mirror of
https://github.com/netcccyun/dnsmgr.git
synced 2024-11-16 11:42:35 +08:00
41 lines
1.4 KiB
PHP
41 lines
1.4 KiB
PHP
<?php
|
|
declare (strict_types=1);
|
|
|
|
namespace app\middleware;
|
|
|
|
use think\facade\Db;
|
|
|
|
class AuthApi
|
|
{
|
|
public function handle($request, \Closure $next)
|
|
{
|
|
$uid = input('post.uid/d');
|
|
$timestamp = input('post.timestamp');
|
|
$sign = input('post.sign');
|
|
if(!$uid || empty($timestamp) || empty($sign)){
|
|
return json(['code'=>-1, 'msg'=>'认证参数不能为空'])->code(403);
|
|
}
|
|
if($timestamp < time()-300 || $timestamp > time()+300){
|
|
return json(['code'=>-1, 'msg'=>'时间戳不合法'])->code(403);
|
|
}
|
|
$user = Db::name('user')->where('id', $uid)->find();
|
|
if(!$user) return json(['code'=>-1, 'msg'=>'用户不存在'])->code(403);
|
|
if($user['status'] == 0) return json(['code'=>-1, 'msg'=>'该用户已被封禁'])->code(403);
|
|
if($user['is_api'] == 0) return json(['code'=>-1, 'msg'=>'该用户未开启API权限'])->code(403);
|
|
if(md5($uid.$timestamp.$user['apikey']) !== $sign){
|
|
return json(['code'=>-1, 'msg'=>'签名错误'])->code(403);
|
|
}
|
|
|
|
$user['type'] = 'user';
|
|
$user['permission'] = [];
|
|
if($user['level'] == 1){
|
|
$user['permission'] = Db::name('permission')->where('uid', $uid)->column('domain');
|
|
}
|
|
|
|
$request->islogin = true;
|
|
$request->isApi = true;
|
|
$request->user = $user;
|
|
return $next($request);
|
|
}
|
|
}
|