数据库备份
This commit is contained in:
@@ -9,9 +9,7 @@ use Throwable;
|
||||
use app\common\controller\Api;
|
||||
use app\common\facade\Token;
|
||||
use app\common\library\Auth as UserAuth;
|
||||
use app\common\library\AgentJwt;
|
||||
use app\common\model\MallUserAsset;
|
||||
use app\admin\model\Admin;
|
||||
use Webman\Http\Request;
|
||||
use support\Response;
|
||||
|
||||
@@ -20,83 +18,12 @@ use support\Response;
|
||||
*/
|
||||
class Auth extends Api
|
||||
{
|
||||
/**
|
||||
* Agent Token 类型
|
||||
*/
|
||||
public const TOKEN_TYPE = 'agent';
|
||||
|
||||
/**
|
||||
* 时间戳有效范围(秒),防止重放攻击
|
||||
*/
|
||||
protected int $timeTolerance = 300;
|
||||
|
||||
/**
|
||||
* 临时登录 token 有效期(秒)
|
||||
*/
|
||||
protected int $tempTokenExpire = 86400;
|
||||
|
||||
/**
|
||||
* 获取鉴权 Token(GET 请求)
|
||||
* 参数仅从 Query 读取:signature、secret、agent_id、time
|
||||
* 返回:authtoken;失败返回 code=0 及失败信息
|
||||
*/
|
||||
public function authToken(Request $request): Response
|
||||
{
|
||||
$response = $this->initializeApi($request);
|
||||
if ($response !== null) {
|
||||
return $response;
|
||||
}
|
||||
|
||||
$signature = $request->get('signature', '');
|
||||
$secret = $request->get('secret', '');
|
||||
$agentId = $request->get('agent_id', '');
|
||||
$time = $request->get('time', '');
|
||||
|
||||
if ($signature === '' || $secret === '' || $agentId === '' || $time === '') {
|
||||
return $this->error(__('Parameter signature/secret/agent_id/time can not be empty'));
|
||||
}
|
||||
|
||||
$timestamp = intval($time);
|
||||
if ($timestamp <= 0) {
|
||||
return $this->error(__('Invalid timestamp'));
|
||||
}
|
||||
|
||||
$now = time();
|
||||
if ($timestamp < $now - $this->timeTolerance || $timestamp > $now + $this->timeTolerance) {
|
||||
return $this->error(__('Timestamp expired'));
|
||||
}
|
||||
|
||||
$admin = Admin::where('agent_id', $agentId)->find();
|
||||
if (!$admin) {
|
||||
return $this->error(__('Agent not found'));
|
||||
}
|
||||
|
||||
$apiSecret = strval($admin->agent_api_secret ?? '');
|
||||
if ($apiSecret === '') {
|
||||
return $this->error(__('Agent not found'));
|
||||
}
|
||||
|
||||
if ($apiSecret !== $secret) {
|
||||
return $this->error(__('Invalid agent or secret'));
|
||||
}
|
||||
|
||||
$expectedSignature = strtoupper(md5($agentId . $secret . $time));
|
||||
if (!hash_equals($expectedSignature, $signature)) {
|
||||
return $this->error(__('Invalid signature'));
|
||||
}
|
||||
|
||||
$expire = intval(config('buildadmin.agent_auth.token_expire', 86400));
|
||||
$payload = [
|
||||
'agent_id' => $agentId,
|
||||
'admin_id' => $admin->id,
|
||||
];
|
||||
$authtoken = AgentJwt::encode($payload, $expire);
|
||||
|
||||
return $this->success('', [
|
||||
'authtoken' => $authtoken,
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* H5 临时登录(GET/POST)
|
||||
* 参数:username
|
||||
@@ -109,7 +36,7 @@ class Auth extends Api
|
||||
return $response;
|
||||
}
|
||||
|
||||
$enabled = config('buildadmin.agent_auth.temp_login_enable', false);
|
||||
$enabled = config('buildadmin.temp_login.enable', false);
|
||||
if (!$enabled) {
|
||||
return $this->error(__('Temp login is disabled'));
|
||||
}
|
||||
@@ -145,7 +72,7 @@ class Auth extends Api
|
||||
|
||||
$token = Random::uuid();
|
||||
$refreshToken = Random::uuid();
|
||||
$expire = config('buildadmin.agent_auth.temp_login_expire', $this->tempTokenExpire);
|
||||
$expire = config('buildadmin.temp_login.expire', $this->tempTokenExpire);
|
||||
$assetId = intval($asset->getKey());
|
||||
Token::set($token, UserAuth::TOKEN_TYPE_MALL_USER, $assetId, $expire);
|
||||
Token::set($refreshToken, UserAuth::TOKEN_TYPE_MALL_USER . '-refresh', $assetId, 2592000);
|
||||
|
||||
@@ -43,7 +43,6 @@ return [
|
||||
'You have no permission' => 'No permission!',
|
||||
'Parameter error' => 'Parameter error!',
|
||||
'Parameter %s can not be empty' => 'Parameter %s cannot be empty',
|
||||
'Parameter signature/secret/agent_id/time can not be empty' => 'Parameter signature/secret/agent_id/time cannot be empty',
|
||||
'Invalid timestamp' => 'Invalid timestamp',
|
||||
'Timestamp expired' => 'Timestamp expired',
|
||||
'Invalid agent or secret' => 'Invalid agent or secret',
|
||||
|
||||
@@ -35,16 +35,15 @@ return [
|
||||
'Account not exist' => 'Akaun tidak wujud',
|
||||
'Account disabled' => 'Akaun dilumpuhkan',
|
||||
'Token login failed' => 'Log masuk token gagal',
|
||||
'Please try again after 1 day' => 'Percubaan gagal terlalu kerap, sila cuba semula selepas 1 hari',
|
||||
'Please try again after 1 day' => 'Percubaan gagal terlalu kerap, sila cuba semula selepas 24 jam',
|
||||
'Password is incorrect' => 'Kata laluan tidak betul',
|
||||
'You are not logged in' => 'Anda belum log masuk',
|
||||
'Unknown operation' => 'Operasi tidak diketahui',
|
||||
'No action available, please contact the administrator~' => 'Tiada tindakan tersedia, sila hubungi pentadbir~',
|
||||
'No action available, please contact the administrator~' => 'Tiada tindakan tersedia, sila hubungi pentadbir.',
|
||||
'Please login first' => 'Sila log masuk dahulu!',
|
||||
'You have no permission' => 'Tiada kebenaran!',
|
||||
'Parameter error' => 'Ralat parameter!',
|
||||
'Parameter %s can not be empty' => 'Parameter %s tidak boleh kosong',
|
||||
'Parameter signature/secret/agent_id/time can not be empty' => 'Parameter signature/secret/agent_id/time tidak boleh kosong',
|
||||
'Invalid timestamp' => 'Cap masa tidak sah',
|
||||
'Timestamp expired' => 'Cap masa tamat tempoh',
|
||||
'Invalid agent or secret' => 'Ejen atau rahsia tidak sah',
|
||||
|
||||
@@ -43,7 +43,6 @@ return [
|
||||
'You have no permission' => '没有权限操作!',
|
||||
'Parameter error' => '参数错误!',
|
||||
'Parameter %s can not be empty' => '参数%s不能为空',
|
||||
'Parameter signature/secret/agent_id/time can not be empty' => '参数 signature/secret/agent_id/time 不能为空',
|
||||
'Invalid timestamp' => '无效的时间戳',
|
||||
'Timestamp expired' => '时间戳已过期',
|
||||
'Invalid agent or secret' => '代理或密钥无效',
|
||||
|
||||
Reference in New Issue
Block a user