['except' => ['index','reg','login'] ] ]; /** * @param $user_id * @return string */ public function getToken($user_id){ $time = time(); //当前时间 $conf = $this->jwt_conf; $token = [ 'iss' => $conf['iss'], //签发者 可选 'aud' => $conf['aud'], //接收该JWT的一方，可选 'iat' => $time, //签发时间 'nbf' => $time-1 , //(Not Before)：某个时间点后才能访问，比如设置time+30，表示当前时间30秒后才能使用 'exp' => $time+$conf['exptime'], //过期时间,这里设置2个小时 'data' => [ //自定义信息，不要定义敏感信息 'userid' =>$user_id, ] ]; return JWT::encode($token, $conf['secrect'], 'HS256'); //输出Token 默认'HS256' } /** * @param $token */ public static function checkToken($token){ try { JWT::$leeway = 60;//当前时间减去60，把时间留点余地 $decoded = JWT::decode($token, self::$config['secrect'], ['HS256']); //HS256方式，这里要和签发的时候对应 return (array)$decoded; } catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确 return json(['code'=>403,'msg'=>'签名错误']); }catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用 return json(['code'=>401,'msg'=>'token失效']); }catch(\Firebase\JWT\ExpiredException $e) { // token过期 return json(['code'=>401,'msg'=>'token已过期']); }catch(Exception $e) { //其他错误 return json(['code'=>404,'msg'=>'非法请求']); }catch(\UnexpectedValueException $e) { //其他错误 return json(['code'=>404,'msg'=>'非法请求']); } catch(\DomainException $e) { //其他错误 return json(['code'=>404,'msg'=>'非法请求']); } } /** * @api {post} /index/index API页面 * @apiDescription 返回首页信息 */ public function index() { $list = Db::name('Article')->select(); $seo = get_system_config('web'); add_user_log('api', '首页'); $this->apiSuccess('请求成功',['list' => $list,'seo' => $seo]); } /** * @api {post} /index/login 会员登录 * @apiDescription 系统登录接口，返回 token 用于操作需验证身份的接口 * @apiParam (请求参数：) {string} username 登录用户名 * @apiParam (请求参数：) {string} password 登录密码 * @apiParam (响应字段：) {string} token Token * @apiSuccessExample {json} 成功示例 * {"code":0,"msg":"登录成功","time":1627374739,"data":{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkuZ291Z3VjbXMuY29tIiwiYXVkIjoiZ291Z3VjbXMiLCJpYXQiOjE2MjczNzQ3MzksImV4cCI6MTYyNzM3ODMzOSwidWlkIjoxfQ.gjYMtCIwKKY7AalFTlwB2ZVWULxiQpsGvrz5I5t2qTs"}} * @apiErrorExample {json} 失败示例 * {"code":1,"msg":"帐号或密码错误","time":1627374820,"data":[]} */ public function login() { $param = get_params(); if(empty($param['username']) || empty($param['password'])){ $this->apiError('参数错误'); } // 校验用户名密码 $user = Db::name('User')->where(['username' => $param['username']])->find(); if (empty($user)) { $this->apiError('帐号或密码错误'); } $param['pwd'] = set_password($param['password'], $user['salt']); if ($param['pwd'] !== $user['password']) { $this->apiError('帐号或密码错误'); } if ($user['status'] == -1) { $this->apiError('该用户禁止登录,请于平台联系'); } $data = [ 'last_login_time' => time(), 'last_login_ip' => request()->ip(), 'login_num' => $user['login_num'] + 1, ]; $res = Db::name('user')->where(['id' => $user['id']])->update($data); if ($res) { $token = self::getToken($user['id']); add_user_log('api', '登录'); $this->apiSuccess('登录成功', ['token' => $token]); } } /** * @api {post} /index/reg 会员注册 * @apiDescription 系统注册接口，返回是否成功的提示，需再次登录 * @apiParam (请求参数：) {string} username 用户名 * @apiParam (请求参数：) {string} password 密码 * @apiSuccessExample {json} 成功示例 * {"code":0,"msg":"注册成功","time":1627375117,"data":[]} * @apiErrorExample {json} 失败示例 * {"code":1,"msg":"该账户已经存在","time":1627374899,"data":[]} */ public function reg() { $param = get_params(); if(empty($param['username']) || empty($param['pwd'])){ $this->apiError('参数错误'); } $user = Db::name('user')->where(['username' => $param['username']])->find(); if (!empty($user)) { $this->apiError('该账户已经存在'); } $param['salt'] = set_salt(20); $param['password'] = set_password($param['pwd'], $param['salt']); $param['register_time'] = time(); $param['headimgurl'] = ''; $param['register_ip'] = request()->ip(); $char = mb_substr($param['username'], 0, 1, 'utf-8'); $uid = Db::name('User')->strict(false)->field(true)->insertGetId($param); if($uid){ add_user_log('api', '注册'); $this->apiSuccess('注册成功,请登录'); }else{ $this->apiError('注册失败'); } } /** * @api {post} /index/demo 测试页面 * @apiDescription 返回文章列表信息 * @apiParam (请求参数：) {string} token Token * @apiSuccessExample {json} 响应数据样例 * {"code":1,"msg":"","time":1563517637,"data":{"id":13,"email":"test110@qq.com","password":"e10adc3949ba59abbe56e057f20f883e","sex":1,"last_login_time":1563517503,"last_login_ip":"127.0.0.1","qq":"123455","mobile":"","mobile_validated":0,"email_validated":0,"type_id":1,"status":1,"create_ip":"127.0.0.1","update_time":1563507130,"create_time":1563503991,"type_name":"注册会员"}} */ public function demo() { $uid = JWT_UID; $userInfo = Db::name('User')->where(['id' => $uid])->find(); $this->apiSuccess('请求成功', ['user' => $userInfo]); } } //获取部门 public function get_department() { $department = get_department(); return to_assign(0, '', $department); } //获取部门树形节点列表 public function get_department_tree() { $department = get_department(); $list = get_tree($department, 0, 2); $data['trees'] = $list; return json($data); } //获取部门树形节点列表2 public function get_department_select() { $keyword = get_params('keyword'); $selected = []; if(!empty($keyword)){ $selected = explode(",",$keyword); } $department = get_department(); $list = get_select_tree($department, 0,0,$selected); return to_assign(0, '',$list); } //获取子部门所有员工 public function get_employee($did = 0) { $did = get_params('did'); if($did == 1){ $department = $did; } else{ $department = get_department_son($did); } $employee = Db::name('admin') ->field('a.id,a.did,a.position_id,a.mobile,a.name,a.nickname,a.sex,a.status,a.thumb,a.username,d.title as department') ->alias('a') ->join('Department d', 'a.did = d.id') ->where(['a.status' => 1]) ->where('a.id', ">", 1) ->where('a.did', "in", $department) ->select(); return to_assign(0, '', $employee); } //获取所有员工 public function get_personnel() { $param = get_params(); $where[] = ['a.status', '=', 1]; $where[] = ['a.id', '>', 1]; if (!empty($param['keywords'])) { $where[] = ['a.name', 'like', '%' . $param['keywords'] . '%']; } if(!empty($param['ids'])){ $where[] = ['a.id', 'notin', $param['ids']]; } $rows = empty($param['limit']) ? get_config('app.page_size') : $param['limit']; $list = Db::name('admin') ->field('a.id,a.did,a.position_id,a.mobile,a.name,a.nickname,a.sex,a.status,a.thumb,a.username,d.title as department') ->alias('a') ->join('Department d', 'a.did = d.id') ->where($where) ->order('a.id desc') ->paginate($rows, false, ['query' => $param]); return table_assign(0, '', $list); } //获取部门所有员工 public function get_employee_select() { $keyword = get_params('keyword'); $selected = []; if(!empty($keyword)){ $selected = explode(",",$keyword); } $employee = Db::name('admin') ->field('id as value,name') ->where(['status' => 1]) ->select()->toArray(); foreach($employee as $k => &$v){ $v['selected'] = ''; if(in_array($v['value'],$selected)){ $v['selected'] = 'selected'; } } return to_assign(0, '', $employee); } //获取角色列表 public function get_position() { $position = Db::name('Position')->field('id,title as name')->where([['status', '=', 1], ['id', '>', 1]])->select(); return to_assign(0, '', $position); } //获取审核类型 public function get_flow_cate($type=0) { $flows = Db::name('FlowType')->where(['type'=>$type,'status'=>1])->select()->toArray(); return to_assign(0, '', $flows); } //获取审核步骤人员 public function get_flow_users($id=0) { $flow = Db::name('Flow')->where(['id' => $id])->find(); $flowData = unserialize($flow['flow_list']); if(!empty($flowData)){ foreach ($flowData as $key => &$val) { $val['user_id_info'] = Db::name('Admin')->field('id,name,thumb')->where('id','in',$val['flow_uids'])->select()->toArray(); } } $data['copy_uids'] = $flow['copy_uids']; $data['copy_unames'] =''; if($flow['copy_uids']!=''){ $copy_unames = Db::name('Admin')->where('id', 'in', $flow['copy_uids'])->column('name'); $data['copy_unames'] = implode(',', $copy_unames); } $data['flow_data'] = $flowData; return to_assign(0, '', $data); } //获取url参数 function get_params($key = "") { return Request::instance()->param($key); }