From eaf5058e5549643029eb5ea9f672dec713a8c92b Mon Sep 17 00:00:00 2001
From: ufec <ufec@qq.com>
Date: Thu, 6 May 2021 16:50:33 +0800
Subject: [PATCH 1/6] =?UTF-8?q?=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/middleware/AdminPermission.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/middleware/AdminPermission.php b/app/middleware/AdminPermission.php
index 7bdbac1..c1691ad 100644
--- a/app/middleware/AdminPermission.php
+++ b/app/middleware/AdminPermission.php
@@ -23,8 +23,8 @@ class AdminPermission {
      */
     public function handle($request, \Closure $next): Response {
         $userInfo = $request->API_ADMIN_USER_INFO;
-
-        if (!$this->checkAuth($userInfo['id'], $request->pathinfo())) {
+        // rule里包含了rule(路由规则), ruoter(完整路由)
+        if (!$this->checkAuth($userInfo['id'], $request->rule()->getRule())) {
             return json([
                 'code' => ReturnCode::INVALID,
                 'msg'  => '非常抱歉，您没有权限这么做！',

From bc315506638ad9646ce2d5280eadc47357f8dfde Mon Sep 17 00:00:00 2001
From: Zhao <756958008@qq.com>
Date: Fri, 23 Jul 2021 08:27:48 +0000
Subject: [PATCH 2/6] =?UTF-8?q?modified=20=E4=BF=AE=E5=A4=8D=E5=88=A0?=
 =?UTF-8?q?=E9=99=A4=E6=8E=A5=E5=8F=A3=E7=9A=84BUG?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controller/admin/InterfaceList.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controller/admin/InterfaceList.php b/app/controller/admin/InterfaceList.php
index 58e701c..4bae376 100644
--- a/app/controller/admin/InterfaceList.php
+++ b/app/controller/admin/InterfaceList.php
@@ -150,10 +150,10 @@ class InterfaceList extends Base {
                 $rule->app_api = implode(',', $appApiArr);
 
                 $appApiShowArrOld = json_decode($rule->app_api_show, true);
-                $appApiShowArr = $appApiShowArrOld[$oldInfo->groupHash];
+                $appApiShowArr = $appApiShowArrOld[$oldInfo->group_hash];
                 $appApiShowIndex = array_search($hash, $appApiShowArr);
                 array_splice($appApiShowArr, $appApiShowIndex, 1);
-                $appApiShowArrOld[$oldInfo->groupHash] = $appApiShowArr;
+                $appApiShowArrOld[$oldInfo->group_hash] = $appApiShowArr;
                 $rule->app_api_show = json_encode($appApiShowArrOld);
 
                 $rule->save();

From 5ea9234184827ff1cd7af7a9db62b069e8f3dd20 Mon Sep 17 00:00:00 2001
From: Zhao <756958008@qq.com>
Date: Tue, 27 Jul 2021 14:42:44 +0000
Subject: [PATCH 3/6] =?UTF-8?q?modified=20=E4=BF=AE=E6=94=B9AccessToken?=
 =?UTF-8?q?=E4=BC=A0=E9=80=92=E6=96=B9=E5=BC=8F=EF=BC=8C=E6=94=AF=E6=8C=81?=
 =?UTF-8?q?Post=E3=80=81Get=E3=80=81Header=E3=80=81PathInfo=E5=9B=9B?=
 =?UTF-8?q?=E7=A7=8D=E6=96=B9=E5=BC=8F=E4=BC=A0=E9=80=92=EF=BC=8C=E4=BC=98?=
 =?UTF-8?q?=E5=85=88=E7=BA=A7=E4=B8=BAHeader>Post>Get>PathInfo?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/middleware/ApiAuth.php | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/app/middleware/ApiAuth.php b/app/middleware/ApiAuth.php
index 3197393..f42cd91 100644
--- a/app/middleware/ApiAuth.php
+++ b/app/middleware/ApiAuth.php
@@ -23,7 +23,15 @@ class ApiAuth {
      */
     public function handle($request, \Closure $next) {
         $header = config('apiadmin.CROSS_DOMAIN');
-        $apiHash = substr($request->pathinfo(), 4);
+
+        $pathParam = [];
+        $pathArr = explode('/', $request->pathinfo());
+        for ($index = 0; $index < count($pathArr); $index += 2) {
+            if (isset($pathArr[$index + 1])) {
+                $pathParam[$pathArr[$index]] = $pathArr[$index + 1];
+            }
+        }
+        $apiHash = $pathParam['api'];
 
         if ($apiHash) {
             $cached = Cache::has('ApiInfo:' . $apiHash);
@@ -53,12 +61,13 @@ class ApiAuth {
 
             $accessToken = $request->header('Access-Token', '');
             if (!$accessToken) {
-                if ($apiInfo['method'] == 2) {
-                    $accessToken = $request->get('Access-Token', '');
-                }
-                if ($apiInfo['method'] == 1) {
-                    $accessToken = $request->post('Access-Token', '');
-                }
+                $accessToken = $request->post('Access-Token', '');
+            }
+            if (!$accessToken) {
+                $accessToken = $request->get('Access-Token', '');
+            }
+            if (!$accessToken && !empty($pathParam['Access-Token'])) {
+                $accessToken = $pathParam['Access-Token'];
             }
             if (!$accessToken) {
                 return json([

From cdb21ae3a62e19819f39a56d6156c869933aa052 Mon Sep 17 00:00:00 2001
From: Zhao <756958008@qq.com>
Date: Tue, 27 Jul 2021 14:52:27 +0000
Subject: [PATCH 4/6] =?UTF-8?q?modified=20=E4=BC=98=E5=8C=96=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=A3=E6=80=A7=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/middleware/ApiAuth.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/middleware/ApiAuth.php b/app/middleware/ApiAuth.php
index f42cd91..c3e6742 100644
--- a/app/middleware/ApiAuth.php
+++ b/app/middleware/ApiAuth.php
@@ -26,8 +26,9 @@ class ApiAuth {
 
         $pathParam = [];
         $pathArr = explode('/', $request->pathinfo());
-        for ($index = 0; $index < count($pathArr); $index += 2) {
-            if (isset($pathArr[$index + 1])) {
+        $pathArrLen = count($pathArr);
+        for ($index = 0; $index < $pathArrLen; $index += 2) {
+            if ($index + 1 < $pathArrLen) {
                 $pathParam[$pathArr[$index]] = $pathArr[$index + 1];
             }
         }

From df6af7f4da2d7ba7f44e3856c55c2ee1219853fc Mon Sep 17 00:00:00 2001
From: Zhao <756958008@qq.com>
Date: Wed, 28 Jul 2021 08:33:10 +0000
Subject: [PATCH 5/6] =?UTF-8?q?modified=20=E5=9F=BA=E7=B1=BB=E5=87=BD?=
 =?UTF-8?q?=E6=95=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controller/admin/Base.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controller/admin/Base.php b/app/controller/admin/Base.php
index ceeb5f5..5c2a030 100644
--- a/app/controller/admin/Base.php
+++ b/app/controller/admin/Base.php
@@ -57,7 +57,7 @@ class Base extends BaseController {
      * @author zhaoxiang <zhaoxiang051405@gmail.com>
      */
     public function updateUserInfo(array $data, bool $isDetail = false): void {
-        $apiAuth = $this->request->header('apiAuth');
+        $apiAuth = $this->request->header('Api-Auth');
         if ($isDetail) {
             AdminUserData::update($data, ['uid' => $this->userInfo['id']]);
             $this->userInfo['userData'] = (new AdminUserData())->where('uid', $this->userInfo['id'])->find();

From d8265436a5d393ef06c30ba0a17727291e7ce09e Mon Sep 17 00:00:00 2001
From: Zhao <756958008@qq.com>
Date: Wed, 29 Sep 2021 02:04:47 +0000
Subject: [PATCH 6/6] rename LICENSE.txt to LICENSE.

---
 LICENSE     | 21 +++++++++++++++++++++
 LICENSE.txt | 32 --------------------------------
 2 files changed, 21 insertions(+), 32 deletions(-)
 create mode 100644 LICENSE
 delete mode 100644 LICENSE.txt

diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..c7c9704
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Zhao
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/LICENSE.txt b/LICENSE.txt
deleted file mode 100644
index 574a39c..0000000
--- a/LICENSE.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-
-ThinkPHP遵循Apache2开源协议发布，并提供免费使用。
-版权所有Copyright © 2006-2016 by ThinkPHP (http://thinkphp.cn)
-All rights reserved。
-ThinkPHP® 商标和著作权所有者为上海顶想信息科技有限公司。
-
-Apache Licence是著名的非盈利开源组织Apache采用的协议。
-该协议和BSD类似，鼓励代码共享和尊重原作者的著作权，
-允许代码修改，再作为开源或商业软件发布。需要满足
-的条件： 
-1． 需要给代码的用户一份Apache Licence ；
-2． 如果你修改了代码，需要在被修改的文件中说明；
-3． 在延伸的代码中（修改和有源代码衍生的代码中）需要
-带有原来代码中的协议，商标，专利声明和其他原来作者规
-定需要包含的说明；
-4． 如果再发布的产品中包含一个Notice文件，则在Notice文
-件中需要带有本协议内容。你可以在Notice中增加自己的
-许可，但不可以表现为对Apache Licence构成更改。 
-具体的协议参考：http://www.apache.org/licenses/LICENSE-2.0
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.