fix:优化auth权限,登录逻辑获取信息
This commit is contained in:
Ying
@@ -27,7 +27,6 @@ class Ajax extends ApiController
|
||||
* @return Response|void
|
||||
* @throws DataNotFoundException
|
||||
* @throws DbException
|
||||
* @throws ModelNotFoundException
|
||||
*/
|
||||
public function smsSend()
|
||||
{
|
||||
@@ -46,10 +45,10 @@ class Ajax extends ApiController
|
||||
return $this->error(__('发送频繁'));
|
||||
}
|
||||
|
||||
$userData = User::getByMobile($mobile);
|
||||
if (in_array($event, ['register', 'changer']) && $userData) {
|
||||
$user = User::getByMobile($mobile);
|
||||
if (in_array($event, ['register', 'changer']) && $user) {
|
||||
return $this->error('当前手机号已被占用');
|
||||
} else if ($event == 'forgot' && !$userData) {
|
||||
} else if ($event == 'forgot' && !$user) {
|
||||
return $this->error('当前手机号未注册');
|
||||
}
|
||||
|
||||
@@ -89,10 +88,10 @@ class Ajax extends ApiController
|
||||
return $this->error(__('发送频繁'));
|
||||
}
|
||||
|
||||
$userData = User::getByEmail($email);
|
||||
if (in_array($event, ['register', 'changer']) && $userData) {
|
||||
$user = User::getByEmail($email);
|
||||
if (in_array($event, ['register', 'changer']) && $user) {
|
||||
return $this->error('当前邮箱已被注册');
|
||||
} else if ($event == 'forgot' && !$userData) {
|
||||
} else if ($event == 'forgot' && !$user) {
|
||||
return $this->error('当前邮箱不存在');
|
||||
}
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
<?php /** @noinspection ALL */
|
||||
<?php
|
||||
|
||||
namespace app\api\middleware\system;
|
||||
|
||||
@@ -39,28 +39,25 @@ class ApiPermissions implements MiddlewareInterface
|
||||
* @param Request $request
|
||||
* @param callable $handler
|
||||
* @return Response
|
||||
* @throws \ReflectionException
|
||||
*/
|
||||
public function process(Request $request, callable $handler): Response
|
||||
{
|
||||
$app = request()->getApp();
|
||||
$app = request()->getApp();
|
||||
$controller = request()->getController();
|
||||
$action = request()->getAction();
|
||||
$method = $controller . '/' . $action;
|
||||
$className = '\app' . $app . '\\controller\\' . $controller;
|
||||
$className = str_replace('/', '\\', $className);
|
||||
if (class_exists($className)) {
|
||||
$refClass = new \ReflectionClass($className);
|
||||
$property = $refClass->getDefaultProperties();
|
||||
$this->needLogin = $property['needLogin'] ?? false;
|
||||
$this->noNeedAuth = $property['noNeedAuth'] ?? [];
|
||||
}
|
||||
$action = request()->getAction();
|
||||
$method = $controller . '/' . $action;
|
||||
|
||||
$refClass = new \ReflectionClass($request->controller);
|
||||
$property = $refClass->getDefaultProperties();
|
||||
$this->needLogin = $property['needLogin'] ?? $this->needLogin;
|
||||
$this->noNeedAuth = $property['noNeedAuth'] ?? $this->noNeedAuth;
|
||||
|
||||
$auth = Auth::instance();
|
||||
if ($auth->isLogin()) {
|
||||
$request->user_id = $auth->userData['id'];
|
||||
$request->userData = $auth->userData;
|
||||
// 验证权限
|
||||
if ($this->authWorkflow && Event::hasListener('apiAuth')) {
|
||||
$result = Event::emit('apiAuth', ['method' => $method, 'user_id' => $request->user_id], true);
|
||||
$result = Event::emit('apiAuth', ['method' => $method, 'user_id' => $auth->user_id], true);
|
||||
if (isset($result['code']) && $result['code'] != 200) {
|
||||
return json($result);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user