composer/php-auth-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

config change

Browse Source
This commit is contained in:
候学杰 2019-01-24 13:40:23 +08:00
parent b5bc9c2a5b
commit a95524e887
5 changed files with 94 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/auth.php
View File

@ -12,7 +12,6 @@ return [
'apps' => [ 'apps' => [
'erp' => [ 'erp' => [
'id' => '100009', 'id' => '100009',
'alias' => 'erp',
'secret' => env('AUTH_ERP_SECRET','123456'), 'secret' => env('AUTH_ERP_SECRET','123456'),
], ],
], ],

21
src/Auth.php
View File

@ -54,17 +54,20 @@ class Auth
], ],
]); ]);
} }
$this->choose();
} }
public function choose($id, $referer = null) public function choose($name = null)
{ {
foreach ($this->config['apps'] as $app) { if (!$name) {
if (!$id && $referer != null) { $name = env('APP_NAME');
$arr = parse_url($referer);
} elseif ($id && $app['id'] == $id) {
$this->id = $app['id'];
$this->secret = $app['secret'];
} }
switch ($name) {
case 'erp':
case 'erp_api':
$this->id = $this->config['apps']['erp']['id'];
$this->secret = $this->config['apps']['erp']['secret'];
break;
} }
return $this; return $this;
} }
@ -88,7 +91,7 @@ class Auth
*/ */
public function getAccessToken($code) public function getAccessToken($code)
{ {
$token = $this->rpc->call('oauth.get_access_token', [$this->id, $this->secret, $code]); $token = $this->rpc->call('oauth.access_token', [$this->id, $this->secret, $code]);
return $token; return $token;
} }
@ -100,7 +103,7 @@ class Auth
*/ */
public function getUserInfo($token) public function getUserInfo($token)
{ {
$info = $this->rpc->call('user.info', [$token]); $info = $this->rpc->call('oauth.user_info', [$this->id, $this->secret, $token]);
return $info; return $info;
} }

24
src/Controller.php Normal file
View File

@ -0,0 +1,24 @@
<?php
namespace PdAuth;
use PdAuth\Middleware\Authenticate;
use PdAuth\Middleware\CheckRole;
trait Controller
{
protected $user;
protected $guard;
public function auth($guard)
{
$this->guard = $guard;
app('auth')->shouldUse($guard);
$this->middleware(Authenticate::class);
// $this->middleware(CheckRole::class);
$this->user = app('request')->user($guard);
}
}

70
src/Middleware/Authenticate.php
View File

@ -39,77 +39,23 @@ class Authenticate
*/ */
public function handle($request, Closure $next, $guard = null) public function handle($request, Closure $next, $guard = null)
{ {
//oauth 回调
$code = $request->input('pd_code');
if ($code) {
$token = app('pd.auth')->getAccessToken($code);
if (isset($token['access_token'])) {
setcookie(self::CookieName, $token['access_token'], strtotime($token['expired_at']), '/');
$qs = $request->getQueryString();
$params = explode('&', $qs);
$qs = '?';
foreach ($params as $k => $v) {
if (Str::startsWith($v, 'pd_code=')) {
continue;
}
$qs .= $v . '&';
}
if (!$request->isXmlHttpRequest()) {
abort(302, '', [
'Location' => $request->getSchemeAndHttpHost() . $request->getBaseUrl() . $request->getPathInfo() . $qs,
]);
}
}
}
//登录状态检测 //登录状态检测
if ($this->auth->guard($guard)->guest()) { if ($this->auth->guard($guard)->guest()) {
$redirect = $request->input('redirect', $request->getUri()); $redirect = $request->input('redirect', $request->getUri());
if ($request->isXmlHttpRequest()) { // if ($request->isXmlHttpRequest()) {
return response()->json([ return response()->json([
'code' => 401, 'code' => config('pdauth.code.unauthorized', 401),
'msg' => 'need login', 'msg' => 'Unauthorized',
'data' => [ 'data' => [
'url' => app('pd.auth')->connect($redirect), 'url' => app('pd.auth')->connect($redirect),
], ],
]); ]);
} else { // } else {
return redirect(app('pd.auth')->connect($redirect)); // //
// exit('jump');
//// return redirect(app('pd.auth')->connect($redirect));
// }
} }
}
//权限检测
// $path = $request->path();
// $privileges = config('pdauth.roles_privileges');
// $user = $request->user();
// $match = [];
// foreach ($user['roles'] as $role) {
// if (array_key_exists($role, $privileges)) {
// //如果设置了 * ,则跳过权限检测
// if (is_string($privileges[$role]) && $privileges[$role] == '*') {
// return $next($request);
// }
// if (!is_array($privileges[$role])) {
// throw new \Exception('pdauth 配置错误!');
// }
// $match = array_merge($match, $privileges[$role]);
// }
// }
// if (in_array($path, $match)) {
// return $next($request);
// }
// if ($request->isXmlHttpRequest()) {
// return response()->json([
// 'code' => 403,
// 'msg' => '无权访问,请联系管理员授权',
// 'data' => null,
// ]);
// }
// api_abort(403, '无权访问,请联系管理员授权');
return $next($request); return $next($request);
} }

54
src/PdAuthServiceProvider.php
View File

@ -6,6 +6,7 @@ use Illuminate\Contracts\Encryption\DecryptException;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\ServiceProvider; use Illuminate\Support\ServiceProvider;
use PdAuth\Middleware\Authenticate; use PdAuth\Middleware\Authenticate;
use Symfony\Component\HttpFoundation\Cookie;
class PdAuthServiceProvider extends ServiceProvider class PdAuthServiceProvider extends ServiceProvider
{ {
@ -21,13 +22,16 @@ class PdAuthServiceProvider extends ServiceProvider
// application. The callback which receives the incoming request instance // application. The callback which receives the incoming request instance
// should return either a User instance or null. You're free to obtain // should return either a User instance or null. You're free to obtain
// the User instance via an API token or any other method necessary. // the User instance via an API token or any other method necessary.
$this->app['auth']->viaRequest('auth', function (Request $request) { $config = $this->app['config']['auth'];
foreach ($this->app['config']['pdauth']['apps'] as $key => $app) {
$this->app['auth']->viaRequest($key, function (Request $request) use ($key) {
$token = $request->header('Authorization', $request->cookie(Authenticate::CookieName)); $token = $request->header('Authorization', $request->cookie(Authenticate::CookieName));
if ($token) { if ($token) {
try { try {
$user = app('pd.auth')->getUserInfo($token); $user = app('pd.auth')->choose($key)->getUserInfo($token);
if ($user) { if ($user) {
return $user; return $user;
} }
@ -38,33 +42,25 @@ class PdAuthServiceProvider extends ServiceProvider
return null; return null;
}); });
$config = $this->app['config']['auth'];
if (!isset($config['guards']['auth'])) { if (!isset($config['guards']['auth'])) {
config(['auth.guards.auth' => ['driver' => 'auth']]); config(['auth.guards.' . $key => ['driver' => $key]]);
$this->app['auth']->shouldUse('auth'); $this->app['auth']->shouldUse('auth');
} }
}
//添加获取token的路由 // $config = $this->app['config']['auth'];
$this->app['router']->get('auth/token.json', function (Request $request) { //
$code = $request->input('pd_code'); // if (!isset($config['guards']['auth'])) {
$id = $request->input('app_id'); // config(['auth.guards.auth' => ['driver' => 'auth']]);
$token = app('pd.auth')->choose($id)->getAccessToken($code); // $this->app['auth']->shouldUse('auth');
return response()->json([ // }
'code' => 0,
'message' => '',
'data' => $token,
]);
});
$this->app['router']->get('auth/logout', function (Request $request) { $this->setupRouter();
app('pd.auth')->logout();
});
} }
protected function setupConfig() protected function setupConfig()
{ {
$source = realpath(__DIR__ . '/../../config/auth.php'); $source = realpath(__DIR__ . '/../config/auth.php');
if ($this->app instanceof LaravelApplication && $this->app->runningInConsole()) { if ($this->app instanceof LaravelApplication && $this->app->runningInConsole()) {
$this->publishes([$source => config_path('pdauth.php')], 'pdauth'); $this->publishes([$source => config_path('pdauth.php')], 'pdauth');
@ -75,6 +71,24 @@ class PdAuthServiceProvider extends ServiceProvider
$this->mergeConfigFrom($source, 'pdauth'); $this->mergeConfigFrom($source, 'pdauth');
} }
protected function setupRouter(){
//添加获取token的路由
$this->app['router']->get('auth/token.json', function (Request $request) {
$code = $request->input('pd_code');
$token = app('pd.auth')->getAccessToken($code);
$cookie = new Cookie(Authenticate::CookieName, $token['access_token'], strtotime($token['expired_at']));
return response()->json([
'code' => 0,
'message' => '',
'data' => $token,
])->withCookie($cookie);
});
$this->app['router']->get('auth/logout', function (Request $request) {
app('pd.auth')->logout();
});
}
public function register() public function register()
{ {
$this->setupConfig(); $this->setupConfig();