mojiahui/webman-buildadmin-mall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

API接口-authtoken、redis

Browse Source
This commit is contained in:
zhenhui
2026-03-19 18:07:18 +08:00
parent 019b536a89
commit 4f61c9d7fc
11 changed files with 303 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
app/api/controller/v1/Auth.php Normal file
View File

@@ -0,0 +1,96 @@
<?php
declare(strict_types=1);
namespace app\api\controller\v1;
use app\common\controller\Api;
use app\common\library\AgentJwt;
use app\common\model\ChannelManage;
use app\admin\model\Admin;
use Webman\Http\Request;
use support\Response;
/**
* API v1 鉴权接口
*/
class Auth extends Api
{
/**
* Agent Token 类型
*/
public const TOKEN_TYPE = 'agent';
/**
* 时间戳有效范围(秒),防止重放攻击
*/
protected int $timeTolerance = 300;
/**
* 获取鉴权 Token
* 参数signature签名、secret密钥、agent_id代理、time时间戳
* 返回authtoken失败返回 code=0 及失败信息
*/
public function authToken(Request $request): Response
{
$response = $this->initializeApi($request);
if ($response !== null) {
return $response;
}
$signature = $request->post('signature', $request->get('signature', ''));
$secret = $request->post('secret', $request->get('secret', ''));
$agentId = $request->post('agent_id', $request->get('agent_id', ''));
$time = $request->post('time', $request->get('time', ''));
if ($signature === '' || $secret === '' || $agentId === '' || $time === '') {
return $this->error(__('Parameter %s can not be empty', ['signature/secret/agent_id/time']));
}
$timestamp = (int) $time;
if ($timestamp <= 0) {
return $this->error(__('Invalid timestamp'));
}
$now = time();
if ($timestamp < $now - $this->timeTolerance || $timestamp > $now + $this->timeTolerance) {
return $this->error(__('Timestamp expired'));
}
$admin = Admin::where('agent_id', $agentId)->find();
if (!$admin) {
return $this->error(__('Agent not found'));
}
$channelId = (int) ($admin->channel_id ?? 0);
if ($channelId <= 0) {
return $this->error(__('Agent not found'));
}
$channel = ChannelManage::where('id', $channelId)->find();
if (!$channel || $channel->secret === '') {
return $this->error(__('Agent not found'));
}
if ($channel->secret !== $secret) {
return $this->error(__('Invalid agent or secret'));
}
$expectedSignature = hash_hmac('sha256', $agentId . $time, $channel->secret);
if (!hash_equals($expectedSignature, $signature)) {
return $this->error(__('Invalid signature'));
}
$expire = (int) config('buildadmin.agent_auth.token_expire', 86400);
$payload = [
'agent_id' => $agentId,
'channel_id' => $channel->id,
'admin_id' => $admin->id,
];
$authtoken = AgentJwt::encode($payload, $expire);
return $this->success('', [
'authtoken' => $authtoken,
]);
}
}

6
app/api/lang/en.php
View File

@@ -12,6 +12,12 @@ return [
'Please login first' => 'Please login first',
'You have no permission' => 'No permission to operate',
'Captcha error' => 'Captcha error!',
'Parameter %s can not be empty' => 'Parameter %s can not be empty',
'Invalid timestamp' => 'Invalid timestamp',
'Timestamp expired' => 'Timestamp expired',
'Invalid agent or secret' => 'Invalid agent or secret',
'Invalid signature' => 'Invalid signature',
'Agent not found' => 'Agent not found',
// Member center account
'Data updated successfully~' => 'Data updated successfully~',
'Password has been changed~' => 'Password has been changed~',

6
app/api/lang/zh-cn.php
View File

@@ -42,6 +42,12 @@ return [
'Please login first' => '请先登录!',
'You have no permission' => '没有权限操作!',
'Parameter error' => '参数错误!',
'Parameter %s can not be empty' => '参数%s不能为空',
'Invalid timestamp' => '无效的时间戳',
'Timestamp expired' => '时间戳已过期',
'Invalid agent or secret' => '代理或密钥无效',
'Invalid signature' => '签名无效',
'Agent not found' => '代理不存在',
'Token expiration' => '登录态过期,请重新登录!',
'Captcha error' => '验证码错误!',
// 会员中心 account