From b47aa8c985213ec7ea3804993ec26cf0207cea85 Mon Sep 17 00:00:00 2001 From: zhaoxiang Date: Tue, 13 Oct 2020 18:17:09 +0800 Subject: [PATCH] =?UTF-8?q?modified=20=E4=BC=98=E5=8C=96Token=E8=8E=B7?= =?UTF-8?q?=E5=8F=96=E6=96=B9=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 2 +- app/controller/api/BuildToken.php | 1 + app/middleware/ApiAuth.php | 9 +++++++++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index f7933d8..d3922e3 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ php think apiadmin:adminRouter > 第五步:获取管理后台账号密码 ``` -cat application/install/lock.ini +cat install/lock.ini ``` ## 灵 感 diff --git a/app/controller/api/BuildToken.php b/app/controller/api/BuildToken.php index fcf3733..3538ca4 100644 --- a/app/controller/api/BuildToken.php +++ b/app/controller/api/BuildToken.php @@ -30,6 +30,7 @@ class BuildToken extends Base { $signature = $param['signature']; unset($param['signature']); + unset($param['Access-Token']); $sign = $this->getAuthToken($appInfo['app_secret'], $param); $this->debug($sign); if ($sign !== $signature) { diff --git a/app/middleware/ApiAuth.php b/app/middleware/ApiAuth.php index 58ff1c9..1e9610f 100644 --- a/app/middleware/ApiAuth.php +++ b/app/middleware/ApiAuth.php @@ -50,7 +50,16 @@ class ApiAuth { } } + $accessToken = $request->header('Access-Token', ''); + if (!$accessToken) { + if ($apiInfo['method'] == 2) { + $accessToken = $request->get('Access-Token', ''); + } + if ($apiInfo['method'] == 1) { + $accessToken = $request->post('Access-Token', ''); + } + } if (!$accessToken) { return json([ 'code' => ReturnCode::AUTH_ERROR,