mirror of
https://gitee.com/zoujingli/ThinkAdmin.git
synced 2026-06-07 04:28:11 +08:00
e7a8c05556
将 v8 重构分支中残留的 ThinkAdminDeveloper 文本统一调整为 ThinkAdmin,避免迁移到主仓库后继续暴露旧开发仓库名称。 主要内容: - 更新 README 标题与项目描述。 - 统一 PHP 文件头注释中的项目标识。 - 同步调整测试、配置、插件与文档中的旧仓库名称文本。 - 保持旧包删除说明与架构边界测试语义不变,只清理品牌名称残留。
116 lines
3.7 KiB
PHP
116 lines
3.7 KiB
PHP
<?php
|
||
|
||
declare(strict_types=1);
|
||
/**
|
||
* +----------------------------------------------------------------------
|
||
* | ThinkAdmin Plugin
|
||
* +----------------------------------------------------------------------
|
||
* | Copyright (c) 2014~2026 ThinkAdmin [ thinkadmin.top ]
|
||
* +----------------------------------------------------------------------
|
||
* | Official Website: https://thinkadmin.top
|
||
* +----------------------------------------------------------------------
|
||
* | Licensed: https://mit-license.org
|
||
* | Disclaimer: https://thinkadmin.top/disclaimer
|
||
* | Vip Rights: https://thinkadmin.top/vip-introduce
|
||
* +----------------------------------------------------------------------
|
||
* | Gitee Repository: https://gitee.com/zoujingli/ThinkAdmin
|
||
* | Github Repository: https://github.com/zoujingli/ThinkAdmin
|
||
* +----------------------------------------------------------------------
|
||
*/
|
||
|
||
namespace plugin\account\controller\api;
|
||
|
||
use plugin\account\service\Account;
|
||
use plugin\account\service\contract\AccountInterface;
|
||
use think\admin\Controller;
|
||
use think\admin\Exception;
|
||
use think\admin\service\AuthResponse;
|
||
use think\exception\HttpResponseException;
|
||
|
||
/**
|
||
* 接口授权抽象类.
|
||
* @class Auth
|
||
*/
|
||
abstract class Auth extends Controller
|
||
{
|
||
/**
|
||
* 接口类型.
|
||
* @var string
|
||
*/
|
||
protected $type;
|
||
|
||
/**
|
||
* 主账号编号.
|
||
* @var int
|
||
*/
|
||
protected $unid;
|
||
|
||
/**
|
||
* 子账号编号.
|
||
* @var int
|
||
*/
|
||
protected $usid;
|
||
|
||
/**
|
||
* 终端账号接口.
|
||
* @var AccountInterface
|
||
*/
|
||
protected $account;
|
||
|
||
/**
|
||
* 控制器初始化.
|
||
*/
|
||
protected function initialize()
|
||
{
|
||
try {
|
||
// 统一识别 Authorization,未携带请求头时再读取认证 Cookie。
|
||
$token = Account::requestToken($this->request);
|
||
if (empty($token)) {
|
||
AuthResponse::unauthorized('需要登录授权');
|
||
}
|
||
// 读取用户账号数据
|
||
$this->account = Account::mk('', $token);
|
||
$login = $this->account->check();
|
||
$this->usid = intval($login['id'] ?? 0);
|
||
$this->unid = intval($login['unid'] ?? 0);
|
||
$this->type = strval($login['type'] ?? '');
|
||
// 临时缓存登录数据
|
||
sysvar('plugin_account_object', $this->account);
|
||
sysvar('plugin_account_user_type', $this->type);
|
||
sysvar('plugin_account_user_usid', $this->usid);
|
||
sysvar('plugin_account_user_unid', $this->unid);
|
||
sysvar('plugin_account_user_code', $this->account->getCode());
|
||
} catch (HttpResponseException $exception) {
|
||
throw $exception;
|
||
} catch (\Exception $exception) {
|
||
if ($exception instanceof Exception) {
|
||
$status = intval($exception->getCode());
|
||
if (in_array($status, [AuthResponse::STATUS_UNAUTHORIZED, AuthResponse::STATUS_FORBIDDEN], true)) {
|
||
AuthResponse::abort($status, $exception->getMessage(), $exception->getData());
|
||
}
|
||
}
|
||
$this->error($exception->getMessage(), [], $exception->getCode());
|
||
}
|
||
}
|
||
|
||
/**
|
||
* 检查用户状态
|
||
* @return $this
|
||
*/
|
||
protected function checkUserStatus(bool $isBind = true): Auth
|
||
{
|
||
$login = $this->account->get();
|
||
if (empty($login['status'])) {
|
||
AuthResponse::forbidden('终端已冻结', $login);
|
||
} elseif ($isBind) {
|
||
if (empty($login['user'])) {
|
||
AuthResponse::forbidden('请绑定账号', $login);
|
||
}
|
||
if (empty($login['user']['status'])) {
|
||
AuthResponse::forbidden('账号已冻结', $login);
|
||
}
|
||
}
|
||
return $this;
|
||
}
|
||
}
|