mkm/shop-php
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新商城子应用解析中台token

Browse Source
This commit is contained in:
yaooo 2023-11-20 16:15:45 +08:00
parent 18bac6ba1b
commit 4e5abd6836
3 changed files with 50 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
app/controller/api/Auth.php
View File

@ -34,7 +34,6 @@ use crmeb\services\SmsService;
use crmeb\services\WechatService; use crmeb\services\WechatService;
use crmeb\services\WechatTemplateMessageService; use crmeb\services\WechatTemplateMessageService;
use Exception; use Exception;
use Firebase\JWT\JWT;
use Gregwar\Captcha\CaptchaBuilder; use Gregwar\Captcha\CaptchaBuilder;
use Gregwar\Captcha\PhraseBuilder; use Gregwar\Captcha\PhraseBuilder;
use Overtrue\Socialite\AccessToken; use Overtrue\Socialite\AccessToken;
@ -57,6 +56,11 @@ use app\common\service\TopClient;
use app\controller\api\Ceshi; use app\controller\api\Ceshi;
use taobao\request\TbkItemInfoGetRequest; use taobao\request\TbkItemInfoGetRequest;
use app\common\repositories\store\product\ProductRepository; use app\common\repositories\store\product\ProductRepository;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use Firebase\JWT\SignatureInvalidException;
use Firebase\JWT\BeforeValidException;
use Firebase\JWT\ExpiredException;
use think\facade\App; use think\facade\App;
/** /**
@ -67,6 +71,39 @@ use think\facade\App;
*/ */
class Auth extends BaseController class Auth extends BaseController
{ {
public function parseToken(UserRepository $repository)
{
$token = $this->request->param('token');
$app_key = 'ae47e94a7dcd1fdfacb499b60e361a8d';
try {
JWT::$leeway = 10; //当前时间减去10秒时间留点余地
// jwt ^5.0
// $decoded = JWT::decode($token, Config::get('app.app_key', 'default'), array('HS256'));
// jwt ^6.9
// $decoded = JWT::decode($token, new Key(env('app.app_key', '123456'), 'HS256'));
$decoded = JWT::decode($token, new Key($app_key, 'HS256'));
$decodedArray = json_decode(json_encode($decoded), true);
$jwtData = $decodedArray['data'] ?? [];
if (empty($jwtData['phone'])) {
return app('json')->fail('解析数据缺少phone');
}
$user = $repository->accountByUser($jwtData['phone']);
$user_type = 'app';
if (!$user) $user = $repository->registr($jwtData['phone'], null, $user_type);
$user = $repository->mainUser($user);
$tokenInfo = $repository->createToken($user);
$repository->loginAfter($user);
return app('json')->success($repository->returnToken($user, $tokenInfo));
} catch(\Firebase\JWT\SignatureInvalidException $e) {
return app('json')->fail('签名错误');
} catch(\Firebase\JWT\BeforeValidException $e) {
return app('json')->fail('token无效');
} catch(\Firebase\JWT\ExpiredException $e) {
return app('json')->fail('token已过期');
} catch(\Exception $e) {
return app('json')->fail('非法请求');
}
}
public function caiji() public function caiji()
{ {
$url=$this->request->host(); $url=$this->request->host();

1
route/api.php
View File

@ -23,6 +23,7 @@ Route::group('api/', function () {
Route::any('test', 'api.Auth/test'); Route::any('test', 'api.Auth/test');
Route::any('dotest', 'api.Auth/dotest'); Route::any('dotest', 'api.Auth/dotest');
Route::any('caiji', 'api.Auth/caiji'); Route::any('caiji', 'api.Auth/caiji');
Route::any('parse/token', 'api.Auth/parseToken');
Route::any('app/version', 'api.Auth/appVersion'); Route::any('app/version', 'api.Auth/appVersion');
Route::post('merchant/syncStatus/:id', 'api.Auth/merchantStatus'); Route::post('merchant/syncStatus/:id', 'api.Auth/merchantStatus');
Route::get('business/agree', 'api.Auth/businessAgree'); Route::get('business/agree', 'api.Auth/businessAgree');

21
vendor/firebase/php-jwt/src/JWT.php vendored
View File

@ -138,20 +138,21 @@ class JWT
// Check the nbf if it is defined. This is the time that the // Check the nbf if it is defined. This is the time that the
// token can actually be used. If it's not yet that time, abort. // token can actually be used. If it's not yet that time, abort.
if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) { // 取消时间验证
throw new BeforeValidException( // if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) {
'Cannot handle token prior to ' . \date(DateTime::ISO8601, $payload->nbf) // throw new BeforeValidException(
); // 'Cannot handle token prior to ' . \date(DateTime::ISO8601, $payload->nbf)
} // );
// }
// Check that this token has been created before 'now'. This prevents // Check that this token has been created before 'now'. This prevents
// using tokens that have been created for later use (and haven't // using tokens that have been created for later use (and haven't
// correctly used the nbf claim). // correctly used the nbf claim).
if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) { // if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) {
throw new BeforeValidException( // throw new BeforeValidException(
'Cannot handle token prior to ' . \date(DateTime::ISO8601, $payload->iat) // 'Cannot handle token prior to ' . \date(DateTime::ISO8601, $payload->iat)
); // );
} // }
// Check if this token has expired. // Check if this token has expired.
if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) { if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {