yaooo
/
lihai-oa
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

新增用户登录接口

This commit is contained in:
yaooo 2023-10-27 11:58:21 +08:00
parent faa1cdb9fa
commit 9046da6125
5 changed files with 113 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/api/BaseController.php
View File

@ -99,8 +99,11 @@ abstract class BaseController
$session_admin = get_config('app.session_admin'); $session_admin = get_config('app.session_admin');
$header = Request::header(); $header = Request::header();
$token = $header['token'] ?? ''; $token = $header['token'] ?? '';
if (!Session::has($session_admin) || !$token) { // 取消登录验证
$this->apiError('请先登录'); if ($this->controller != 'user' && $this->action != 'login') {
if (!Session::has($session_admin) || !$token) {
$this->apiError('请先登录');
}
} }
if ($token) { if ($token) {

2
app/api/controller/Demo.php
View File

@ -124,7 +124,7 @@ class Demo extends BaseController
*/ */
public function test(Request $request) public function test(Request $request)
{ {
$uid = JWT_UID; $uid = $this->uid;
$userInfo = Db::name('Admin')->where(['id' => $uid])->find(); $userInfo = Db::name('Admin')->where(['id' => $uid])->find();
$this->apiSuccess('请求成功', ['user' => $userInfo]); $this->apiSuccess('请求成功', ['user' => $userInfo]);
} }

84
app/api/controller/User.php Normal file
View File

@ -0,0 +1,84 @@
<?php
/**
* @copyright Copyright (c) 2021 勾股工作室
* @license https://opensource.org/licenses/Apache-2.0
* @link https://www.gougucms.com
*/
declare (strict_types = 1);
namespace app\api\controller;
use app\api\BaseController;
use app\api\middleware\Auth;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use think\facade\Db;
use think\facade\Request;
class User extends BaseController
{
/**
* 控制器中间件 [登录、注册 不需要鉴权]
* @var array
*/
protected $middleware = [
Auth::class => ['except' => ['login']]
];
/**
* @param $user_id
* @return string
*/
public function getToken($user_id){
$time = time(); //当前时间
$conf = $this->jwt_conf;
$token = [
'iss' => $conf['iss'], //签发者 可选
'aud' => $conf['aud'], //接收该JWT的一方可选
'iat' => $time, //签发时间
'nbf' => $time-1 , //(Not Before)某个时间点后才能访问比如设置time+30表示当前时间30秒后才能使用
'exp' => $time+$conf['exptime'], //过期时间,这里设置2个小时
'data' => [
//自定义信息,不要定义敏感信息
'userid' =>$user_id,
]
];
return JWT::encode($token, $conf['secrect'], 'HS256'); //输出Token 默认'HS256'
}
public function login()
{
$param = get_params();
if (empty($param['username']) || empty($param['password'])) {
$this->apiError('参数错误');
}
// 校验用户名密码
$user = Db::name('Admin')->where(['username' => $param['username']])->find();
if (empty($user)) {
$this->apiError('帐号或密码错误');
}
$param['pwd'] = set_password($param['password'], $user['salt']);
if ($param['pwd'] !== $user['pwd']) {
$this->apiError('帐号或密码错误');
}
if ($user['status'] == -1) {
$this->apiError('该用户禁止登录,请于平台联系');
}
$data = [
'last_login_time' => time(),
'last_login_ip' => request()->ip(),
'login_num' => $user['login_num'] + 1,
];
$res = Db::name('Admin')->where(['id' => $user['id']])->update($data);
if ($res) {
$token = self::getToken($user['id']);
$this->apiSuccess('登录成功', ['token' => $token]);
}
}
public function userinfo(Request $request)
{
$uid = $this->uid;
$userInfo = Db::name('Admin')->where(['id' => $uid])->find();
$this->apiSuccess('请求成功', ['user' => $userInfo]);
}
}

42
app/api/middleware/Auth.php
View File

@ -22,31 +22,27 @@ class Auth
return json(['code'=>404,'msg'=>'非法请求']); return json(['code'=>404,'msg'=>'非法请求']);
} }
$config = get_system_config('token'); $config = get_system_config('token');
//var_dump($config);exit;
try { try {
JWT::$leeway = 60;//当前时间减去60把时间留点余地 JWT::$leeway = 60;//当前时间减去60把时间留点余地
$decoded = JWT::decode($token, new Key($config['secrect'], 'HS256')); //HS256方式这里要和签发的时候对应 $decoded = JWT::decode($token, new Key($config['secrect'], 'HS256')); //HS256方式这里要和签发的时候对应
//return (array)$decoded; $decoded_array = json_decode(json_encode($decoded),TRUE);
$decoded_array = json_decode(json_encode($decoded),TRUE); $jwt_data = $decoded_array['data'];
$jwt_data = $decoded_array['data']; define('JWT_UID', $jwt_data['userid']);
//$request->uid = $jwt_data['userid']; $response = $next($request);
define('JWT_UID', $jwt_data['userid']); return $response;
$response = $next($request); } catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确
return $response; return json(['code'=>403,'msg'=>'签名错误']);
//return $next($request); }catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用
} catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确 return json(['code'=>401,'msg'=>'token失效']);
return json(['code'=>403,'msg'=>'签名错误']); }catch(\Firebase\JWT\ExpiredException $e) { // token过期
}catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用 return json(['code'=>401,'msg'=>'token已过期']);
return json(['code'=>401,'msg'=>'token失效']); }catch(Exception $e) { //其他错误
}catch(\Firebase\JWT\ExpiredException $e) { // token过期 return json(['code'=>404,'msg'=>'非法请求']);
return json(['code'=>401,'msg'=>'token已过期']); }catch(\UnexpectedValueException $e) { //其他错误
}catch(Exception $e) { //其他错误 return json(['code'=>404,'msg'=>'非法请求']);
return json(['code'=>404,'msg'=>'非法请求']); } catch(\DomainException $e) { //其他错误
}catch(\UnexpectedValueException $e) { //其他错误 return json(['code'=>404,'msg'=>'非法请求']);
return json(['code'=>404,'msg'=>'非法请求']); }
} catch(\DomainException $e) { //其他错误
return json(['code'=>404,'msg'=>'非法请求']);
}
} else { } else {
return json(['code'=>404,'msg'=>'token不能为空']); return json(['code'=>404,'msg'=>'token不能为空']);
} }

7
app/home/controller/Login.php
View File

@ -46,17 +46,16 @@ class Login
if ($admin['status'] != 1) { if ($admin['status'] != 1) {
return to_assign(1, '该用户禁止登录,请与管理者联系'); return to_assign(1, '该用户禁止登录,请与管理者联系');
} }
$token = make_token();
$data = [ $data = [
'is_lock' => 0, 'is_lock' => 0,
'last_login_time' => time(), 'last_login_time' => time(),
'last_login_ip' => request()->ip(), 'last_login_ip' => request()->ip(),
'login_num' => $admin['login_num'] + 1, 'login_num' => $admin['login_num'] + 1
'token' => $token
]; ];
Db::name('admin')->where(['id' => $admin['id']])->update($data); Db::name('admin')->where(['id' => $admin['id']])->update($data);
$session_admin = get_config('app.session_admin'); $session_admin = get_config('app.session_admin');
Session::set($session_admin, $admin['id']); Session::set($session_admin, $admin['id']);
$token = make_token();
set_cache($token, $admin, 7200); set_cache($token, $admin, 7200);
$admin['token'] = $token; $admin['token'] = $token;
$logdata = [ $logdata = [
@ -70,7 +69,7 @@ class Login
'create_time' => time() 'create_time' => time()
]; ];
Db::name('AdminLog')->strict(false)->field(true)->insert($logdata); Db::name('AdminLog')->strict(false)->field(true)->insert($logdata);
return to_assign(0, '登录成功', ['uid' => $admin['id'], 'token' => $token]); return to_assign(0, '登录成功', ['uid' => $admin['id']]);
} }
//退出登录 //退出登录