login

app/Controller/IndexController.php

@@ -57,9 +57,11 @@ class IndexController extends AbstractController
         //重写验证码
         $result = $code->DrawCode((string)$img_code);
         $img_code = $result->getImageCode();
+        $code_uniqid = uniqid("code");
         //写入缓存 用于其他方法验证 并且设置过期时间
-        $redis->set('code'.$ip,$img_code,60000);
-        return $result?Result::success($result->getImageBase64()):Result::error('失败');
+        $redis->set($code_uniqid,$img_code,60000);
+
+        return $result?Result::success(['code'=>$code_uniqid,'img'=>$result->getImageBase64()]):Result::error('失败');
 //        return $result->getImageBase64();
 
     }

app/Controller/LoginController.php

@@ -28,8 +28,6 @@ class LoginController extends AbstractController
     private $userServiceClient;
     public function login(Jwt $jwt)
     {
-        var_dump("我要登陆了");
-//        $this->logger->info("验证之前");
 
         $reqData = $this->request->all();
         $validator = $this->validationFactory->make(
@@ -38,11 +36,13 @@ class LoginController extends AbstractController
                 'username' => 'required',
                 'password' => 'required',
                 'type' => 'required',
+                'code' => 'required',
             ],
             [
                 'username.required' => '用户名不能为空',
                 'password.required' => '密码不能为空',
                 'type.required' => '登录方式必填',
+                'code.required' => 'code方式必填',
             ]
         );
 
@@ -50,72 +50,58 @@ class LoginController extends AbstractController
             $errorMessage = $validator->errors()->first();
             return Result::error($errorMessage);
         }
-        $comm = new CommonService();
-        $ip = $comm->userIp();
+//        $comm = new CommonService();
         $redis = $this->container->get(\Hyperf\Redis\Redis::class);
-        $code = $redis->get('code' . $ip);
+        $code = $redis->get($reqData['code']);
         if (empty($code)) {
             return Result::error("验证码已过期");
         }
-        var_dump("验证码：", $code);
-        var_dump((strtolower($code) . strtolower($reqData['captcha'])));
         if (strtolower($code) != strtolower($reqData['captcha'])) {
             return Result::error("验证码错误");
         }
-        //$reqData
         $where = [];
         if ($reqData['type'] == 1) { //密码登录
             $where = [
                 'user_name' => $reqData['username'],
             ];
-        } 
-        // var_dump("where：", $where);
-//        $this->logger->info("验证之前");
+        }
         $userInfos = $this->userServiceClient->verifyUserInfo($where);
         if ($userInfos['code'] == 0) {
             return Result::error("用户不存在");
         }
-    //    var_dump("数据：",$userInfos);
         if($userInfos['data']['status']==0){
             return Result::error("用户已经冻结");
         }
-    //    var_dump("用户信息：", $userInfos);
-//        $this->logger->info("验证用户返回值：", $userInfos);
         if (md5(md5($reqData['password']) . $userInfos['data']['salt']) != $userInfos['data']['password']) {
             return Result::error("登陆密码错误");
         }
+        if($userInfos['data']['type_id']!=10000){
+            $authData = [
+                'id'=>$userInfos['data']['sszq']
+            ];
+           $resultAuth =  $this->checkUserAuth($authData);
+           if(!$resultAuth){
+               return Result::error("您没有权限登陆此网站");
+           }
+        }
         $userData = [
             'uid' => $userInfos['data']['id'], // 如果使用单点登录，必须存在配置文件中的sso_key的值，一般设置为用户的id
             'user_name' => $userInfos['data']['user_name'],
             'mobile' => $userInfos['data']['mobile'],
             'email' => $userInfos['data']['email'],
-            // 'rong_token' => $userInfos['data']['rong_token'],
             'level_id' => $userInfos['data']['level_id'],
             'type_id' => $userInfos['data']['type_id'],
         ];
-    //    var_dump($userData);
         // 使用默认场景登录
         $token = $jwt->getToken('default', $userData);
-        // $out = $jwt->logout($token->toString());
-        // $a = $jwt->verifyToken($token->toString());
-        // 检查是否二次登录   测试
-        
         // 检查是否有旧的token
-        // var_dump("--------------",$token);
-        // return Result::success($a);
         $old_token = UserToken::where('user_id', $userData['uid'])->first();
-        // // var_dump("==============================old_token",$old_token->token->toString());
         if (!empty($old_token)) {
-        // //     var_dump("==============================out",$old_token->token);
                 $jwt->logout($old_token->token);
                 try {
                     $jwt->verifyToken($old_token->token);
-        //             // $a = $jwt->verifyToken($token);
-        //             var_dump("======:",$a);
                 }catch (\Exception $exception){
-                    var_dump("接收：",$exception->getCode());
-                    $code = $exception->getCode(); 
-                    // var_dump($code);
+                    $code = $exception->getCode();
                     if ($code== 400) {
                         $new_token = UserToken::where('user_id', $userData['uid'])->update(['token' => $token->toString()]);
                         if (empty($new_token)) {
@@ -126,24 +112,16 @@ class LoginController extends AbstractController
                         return Result::error("Token过期失败！");
                     }
                 }
-                 
-                var_dump("======:",$code);
-                // return Result::success($code);
-                
-
         }else{
-            // var_dump("==============================in",$token);
             $usernew_token = $token->toString();
             $user_token =  UserToken::create([
                 'user_id' => $userData['uid'],
                 'token' => $usernew_token
             ]);
-        // //     var_dump("==============================user_token",$token->toString());
             if (empty($user_token)) {
                 return Result::error("登录失败！");
             }
         }
-
         $data = [
             'token' => $token->toString(),
             'exp' => $jwt->getTTL($token->toString()),
@@ -329,4 +307,26 @@ class LoginController extends AbstractController
         var_dump($h['token'][0], "+++++++++++", $arr, "===####");
         return $this->response->json(['code' => 0, 'msg' => 'success', 'data' => ['a' => 1]]);
     }
+
+    /**
+     * 检测用户权限
+     * @return void
+     */
+    public function checkUserAuth($data)
+    {
+        $websiteGroup = [
+            'id'=>$data['id']
+        ];
+        $result = $this->userServiceClient->getWebsiteGroupInfo($websiteGroup);
+        var_dump("webids:",$result['data']['web_ids']);
+        if($result['code']==200){
+            if($data['siteId'] && $result['data']['web_ids']){
+                if(in_array($data['siteId'],$result['data']['web_ids'])){
+                    return true;
+                }
+            }else{
+                return false;
+            }
+        }
+    }
 }

app/JsonRpc/UserService.php

@@ -173,4 +173,12 @@ class UserService extends AbstractServiceClient implements UserServiceInterface
     public function updateUserAvatarNickname(array $data){
         return $this->__request(__FUNCTION__, $data); 
     }
+
+    /**
+     * @param array $data
+     * @return array|mixed
+     */
+    public function getWebsiteGroupInfo(array $data){
+        return $this->__request(__FUNCTION__, $data);
+    }
 }

app/JsonRpc/UserServiceInterface.php

@@ -114,4 +114,10 @@ interface UserServiceInterface
     public function resetPassword(array $data);
     public function updateUserAvatarNickname(array $data);
 
+    /**
+     * @param array $data
+     * @return mixed
+     */
+    public function getWebsiteGroupInfo(array $data);
+
 }

app/Middleware/Auth/PublicMiddleware.php

@@ -0,0 +1,88 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Middleware\Auth;
+
+use Hyperf\Di\Annotation\Inject;
+use Hyperf\HttpServer\Contract\RequestInterface;
+use Hyperf\HttpServer\Contract\ResponseInterface as HttpResponse;
+use Psr\Container\ContainerInterface;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\MiddlewareInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Hyperf\Context\Context;
+use App\JsonRpc\WebsiteServiceInterface;
+use Phper666\JWTAuth\JWT;
+class PublicMiddleware implements MiddlewareInterface
+{
+    protected ContainerInterface $container;
+
+    protected RequestInterface $request;
+
+    protected HttpResponse $response;
+    protected JWT $JWT;
+    /**
+     * @var WebsiteServiceInterface
+     */
+    #[Inject]
+    private $websiteServiceClient;
+    public function __construct(ContainerInterface $container, HttpResponse $response, RequestInterface $request,Jwt $JWT)
+    {
+        $this->container = $container;
+        $this->response = $response;
+        $this->request = $request;
+        $this->JWT = $JWT;
+
+    }
+
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+
+        $header = $request->getHeaders();
+        try {
+          
+            if($header &&  isset($header['userurl']) && $header['userurl'][0]!='null' && isset($header['userurl'][0])){
+                $origin = $header['userurl'][0];
+                $data = [
+                    'website_url'=>$origin
+                ];
+                $result = $this->websiteServiceClient->getWebsiteId($data);
+                if(!isset($result['data']['id']) || !$result['data']['id']){
+                    return $this->response->json(
+                        [
+                            'code' => -1,
+                            'data' => [],
+                            'message' => '网站不存在',
+                        ]
+                    );
+                }
+                // var_dump("获取站点id：",$result);
+                Context::set("SiteId",$result['data']['id']);
+                if ($result) {
+                    return $handler->handle($request);
+                }
+            }else{
+                return $this->response->json(
+                    [
+                        'code' => -1,
+                        'data' => [],
+                        'message' => 'userurl:必填',
+                    ]
+                );
+            }
+
+        }catch (\Exception $e){
+//            var_dump("错误消息：",$e->getMessage(),$e->getCode());
+            return $this->response->json(
+                [
+                    'code' => $e->getCode(),
+                    'data' => [],
+                    'message' => 'userurl必填：'.$e->getMessage(),
+                ]
+            );
+        }
+        return false;
+    }
+}

config/api/login.php

@@ -2,7 +2,14 @@
 
 declare (strict_types = 1);
 use Hyperf\HttpServer\Router\Router;
-Router::post('/api/login', 'App\Controller\LoginController@login');
+Router::addGroup(
+    '/api', function () {
+        Router::post('/login', 'App\Controller\LoginController@login');
+    },
+    ['middleware' => [\App\Middleware\Auth\PublicMiddleware::class]]
+);
+
+
 Router::post('/api/checkVerifyCode', 'App\Controller\LoginController@checkVerifyCode');
 Router::addRoute(['GET', 'POST'], '/getverifyCode', 'App\Controller\IndexController@getverifyCode');
 Router::post('/api/registerOrLogin', 'App\Controller\LoginController@registerOrLogin');