|
|
@@ -17,6 +17,8 @@ use \Phper666\JWTAuth\JWT;
|
|
|
use App\Model\UserToken;
|
|
|
use Hyperf\HttpServer\Response;
|
|
|
use Hyperf\HttpMessage\Cookie\Cookie;
|
|
|
+use App\Controller\UserController;
|
|
|
+use App\JsonRpc\WebsiteServiceInterface;
|
|
|
/**
|
|
|
* @AutoController()
|
|
|
*/
|
|
|
@@ -25,19 +27,24 @@ class LoginController extends AbstractController
|
|
|
|
|
|
#[Inject]
|
|
|
protected ValidatorFactoryInterface $validationFactory;
|
|
|
-
|
|
|
+// protected JWT $JWT;
|
|
|
/**
|
|
|
* @var UserServiceInterface
|
|
|
*/
|
|
|
#[Inject]
|
|
|
private $userServiceClient;
|
|
|
+ /**
|
|
|
+ * @var WebsiteServiceInterface
|
|
|
+ */
|
|
|
+ #[Inject]
|
|
|
+ private $websiteServiceClient;
|
|
|
/**
|
|
|
* @var Response
|
|
|
*/
|
|
|
// private $response;
|
|
|
-// public function __construct(Response $response)
|
|
|
+// public function __construct(Jwt $JWT)
|
|
|
// {
|
|
|
-// $this->response = $response;
|
|
|
+// $this->JWT = $JWT;
|
|
|
// }
|
|
|
public function login(Jwt $jwt)
|
|
|
{
|
|
|
@@ -473,9 +480,19 @@ class LoginController extends AbstractController
|
|
|
var_dump("ticket1111:",$ticket);
|
|
|
if(!empty($ticket)){
|
|
|
if (!empty($ticket) && $redis->exists('ticket:' . $ticket)) {
|
|
|
+ if(isset($reqData['userurl']) && $reqData['userurl']){
|
|
|
+ $resultR = $this->checkAuth([
|
|
|
+ 'token'=>$redis->get('ticket:' . $ticket),
|
|
|
+ 'userurl'=>$reqData['userurl']
|
|
|
+ ]);
|
|
|
+ if($resultR['code']==-1){
|
|
|
+ return $this->response->redirect($this->fun_http('http://'.$theHost.'/#/loginAlert'), 302);
|
|
|
+ }
|
|
|
+ }else{
|
|
|
+ $backurl = rtrim($backurl, '/');
|
|
|
+ return $this->response->redirect($this->fun_http($backurl . '?ticket=' . $ticket . '&admintoken=' . urlencode($adminToken)), 302);
|
|
|
+ }
|
|
|
|
|
|
- $backurl = rtrim($backurl, '/');
|
|
|
- return $this->response->redirect($this->fun_http($backurl . '?ticket=' . $ticket . '&admintoken=' . urlencode($adminToken)), 302);
|
|
|
|
|
|
}else{
|
|
|
var_dump("222222222:");
|
|
|
@@ -644,5 +661,50 @@ class LoginController extends AbstractController
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+ /**
|
|
|
+ * 检测用户是否有权限
|
|
|
+ * @param $data
|
|
|
+ * @return void
|
|
|
+ * $data['token]
|
|
|
+ * $data['userurl']
|
|
|
+ */
|
|
|
+ public function checkAuth($data)
|
|
|
+ {
|
|
|
+ $jwt = new JWT();
|
|
|
+ $ver =$jwt->getClaimsByToken($data['token']);
|
|
|
+ $tokenTime = $jwt->getTokenDynamicCacheTime($data['token']);
|
|
|
+ if($tokenTime==0){
|
|
|
+ return Result::error("token已过期,请重新登录",-1);
|
|
|
+ }
|
|
|
+ if(isset($data['userurl']) && $data['userurl']){
|
|
|
+ $result = $this->websiteServiceClient->getWebsiteId(['website_url'=>$data['userurl']]);
|
|
|
+ if(!isset($result['data']['id']) || !$result['data']['id']){
|
|
|
+ return Result::error("网站不存在...",-1);
|
|
|
+ }
|
|
|
+ if($ver['type_id']!=10000){
|
|
|
+ $userInfo = $this->userServiceClient->getUserInfo($ver['uid']);
|
|
|
+ if($userInfo['code'] == 200 && isset($userInfo['data']) && !empty($userInfo['data']['sszq'])){
|
|
|
+ $sszq = $userInfo['data']['sszq'];
|
|
|
+ //组id
|
|
|
+ $authData = [
|
|
|
+ 'id' => $sszq,
|
|
|
+ 'SiteId' => $result['data']['id']
|
|
|
+ ];
|
|
|
+ // 调用 LoginController 中的 checkUserAuth 方法
|
|
|
+ $resultAuth = $this->checkUserAuth($authData);
|
|
|
+ if (!$resultAuth) {
|
|
|
+ // 如果没有权限,返回错误响应
|
|
|
+ return Result::error("没有权限登陆此网站...",-1);
|
|
|
+ }
|
|
|
+ }else{
|
|
|
+ return Result::error("用户没有群组...",-1);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }else{
|
|
|
+ return Result::error("userurl不能为空...",-1);
|
|
|
+ }
|
|
|
+
|
|
|
+ }
|
|
|
+
|
|
|
|
|
|
}
|
rkljw