123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228 |
- <?php
- namespace app\admin\controller;
- use app\BaseController;
- use app\common\model\base\menu\Menurequest;
- use app\common\model\base\user\Token;
- use app\common\model\base\org\Org;
- use app\common\model\base\org\OrgRole;
- use app\common\model\base\user\User;
- use app\common\model\base\user\UserRole;
- use app\common\model\base\user\Wxauth;
- use think\facade\Cache;
- class Base extends BaseController
- {
-
- protected $userinfo;
- protected $org;
-
- protected $noNeedLogin = [];
-
- protected $noNeedAuth = [];
-
- protected $noNeedValidate = [];
- protected $debug = false;
- public function initialize()
- {
- parent::initialize();
- $this->token = $_SERVER["HTTP_AUTHORIZATION"] ?? $_SERVER['HTTP_TOKEN'] ?? $this->request->param('token');
- $this->controller = $this->app->request->controller(true);
- $this->action = strtoupper($this->app->request->action(true));
- $this->noNeedLogin = array_map('strtoupper', $this->noNeedLogin);
-
- $this->noNeedAuth = array_map('strtoupper', array_merge($this->noNeedAuth, $this->noNeedLogin));
- $this->checkLogin();
-
- $sysValidate = cache('develop_validate');
- if (empty($sysValidate)) {
- $sysValidate = sysconfig('develop.validate');
- cache('develop_validate', $sysValidate, 86400);
- }
- $this->noNeedValidate = array_map('strtoupper', $this->noNeedValidate);
- if ($sysValidate == 1 && !in_array(strtoupper($this->action), $this->noNeedValidate)) {
- $this->checkValidate();
- }
- }
-
- private function checkLogin()
- {
-
- if (!in_array($this->action, $this->noNeedLogin)) {
- $checkTokenRes = $this->checkToken($this->token);
- if ($checkTokenRes['code'] != 1) {
- throw new \Exception($checkTokenRes['msg'], 2);
- } else {
- $this->userinfo = $checkTokenRes['data'];
- $this->org = null;
- }
-
- if (!$this->debug) {
- $this->checkAuth();
- }
- }
- }
-
- protected function checkAuth()
- {
- if (empty($this->userinfo)) {
- throw new \Exception("请先登录", 2);
- }
- if (!IsWxApplet() && !in_array($this->action, $this->noNeedAuth)) {
- $action = strtolower("/" . $this->controller . "/" . $this->action);
- $menu_request = Menurequest::where('path', $action)->find();
- if($menu_request){
- if (empty($list)) {
- $userid = $this->userinfo['user_id'] ?? 0;
- $list = User::getUserRole($userid,"base",$this->token);
- if (!isset($list[$action])) {
- throw new \Exception("没有权限", 2);
- }
- }
- }
- }
- }
-
- protected function checkToken($token = "")
- {
- $tokenModel = new Token;
-
- if (!$tokenModel->checktoken($token)) {
- return Result(-1, "登录失效,请重新登录");
- }
- $user = $tokenModel->tokenUser($token);
- if (!$user) {
- return Result(0, "未找到用户");
- } elseif ($user['status'] == 2) {
- return Result(0, "您的帐号已被禁用,请联系管理员");
- } else {
- return Result(1, "验证成功", $user);
- }
- }
-
- protected function checkValidate()
- {
- $data = $this->request->param();
- $controller = $this->app->request->controller();
- $action = $this->app->request->action();
- $validatePath = "app\\admin\\validate\\";
- if (strtolower($action) == 'doedit') {
- $controllerStr = implode('\\', explode('.', $controller));
- $validatePath .= $controllerStr;
- if (class_exists($validatePath)) {
- $check = $this->validate($data, $validatePath);
-
- if (true !== $check) {
- throw new \Exception($check, 2);
- }
- } else {
- throw new \Exception("验证器" . $controller . "不存在", 2);
- }
- }
- }
-
- protected function getClientID()
- {
- return md5($_SERVER['HTTP_USER_AGENT'] . GetIP());
- }
-
- protected function captcha()
- {
- $img = new \image\Image;
- $code = substr(str_shuffle('ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjklmnpqrstuvwxyz123456789'), mt_rand(1, 50), 4);
- cache('captcha_code' . $this->getClientID(), $code, 300);
- return $img::getAuthImage2($code);
- }
-
- protected function captcha_check($code): bool
- {
- $cCode = cache('captcha_code' . $this->getClientID());
- return strtolower(trim($code)) == strtolower($cCode);
- }
- }
|