From 54c77736e5a7d63f32901db63607135f8ab528fa Mon Sep 17 00:00:00 2001 From: zhaoxiang Date: Thu, 20 Jun 2019 16:40:01 +0800 Subject: [PATCH] =?UTF-8?q?modified=20=E4=BC=98=E5=8C=96=E7=94=A8=E6=88=B7?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E8=8E=B7=E5=8F=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- application/admin/controller/Login.php | 44 +++++++++++++++++--------- application/install/apiadmin.tpl | 2 +- 2 files changed, 30 insertions(+), 16 deletions(-) diff --git a/application/admin/controller/Login.php b/application/admin/controller/Login.php index bb6ea3e..a9ccb16 100644 --- a/application/admin/controller/Login.php +++ b/application/admin/controller/Login.php @@ -63,24 +63,12 @@ class Login extends Base { } else { return $this->buildFailed(ReturnCode::LOGIN_ERROR, '用户名密码不正确'); } + $userInfo['access'] = $this->getAccess($userInfo['id']); + $apiAuth = md5(uniqid() . time()); cache('Login:' . $apiAuth, json_encode($userInfo), config('apiadmin.ONLINE_TIME')); cache('Login:' . $userInfo['id'], $apiAuth, config('apiadmin.ONLINE_TIME')); - $userInfo['access'] = []; - $isSupper = Tools::isAdministrator($userInfo['id']); - if ($isSupper) { - $access = AdminMenu::all(['hide' => 0]); - $access = Tools::buildArrFromObj($access); - $userInfo['access'] = array_values(array_filter(array_column($access, 'url'))); - } else { - $groups = AdminAuthGroupAccess::get(['uid' => $userInfo['id']]); - if (isset($groups) && $groups->group_id) { - $access = (new AdminAuthRule())->whereIn('group_id', $groups->group_id)->select(); - $access = Tools::buildArrFromObj($access); - $userInfo['access'] = array_values(array_unique(array_column($access, 'url'))); - } - } $userInfo['apiAuth'] = $apiAuth; return $this->buildSuccess($userInfo, '登录成功'); @@ -92,7 +80,7 @@ class Login extends Base { * @author zhaoxiang */ public function getUserInfo() { - return $this->userInfo; + return $this->buildSuccess($this->userInfo); } public function logout() { @@ -103,4 +91,30 @@ class Login extends Base { return $this->buildSuccess([], '登出成功'); } + /** + * 获取用户权限数据 + * @param $uid + * @return array + * @author zhaoxiang + */ + private function getAccess($uid) { + $isSupper = Tools::isAdministrator($uid); + if ($isSupper) { + $access = AdminMenu::all(['hide' => 0]); + $access = Tools::buildArrFromObj($access); + + return array_values(array_filter(array_column($access, 'url'))); + } else { + $groups = AdminAuthGroupAccess::get(['uid' => $uid]); + if (isset($groups) && $groups->group_id) { + $access = (new AdminAuthRule())->whereIn('group_id', $groups->group_id)->select(); + $access = Tools::buildArrFromObj($access); + + return array_values(array_unique(array_column($access, 'url'))); + } else { + return []; + } + } + } + } diff --git a/application/install/apiadmin.tpl b/application/install/apiadmin.tpl index a1ab7a2..6ca2334 100644 --- a/application/install/apiadmin.tpl +++ b/application/install/apiadmin.tpl @@ -29,7 +29,7 @@ return [ 'CROSS_DOMAIN' => [ 'Access-Control-Allow-Origin' => '*', 'Access-Control-Allow-Methods' => 'POST,PUT,GET,DELETE', - 'Access-Control-Allow-Headers' => 'version, access-token, user-token, ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With', + 'Access-Control-Allow-Headers' => 'version, access-token, user-token, apiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With', 'Access-Control-Allow-Credentials' => 'true' ],