8f288c0317
【主 题】:登录token 验证测试 【描 述】: [原因]: [过程]: [影响]: 【结 束】 # 类型 包含: # feat:新功能(feature) # fix:修补bug # docs:文档(documentation) # style: 格式(不影响代码运行的变动) # refactor:重构(即不是新增功能,也不是修改bug的代码变动) # test:增加测试 # chore:构建过程或辅助工具的变动
154 lines
5.0 KiB
PHP
154 lines
5.0 KiB
PHP
<?php
|
|
|
|
namespace MpApi\Controller;
|
|
|
|
use Think\Controller;
|
|
use Firebase\JWT\JWT;
|
|
use Firebase\JWT\Key;
|
|
|
|
class PublicController extends Controller
|
|
{
|
|
//****************
|
|
//构造函数
|
|
//****************
|
|
protected $tokenShop_id;
|
|
public function __construct()
|
|
{
|
|
header("Access-Control-Allow-Origin: " . C('LimitApi')); //请求域名限制
|
|
header('Access-Control-Allow-Headers:Token'); //token请求头
|
|
// token 验证
|
|
$server = isset($_SERVER) ? $_SERVER : "";
|
|
$token = isset($server['HTTP_TOKEN']) && is_string($server['HTTP_TOKEN']) ? $server['HTTP_TOKEN'] : null;
|
|
// 如果 token 不存在,可以返回错误信息
|
|
if (!$token) {
|
|
echo json_encode(array('status' => -1, 'msg' => 'Token 不存在或无效!'));
|
|
exit();
|
|
}
|
|
$jwtKey = C('jwtKey'); // jwt密钥
|
|
try {
|
|
// 使用密钥和 HS256 算法对 JWT 进行解码
|
|
$jwt = JWT::decode($token, new Key($jwtKey, 'HS256'));
|
|
$res_token = (array) $jwt; // 将解码后的对象转换为数组
|
|
// token过期
|
|
if (empty($res_token)) {
|
|
echo json_encode(array('status' => -1, 'msg' => '帐号认证过期!'));
|
|
exit();
|
|
}
|
|
// token验证通过 获取shop_id
|
|
$this->tokenShop_id = $res_token['shop_id'];
|
|
} catch (Exception $e) {
|
|
// 捕获解码过程中可能的异常,并返回错误信息
|
|
echo json_encode(array('status' => -1, 'msg' => 'Token 无效: ' . $e->getMessage()));
|
|
exit();
|
|
}
|
|
}
|
|
/**
|
|
* @description: 总管理员 可接收任何shop_id 非总管理员 只可以调用自身shop_id 否则会中断
|
|
*/
|
|
protected function isPower()
|
|
{
|
|
if ($this->tokenShop_id != C('powerId')) { //非总管理员
|
|
if ($this->tokenShop_id != $_REQUEST['shop_id']) { // 提交的不是自己shopid退出
|
|
echo json_encode(array('status' => 0, 'msg' => '没有权限'));
|
|
exit;
|
|
}
|
|
}
|
|
}
|
|
/**
|
|
* @description: 远程调取页面 求情API
|
|
*/
|
|
protected function apiUrl($url, $data = null)
|
|
{
|
|
$ch = curl_init();
|
|
$header = array("Accept-Charset: utf-8"); // 将字符串改为数组
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
|
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)');
|
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
|
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
|
|
|
|
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
|
|
|
|
$output = curl_exec($ch);
|
|
curl_close($ch);
|
|
if ($output) {
|
|
return $output;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
/**
|
|
* @Description: 获取token
|
|
* @Return: token
|
|
*/
|
|
protected function getAccessToken()
|
|
{
|
|
$appId = C("weixin")['appid'];
|
|
$secret = C("weixin")['secret'];
|
|
//创建请求数据
|
|
$url_token = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid={$appId}&secret={$secret}";
|
|
$data_result = $this->apiUrl($url_token);
|
|
$jsoninfo = json_decode($data_result, true);
|
|
return $jsoninfo["access_token"];
|
|
}
|
|
/**
|
|
* @description: 中文字符串截取
|
|
* @param {*} $title 要截取的文本
|
|
* @param {*} $title 截取长度
|
|
* @return {*} 截取完成后的文本
|
|
*/
|
|
protected function str_substr($title, $length)
|
|
{
|
|
$encoding = 'utf-8';
|
|
if (mb_strlen($title, $encoding) > $length) {
|
|
$title = mb_substr($title, 0, $length, $encoding) . '...';
|
|
}
|
|
return $title;
|
|
}
|
|
/**
|
|
* @description: 文件上传公共方法
|
|
* @param {file} $file 表单文件
|
|
* @param {array} $exts 类型限制 ps: array('png', 'jpg', 'jpeg', 'gif')
|
|
* @param {file} $path 上传保存的路径
|
|
* @return {*} 上传信息
|
|
*/
|
|
protected function upload_images($file, $exts, $path)
|
|
{
|
|
$upload = new \Think\Upload(); // 实例化上传类
|
|
$upload->maxSize = 2097152; // 设置附件上传大小2M
|
|
$upload->exts = $exts; // 设置附件上传类型
|
|
$upload->rootPath = './Data/UploadFiles/'; // 设置附件上传根目录
|
|
$upload->savePath = ''; // 设置附件上传(子)目录
|
|
$upload->saveName = time() . mt_rand(100000, 999999); //文件名称创建时间戳+随机数
|
|
$upload->autoSub = true; //自动使用子目录保存上传文件 默认为true
|
|
$upload->subName = $path; //子目录创建方式,采用数组或者字符串方式定义
|
|
// 上传文件
|
|
$info = $upload->uploadOne($file);
|
|
if (!$info) { // 上传错误提示错误信息
|
|
return $upload->getError();
|
|
} else { // 上传成功 获取上传文件信息
|
|
return $info;
|
|
}
|
|
}
|
|
/**
|
|
* @description: element 图片上传控件 接收
|
|
*/
|
|
public function upImgFile()
|
|
{
|
|
if ($this->tokenShop_id) {
|
|
$upfile = $this->upload_images($_FILES["file"], array('png', 'jpg', 'jpeg', 'gif', 'svg'), 'temp');
|
|
if (is_array($upfile)) {
|
|
echo json_encode(array('status' => 1, 'msg' => '上传成功', 'data' => $upfile['savename']));
|
|
} else {
|
|
echo json_encode(array('status' => 0, 'msg' => $upfile));
|
|
}
|
|
} else {
|
|
echo json_encode(array('status' => 0, 'msg' => '登录异常'));
|
|
}
|
|
}
|
|
}
|