1.所有接口需要根据agent_id绑定渠道
2.移除所有记录页面的更新按钮,只能查看数据 3.将所有软删除修改为硬删除
This commit is contained in:
@@ -5,6 +5,7 @@ namespace app\api\middleware;
|
||||
|
||||
use app\api\cache\AuthTokenCache;
|
||||
use app\api\util\ReturnCode;
|
||||
use plugin\saiadmin\app\model\system\SystemUser;
|
||||
use plugin\saiadmin\exception\ApiException;
|
||||
use Tinywan\Jwt\JwtToken;
|
||||
use Tinywan\Jwt\Exception\JwtTokenException;
|
||||
@@ -53,7 +54,17 @@ class AuthTokenMiddleware implements MiddlewareInterface
|
||||
throw new ApiException('auth-token invalid or expired', ReturnCode::TOKEN_INVALID);
|
||||
}
|
||||
|
||||
$agent = SystemUser::where('agent_id', $agentId)->find();
|
||||
if (!$agent || (int) ($agent->status ?? 0) !== 1) {
|
||||
throw new ApiException('Invalid agent_id', ReturnCode::FORBIDDEN);
|
||||
}
|
||||
if (empty($agent->dept_id) || (int) $agent->dept_id <= 0) {
|
||||
throw new ApiException('Agent channel is not configured', ReturnCode::FORBIDDEN);
|
||||
}
|
||||
|
||||
$request->agent_id = $agentId;
|
||||
$request->agent_admin_id = (int) $agent->id;
|
||||
$request->agent_dept_id = (int) $agent->dept_id;
|
||||
return $handler($request);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -53,10 +53,14 @@ class TokenMiddleware implements MiddlewareInterface
|
||||
if ($username === '') {
|
||||
throw new ApiException('Invalid or expired token', ReturnCode::TOKEN_INVALID);
|
||||
}
|
||||
$userId = (int) ($extend['id'] ?? 0);
|
||||
if ($userId <= 0) {
|
||||
throw new ApiException('Invalid or expired token', ReturnCode::TOKEN_INVALID);
|
||||
}
|
||||
|
||||
$currentToken = UserCache::getSessionTokenByUsername($username);
|
||||
$currentToken = UserCache::getCurrentUserToken($userId);
|
||||
if ($currentToken === null || $currentToken === '') {
|
||||
$player = DicePlayer::where('username', $username)->find();
|
||||
$player = DicePlayer::find($userId);
|
||||
if (!$player) {
|
||||
throw new ApiException('Please register', ReturnCode::TOKEN_INVALID);
|
||||
}
|
||||
@@ -68,17 +72,17 @@ class TokenMiddleware implements MiddlewareInterface
|
||||
|
||||
// 优先从 Redis 缓存取玩家,避免每次请求都查库
|
||||
$player = null;
|
||||
$cached = UserCache::getPlayerByUsername($username);
|
||||
if ($cached !== null && isset($cached['id'])) {
|
||||
$cached = UserCache::getUser($userId);
|
||||
if (!empty($cached) && isset($cached['id']) && (int) $cached['id'] === $userId) {
|
||||
$player = (new DicePlayer())->data($cached, true);
|
||||
}
|
||||
if ($player === null) {
|
||||
$player = DicePlayer::where('username', $username)->find();
|
||||
$player = DicePlayer::find($userId);
|
||||
if (!$player) {
|
||||
UserCache::deleteSessionByUsername($username);
|
||||
throw new ApiException('Please login again', ReturnCode::TOKEN_INVALID);
|
||||
}
|
||||
UserCache::setPlayerByUsername($username, $player->hidden(['password'])->toArray());
|
||||
UserCache::setUser($userId, $player->hidden(['password'])->toArray());
|
||||
}
|
||||
$request->player_id = (int) $player->id;
|
||||
$request->player = $player;
|
||||
|
||||
Reference in New Issue
Block a user