新增用户登录接口
This commit is contained in:
parent
faa1cdb9fa
commit
9046da6125
|
@ -99,9 +99,12 @@ abstract class BaseController
|
||||||
$session_admin = get_config('app.session_admin');
|
$session_admin = get_config('app.session_admin');
|
||||||
$header = Request::header();
|
$header = Request::header();
|
||||||
$token = $header['token'] ?? '';
|
$token = $header['token'] ?? '';
|
||||||
|
// 取消登录验证
|
||||||
|
if ($this->controller != 'user' && $this->action != 'login') {
|
||||||
if (!Session::has($session_admin) || !$token) {
|
if (!Session::has($session_admin) || !$token) {
|
||||||
$this->apiError('请先登录');
|
$this->apiError('请先登录');
|
||||||
}
|
}
|
||||||
|
}
|
||||||
if ($token) {
|
if ($token) {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -124,7 +124,7 @@ class Demo extends BaseController
|
||||||
*/
|
*/
|
||||||
public function test(Request $request)
|
public function test(Request $request)
|
||||||
{
|
{
|
||||||
$uid = JWT_UID;
|
$uid = $this->uid;
|
||||||
$userInfo = Db::name('Admin')->where(['id' => $uid])->find();
|
$userInfo = Db::name('Admin')->where(['id' => $uid])->find();
|
||||||
$this->apiSuccess('请求成功', ['user' => $userInfo]);
|
$this->apiSuccess('请求成功', ['user' => $userInfo]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,84 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* @copyright Copyright (c) 2021 勾股工作室
|
||||||
|
* @license https://opensource.org/licenses/Apache-2.0
|
||||||
|
* @link https://www.gougucms.com
|
||||||
|
*/
|
||||||
|
declare (strict_types = 1);
|
||||||
|
namespace app\api\controller;
|
||||||
|
|
||||||
|
use app\api\BaseController;
|
||||||
|
use app\api\middleware\Auth;
|
||||||
|
use Firebase\JWT\JWT;
|
||||||
|
use Firebase\JWT\Key;
|
||||||
|
use think\facade\Db;
|
||||||
|
use think\facade\Request;
|
||||||
|
|
||||||
|
class User extends BaseController
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* 控制器中间件 [登录、注册 不需要鉴权]
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
protected $middleware = [
|
||||||
|
Auth::class => ['except' => ['login']]
|
||||||
|
];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param $user_id
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getToken($user_id){
|
||||||
|
$time = time(); //当前时间
|
||||||
|
$conf = $this->jwt_conf;
|
||||||
|
$token = [
|
||||||
|
'iss' => $conf['iss'], //签发者 可选
|
||||||
|
'aud' => $conf['aud'], //接收该JWT的一方,可选
|
||||||
|
'iat' => $time, //签发时间
|
||||||
|
'nbf' => $time-1 , //(Not Before):某个时间点后才能访问,比如设置time+30,表示当前时间30秒后才能使用
|
||||||
|
'exp' => $time+$conf['exptime'], //过期时间,这里设置2个小时
|
||||||
|
'data' => [
|
||||||
|
//自定义信息,不要定义敏感信息
|
||||||
|
'userid' =>$user_id,
|
||||||
|
]
|
||||||
|
];
|
||||||
|
return JWT::encode($token, $conf['secrect'], 'HS256'); //输出Token 默认'HS256'
|
||||||
|
}
|
||||||
|
|
||||||
|
public function login()
|
||||||
|
{
|
||||||
|
$param = get_params();
|
||||||
|
if (empty($param['username']) || empty($param['password'])) {
|
||||||
|
$this->apiError('参数错误');
|
||||||
|
}
|
||||||
|
// 校验用户名密码
|
||||||
|
$user = Db::name('Admin')->where(['username' => $param['username']])->find();
|
||||||
|
if (empty($user)) {
|
||||||
|
$this->apiError('帐号或密码错误');
|
||||||
|
}
|
||||||
|
$param['pwd'] = set_password($param['password'], $user['salt']);
|
||||||
|
if ($param['pwd'] !== $user['pwd']) {
|
||||||
|
$this->apiError('帐号或密码错误');
|
||||||
|
}
|
||||||
|
if ($user['status'] == -1) {
|
||||||
|
$this->apiError('该用户禁止登录,请于平台联系');
|
||||||
|
}
|
||||||
|
$data = [
|
||||||
|
'last_login_time' => time(),
|
||||||
|
'last_login_ip' => request()->ip(),
|
||||||
|
'login_num' => $user['login_num'] + 1,
|
||||||
|
];
|
||||||
|
$res = Db::name('Admin')->where(['id' => $user['id']])->update($data);
|
||||||
|
if ($res) {
|
||||||
|
$token = self::getToken($user['id']);
|
||||||
|
$this->apiSuccess('登录成功', ['token' => $token]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function userinfo(Request $request)
|
||||||
|
{
|
||||||
|
$uid = $this->uid;
|
||||||
|
$userInfo = Db::name('Admin')->where(['id' => $uid])->find();
|
||||||
|
$this->apiSuccess('请求成功', ['user' => $userInfo]);
|
||||||
|
}
|
||||||
|
}
|
|
@ -22,18 +22,14 @@ class Auth
|
||||||
return json(['code'=>404,'msg'=>'非法请求']);
|
return json(['code'=>404,'msg'=>'非法请求']);
|
||||||
}
|
}
|
||||||
$config = get_system_config('token');
|
$config = get_system_config('token');
|
||||||
//var_dump($config);exit;
|
|
||||||
try {
|
try {
|
||||||
JWT::$leeway = 60;//当前时间减去60,把时间留点余地
|
JWT::$leeway = 60;//当前时间减去60,把时间留点余地
|
||||||
$decoded = JWT::decode($token, new Key($config['secrect'], 'HS256')); //HS256方式,这里要和签发的时候对应
|
$decoded = JWT::decode($token, new Key($config['secrect'], 'HS256')); //HS256方式,这里要和签发的时候对应
|
||||||
//return (array)$decoded;
|
|
||||||
$decoded_array = json_decode(json_encode($decoded),TRUE);
|
$decoded_array = json_decode(json_encode($decoded),TRUE);
|
||||||
$jwt_data = $decoded_array['data'];
|
$jwt_data = $decoded_array['data'];
|
||||||
//$request->uid = $jwt_data['userid'];
|
|
||||||
define('JWT_UID', $jwt_data['userid']);
|
define('JWT_UID', $jwt_data['userid']);
|
||||||
$response = $next($request);
|
$response = $next($request);
|
||||||
return $response;
|
return $response;
|
||||||
//return $next($request);
|
|
||||||
} catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确
|
} catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确
|
||||||
return json(['code'=>403,'msg'=>'签名错误']);
|
return json(['code'=>403,'msg'=>'签名错误']);
|
||||||
}catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用
|
}catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用
|
||||||
|
|
|
@ -46,17 +46,16 @@ class Login
|
||||||
if ($admin['status'] != 1) {
|
if ($admin['status'] != 1) {
|
||||||
return to_assign(1, '该用户禁止登录,请与管理者联系');
|
return to_assign(1, '该用户禁止登录,请与管理者联系');
|
||||||
}
|
}
|
||||||
$token = make_token();
|
|
||||||
$data = [
|
$data = [
|
||||||
'is_lock' => 0,
|
'is_lock' => 0,
|
||||||
'last_login_time' => time(),
|
'last_login_time' => time(),
|
||||||
'last_login_ip' => request()->ip(),
|
'last_login_ip' => request()->ip(),
|
||||||
'login_num' => $admin['login_num'] + 1,
|
'login_num' => $admin['login_num'] + 1
|
||||||
'token' => $token
|
|
||||||
];
|
];
|
||||||
Db::name('admin')->where(['id' => $admin['id']])->update($data);
|
Db::name('admin')->where(['id' => $admin['id']])->update($data);
|
||||||
$session_admin = get_config('app.session_admin');
|
$session_admin = get_config('app.session_admin');
|
||||||
Session::set($session_admin, $admin['id']);
|
Session::set($session_admin, $admin['id']);
|
||||||
|
$token = make_token();
|
||||||
set_cache($token, $admin, 7200);
|
set_cache($token, $admin, 7200);
|
||||||
$admin['token'] = $token;
|
$admin['token'] = $token;
|
||||||
$logdata = [
|
$logdata = [
|
||||||
|
@ -70,7 +69,7 @@ class Login
|
||||||
'create_time' => time()
|
'create_time' => time()
|
||||||
];
|
];
|
||||||
Db::name('AdminLog')->strict(false)->field(true)->insert($logdata);
|
Db::name('AdminLog')->strict(false)->field(true)->insert($logdata);
|
||||||
return to_assign(0, '登录成功', ['uid' => $admin['id'], 'token' => $token]);
|
return to_assign(0, '登录成功', ['uid' => $admin['id']]);
|
||||||
}
|
}
|
||||||
|
|
||||||
//退出登录
|
//退出登录
|
||||||
|
|
Loading…
Reference in New Issue