1

.env

@@ -1,33 +1,28 @@
 APP_NAME=admin_consumer
 APP_ENV=dev
-HOST = http://192.168.1.201:9501/
-
+HOST = 192.168.1.123:9501/
 DB_DRIVER=mysql
-DB_HOST=101.254.114.211
+DB_HOST=192.168.1.123
 DB_PORT=13306
 DB_DATABASE=hyperf
 DB_USERNAME=root
-DB_PASSWORD=xKmapDpKCxMMSkbe
+DB_PASSWORD=zxt_mysql_dev
 DB_CHARSET=utf8mb4
 DB_COLLATION=utf8mb4_unicode_ci
 DB_PREFIX=
 
 
-#REDIS_HOST=101.254.114.211
-#REDIS_AUTH=YPWWnFnNebc7427B
-#REDIS_PORT=26739
-#REDIS_DB=0
-
-
-REDIS_HOST=192.168.1.201
-REDIS_AUTH=
-REDIS_PORT=6379
+REDIS_HOST=192.168.1.123
+REDIS_AUTH=zxt_redis_dev
+REDIS_PORT=26739
 REDIS_DB=0
 
-AMQP_HOST=192.168.1.201
+
+AMQP_HOST=192.168.1.123
 AMQP_PORT=5672
-AMQP_USER=admin
-AMQP_PASSWORD=123456
+AMQP_USER=rabbitmq
+AMQP_PASSWORD=zxt_mq_dev
+
 
 
 #小程序获取openid

app/Controller/IndexController.php

@@ -58,9 +58,11 @@ class IndexController extends AbstractController
         //重写验证码
         $result = $code->DrawCode((string)$img_code);
         $img_code = $result->getImageCode();
+        $code_uniqid = uniqid("code");
         //写入缓存 用于其他方法验证 并且设置过期时间
-        $redis->set('code'.$ip,$img_code,60000);
-        return $result?Result::success($result->getImageBase64()):Result::error('失败');
+        $redis->set($code_uniqid,$img_code,60000);
+
+        return $result?Result::success(['code'=>$code_uniqid,'img'=>$result->getImageBase64()]):Result::error('失败');
 //        return $result->getImageBase64();
 
     }

app/Controller/LoginController.php

@@ -28,8 +28,6 @@ class LoginController extends AbstractController
     private $userServiceClient;
     public function login(Jwt $jwt)
     {
-        var_dump("我要登陆了");
-//        $this->logger->info("验证之前");
 
         $reqData = $this->request->all();
         $validator = $this->validationFactory->make(
@@ -38,11 +36,13 @@ class LoginController extends AbstractController
                 'username' => 'required',
                 'password' => 'required',
                 'type' => 'required',
+                'code' => 'required',
             ],
             [
                 'username.required' => '用户名不能为空',
                 'password.required' => '密码不能为空',
                 'type.required' => '登录方式必填',
+                'code.required' => 'code方式必填',
             ]
         );
 
@@ -50,75 +50,83 @@ class LoginController extends AbstractController
             $errorMessage = $validator->errors()->first();
             return Result::error($errorMessage);
         }
-        $comm = new CommonService();
-        $ip = $comm->userIp();
+//        $comm = new CommonService();
         $redis = $this->container->get(\Hyperf\Redis\Redis::class);
-        $code = $redis->get('code' . $ip);
+        $code = $redis->get($reqData['code']);
         if (empty($code)) {
             return Result::error("验证码已过期");
         }
-//        var_dump("验证码：", $code);
+
         if (strtolower($code) != strtolower($reqData['captcha'])) {
             return Result::error("验证码错误");
         }
-        //$reqData
         $where = [];
         if ($reqData['type'] == 1) { //密码登录
             $where = [
                 'user_name' => $reqData['username'],
             ];
         }
-//        $this->logger->info("验证之前");
+
         $userInfos = $this->userServiceClient->verifyUserInfo($where);
         if ($userInfos['code'] == 0) {
             return Result::error("用户不存在");
         }
-//        var_dump("数据：",$userInfos);
+
         if($userInfos['data']['status']==0){
             return Result::error("用户已经冻结");
         }
-//        var_dump("用户信息：", $userInfos);
-//        $this->logger->info("验证用户返回值：", $userInfos);
+
         if (md5(md5($reqData['password']) . $userInfos['data']['salt']) != $userInfos['data']['password']) {
             return Result::error("登陆密码错误");
         }
+        if($userInfos['data']['type_id']!=10000){
+            $authData = [
+                'id'=>$userInfos['data']['sszq']
+            ];
+           $resultAuth =  $this->checkUserAuth($authData);
+           if(!$resultAuth){
+               return Result::error("您没有权限登陆此网站");
+           }
+        }
         $userData = [
             'uid' => $userInfos['data']['id'], // 如果使用单点登录，必须存在配置文件中的sso_key的值，一般设置为用户的id
             'user_name' => $userInfos['data']['user_name'],
             'mobile' => $userInfos['data']['mobile'],
             'email' => $userInfos['data']['email'],
-            // 'rong_token' => $userInfos['data']['rong_token'],
             'level_id' => $userInfos['data']['level_id'],
             'type_id' => $userInfos['data']['type_id'],
         ];
-//        var_dump($userData);
+
         // 使用默认场景登录
         $token = $jwt->getToken('default', $userData);
-
-        // 检查是否二次登录
         // 检查是否有旧的token
-        // $old_token = UserToken::where('user_id', $userInfos['data']['id'])->orderBy('created_at')->first();
-        // var_dump("==============================old_token",$old_token);
-        // if (!empty($old_token)) {
-        //     if ($old_token->token != $token->toString()) {
-        //         $out = $jwt->logout('default', $userData);
-        //         if ($out != $old_token->token) {
-        //             $log_out = UserToken::where('user_id', $userInfos['data']['id'])->update(['token' => $out]);
-        //             var_dump("******************log_out",$log_out);
-        //         } else {
-        //             return Result::error("请不要重复登录！");
-        //         }
-        //     }
-        // }else{
-        //     $user_token =  UserToken::create([
-        //         'user_id' => $userInfos['data']['id'],
-        //         'token' => $token->toString()
-        //     ]);
-        //     var_dump("==============================user_token",$user_token);
-        //     if (!$user_token) {
-        //         return Result::error("登录失败！");
-        //     }
-        // }
+        $old_token = UserToken::where('user_id', $userData['uid'])->first();
+        if (!empty($old_token)) {
+                $jwt->logout($old_token->token);
+                try {
+                    $jwt->verifyToken($old_token->token);
+                }catch (\Exception $exception){
+                    $code = $exception->getCode();
+                    if ($code== 400) {
+                        $new_token = UserToken::where('user_id', $userData['uid'])->update(['token' => $token->toString()]);
+                        if (empty($new_token)) {
+                            return Result::error("Token过期失败！");
+                        }
+                        
+                    } else{
+                        return Result::error("Token过期失败！");
+                    }
+                }
+        }else{
+            $usernew_token = $token->toString();
+            $user_token =  UserToken::create([
+                'user_id' => $userData['uid'],
+                'token' => $usernew_token
+            ]);
+            if (empty($user_token)) {
+                return Result::error("登录失败！");
+            }
+        }
 
         $data = [
             'token' => $token->toString(),
@@ -305,4 +313,26 @@ class LoginController extends AbstractController
         var_dump($h['token'][0], "+++++++++++", $arr, "===####");
         return $this->response->json(['code' => 0, 'msg' => 'success', 'data' => ['a' => 1]]);
     }
+
+    /**
+     * 检测用户权限
+     * @return void
+     */
+    public function checkUserAuth($data)
+    {
+        $websiteGroup = [
+            'id'=>$data['id']
+        ];
+        $result = $this->userServiceClient->getWebsiteGroupInfo($websiteGroup);
+        var_dump("webids:",$result['data']['web_ids']);
+        if($result['code']==200){
+            if($data['siteId'] && $result['data']['web_ids']){
+                if(in_array($data['siteId'],$result['data']['web_ids'])){
+                    return true;
+                }
+            }else{
+                return false;
+            }
+        }
+    }
 }

app/JsonRpc/UserService.php

@@ -173,4 +173,12 @@ class UserService extends AbstractServiceClient implements UserServiceInterface
     public function updateUserAvatarNickname(array $data){
         return $this->__request(__FUNCTION__, $data); 
     }
+
+    /**
+     * @param array $data
+     * @return array|mixed
+     */
+    public function getWebsiteGroupInfo(array $data){
+        return $this->__request(__FUNCTION__, $data);
+    }
 }

app/JsonRpc/UserServiceInterface.php

@@ -114,4 +114,10 @@ interface UserServiceInterface
     public function resetPassword(array $data);
     public function updateUserAvatarNickname(array $data);
 
+    /**
+     * @param array $data
+     * @return mixed
+     */
+    public function getWebsiteGroupInfo(array $data);
+
 }

app/Middleware/Auth/PublicMiddleware.php

@@ -0,0 +1,88 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Middleware\Auth;
+
+use Hyperf\Di\Annotation\Inject;
+use Hyperf\HttpServer\Contract\RequestInterface;
+use Hyperf\HttpServer\Contract\ResponseInterface as HttpResponse;
+use Psr\Container\ContainerInterface;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\MiddlewareInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Hyperf\Context\Context;
+use App\JsonRpc\WebsiteServiceInterface;
+use Phper666\JWTAuth\JWT;
+class PublicMiddleware implements MiddlewareInterface
+{
+    protected ContainerInterface $container;
+
+    protected RequestInterface $request;
+
+    protected HttpResponse $response;
+    protected JWT $JWT;
+    /**
+     * @var WebsiteServiceInterface
+     */
+    #[Inject]
+    private $websiteServiceClient;
+    public function __construct(ContainerInterface $container, HttpResponse $response, RequestInterface $request,Jwt $JWT)
+    {
+        $this->container = $container;
+        $this->response = $response;
+        $this->request = $request;
+        $this->JWT = $JWT;
+
+    }
+
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+
+        $header = $request->getHeaders();
+        try {
+          
+            if($header &&  isset($header['userurl']) && $header['userurl'][0]!='null' && isset($header['userurl'][0])){
+                $origin = $header['userurl'][0];
+                $data = [
+                    'website_url'=>$origin
+                ];
+                $result = $this->websiteServiceClient->getWebsiteId($data);
+                if(!isset($result['data']['id']) || !$result['data']['id']){
+                    return $this->response->json(
+                        [
+                            'code' => -1,
+                            'data' => [],
+                            'message' => '网站不存在',
+                        ]
+                    );
+                }
+                // var_dump("获取站点id：",$result);
+                Context::set("SiteId",$result['data']['id']);
+                if ($result) {
+                    return $handler->handle($request);
+                }
+            }else{
+                return $this->response->json(
+                    [
+                        'code' => -1,
+                        'data' => [],
+                        'message' => 'userurl:必填',
+                    ]
+                );
+            }
+
+        }catch (\Exception $e){
+//            var_dump("错误消息：",$e->getMessage(),$e->getCode());
+            return $this->response->json(
+                [
+                    'code' => $e->getCode(),
+                    'data' => [],
+                    'message' => 'userurl必填：'.$e->getMessage(),
+                ]
+            );
+        }
+        return false;
+    }
+}

config/api/login.php

@@ -2,7 +2,14 @@
 
 declare (strict_types = 1);
 use Hyperf\HttpServer\Router\Router;
-Router::post('/api/login', 'App\Controller\LoginController@login');
+Router::addGroup(
+    '/api', function () {
+        Router::post('/login', 'App\Controller\LoginController@login');
+    },
+    ['middleware' => [\App\Middleware\Auth\PublicMiddleware::class]]
+);
+
+
 Router::post('/api/checkVerifyCode', 'App\Controller\LoginController@checkVerifyCode');
 
 Router::post('/api/registerOrLogin', 'App\Controller\LoginController@registerOrLogin');