composer/php-auth-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

config change

Browse Source
This commit is contained in:
候学杰 2019-01-24 13:40:23 +08:00
parent b5bc9c2a5b
commit a95524e887
5 changed files with 94 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/auth.php
View File

@ -12,7 +12,6 @@ return [
'apps' => [
'erp' => [
'id' => '100009',
'alias' => 'erp',
'secret' => env('AUTH_ERP_SECRET','123456'),
],
],

21
src/Auth.php
View File

@ -54,17 +54,20 @@ class Auth
],
]);
}
$this->choose();
}
public function choose($id, $referer = null)
public function choose($name = null)
{
foreach ($this->config['apps'] as $app) {
if (!$id && $referer != null) {
$arr = parse_url($referer);
} elseif ($id && $app['id'] == $id) {
$this->id = $app['id'];
$this->secret = $app['secret'];
if (!$name) {
$name = env('APP_NAME');
}
switch ($name) {
case 'erp':
case 'erp_api':
$this->id = $this->config['apps']['erp']['id'];
$this->secret = $this->config['apps']['erp']['secret'];
break;
}
return $this;
}
@ -88,7 +91,7 @@ class Auth
*/
public function getAccessToken($code)
{
$token = $this->rpc->call('oauth.get_access_token', [$this->id, $this->secret, $code]);
$token = $this->rpc->call('oauth.access_token', [$this->id, $this->secret, $code]);
return $token;
}
@ -100,7 +103,7 @@ class Auth
*/
public function getUserInfo($token)
{
$info = $this->rpc->call('user.info', [$token]);
$info = $this->rpc->call('oauth.user_info', [$this->id, $this->secret, $token]);
return $info;
}

24
src/Controller.php Normal file
View File

@ -0,0 +1,24 @@
<?php
namespace PdAuth;
use PdAuth\Middleware\Authenticate;
use PdAuth\Middleware\CheckRole;
trait Controller
{
protected $user;
protected $guard;
public function auth($guard)
{
$this->guard = $guard;
app('auth')->shouldUse($guard);
$this->middleware(Authenticate::class);
// $this->middleware(CheckRole::class);
$this->user = app('request')->user($guard);
}
}

70
src/Middleware/Authenticate.php
View File

@ -39,77 +39,23 @@ class Authenticate
*/
public function handle($request, Closure $next, $guard = null)
{
//oauth 回调
$code = $request->input('pd_code');
if ($code) {
$token = app('pd.auth')->getAccessToken($code);
if (isset($token['access_token'])) {
setcookie(self::CookieName, $token['access_token'], strtotime($token['expired_at']), '/');
$qs = $request->getQueryString();
$params = explode('&', $qs);
$qs = '?';
foreach ($params as $k => $v) {
if (Str::startsWith($v, 'pd_code=')) {
continue;
}
$qs .= $v . '&';
}
if (!$request->isXmlHttpRequest()) {
abort(302, '', [
'Location' => $request->getSchemeAndHttpHost() . $request->getBaseUrl() . $request->getPathInfo() . $qs,
]);
}
}
}
//登录状态检测
if ($this->auth->guard($guard)->guest()) {
$redirect = $request->input('redirect', $request->getUri());
if ($request->isXmlHttpRequest()) {
// if ($request->isXmlHttpRequest()) {
return response()->json([
'code' => 401,
'msg' => 'need login',
'code' => config('pdauth.code.unauthorized', 401),
'msg' => 'Unauthorized',
'data' => [
'url' => app('pd.auth')->connect($redirect),
],
]);
} else {
return redirect(app('pd.auth')->connect($redirect));
// } else {
// //
// exit('jump');
//// return redirect(app('pd.auth')->connect($redirect));
// }
}
}
//权限检测
// $path = $request->path();
// $privileges = config('pdauth.roles_privileges');
// $user = $request->user();
// $match = [];
// foreach ($user['roles'] as $role) {
// if (array_key_exists($role, $privileges)) {
// //如果设置了 * ,则跳过权限检测
// if (is_string($privileges[$role]) && $privileges[$role] == '*') {
// return $next($request);
// }
// if (!is_array($privileges[$role])) {
// throw new \Exception('pdauth 配置错误!');
// }
// $match = array_merge($match, $privileges[$role]);
// }
// }
// if (in_array($path, $match)) {
// return $next($request);
// }
// if ($request->isXmlHttpRequest()) {
// return response()->json([
// 'code' => 403,
// 'msg' => '无权访问,请联系管理员授权',
// 'data' => null,
// ]);
// }
// api_abort(403, '无权访问,请联系管理员授权');
return $next($request);
}

54
src/PdAuthServiceProvider.php
View File

@ -6,6 +6,7 @@ use Illuminate\Contracts\Encryption\DecryptException;
use Illuminate\Http\Request;
use Illuminate\Support\ServiceProvider;
use PdAuth\Middleware\Authenticate;
use Symfony\Component\HttpFoundation\Cookie;
class PdAuthServiceProvider extends ServiceProvider
{
@ -21,13 +22,16 @@ class PdAuthServiceProvider extends ServiceProvider
// application. The callback which receives the incoming request instance
// should return either a User instance or null. You're free to obtain
// the User instance via an API token or any other method necessary.
$this->app['auth']->viaRequest('auth', function (Request $request) {
$config = $this->app['config']['auth'];
foreach ($this->app['config']['pdauth']['apps'] as $key => $app) {
$this->app['auth']->viaRequest($key, function (Request $request) use ($key) {
$token = $request->header('Authorization', $request->cookie(Authenticate::CookieName));
if ($token) {
try {
$user = app('pd.auth')->getUserInfo($token);
$user = app('pd.auth')->choose($key)->getUserInfo($token);
if ($user) {
return $user;
}
@ -38,33 +42,25 @@ class PdAuthServiceProvider extends ServiceProvider
return null;
});
$config = $this->app['config']['auth'];
if (!isset($config['guards']['auth'])) {
config(['auth.guards.auth' => ['driver' => 'auth']]);
config(['auth.guards.' . $key => ['driver' => $key]]);
$this->app['auth']->shouldUse('auth');
}
}
//添加获取token的路由
$this->app['router']->get('auth/token.json', function (Request $request) {
$code = $request->input('pd_code');
$id = $request->input('app_id');
$token = app('pd.auth')->choose($id)->getAccessToken($code);
return response()->json([
'code' => 0,
'message' => '',
'data' => $token,
]);
});
// $config = $this->app['config']['auth'];
//
// if (!isset($config['guards']['auth'])) {
// config(['auth.guards.auth' => ['driver' => 'auth']]);
// $this->app['auth']->shouldUse('auth');
// }
$this->app['router']->get('auth/logout', function (Request $request) {
app('pd.auth')->logout();
});
$this->setupRouter();
}
protected function setupConfig()
{
$source = realpath(__DIR__ . '/../../config/auth.php');
$source = realpath(__DIR__ . '/../config/auth.php');
if ($this->app instanceof LaravelApplication && $this->app->runningInConsole()) {
$this->publishes([$source => config_path('pdauth.php')], 'pdauth');
@ -75,6 +71,24 @@ class PdAuthServiceProvider extends ServiceProvider
$this->mergeConfigFrom($source, 'pdauth');
}
protected function setupRouter(){
//添加获取token的路由
$this->app['router']->get('auth/token.json', function (Request $request) {
$code = $request->input('pd_code');
$token = app('pd.auth')->getAccessToken($code);
$cookie = new Cookie(Authenticate::CookieName, $token['access_token'], strtotime($token['expired_at']));
return response()->json([
'code' => 0,
'message' => '',
'data' => $token,
])->withCookie($cookie);
});
$this->app['router']->get('auth/logout', function (Request $request) {
app('pd.auth')->logout();
});
}
public function register()
{
$this->setupConfig();