caiping/app/api/controller/Index.php

<?php
/**
 * @copyright Copyright (c) 2021 勾股工作室
 * @license https://opensource.org/licenses/Apache-2.0
 * @link https://www.gougucms.com
 */
declare (strict_types = 1);
namespace app\api\controller;

use app\api\BaseController;
use app\api\middleware\Auth;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use think\facade\Db;
use think\facade\Request;

class Index extends BaseController
{
    /**
     * 控制器中间件 [登录、注册 不需要鉴权]
     * @var array
     */
	protected $middleware = [
    	Auth::class => ['except' 	=> ['index','reg','login'] ]
    ];
	
    /**
     * @param $user_id
     * @return string
     */
    public function getToken($user_id){
        $time = time(); //当前时间
		$conf = $this->jwt_conf;
        $token = [
            'iss' => $conf['iss'], //签发者 可选
            'aud' => $conf['aud'], //接收该JWT的一方，可选
            'iat' => $time, //签发时间
            'nbf' => $time-1 , //(Not Before)：某个时间点后才能访问，比如设置time+30，表示当前时间30秒后才能使用
            'exp' => $time+$conf['exptime'], //过期时间,这里设置2个小时
            'data' => [
                //自定义信息，不要定义敏感信息
                'userid' =>$user_id,
            ]
        ];
        return JWT::encode($token, $conf['secrect'], 'HS256'); //输出Token  默认'HS256'
    }

    /**
     * @param $token
     */
    public static function checkToken($token){
        try {
            JWT::$leeway = 60;//当前时间减去60，把时间留点余地
            $decoded = JWT::decode($token, self::$config['secrect'], ['HS256']); //HS256方式，这里要和签发的时候对应
            return (array)$decoded;
        } catch(\Firebase\JWT\SignatureInvalidException $e) {  //签名不正确
            return json(['code'=>403,'msg'=>'签名错误']);
        }catch(\Firebase\JWT\BeforeValidException $e) {  // 签名在某个时间点之后才能用
            return json(['code'=>401,'msg'=>'token失效']);
        }catch(\Firebase\JWT\ExpiredException $e) {  // token过期
            return json(['code'=>401,'msg'=>'token已过期']);
        }catch(Exception $e) {  //其他错误
            return json(['code'=>404,'msg'=>'非法请求']);
        }catch(\UnexpectedValueException $e) {  //其他错误
            return json(['code'=>404,'msg'=>'非法请求']);
        } catch(\DomainException $e) {  //其他错误
            return json(['code'=>404,'msg'=>'非法请求']);
        }

    }	
	
    /**
     * @api {post} /index/index API页面
     * @apiDescription  返回首页信息
     */
    public function index()
    {
        $list = Db::name('Article')->select();
		$seo = get_system_config('web');
		add_user_log('api', '首页');
        $this->apiSuccess('请求成功',['list' => $list,'seo' => $seo]);
    }

    /**
     * @api {post} /index/login 会员登录
     * @apiDescription 系统登录接口，返回 token 用于操作需验证身份的接口

     * @apiParam (请求参数：) {string}             username 登录用户名
     * @apiParam (请求参数：) {string}             password 登录密码

     * @apiParam (响应字段：) {string}             token    Token

     * @apiSuccessExample {json} 成功示例
     * {"code":0,"msg":"登录成功","time":1627374739,"data":{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkuZ291Z3VjbXMuY29tIiwiYXVkIjoiZ291Z3VjbXMiLCJpYXQiOjE2MjczNzQ3MzksImV4cCI6MTYyNzM3ODMzOSwidWlkIjoxfQ.gjYMtCIwKKY7AalFTlwB2ZVWULxiQpsGvrz5I5t2qTs"}}
     * @apiErrorExample {json} 失败示例
     * {"code":1,"msg":"帐号或密码错误","time":1627374820,"data":[]}
     */
    public function login()
    {
		$param = get_params();
		if(empty($param['username']) || empty($param['password'])){
			$this->apiError('参数错误');
		}
        // 校验用户名密码
		$user = Db::name('User')->where(['username' => $param['username']])->find();
        if (empty($user)) {
            $this->apiError('帐号或密码错误');
        }
        $param['pwd'] = set_password($param['password'], $user['salt']);
        if ($param['pwd'] !== $user['password']) {
            $this->apiError('帐号或密码错误');
        }
        if ($user['status'] == -1) {
            $this->apiError('该用户禁止登录,请于平台联系');
        }
        $data = [
            'last_login_time' => time(),
            'last_login_ip' => request()->ip(),
            'login_num' => $user['login_num'] + 1,
        ];
        $res = Db::name('user')->where(['id' => $user['id']])->update($data);
        if ($res) {
            $token = self::getToken($user['id']);
			add_user_log('api', '登录');
            $this->apiSuccess('登录成功', ['token' => $token]);
        }
    }

    /**
     * @api {post} /index/reg 会员注册
     * @apiDescription  系统注册接口，返回是否成功的提示，需再次登录

     * @apiParam (请求参数：) {string}             username 用户名
     * @apiParam (请求参数：) {string}             password 密码

     * @apiSuccessExample {json} 成功示例
     * {"code":0,"msg":"注册成功","time":1627375117,"data":[]}
     * @apiErrorExample {json} 失败示例
     * {"code":1,"msg":"该账户已经存在","time":1627374899,"data":[]}
     */
    public function reg()
    {
		$param = get_params();
		if(empty($param['username']) || empty($param['pwd'])){
			$this->apiError('参数错误');
		}
		$user = Db::name('user')->where(['username' => $param['username']])->find();
        if (!empty($user)) {
			$this->apiError('该账户已经存在');
        }
        $param['salt'] = set_salt(20);
        $param['password'] = set_password($param['pwd'], $param['salt']);
        $param['register_time'] = time();
        $param['headimgurl'] = '';
        $param['register_ip'] = request()->ip();
        $char = mb_substr($param['username'], 0, 1, 'utf-8');
        $uid = Db::name('User')->strict(false)->field(true)->insertGetId($param);
		if($uid){
			add_user_log('api', '注册');
			$this->apiSuccess('注册成功,请登录');
		}else{
			$this->apiError('注册失败');
		}
    }

    /**
     * @api {post} /index/demo 测试页面
     * @apiDescription  返回文章列表信息

     * @apiParam (请求参数：) {string}  token Token

     * @apiSuccessExample {json} 响应数据样例
     * {"code":1,"msg":"","time":1563517637,"data":{"id":13,"email":"test110@qq.com","password":"e10adc3949ba59abbe56e057f20f883e","sex":1,"last_login_time":1563517503,"last_login_ip":"127.0.0.1","qq":"123455","mobile":"","mobile_validated":0,"email_validated":0,"type_id":1,"status":1,"create_ip":"127.0.0.1","update_time":1563507130,"create_time":1563503991,"type_name":"注册会员"}}
     */
    public function demo()
    {
		$uid = JWT_UID;
        $userInfo = Db::name('User')->where(['id' => $uid])->find();
        $this->apiSuccess('请求成功', ['user' => $userInfo]);
    }

    
}

 //获取部门
 public function get_department()
 {
     $department = get_department();
     return to_assign(0, '', $department);
 }

 //获取部门树形节点列表
 public function get_department_tree()
 {
     $department = get_department();
     $list = get_tree($department, 0, 2);
     $data['trees'] = $list;
     return json($data);
 }
 
 //获取部门树形节点列表2
 public function get_department_select()
 {
     $keyword = get_params('keyword');
     $selected = [];
     if(!empty($keyword)){
         $selected = explode(",",$keyword);
     }		
     $department = get_department();
     $list = get_select_tree($department, 0,0,$selected);
     return to_assign(0, '',$list);
 }

 //获取子部门所有员工
 public function get_employee($did = 0)
 {
     $did = get_params('did');
     if($did == 1){
         $department = $did;
     }
     else{
         $department = get_department_son($did);
     }        
     $employee = Db::name('admin')
         ->field('a.id,a.did,a.position_id,a.mobile,a.name,a.nickname,a.sex,a.status,a.thumb,a.username,d.title as department')
         ->alias('a')
         ->join('Department d', 'a.did = d.id')
         ->where(['a.status' => 1])
         ->where('a.id', ">", 1)
         ->where('a.did', "in", $department)
         ->select();
     return to_assign(0, '', $employee);
 }
 
 //获取所有员工
 public function get_personnel()
 {       
     $param = get_params();
     $where[] = ['a.status', '=', 1];
     $where[] = ['a.id', '>', 1];
     if (!empty($param['keywords'])) {
         $where[] = ['a.name', 'like', '%' . $param['keywords'] . '%'];
     }
     if(!empty($param['ids'])){
         $where[] = ['a.id', 'notin', $param['ids']];
     }
     $rows = empty($param['limit']) ? get_config('app.page_size') : $param['limit'];
     $list = Db::name('admin')
         ->field('a.id,a.did,a.position_id,a.mobile,a.name,a.nickname,a.sex,a.status,a.thumb,a.username,d.title as department')
         ->alias('a')
         ->join('Department d', 'a.did = d.id')
         ->where($where)
         ->order('a.id desc')
         ->paginate($rows, false, ['query' => $param]);
     return table_assign(0, '', $list);
 }
 
 //获取部门所有员工
 public function get_employee_select()
 {
     $keyword = get_params('keyword');
     $selected = [];
     if(!empty($keyword)){
         $selected = explode(",",$keyword);
     }
     $employee = Db::name('admin')
         ->field('id as value,name')
         ->where(['status' => 1])
         ->select()->toArray();
         
     foreach($employee as $k => &$v){	
         $v['selected'] = '';
         if(in_array($v['value'],$selected)){
             $v['selected'] = 'selected';
         }
     }
     return to_assign(0, '', $employee);
 }

 //获取角色列表
 public function get_position()
 {
     $position = Db::name('Position')->field('id,title as name')->where([['status', '=', 1], ['id', '>', 1]])->select();
     return to_assign(0, '', $position);
 }
 
 //获取审核类型
 public function get_flow_cate($type=0)
 {
     $flows = Db::name('FlowType')->where(['type'=>$type,'status'=>1])->select()->toArray();
     return to_assign(0, '', $flows);
 }
 //获取审核步骤人员
 public function get_flow_users($id=0)
 {
     $flow = Db::name('Flow')->where(['id' => $id])->find();
     $flowData = unserialize($flow['flow_list']);
     if(!empty($flowData)){
         foreach ($flowData as $key => &$val) {
             $val['user_id_info'] = Db::name('Admin')->field('id,name,thumb')->where('id','in',$val['flow_uids'])->select()->toArray();
         }
     }
     $data['copy_uids'] = $flow['copy_uids'];
     $data['copy_unames'] ='';
     if($flow['copy_uids']!=''){
         $copy_unames = Db::name('Admin')->where('id', 'in', $flow['copy_uids'])->column('name');
         $data['copy_unames'] = implode(',', $copy_unames);
     }
     $data['flow_data'] = $flowData;
     return to_assign(0, '', $data);
 }

//获取url参数
function get_params($key = "")
{
    return Request::instance()->param($key);
}