[接口v1]对接平台API-鉴权authtoken接口和getGameUrl接口

[菜单]渠道管理
2026-03-09 13:50:32 +08:00 · 2026-03-09 11:14:34 +08:00
15 changed files with 1251 additions and 0 deletions
--- a/saiadmin-artd/src/views/plugin/channel/api/manage/index.ts
+++ b/saiadmin-artd/src/views/plugin/channel/api/manage/index.ts
@@ -0,0 +1,85 @@
+import request from '@/utils/http'
+
+/**
+ * 渠道 API接口
+ */
+export default {
+  /**
+   * 获取数据列表
+   * @param params 搜索参数
+   * @returns 数据列表
+   */
+  list(params: Record<string, any>) {
+    return request.get<Api.Common.ApiPage>({
+      url: '/channel/manage/ChannelManage/index',
+      params
+    })
+  },
+
+  /**
+   * 读取数据
+   * @param id 数据ID
+   * @returns 数据详情
+   */
+  read(id: number | string) {
+    return request.get<Api.Common.ApiData>({
+      url: '/channel/manage/ChannelManage/read?id=' + id
+    })
+  },
+
+  /**
+   * 创建数据
+   * @param params 数据参数
+   * @returns 执行结果
+   */
+  save(params: Record<string, any>) {
+    return request.post<any>({
+      url: '/channel/manage/ChannelManage/save',
+      data: params
+    })
+  },
+
+  /**
+   * 更新数据
+   * @param params 数据参数
+   * @returns 执行结果
+   */
+  update(params: Record<string, any>) {
+    return request.put<any>({
+      url: '/channel/manage/ChannelManage/update',
+      data: params
+    })
+  },
+
+  /**
+   * 删除数据
+   * @returns 执行结果
+   * @param params
+   */
+  delete(params: Record<string, any>) {
+    return request.del<any>({
+      url: '/channel/manage/ChannelManage/destroy',
+      data: params
+    })
+  },
+
+  /**
+   * 仅更新状态（列表内开关用）
+   */
+  updateStatus(params: { id: number | string; status: number }) {
+    return request.put<any>({
+      url: '/channel/manage/ChannelManage/updateStatus',
+      data: params
+    })
+  },
+
+  /**
+   * 获取管理员下拉列表（SystemUser 的 id、username、realname）
+   * @returns 管理员列表
+   */
+  getAdminList() {
+    return request.get<Api.Common.ApiData>({
+      url: '/channel/manage/ChannelManage/getAdminList'
+    })
+  }
+}
--- a/saiadmin-artd/src/views/plugin/channel/manage/index/index.vue
+++ b/saiadmin-artd/src/views/plugin/channel/manage/index/index.vue
@@ -0,0 +1,178 @@
+<template>
+  <div class="art-full-height">
+    <!-- 搜索面板 -->
+    <TableSearch v-model="searchForm" @search="handleSearch" @reset="resetSearchParams" />
+
+    <ElCard class="art-table-card" shadow="never">
+      <!-- 表格头部 -->
+      <ArtTableHeader v-model:columns="columnChecks" :loading="loading" @refresh="refreshData">
+        <template #left>
+          <ElSpace wrap>
+            <ElButton
+              v-permission="'channel:manage:index:save'"
+              @click="showDialog('add')"
+              v-ripple
+            >
+              <template #icon>
+                <ArtSvgIcon icon="ri:add-fill" />
+              </template>
+              新增
+            </ElButton>
+            <ElButton
+              v-permission="'channel:manage:index:destroy'"
+              :disabled="selectedRows.length === 0"
+              @click="deleteSelectedRows(api.delete, refreshData)"
+              v-ripple
+            >
+              <template #icon>
+                <ArtSvgIcon icon="ri:delete-bin-5-line" />
+              </template>
+              删除
+            </ElButton>
+          </ElSpace>
+        </template>
+      </ArtTableHeader>
+
+      <!-- 表格 -->
+      <ArtTable
+        ref="tableRef"
+        rowKey="id"
+        :loading="loading"
+        :data="data"
+        :columns="columns"
+        :pagination="pagination"
+        @sort-change="handleSortChange"
+        @selection-change="handleSelectionChange"
+        @pagination:size-change="handleSizeChange"
+        @pagination:current-change="handleCurrentChange"
+      >
+        <!-- 状态：开关直接修改 -->
+        <template #status="{ row }">
+          <ElSwitch
+            v-permission="'channel:manage:index:update'"
+            :model-value="row.status === 1"
+            :loading="row._statusLoading"
+            @change="(v: string | number | boolean) => handleStatusChange(row, v ? 1 : 0)"
+          />
+        </template>
+        <!-- 操作列 -->
+        <template #operation="{ row }">
+          <div class="flex gap-2">
+            <SaButton
+              v-permission="'channel:manage:index:update'"
+              type="secondary"
+              @click="showDialog('edit', row)"
+            />
+            <SaButton
+              v-permission="'channel:manage:index:destroy'"
+              type="error"
+              @click="deleteRow(row, api.delete, refreshData)"
+            />
+          </div>
+        </template>
+      </ArtTable>
+    </ElCard>
+
+    <!-- 编辑弹窗 -->
+    <EditDialog
+      v-model="dialogVisible"
+      :dialog-type="dialogType"
+      :data="dialogData"
+      @success="refreshData"
+    />
+  </div>
+</template>
+
+<script setup lang="ts">
+  import { useTable } from '@/hooks/core/useTable'
+  import { useSaiAdmin } from '@/composables/useSaiAdmin'
+  import api from '../../api/manage/index'
+  import TableSearch from './modules/table-search.vue'
+  import EditDialog from './modules/edit-dialog.vue'
+
+  // 搜索表单
+  const searchForm = ref({
+    name: undefined,
+    title: undefined,
+    status: undefined,
+    total_recharge: undefined,
+    total_withdrawal: undefined,
+    total_profit: undefined
+  })
+
+  // 搜索处理
+  const handleSearch = (params: Record<string, any>) => {
+    Object.assign(searchParams, params)
+    getData()
+  }
+
+  // 表格配置
+  const {
+    columns,
+    columnChecks,
+    data,
+    loading,
+    getData,
+    searchParams,
+    pagination,
+    resetSearchParams,
+    handleSortChange,
+    handleSizeChange,
+    handleCurrentChange,
+    refreshData
+  } = useTable({
+    core: {
+      apiFn: api.list,
+      columnsFactory: () => [
+        { type: 'selection' },
+        { prop: 'title', label: '标题' },
+        { prop: 'status', label: '状态', useSlot: true },
+        {
+          prop: 'admin_id',
+          label: '管理员',
+          formatter: (row: Record<string, any>) => {
+            const admin = row.admin
+            if (!admin) return row.admin_id ?? '-'
+            return (
+              (admin.realname && String(admin.realname).trim()) || admin.username || `#${admin.id}`
+            )
+          }
+        },
+        { prop: 'game_url', label: '游戏地址' },
+        { prop: 'image', label: '图标', saiType: 'image' },
+        { prop: 'agent', label: '代理agent' },
+        { prop: 'ip_white', label: 'IP白名单' },
+        { prop: 'total_recharge', label: '总充值' },
+        { prop: 'total_withdrawal', label: '总提现' },
+        { prop: 'total_profit', label: '总盈利' },
+        { prop: 'player_count', label: '玩家数量' },
+        { prop: 'operation', label: '操作', width: 100, fixed: 'right', useSlot: true }
+      ]
+    }
+  })
+
+  // 状态开关切换（列表内直接修改）
+  const handleStatusChange = async (row: Record<string, any>, status: number) => {
+    row._statusLoading = true
+    try {
+      await api.updateStatus({ id: row.id, status })
+      row.status = status
+    } catch {
+      refreshData()
+    } finally {
+      row._statusLoading = false
+    }
+  }
+
+  // 编辑配置
+  const {
+    dialogType,
+    dialogVisible,
+    dialogData,
+    showDialog,
+    deleteRow,
+    deleteSelectedRows,
+    handleSelectionChange,
+    selectedRows
+  } = useSaiAdmin()
+</script>
--- a/saiadmin-artd/src/views/plugin/channel/manage/index/modules/edit-dialog.vue
+++ b/saiadmin-artd/src/views/plugin/channel/manage/index/modules/edit-dialog.vue
@@ -0,0 +1,202 @@
+<template>
+  <el-dialog
+    v-model="visible"
+    :title="dialogType === 'add' ? '新增渠道' : '编辑渠道'"
+    width="600px"
+    align-center
+    :close-on-click-modal="false"
+    @close="handleClose"
+  >
+    <el-form ref="formRef" :model="formData" :rules="rules" label-width="120px">
+      <el-form-item label="名称" prop="name">
+        <el-input v-model="formData.name" placeholder="请输入名称" />
+      </el-form-item>
+      <el-form-item label="标题" prop="title">
+        <el-input v-model="formData.title" placeholder="请输入标题" />
+      </el-form-item>
+      <el-form-item label="状态" prop="status">
+        <sa-switch v-model="formData.status" />
+      </el-form-item>
+      <el-form-item label="管理员" prop="admin_id">
+        <el-select
+          v-model="formData.admin_id"
+          placeholder="请选择管理员"
+          clearable
+          filterable
+          style="width: 100%"
+          :loading="adminOptionsLoading"
+        >
+          <el-option
+            v-for="item in adminOptions"
+            :key="item.id"
+            :label="item.name"
+            :value="item.id"
+          />
+        </el-select>
+      </el-form-item>
+      <el-form-item label="游戏地址" prop="game_url">
+        <el-input v-model="formData.game_url" placeholder="请输入游戏地址" />
+      </el-form-item>
+      <el-form-item label="图标" prop="image">
+        <sa-image-upload v-model="formData.image" :limit="1" :multiple="false" />
+      </el-form-item>
+      <el-form-item label="IP白名单" prop="ip_white">
+        <el-input v-model="formData.ip_white" placeholder="请输入IP白名单" />
+      </el-form-item>
+    </el-form>
+    <template #footer>
+      <el-button @click="handleClose">取消</el-button>
+      <el-button type="primary" @click="handleSubmit">提交</el-button>
+    </template>
+  </el-dialog>
+</template>
+
+<script setup lang="ts">
+  import api from '../../../api/manage/index'
+  import { ElMessage } from 'element-plus'
+  import type { FormInstance, FormRules } from 'element-plus'
+
+  interface Props {
+    modelValue: boolean
+    dialogType: string
+    data?: Record<string, any>
+  }
+
+  interface Emits {
+    (e: 'update:modelValue', value: boolean): void
+    (e: 'success'): void
+  }
+
+  const props = withDefaults(defineProps<Props>(), {
+    modelValue: false,
+    dialogType: 'add',
+    data: undefined
+  })
+
+  const emit = defineEmits<Emits>()
+
+  const formRef = ref<FormInstance>()
+
+  /**
+   * 弹窗显示状态双向绑定
+   */
+  const visible = computed({
+    get: () => props.modelValue,
+    set: (value) => emit('update:modelValue', value)
+  })
+
+  /**
+   * 表单验证规则
+   */
+  const rules = reactive<FormRules>({
+    name: [{ required: true, message: '名称必需填写', trigger: 'blur' }],
+    title: [{ required: true, message: '标题必需填写', trigger: 'blur' }],
+    admin_id: [{ required: true, message: '管理员必需填写', trigger: 'blur' }],
+    game_url: [{ required: true, message: '游戏地址必需填写', trigger: 'blur' }],
+    image: [{ required: true, message: '图标必需填写', trigger: 'blur' }]
+  })
+
+  /**
+   * 初始数据
+   */
+  const initialFormData = {
+    id: null,
+    name: '',
+    title: '',
+    status: 1,
+    admin_id: null,
+    game_url: '',
+    image: '',
+    ip_white: ''
+  }
+
+  /**
+   * 表单数据
+   */
+  const formData = reactive({ ...initialFormData })
+
+  /**
+   * 监听弹窗打开，初始化表单数据
+   */
+  watch(
+    () => props.modelValue,
+    (newVal) => {
+      if (newVal) {
+        initPage()
+      }
+    }
+  )
+
+  /** 管理员下拉选项：value=SystemUser.id, label=SystemUser.name（远程关联） */
+  const adminOptions = ref<Array<{ id: number; name: string }>>([])
+  const adminOptionsLoading = ref(false)
+
+  const fetchAdminList = async () => {
+    adminOptionsLoading.value = true
+    try {
+      // 接口返回的已是 data 解包后的数组（value=SystemUser.id, name=展示名）
+      const list = await api.getAdminList()
+      adminOptions.value = Array.isArray(list) ? list : []
+    } catch {
+      adminOptions.value = []
+    } finally {
+      adminOptionsLoading.value = false
+    }
+  }
+
+  /**
+   * 初始化页面数据
+   */
+  const initPage = async () => {
+    // 先重置为初始值
+    Object.assign(formData, initialFormData)
+    await fetchAdminList()
+    // 如果有数据，则填充数据
+    if (props.data) {
+      await nextTick()
+      initForm()
+    }
+  }
+
+  /**
+   * 初始化表单数据
+   */
+  const initForm = () => {
+    if (props.data) {
+      for (const key in formData) {
+        if (props.data[key] != null && props.data[key] != undefined) {
+          ;(formData as any)[key] = props.data[key]
+        }
+      }
+    }
+  }
+
+  /**
+   * 关闭弹窗并重置表单
+   */
+  const handleClose = () => {
+    visible.value = false
+    formRef.value?.resetFields()
+  }
+
+  /**
+   * 提交表单
+   */
+  const handleSubmit = async () => {
+    if (!formRef.value) return
+    try {
+      await formRef.value.validate()
+      if (props.dialogType === 'add') {
+        await api.save(formData)
+        ElMessage.success('新增成功')
+      } else {
+        await api.update(formData)
+        ElMessage.success('修改成功')
+      }
+      emit('success')
+      handleClose()
+    } catch (error) {
+      console.log('表单验证失败:', error)
+    }
+  }
+</script>
--- a/saiadmin-artd/src/views/plugin/channel/manage/index/modules/table-search.vue
+++ b/saiadmin-artd/src/views/plugin/channel/manage/index/modules/table-search.vue
@@ -0,0 +1,92 @@
+<template>
+  <sa-search-bar
+    ref="searchBarRef"
+    v-model="formData"
+    label-width="100px"
+    :showExpand="false"
+    @reset="handleReset"
+    @search="handleSearch"
+    @expand="handleExpand"
+  >
+    <el-col v-bind="setSpan(6)">
+      <el-form-item label="名称" prop="name">
+        <el-input v-model="formData.name" placeholder="请输入名称" clearable />
+      </el-form-item>
+    </el-col>
+    <el-col v-bind="setSpan(6)">
+      <el-form-item label="标题" prop="title">
+        <el-input v-model="formData.title" placeholder="请输入标题" clearable />
+      </el-form-item>
+    </el-col>
+    <el-col v-bind="setSpan(6)">
+      <el-form-item label="状态" prop="status">
+        <el-input v-model="formData.status" placeholder="请输入状态" clearable />
+      </el-form-item>
+    </el-col>
+    <el-col v-bind="setSpan(6)">
+      <el-form-item label="总充值" prop="total_recharge">
+        <el-input v-model="formData.total_recharge" placeholder="请输入总充值" clearable />
+      </el-form-item>
+    </el-col>
+    <el-col v-bind="setSpan(6)">
+      <el-form-item label="总提现" prop="total_withdrawal">
+        <el-input v-model="formData.total_withdrawal" placeholder="请输入总提现" clearable />
+      </el-form-item>
+    </el-col>
+    <el-col v-bind="setSpan(6)">
+      <el-form-item label="总盈利" prop="total_profit">
+        <el-input v-model="formData.total_profit" placeholder="请输入总盈利" clearable />
+      </el-form-item>
+    </el-col>
+  </sa-search-bar>
+</template>
+
+<script setup lang="ts">
+  interface Props {
+    modelValue: Record<string, any>
+  }
+  interface Emits {
+    (e: 'update:modelValue', value: Record<string, any>): void
+    (e: 'search', params: Record<string, any>): void
+    (e: 'reset'): void
+  }
+  const props = defineProps<Props>()
+  const emit = defineEmits<Emits>()
+  // 展开/收起
+  const isExpanded = ref<boolean>(false)
+
+  // 表单数据双向绑定
+  const searchBarRef = ref()
+  const formData = computed({
+    get: () => props.modelValue,
+    set: (val) => emit('update:modelValue', val)
+  })
+
+  // 重置
+  function handleReset() {
+    searchBarRef.value?.ref.resetFields()
+    emit('reset')
+  }
+
+  // 搜索
+  async function handleSearch() {
+    emit('search', formData.value)
+  }
+
+  // 展开/收起
+  function handleExpand(expanded: boolean) {
+    isExpanded.value = expanded
+  }
+
+  // 栅格占据的列数
+  const setSpan = (span: number) => {
+    return {
+      span: span,
+      xs: 24, // 手机：满宽显示
+      sm: span >= 12 ? span : 12, // 平板：大于等于12保持，否则用半宽
+      md: span >= 8 ? span : 8, // 中等屏幕：大于等于8保持，否则用三分之一宽
+      lg: span,
+      xl: span
+    }
+  }
+</script>
--- a/server/.env.example
+++ b/server/.env.example
@@ -16,6 +16,9 @@ REDIS_PORT = 6379
 REDIS_PASSWORD = ''
 REDIS_DB = 0

+# 游戏地址，用于 /api/v1/getGameUrl 返回
+GAME_URL = dice-game.yuliao666.top
+
 # API 鉴权与用户（可选，不填则用默认值）
 # authToken 签名密钥（必填，与客户端约定，用于 signature 校验）
 API_AUTH_TOKEN_SECRET = xF75oK91TQj13s0UmNIr1NBWMWGfflNO
--- a/server/app/api/cache/AuthTokenCache.php
+++ b/server/app/api/cache/AuthTokenCache.php
@@ -0,0 +1,83 @@
+<?php
+declare(strict_types=1);
+
+namespace app\api\cache;
+
+use support\think\Cache;
+
+/**
+ * 平台 auth-token Redis 缓存
+ * 用于 /api/v1/authToken 鉴权接口颁发的 token 存储与校验
+ */
+class AuthTokenCache
+{
+    private static function devicePrefix(): string
+    {
+        return config('api.auth_token_device_prefix', 'api:auth_token:');
+    }
+
+    private static function tokenPrefix(): string
+    {
+        return config('api.auth_token_prefix', 'api:auth_token:t:');
+    }
+
+    private static function expire(): int
+    {
+        return (int) config('api.auth_token_exp', 86400);
+    }
+
+    /**
+     * 存储 auth-token（同一 agent_id 只保留最新一个）
+     * @param string $agentId 代理 ID
+     * @param string $token 生成的 auth-token
+     */
+    public static function setToken(string $agentId, string $token): bool
+    {
+        if ($agentId === '' || $token === '') {
+            return false;
+        }
+        $exp = self::expire();
+        if ($exp <= 0) {
+            return false;
+        }
+        $oldToken = Cache::get(self::devicePrefix() . $agentId);
+        if ($oldToken !== null && $oldToken !== '') {
+            Cache::delete(self::tokenPrefix() . $oldToken);
+        }
+        Cache::set(self::tokenPrefix() . $token, $agentId, $exp);
+        Cache::set(self::devicePrefix() . $agentId, $token, $exp);
+        return true;
+    }
+
+    /**
+     * 根据 agent_id 获取当前有效的 token，不存在或已过期返回 null
+     */
+    public static function getTokenByAgentId(string $agentId): ?string
+    {
+        if ($agentId === '') {
+            return null;
+        }
+        $val = Cache::get(self::devicePrefix() . $agentId);
+        return $val !== null && $val !== '' ? (string) $val : null;
+    }
+
+    /**
+     * 根据 auth-token 获取 agent_id，不存在或已过期返回 null
+     */
+    public static function getAgentIdByToken(string $token): ?string
+    {
+        if ($token === '') {
+            return null;
+        }
+        $val = Cache::get(self::tokenPrefix() . $token);
+        return $val !== null && $val !== '' ? (string) $val : null;
+    }
+
+    /**
+     * 校验 auth-token 是否有效
+     */
+    public static function isValidToken(string $token): bool
+    {
+        return self::getAgentIdByToken($token) !== null;
+    }
+}
--- a/server/app/api/controller/v1/AuthTokenController.php
+++ b/server/app/api/controller/v1/AuthTokenController.php
@@ -0,0 +1,73 @@
+<?php
+declare(strict_types=1);
+
+namespace app\api\controller\v1;
+
+use app\api\cache\AuthTokenCache;
+use app\api\util\ReturnCode;
+use plugin\saiadmin\basic\OpenController;
+use support\Request;
+use support\Response;
+use Tinywan\Jwt\JwtToken;
+
+/**
+ * 平台鉴权接口
+ * 鉴权接口：/api/v1/authtoken
+ * GET 参数：signature, secret, time, agent_id
+ * 签名：signature = md5(agent_id.secret.time)
+ */
+class AuthTokenController extends OpenController
+{
+    /**
+     * 获取 auth-token
+     * GET 参数：signature, secret, time, agent_id
+     * 返回 authtoken，后续 /api/v1/* 接口需在请求头携带 auth-token
+     */
+    public function index(Request $request): Response
+    {
+        $agentId = trim((string) ($request->get('agent_id', '')));
+        $secret = trim((string) ($request->get('secret', '')));
+        $time = trim((string) ($request->get('time', '')));
+        $signature = trim((string) ($request->get('signature', '')));
+
+        if ($agentId === '' || $secret === '' || $time === '' || $signature === '') {
+            return $this->fail('缺少参数：agent_id、secret、time、signature 不能为空', ReturnCode::PARAMS_ERROR);
+        }
+
+        $expectedSecret = config('api.auth_token_secret', '');
+        if ($expectedSecret === '') {
+            return $this->fail('服务端未配置 API_AUTH_TOKEN_SECRET', ReturnCode::SERVER_ERROR);
+        }
+        if ($secret !== $expectedSecret) {
+            return $this->fail('密钥错误', ReturnCode::FORBIDDEN);
+        }
+
+        $timeVal = (int) $time;
+        $tolerance = (int) config('api.auth_token_time_tolerance', 300);
+        $now = time();
+        if ($timeVal < $now - $tolerance || $timeVal > $now + $tolerance) {
+            return $this->fail('时间戳已过期或无效，请同步时间', ReturnCode::FORBIDDEN);
+        }
+
+        $expectedSignature = md5($agentId . $secret . $time);
+        if ($signature !== $expectedSignature) {
+            return $this->fail('签名验证失败', ReturnCode::FORBIDDEN);
+        }
+
+        $exp = (int) config('api.auth_token_exp', 86400);
+        $tokenResult = JwtToken::generateToken([
+            'id' => 0,
+            'agent_id' => $agentId,
+            'plat' => 'api_auth_token',
+            'access_exp' => $exp,
+        ]);
+        $token = $tokenResult['access_token'];
+        if (!AuthTokenCache::setToken($agentId, $token)) {
+            return $this->fail('生成 token 失败', ReturnCode::SERVER_ERROR);
+        }
+
+        return $this->success([
+            'authtoken' => $token,
+        ]);
+    }
+}
--- a/server/app/api/controller/v1/GameController.php
+++ b/server/app/api/controller/v1/GameController.php
@@ -0,0 +1,55 @@
+<?php
+declare(strict_types=1);
+
+namespace app\api\controller\v1;
+
+use app\api\logic\UserLogic;
+use app\api\util\ReturnCode;
+use plugin\saiadmin\basic\OpenController;
+use support\Request;
+use support\Response;
+
+/**
+ * 平台 v1 游戏接口
+ * 获取进入游戏：/api/v1/getGameUrl
+ * 请求头：auth-token
+ * POST 参数：username, password（默认123456）, time
+ */
+class GameController extends OpenController
+{
+    /**
+     * 获取游戏地址
+     * 根据 username 创建登录 token（JWT），拼接游戏地址返回
+     */
+    public function getGameUrl(Request $request): Response
+    {
+        $username = trim((string) ($request->post('username', '')));
+        $password = trim((string) ($request->post('password', '123456')));
+        $time = trim((string) ($request->post('time', '')));
+
+        if ($username === '') {
+            return $this->fail('username 不能为空', ReturnCode::PARAMS_ERROR);
+        }
+        if ($password === '') {
+            $password = '123456';
+        }
+        if ($time === '') {
+            $time = (string) time();
+        }
+
+        try {
+            $logic = new UserLogic();
+            $result = $logic->loginByUsername($username, $password, 'chs', 0.0, $time);
+        } catch (\plugin\saiadmin\exception\ApiException $e) {
+            return $this->fail($e->getMessage(), ReturnCode::PARAMS_ERROR);
+        }
+
+        $gameUrlBase = rtrim(config('api.game_url', 'dice-game.yuliao666.top'), '/');
+        $tokenInUrl = str_replace('%3D', '=', urlencode($result['token']));
+        $url = $gameUrlBase . '/?token=' . $tokenInUrl;
+
+        return $this->success([
+            'url' => $url,
+        ]);
+    }
+}
--- a/server/app/api/middleware/AuthTokenMiddleware.php
+++ b/server/app/api/middleware/AuthTokenMiddleware.php
@@ -0,0 +1,58 @@
+<?php
+declare(strict_types=1);
+
+namespace app\api\middleware;
+
+use app\api\cache\AuthTokenCache;
+use app\api\util\ReturnCode;
+use plugin\saiadmin\exception\ApiException;
+use Tinywan\Jwt\JwtToken;
+use Tinywan\Jwt\Exception\JwtTokenException;
+use Tinywan\Jwt\Exception\JwtTokenExpiredException;
+use Webman\Http\Request;
+use Webman\Http\Response;
+use Webman\MiddlewareInterface;
+
+/**
+ * 校验 auth-token 请求头（JWT）
+ * 用于 /api/v1/* 接口（除 /api/v1/authtoken 外）
+ * 请求头需携带 auth-token，通过后注入 request->agent_id
+ */
+class AuthTokenMiddleware implements MiddlewareInterface
+{
+    public function process(Request $request, callable $handler): Response
+    {
+        $token = $request->header('auth-token');
+        $token = $token !== null ? trim((string) $token) : '';
+        if ($token === '') {
+            throw new ApiException('请携带 auth-token', ReturnCode::UNAUTHORIZED);
+        }
+
+        try {
+            $decoded = JwtToken::verify(1, $token);
+        } catch (JwtTokenExpiredException $e) {
+            throw new ApiException('auth-token 已过期', ReturnCode::TOKEN_INVALID);
+        } catch (JwtTokenException $e) {
+            throw new ApiException('auth-token 无效', ReturnCode::TOKEN_INVALID);
+        } catch (\Throwable $e) {
+            throw new ApiException('auth-token 格式无效', ReturnCode::TOKEN_INVALID);
+        }
+
+        $extend = $decoded['extend'] ?? [];
+        if ((string) ($extend['plat'] ?? '') !== 'api_auth_token') {
+            throw new ApiException('auth-token 无效', ReturnCode::TOKEN_INVALID);
+        }
+        $agentId = trim((string) ($extend['agent_id'] ?? ''));
+        if ($agentId === '') {
+            throw new ApiException('auth-token 无效', ReturnCode::TOKEN_INVALID);
+        }
+
+        $currentToken = AuthTokenCache::getTokenByAgentId($agentId);
+        if ($currentToken === null || $currentToken !== $token) {
+            throw new ApiException('auth-token 无效或已失效', ReturnCode::TOKEN_INVALID);
+        }
+
+        $request->agent_id = $agentId;
+        return $handler($request);
+    }
+}
--- a/server/app/channel/controller/manage/ChannelManageController.php
+++ b/server/app/channel/controller/manage/ChannelManageController.php
@@ -0,0 +1,217 @@
+<?php
+// +----------------------------------------------------------------------
+// | saiadmin [ saiadmin快速开发框架 ]
+// +----------------------------------------------------------------------
+// | Author: your name
+// +----------------------------------------------------------------------
+namespace app\channel\controller\manage;
+
+use plugin\saiadmin\basic\BaseController;
+use app\channel\logic\manage\ChannelManageLogic;
+use app\channel\validate\manage\ChannelManageValidate;
+use plugin\saiadmin\app\model\system\SystemUser;
+use plugin\saiadmin\service\Permission;
+use support\Request;
+use support\Response;
+
+/**
+ * 渠道控制器
+ */
+class ChannelManageController extends BaseController
+{
+    /**
+     * 构造函数
+     */
+    public function __construct()
+    {
+        $this->logic = new ChannelManageLogic();
+        $this->validate = new ChannelManageValidate;
+        parent::__construct();
+    }
+
+    /**
+     * 数据列表
+     * @param Request $request
+     * @return Response
+     */
+    #[Permission('渠道列表', 'channel:manage:index:index')]
+    public function index(Request $request): Response
+    {
+        $where = $request->more([
+            ['name', ''],
+            ['title', ''],
+            ['status', ''],
+            ['total_recharge', ''],
+            ['total_withdrawal', ''],
+            ['total_profit', ''],
+        ]);
+        $query = $this->logic->search($where);
+        // 不使用 with('admin')：SystemUser 为 Think 模型，与 Eloquent 混用会触发 getConnectionName 报错，改为手动填充
+        $data = $this->logic->getList($query);
+        $data['data'] = $this->attachAdminToRows($data['data'] ?? []);
+        return $this->success($data);
+    }
+
+    /**
+     * 读取数据
+     * @param Request $request
+     * @return Response
+     */
+    #[Permission('渠道读取', 'channel:manage:index:read')]
+    public function read(Request $request): Response
+    {
+        $id = $request->input('id', '');
+        $model = $this->logic->read($id);
+        if ($model) {
+            $data = is_array($model) ? $model : $model->toArray();
+            return $this->success($data);
+        } else {
+            return $this->fail('未查找到信息');
+        }
+    }
+
+    /**
+     * 保存数据
+     * @param Request $request
+     * @return Response
+     */
+    #[Permission('渠道添加', 'channel:manage:index:save')]
+    public function save(Request $request): Response
+    {
+        $data = $request->post();
+        $data['agent'] = md5((string)($data['name'] ?? '') . (string)($data['admin_id'] ?? ''));
+        $this->validate('save', $data);
+        $result = $this->logic->add($data);
+        if ($result) {
+            return $this->success('添加成功');
+        } else {
+            return $this->fail('添加失败');
+        }
+    }
+
+    /**
+     * 更新数据
+     * @param Request $request
+     * @return Response
+     */
+    #[Permission('渠道修改', 'channel:manage:index:update')]
+    public function update(Request $request): Response
+    {
+        $data = $request->post();
+        $data['agent'] = md5((string)($data['name'] ?? '') . (string)($data['admin_id'] ?? ''));
+        $this->validate('update', $data);
+        $result = $this->logic->edit($data['id'], $data);
+        if ($result) {
+            return $this->success('修改成功');
+        } else {
+            return $this->fail('修改失败');
+        }
+    }
+
+    /**
+     * 仅更新状态（列表内开关用）
+     * @param Request $request
+     * @return Response
+     */
+    #[Permission('渠道管理-更新状态', 'channel:manage:index:update')]
+    public function updateStatus(Request $request): Response
+    {
+        $id = $request->input('id');
+        $status = $request->input('status');
+        if ($id === null || $id === '') {
+            return $this->fail('缺少 id');
+        }
+        if ($status === null || $status === '') {
+            return $this->fail('缺少 status');
+        }
+        $this->logic->edit($id, ['status' => (int) $status]);
+        return $this->success('修改成功');
+    }
+
+    /**
+     * 删除数据
+     * @param Request $request
+     * @return Response
+     */
+    #[Permission('渠道删除', 'channel:manage:index:destroy')]
+    public function destroy(Request $request): Response
+    {
+        $ids = $request->post('ids', '');
+        if (empty($ids)) {
+            return $this->fail('请选择要删除的数据');
+        }
+        $result = $this->logic->destroy($ids);
+        if ($result) {
+            return $this->success('删除成功');
+        } else {
+            return $this->fail('删除失败');
+        }
+    }
+
+    /**
+     * 获取管理员下拉列表（远程关联 SystemUser：value=id, label=name）
+     * @param Request $request
+     * @return Response
+     */
+    #[Permission('渠道管理员列表', 'channel:manage:index:index')]
+    public function getAdminList(Request $request): Response
+    {
+        $list = SystemUser::where('status', 1)
+            ->field('id, username, realname')
+            ->select();
+        $rows = $list->toArray();
+        $data = array_map(function ($row) {
+            $name = !empty($row['realname']) && trim($row['realname']) !== ''
+                ? trim($row['realname'])
+                : ($row['username'] ?? '#' . $row['id']);
+            return [
+                'id' => $row['id'],
+                'name' => $name,
+            ];
+        }, $rows);
+        return $this->success($data);
+    }
+
+    /**
+     * 为列表行附加管理员信息（避免 Eloquent with(Think 模型) 触发 getConnectionName 报错）
+     * @param array $rows 列表行，可为 Eloquent 模型或数组
+     * @return array 已附加 admin 的列表
+     */
+    protected function attachAdminToRows(array $rows): array
+    {
+        if (empty($rows)) {
+            return $rows;
+        }
+        $adminIds = [];
+        foreach ($rows as $row) {
+            $id = is_array($row) ? ($row['admin_id'] ?? null) : $row->admin_id;
+            if ($id !== null && $id !== '') {
+                $adminIds[(string) $id] = true;
+            }
+        }
+        $adminIds = array_keys($adminIds);
+        if (empty($adminIds)) {
+            return $rows;
+        }
+        $admins = SystemUser::whereIn('id', $adminIds)
+            ->field('id, username, realname')
+            ->select()
+            ->toArray();
+        $map = [];
+        foreach ($admins as $a) {
+            $map[(string) ($a['id'] ?? '')] = $a;
+        }
+        foreach ($rows as &$row) {
+            $aid = is_array($row) ? ($row['admin_id'] ?? null) : $row->admin_id;
+            $admin = $map[(string) ($aid ?? '')] ?? null;
+            if (is_array($row)) {
+                $row['admin'] = $admin;
+            } else {
+                $row->setAttribute('admin', $admin);
+            }
+        }
+        unset($row);
+        return $rows;
+    }
+
+}
--- a/server/app/channel/logic/manage/ChannelManageLogic.php
+++ b/server/app/channel/logic/manage/ChannelManageLogic.php
@@ -0,0 +1,27 @@
+<?php
+// +----------------------------------------------------------------------
+// | saiadmin [ saiadmin快速开发框架 ]
+// +----------------------------------------------------------------------
+// | Author: your name
+// +----------------------------------------------------------------------
+namespace app\channel\logic\manage;
+
+use plugin\saiadmin\basic\eloquent\BaseLogic;
+use plugin\saiadmin\exception\ApiException;
+use plugin\saiadmin\utils\Helper;
+use app\channel\model\manage\ChannelManage;
+
+/**
+ * 渠道逻辑层
+ */
+class ChannelManageLogic extends BaseLogic
+{
+    /**
+     * 构造函数
+     */
+    public function __construct()
+    {
+        $this->model = new ChannelManage();
+    }
+
+}
--- a/server/app/channel/model/manage/ChannelManage.php
+++ b/server/app/channel/model/manage/ChannelManage.php
@@ -0,0 +1,103 @@
+<?php
+// +----------------------------------------------------------------------
+// | saiadmin [ saiadmin快速开发框架 ]
+// +----------------------------------------------------------------------
+// | Author: your name
+// +----------------------------------------------------------------------
+namespace app\channel\model\manage;
+
+use plugin\saiadmin\app\model\system\SystemUser;
+use plugin\saiadmin\basic\eloquent\BaseModel;
+
+/**
+ * 渠道模型
+ *
+ * channel_manage 渠道
+ * @property  $id ID
+ * @property  $name 名称
+ * @property  $title 标题
+ * @property  $status 状态
+ * @property  $admin_id 管理员
+ * @property  $game_url 游戏地址
+ * @property  $image 图标
+ * @property  $agent 代理agent
+ * @property  $ip_white IP白名单
+ * @property  $total_recharge 总充值
+ * @property  $total_withdrawal 总提现
+ * @property  $total_profit 总盈利
+ * @property  $player_count 玩家数量
+ * @property  $create_time 创建时间
+ * @property  $update_time 更新时间
+ */
+class ChannelManage extends BaseModel
+{
+    /**
+     * 数据表主键
+     * @var string
+     */
+    protected $primaryKey = 'id';
+
+    /**
+     * 数据库表名称
+     * @var string
+     */
+    protected $table = 'channel_manage';
+
+    /**
+     * 属性转换
+     */
+    protected function casts(): array
+    {
+        return array_merge(parent::casts(), [
+        ]);
+    }
+    /**
+     * 名称 搜索
+     */
+    public function searchNameAttr($query, $value)
+    {
+        $query->where('name', 'like', '%'.$value.'%');
+    }
+
+    /**
+     * 标题 搜索
+     */
+    public function searchTitleAttr($query, $value)
+    {
+        $query->where('title', 'like', '%'.$value.'%');
+    }
+
+    /**
+     * 总充值 搜索
+     */
+    public function searchTotalRechargeAttr($query, $value)
+    {
+        $query->where('total_recharge', '>=', $value);
+    }
+
+    /**
+     * 总提现 搜索
+     */
+    public function searchTotalWithdrawalAttr($query, $value)
+    {
+        $query->where('total_withdrawal', '>=', $value);
+    }
+
+    /**
+     * 总盈利 搜索
+     */
+    public function searchTotalProfitAttr($query, $value)
+    {
+        $query->where('total_profit', '>=', $value);
+    }
+
+    /**
+     * 管理员
+     * 关联模型 systemUser
+     */
+    public function admin(): \Illuminate\Database\Eloquent\Relations\BelongsTo
+    {
+        return $this->belongsTo(SystemUser::class, 'admin_id', 'id');
+    }
+
+}
--- a/server/app/channel/validate/manage/ChannelManageValidate.php
+++ b/server/app/channel/validate/manage/ChannelManageValidate.php
@@ -0,0 +1,58 @@
+<?php
+// +----------------------------------------------------------------------
+// | saiadmin [ saiadmin快速开发框架 ]
+// +----------------------------------------------------------------------
+// | Author: your name
+// +----------------------------------------------------------------------
+namespace app\channel\validate\manage;
+
+use plugin\saiadmin\basic\BaseValidate;
+
+/**
+ * 渠道验证器
+ */
+class ChannelManageValidate extends BaseValidate
+{
+    /**
+     * 定义验证规则
+     */
+    protected $rule =   [
+        'name' => 'require',
+        'title' => 'require',
+        'admin_id' => 'require',
+        'game_url' => 'require',
+        'image' => 'require',
+    ];
+
+    /**
+     * 定义错误信息
+     */
+    protected $message  =   [
+        'name' => '名称必须填写',
+        'title' => '标题必须填写',
+        'admin_id' => '管理员必须填写',
+        'game_url' => '游戏地址必须填写',
+        'image' => '图标必须填写',
+    ];
+
+    /**
+     * 定义场景（agent 由后端按 md5(name.admin_id) 自动生成，无需校验）
+     */
+    protected $scene = [
+        'save' => [
+            'name',
+            'title',
+            'admin_id',
+            'game_url',
+            'image',
+        ],
+        'update' => [
+            'name',
+            'title',
+            'admin_id',
+            'game_url',
+            'image',
+        ],
+    ];
+
+}
--- a/server/config/api.php
+++ b/server/config/api.php
@@ -5,6 +5,8 @@
 return [
    // 登录成功返回的连接地址前缀，如 https://127.0.0.1:6777
    'login_url_base' => env('API_LOGIN_URL_BASE', 'https://127.0.0.1:6777'),
+    // 游戏地址，用于 /api/v1/getGameUrl 返回拼接 token
+    'game_url' => env('GAME_URL', 'dice-game.yuliao666.top'),
    // 按 username 存储的登录会话 Redis key 前缀，用于 token 中间件校验
    'session_username_prefix' => env('API_SESSION_USERNAME_PREFIX', 'api:user:session:'),
    // 登录会话过期时间（秒），默认 7 天
@@ -17,6 +19,8 @@ return [
    'auth_token_exp' => (int) env('API_AUTH_TOKEN_EXP', 86400),
    // auth-token 按设备存储的 Redis key 前缀（同一设备只保留最新一个 auth-token）
    'auth_token_device_prefix' => env('API_AUTH_TOKEN_DEVICE_PREFIX', 'api:auth_token:'),
+    // auth-token 按 token 存储的 Redis key 前缀（用于校验 auth-token 请求头）
+    'auth_token_prefix' => env('API_AUTH_TOKEN_PREFIX', 'api:auth_token:t:'),
    // user-token 有效期（秒），默认 7 天
    'user_token_exp' => (int) env('API_USER_TOKEN_EXP', 604800),
    // 按用户存储当前有效 user-token 的 Redis key 前缀（同一用户仅保留最新一次登录的 token）
--- a/server/config/route.php
+++ b/server/config/route.php
@@ -14,6 +14,19 @@

 use Webman\Route;
 use app\api\middleware\TokenMiddleware;
+use app\api\middleware\AuthTokenMiddleware;
+
+// 平台鉴权接口：/api/v1/authToken，请求头 signature/secret/time/agent_id，返回 authtToken
+Route::group('/api/v1', function () {
+    Route::any('/authToken', [app\api\controller\v1\AuthTokenController::class, 'index']);
+})->middleware([]);
+
+// 平台 v1 接口：需在请求头携带 auth-token
+Route::group('/api/v1', function () {
+    Route::any('/getGameUrl', [app\api\controller\v1\GameController::class, 'getGameUrl']);
+})->middleware([
+    AuthTokenMiddleware::class,
+]);

 // 登录接口：无需 token，提交 JSON 获取带 token 的连接地址
 Route::group('/api', function () {
Author	SHA1	Message	Date
zhenhui	e726fc3041	[接口v1]对接平台API-鉴权authtoken接口和getGameUrl接口	2026-03-09 13:50:32 +08:00
zhenhui	a37da0b6f5	[菜单]渠道管理	2026-03-09 11:14:34 +08:00