aexiaoliou
/
project-manager


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174
							<?php


namespace app\admin\controller;


use app\common\util\Result;
use think\App;
use think\Response;
use think\facade\Log;
use app\BaseController;
use app\common\ErrorCode;
use app\common\model\Admin;
use app\common\middleware\WriteLog;
use think\annotation\route\Middleware;
use think\exception\ValidateException;
use think\exception\HttpResponseException;

#[Middleware([WriteLog::class])]
class Base extends BaseController
{
    protected $checkTokenOpen = false; //是否校验token
    protected $checkApiSignOpen = false; //是否校验签名
    public $admin; //管理员


    public function __construct(App $app)
    {
        parent::__construct($app);
        if ($this->checkApiSignOpen) {
            $this->checkApiSign();
        }
        if ($this->checkTokenOpen) {
            $this->checkToken();
        }
    }


    /**
     * 获取token
     * @return array|mixed|string|null
     */
    protected function getToken()
    {
        $token = null;
        if (!$token) {
            //from header
            $token = request()->header("token");
        }
        if (!$token) {
            //from url
            $token = input("token");
        }
        return $token;
    }

    /**
     * 检测token
     * token规则
     * token由base64编码，解码后分为密文、主键、过期时间（时间戳）三部分，用竖线|隔开
     */
    public function checkToken()
    {
        $token = $this->getToken();
        if (!$token) {
            $this->error(ErrorCode::getError(ErrorCode::CODE_TOKEN_NONE), ErrorCode::CODE_TOKEN_NONE);
        }
        $tokerReal = base64_decode($token);
        $tokenArr = explode("|", $tokerReal); //拆分token

        if (count($tokenArr) != 3) {
            $this->error(ErrorCode::getError(ErrorCode::CODE_TOKEN_FORMAT_ERR), ErrorCode::CODE_TOKEN_FORMAT_ERR);
        }
        //判断token有没有超时
        if (time() > $tokenArr[2]) {
            $this->error(ErrorCode::getError(ErrorCode::CODE_TOKEN_EXPIRE), ErrorCode::CODE_TOKEN_EXPIRE);
        }
        //以下部分根据自己的业务实现

        //$field = "id,login_name,valid,last_login_time,login_count,token";
        $user = \app\common\model\Admin::where("token", "=", $token)->find(); //找到token
        if (!$user) {
            $this->error(ErrorCode::getError(ErrorCode::CODE_TOKEN_ERR), ErrorCode::CODE_TOKEN_ERR);
        }
        $this->admin = $user;
        bind(Admin::class, $this->admin);
    }


    /**
     *
     * 返回成功信息
     * @param $data
     * @param string $msg
     */
    public function success($data, $msg = "")
    {
        Log::record("response:" . mb_substr(json_encode($data, JSON_UNESCAPED_UNICODE), 0, 1000) . ",code:0", "debug");
        return Result::rest($data);
    }

    /**
     *
     * 简易错误提示
     * @param $code
     */
    public function errorSimple($code)
    {
        $this->error(ErrorCode::getError($code), $code);
    }

    /**
     *
     * 返回失败信息
     * @param $msg
     * @param int $code
     * @param array $data
     */
    public function error($msg, $code = 999, $data = [])
    {
        $res = returnFormat($code, $msg, $data);
        Log::record("response:" . mb_substr(json_encode($res, JSON_UNESCAPED_UNICODE), 0, 1000) . ",code:" . $code, "debug");
        throw new HttpResponseException(Response::create($res, "json"));
    }

    /**
     * 自动校验
     * @param $rules 规则
     * @param $param 验证对象
     */
    public function autoValid($rules, $param)
    {
        try {
            validate($rules)->check($param);
        } catch (ValidateException $e) {
            // 验证失败 输出错误信息
            $this->error($e->getError());
        }
    }

    /**
     * 检查签名
     */
    public function checkApiSign()
    {

        $timestampLimit = 20;
        $param = request()->param();

        $this->autoValid([
            "_timestamp" => "require",
            "_sign" => "require",
        ], $param);
        if (!($param["_timestamp"] >= time() - $timestampLimit * 60 && $param["_timestamp"] <= time() + $timestampLimit * 60)) {
            $this->error("时间戳不合法，请刷新");
        }
        $sign = $param["_sign"];
        unset($param["_sign"]);
        ksort($param);

        $param['_timestamp'] = $param['_timestamp'];
        $secret = config("common.api_sign_secret");
        $signStr = stripslashes(json_encode($param, JSON_UNESCAPED_UNICODE) . $secret);

        $sign2 = md5($signStr);

        if ($sign !== $sign2) {
            Log::record("签名错误：sign: $sign sign2: $sign2", "debug");
            Log::record("sign2 签名key：" . $secret, "debug");
            Log::record("sign2 签名字符串：" . $signStr, "debug");
            $this->error("签名错误。" . $signStr);
        }
    }
}