更新7
This commit is contained in:
parent
ca2e14a6f5
commit
ce5ddb7e06
@ -528,7 +528,7 @@ class User extends BaseController
|
||||
// 写入权限组
|
||||
Db::name('AdminGroupAccess')->strict(false)->field(true)->insert([
|
||||
'uid' => $admin_id,
|
||||
'group_id' => $params['group_id'],
|
||||
'group_id' => $params['groupdata'],
|
||||
]);
|
||||
add_log('add', $this->adminInfo['id'], $params);
|
||||
// Db::table('fa_auth_group_access')->insert($group_access);
|
||||
@ -560,7 +560,7 @@ class User extends BaseController
|
||||
} else {
|
||||
$useraddress = [
|
||||
'user_id' => $params['id'],
|
||||
'admin_id' => $admin_id->id,
|
||||
'admin_id' => $admin_id,
|
||||
'area_id' => $params['area_id'],
|
||||
'street_id' => $params['street_id'],
|
||||
'village_code' => $params['village_id'],
|
||||
@ -618,7 +618,7 @@ class User extends BaseController
|
||||
}
|
||||
}
|
||||
//权限组信息
|
||||
$groupwhere[] = ['id', 'in', 2, 4];
|
||||
$groupwhere[] = ['id', 'in', [2,4]];
|
||||
if ($this->adminInfo['position_id'] != 1) { //不是超级管理员
|
||||
// $www['admin_id'] = $this->adminInfo['id'];
|
||||
// $user_address = Db::table('fa_szxc_information_useraddress')->where($www)->find();
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
background-color: #fff;
|
||||
}
|
||||
</style>
|
||||
<div class="p-3">
|
||||
<div class="p-3 panel">
|
||||
<form class="layui-form gg-form-bar border-t border-x" style="display: inline-block;">
|
||||
<div class="layui-input-inline" style="width:300px;">
|
||||
<select name="area_id" class="form-control selectpicker" lay-filter="area_id">
|
||||
|
||||
@ -5,4 +5,5 @@ return [
|
||||
//'think\middleware\SessionInit',
|
||||
//验证勾股cms是否完成安装
|
||||
\app\home\middleware\Install::class,
|
||||
\app\api\middleware\AllowOriginMiddleware::class,
|
||||
];
|
||||
59
app/api/middleware/AllowOriginMiddleware.php
Normal file
59
app/api/middleware/AllowOriginMiddleware.php
Normal file
@ -0,0 +1,59 @@
|
||||
<?php
|
||||
// +----------------------------------------------------------------------
|
||||
// | CRMEB [ CRMEB赋能开发者,助力企业发展 ]
|
||||
// +----------------------------------------------------------------------
|
||||
// | Copyright (c) 2016~2022 https://www.crmeb.com All rights reserved.
|
||||
// +----------------------------------------------------------------------
|
||||
// | Licensed CRMEB并不是自由软件,未经许可不能去掉CRMEB相关版权
|
||||
// +----------------------------------------------------------------------
|
||||
// | Author: CRMEB Team <admin@crmeb.com>
|
||||
// +----------------------------------------------------------------------
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
|
||||
namespace app\api\middleware;
|
||||
|
||||
|
||||
use Closure;
|
||||
use think\Config;
|
||||
use think\Request;
|
||||
use think\Response;
|
||||
|
||||
/**
|
||||
* 跨域中间件
|
||||
* Class AllowOriginMiddleware
|
||||
* @package app\http\middleware
|
||||
*/
|
||||
class AllowOriginMiddleware
|
||||
{
|
||||
|
||||
protected $cookieDomain;
|
||||
|
||||
protected $header = [
|
||||
'Access-Control-Allow-Origin'=>'*',
|
||||
'Access-Control-Max-Age' => 1800,
|
||||
'Access-Control-Allow-Methods' => 'GET,POST,PATCH,PUT,DELETE,OPTIONS',
|
||||
'Access-Control-Allow-Headers' => 'X-Token, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With,Form-type,Referer,Connection,Content-Length,Host,Origin,Authorization,Authori-zation,Accept,Accept-Encoding',
|
||||
];
|
||||
|
||||
public function __construct(\think\Config $config)
|
||||
{
|
||||
$this->cookieDomain = $config->get('cookie.domain', '');
|
||||
}
|
||||
|
||||
/**
|
||||
* 允许跨域请求
|
||||
* @access public
|
||||
* @param \think\Request $request
|
||||
* @param Closure $next
|
||||
* @param array $header
|
||||
* @return Response
|
||||
*/
|
||||
public function handle($request, Closure $next, ? array $header = [])
|
||||
{
|
||||
$header = !empty($header) ? array_merge($this->header, $header) : $this->header;
|
||||
return $next($request)->header($header);
|
||||
}
|
||||
|
||||
}
|
||||
@ -9,14 +9,39 @@ namespace app\api\middleware;
|
||||
|
||||
use Firebase\JWT\JWT;
|
||||
use Firebase\JWT\Key;
|
||||
use think\Config;
|
||||
use think\facade\Db;
|
||||
use think\facade\Request;
|
||||
use think\Response;
|
||||
|
||||
class Auth
|
||||
{
|
||||
public function handle($request, \Closure $next)
|
||||
protected $cookieDomain;
|
||||
|
||||
protected $header = [
|
||||
'Access-Control-Allow-Credentials' => 'true',
|
||||
'Access-Control-Max-Age' => 1800,
|
||||
'Access-Control-Allow-Methods' => 'GET, POST, PATCH, PUT, DELETE, OPTIONS',
|
||||
'Access-Control-Allow-Headers' => 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With',
|
||||
];
|
||||
|
||||
public function __construct(Config $config)
|
||||
{
|
||||
$this->cookieDomain = $config->get('cookie.domain', '');
|
||||
}
|
||||
public function handle($request, \Closure $next, ? array $header = [])
|
||||
{
|
||||
$header = !empty($header) ? array_merge($this->header, $header) : $this->header;
|
||||
|
||||
if (!isset($header['Access-Control-Allow-Origin'])) {
|
||||
$origin = $request->header('origin');
|
||||
|
||||
if ($origin && ('' == $this->cookieDomain || strpos($origin, $this->cookieDomain))) {
|
||||
$header['Access-Control-Allow-Origin'] = $origin;
|
||||
} else {
|
||||
$header['Access-Control-Allow-Origin'] = '*';
|
||||
}
|
||||
}
|
||||
$token = Request::header('x-Token');
|
||||
if ($token) {
|
||||
if (strpos($token, 'Bearer') === 0){
|
||||
@ -57,6 +82,6 @@ class Auth
|
||||
} else {
|
||||
return json(['code'=>404,'msg'=>'token不能为空']);
|
||||
}
|
||||
return $next($request);
|
||||
return $next($request)->header($header);;
|
||||
}
|
||||
}
|
||||
@ -13,5 +13,5 @@ return [
|
||||
// Session初始化
|
||||
'think\middleware\SessionInit',
|
||||
// 跨域请求
|
||||
\think\middleware\AllowCrossDomain::class
|
||||
// \think\middleware\AllowCrossDomain::class
|
||||
];
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user