blackteay/ApiAdmin
1
0
Fork 0
mirror of https://gitee.com/apiadmin/ApiAdmin.git synced 2025-08-10 15:29:46 +08:00
Code Issues Projects Releases Wiki Activity

modified 完善前端接口跨域问题 特别鸣谢:@Huseh @初柒

Browse Source
This commit is contained in:
zhaoxiang 2019-04-16 15:15:04 +08:00
parent 990e869bf5
commit f30fa65c1b
3 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
application/api/behavior/ApiAuth.php
View File

@ -21,6 +21,7 @@ class ApiAuth {
*/ */
private $request; private $request;
private $apiInfo; private $apiInfo;
private $header;
/** /**
* 默认行为函数 * 默认行为函数
@ -32,6 +33,7 @@ class ApiAuth {
public function run() { public function run() {
$this->request = Request::instance(); $this->request = Request::instance();
$hash = $this->request->routeInfo(); $hash = $this->request->routeInfo();
$this->header = config('apiAdmin.CROSS_DOMAIN');
if (isset($hash['rule'][1])) { if (isset($hash['rule'][1])) {
$hash = $hash['rule'][1]; $hash = $hash['rule'][1];
@ -44,7 +46,7 @@ class ApiAuth {
$this->apiInfo = $apiInfo->toArray(); $this->apiInfo = $apiInfo->toArray();
Cache::set('ApiInfo:' . $hash, $this->apiInfo); Cache::set('ApiInfo:' . $hash, $this->apiInfo);
} else { } else {
return json(['code' => ReturnCode::DB_READ_ERROR, 'msg' => '获取接口配置数据失败', 'data' => []]); return json(['code' => ReturnCode::DB_READ_ERROR, 'msg' => '获取接口配置数据失败', 'data' => []], 200, $this->header);
} }
} }
@ -75,11 +77,11 @@ class ApiAuth {
private function checkAccessToken() { private function checkAccessToken() {
$access_token = $this->request->header('access-token'); $access_token = $this->request->header('access-token');
if (!isset($access_token) || !$access_token) { if (!isset($access_token) || !$access_token) {
return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => '缺少参数access-token', 'data' => []]); return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => '缺少参数access-token', 'data' => []], 200, $this->header);
} else { } else {
$appInfo = cache('AccessToken:' . $access_token); $appInfo = cache('AccessToken:' . $access_token);
if (!$appInfo) { if (!$appInfo) {
return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => 'access-token已过期', 'data' => []]); return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => 'access-token已过期', 'data' => []], 200, $this->header);
} }
ApiLog::setAppInfo($appInfo); ApiLog::setAppInfo($appInfo);
} }
@ -91,10 +93,10 @@ class ApiAuth {
private function checkVersion() { private function checkVersion() {
$version = $this->request->header('version'); $version = $this->request->header('version');
if (!isset($version) || !$version) { if (!isset($version) || !$version) {
return json(['code' => ReturnCode::EMPTY_PARAMS, 'msg' => '缺少参数version', 'data' => []]); return json(['code' => ReturnCode::EMPTY_PARAMS, 'msg' => '缺少参数version', 'data' => []], 200, $this->header);
} else { } else {
if ($version != config('apiAdmin.APP_VERSION')) { if ($version != config('apiAdmin.APP_VERSION')) {
return json(['code' => ReturnCode::VERSION_INVALID, 'msg' => 'API版本不匹配', 'data' => []]); return json(['code' => ReturnCode::VERSION_INVALID, 'msg' => 'API版本不匹配', 'data' => []], 200, $this->header);
} }
} }
} }
@ -107,13 +109,13 @@ class ApiAuth {
$userToken = $this->request->header('user-token', ''); $userToken = $this->request->header('user-token', '');
if ($this->apiInfo['needLogin']) { if ($this->apiInfo['needLogin']) {
if (!$userToken) { if (!$userToken) {
return json(['code' => ReturnCode::AUTH_ERROR, 'msg' => '缺少user-token', 'data' => []]); return json(['code' => ReturnCode::AUTH_ERROR, 'msg' => '缺少user-token', 'data' => []], 200, $this->header);
} }
} }
if ($userToken) { if ($userToken) {
$userInfo = cache('wx:openId:' . $userToken); $userInfo = cache('wx:openId:' . $userToken);
if (!is_array($userInfo) || !isset($userInfo['openId'])) { if (!is_array($userInfo) || !isset($userInfo['openId'])) {
return json(['code' => ReturnCode::AUTH_ERROR, 'msg' => 'user-token不匹配', 'data' => []]); return json(['code' => ReturnCode::AUTH_ERROR, 'msg' => 'user-token不匹配', 'data' => []], 200, $this->header);
} }
ApiLog::setUserInfo($userInfo); ApiLog::setUserInfo($userInfo);
} }

5
application/api/behavior/ApiPermission.php
View File

@ -25,6 +25,7 @@ class ApiPermission {
*/ */
public function run() { public function run() {
$this->request = Request::instance(); $this->request = Request::instance();
$header = config('apiAdmin.CROSS_DOMAIN');
$hash = $this->request->routeInfo(); $hash = $this->request->routeInfo();
if (isset($hash['rule'][1])) { if (isset($hash['rule'][1])) {
$hash = $hash['rule'][1]; $hash = $hash['rule'][1];
@ -33,9 +34,7 @@ class ApiPermission {
$appInfo = cache('AccessToken:' . $access_token); $appInfo = cache('AccessToken:' . $access_token);
$allRules = explode(',', $appInfo['app_api']); $allRules = explode(',', $appInfo['app_api']);
if (!in_array($hash, $allRules)) { if (!in_array($hash, $allRules)) {
$data = ['code' => ReturnCode::INVALID, 'msg' => '非常抱歉,您没有权限这么做!', 'data' => []]; return json(['code' => ReturnCode::INVALID, 'msg' => '非常抱歉,您没有权限这么做!', 'data' => []], 200, $header);
return json($data);
} }
} }
} }

3
application/api/behavior/RequestFilter.php
View File

@ -63,7 +63,8 @@ class RequestFilter {
if ($newRule) { if ($newRule) {
$validate = new Validate($newRule); $validate = new Validate($newRule);
if (!$validate->check($data)) { if (!$validate->check($data)) {
return json(['code' => ReturnCode::PARAM_INVALID, 'msg' => $validate->getError(), 'data' => []]); $header = config('apiAdmin.CROSS_DOMAIN');
return json(['code' => ReturnCode::PARAM_INVALID, 'msg' => $validate->getError(), 'data' => []], 200, $header);
} }
} }