,mobile,avatar,username,createtime,score')->find(); - + // 已绑定 if ($user) { Db::startTrans(); diff --git a/app/api/middleware.php b/app/api/middleware.php index 5454cea..e546f84 100644 --- a/app/api/middleware.php +++ b/app/api/middleware.php @@ -6,5 +6,9 @@ return [ //验证勾股cms是否完成安装 \app\home\middleware\Install::class, \app\api\middleware\AllowOriginMiddleware::class, +<<<<<<< HEAD +======= + // \app\api\middleware\Auth::class, +>>>>>>> 更新接口验证方式,统一改为:$this->request->参数 ]; \ No newline at end of file