From 9046da6125f98a51811f42de24a3ab08ec8e879f Mon Sep 17 00:00:00 2001 From: yaooo <272523191@qq.com> Date: Fri, 27 Oct 2023 11:58:21 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E7=94=A8=E6=88=B7=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/api/BaseController.php | 9 ++-- app/api/controller/Demo.php | 2 +- app/api/controller/User.php | 84 +++++++++++++++++++++++++++++++++++ app/api/middleware/Auth.php | 42 ++++++++---------- app/home/controller/Login.php | 7 ++- 5 files changed, 113 insertions(+), 31 deletions(-) create mode 100644 app/api/controller/User.php diff --git a/app/api/BaseController.php b/app/api/BaseController.php index 912c459..9b1f6db 100644 --- a/app/api/BaseController.php +++ b/app/api/BaseController.php @@ -99,11 +99,14 @@ abstract class BaseController $session_admin = get_config('app.session_admin'); $header = Request::header(); $token = $header['token'] ?? ''; - if (!Session::has($session_admin) || !$token) { - $this->apiError('请先登录'); + // 取消登录验证 + if ($this->controller != 'user' && $this->action != 'login') { + if (!Session::has($session_admin) || !$token) { + $this->apiError('请先登录'); + } } if ($token) { - + } if (Session::has($session_admin)) { $this->uid = Session::get($session_admin); diff --git a/app/api/controller/Demo.php b/app/api/controller/Demo.php index 5c8f05e..611a302 100644 --- a/app/api/controller/Demo.php +++ b/app/api/controller/Demo.php @@ -124,7 +124,7 @@ class Demo extends BaseController */ public function test(Request $request) { - $uid = JWT_UID; + $uid = $this->uid; $userInfo = Db::name('Admin')->where(['id' => $uid])->find(); $this->apiSuccess('请求成功', ['user' => $userInfo]); } diff --git a/app/api/controller/User.php b/app/api/controller/User.php new file mode 100644 index 0000000..3e7ab86 --- /dev/null +++ b/app/api/controller/User.php @@ -0,0 +1,84 @@ + ['except' => ['login']] + ]; + + /** + * @param $user_id + * @return string + */ + public function getToken($user_id){ + $time = time(); //当前时间 + $conf = $this->jwt_conf; + $token = [ + 'iss' => $conf['iss'], //签发者 可选 + 'aud' => $conf['aud'], //接收该JWT的一方,可选 + 'iat' => $time, //签发时间 + 'nbf' => $time-1 , //(Not Before):某个时间点后才能访问,比如设置time+30,表示当前时间30秒后才能使用 + 'exp' => $time+$conf['exptime'], //过期时间,这里设置2个小时 + 'data' => [ + //自定义信息,不要定义敏感信息 + 'userid' =>$user_id, + ] + ]; + return JWT::encode($token, $conf['secrect'], 'HS256'); //输出Token 默认'HS256' + } + + public function login() + { + $param = get_params(); + if (empty($param['username']) || empty($param['password'])) { + $this->apiError('参数错误'); + } + // 校验用户名密码 + $user = Db::name('Admin')->where(['username' => $param['username']])->find(); + if (empty($user)) { + $this->apiError('帐号或密码错误'); + } + $param['pwd'] = set_password($param['password'], $user['salt']); + if ($param['pwd'] !== $user['pwd']) { + $this->apiError('帐号或密码错误'); + } + if ($user['status'] == -1) { + $this->apiError('该用户禁止登录,请于平台联系'); + } + $data = [ + 'last_login_time' => time(), + 'last_login_ip' => request()->ip(), + 'login_num' => $user['login_num'] + 1, + ]; + $res = Db::name('Admin')->where(['id' => $user['id']])->update($data); + if ($res) { + $token = self::getToken($user['id']); + $this->apiSuccess('登录成功', ['token' => $token]); + } + } + + public function userinfo(Request $request) + { + $uid = $this->uid; + $userInfo = Db::name('Admin')->where(['id' => $uid])->find(); + $this->apiSuccess('请求成功', ['user' => $userInfo]); + } +} diff --git a/app/api/middleware/Auth.php b/app/api/middleware/Auth.php index 3c1ab98..f41507d 100644 --- a/app/api/middleware/Auth.php +++ b/app/api/middleware/Auth.php @@ -22,31 +22,27 @@ class Auth return json(['code'=>404,'msg'=>'非法请求']); } $config = get_system_config('token'); - //var_dump($config);exit; try { JWT::$leeway = 60;//当前时间减去60,把时间留点余地 - $decoded = JWT::decode($token, new Key($config['secrect'], 'HS256')); //HS256方式,这里要和签发的时候对应 - //return (array)$decoded; - $decoded_array = json_decode(json_encode($decoded),TRUE); - $jwt_data = $decoded_array['data']; - //$request->uid = $jwt_data['userid']; - define('JWT_UID', $jwt_data['userid']); - $response = $next($request); - return $response; - //return $next($request); - } catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确 - return json(['code'=>403,'msg'=>'签名错误']); - }catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用 - return json(['code'=>401,'msg'=>'token失效']); - }catch(\Firebase\JWT\ExpiredException $e) { // token过期 - return json(['code'=>401,'msg'=>'token已过期']); - }catch(Exception $e) { //其他错误 - return json(['code'=>404,'msg'=>'非法请求']); - }catch(\UnexpectedValueException $e) { //其他错误 - return json(['code'=>404,'msg'=>'非法请求']); - } catch(\DomainException $e) { //其他错误 - return json(['code'=>404,'msg'=>'非法请求']); - } + $decoded = JWT::decode($token, new Key($config['secrect'], 'HS256')); //HS256方式,这里要和签发的时候对应 + $decoded_array = json_decode(json_encode($decoded),TRUE); + $jwt_data = $decoded_array['data']; + define('JWT_UID', $jwt_data['userid']); + $response = $next($request); + return $response; + } catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确 + return json(['code'=>403,'msg'=>'签名错误']); + }catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用 + return json(['code'=>401,'msg'=>'token失效']); + }catch(\Firebase\JWT\ExpiredException $e) { // token过期 + return json(['code'=>401,'msg'=>'token已过期']); + }catch(Exception $e) { //其他错误 + return json(['code'=>404,'msg'=>'非法请求']); + }catch(\UnexpectedValueException $e) { //其他错误 + return json(['code'=>404,'msg'=>'非法请求']); + } catch(\DomainException $e) { //其他错误 + return json(['code'=>404,'msg'=>'非法请求']); + } } else { return json(['code'=>404,'msg'=>'token不能为空']); } diff --git a/app/home/controller/Login.php b/app/home/controller/Login.php index f4b9332..26ed0ce 100644 --- a/app/home/controller/Login.php +++ b/app/home/controller/Login.php @@ -46,17 +46,16 @@ class Login if ($admin['status'] != 1) { return to_assign(1, '该用户禁止登录,请与管理者联系'); } - $token = make_token(); $data = [ 'is_lock' => 0, 'last_login_time' => time(), 'last_login_ip' => request()->ip(), - 'login_num' => $admin['login_num'] + 1, - 'token' => $token + 'login_num' => $admin['login_num'] + 1 ]; Db::name('admin')->where(['id' => $admin['id']])->update($data); $session_admin = get_config('app.session_admin'); Session::set($session_admin, $admin['id']); + $token = make_token(); set_cache($token, $admin, 7200); $admin['token'] = $token; $logdata = [ @@ -70,7 +69,7 @@ class Login 'create_time' => time() ]; Db::name('AdminLog')->strict(false)->field(true)->insert($logdata); - return to_assign(0, '登录成功', ['uid' => $admin['id'], 'token' => $token]); + return to_assign(0, '登录成功', ['uid' => $admin['id']]); } //退出登录