用户权限

0c8b28d9 · shajiaiming · 8ac488e5 · 0c8b28d9 · 0c8b28d9 · 0c8b28d9
Commit 0c8b28d9 authored Jun 20, 2019 by shajiaiming
Showing with 201 additions and 0 deletions

BaseController.php api/base/BaseController.php +48 -0

LoginStatusAuthInterceptor.php common/behaviors/LoginStatusAuthInterceptor.php +75 -0

UserAuthInterceptor.php common/behaviors/UserAuthInterceptor.php +78 -0

No files found.
--- a/api/base/BaseController.php
+++ b/api/base/BaseController.php
@@ -30,6 +30,54 @@ class BaseController extends Controller
        }
    }
+    public function behaviors()
+    {
+        $request_controller = Yii::$app->controller->id;
+        $request_action = Yii::$app->controller->action->id;
+        $interceptor_global = array_unique(Yii::$app->params['interceptor']['global']);
+        $interceptor_default = array_unique(Yii::$app->params['interceptor']['default']);
+        $interceptor_mapping = isset(Yii::$app->params['interceptor'][$request_controller]) ? array_unique(Yii::$app->params['interceptor'][$request_controller]) : null;
+        $controller_enable = $interceptor_mapping ?? false;
+        $behaviors = [];
+        $final_interceptor = array_keys(array_flip(array_merge($interceptor_global, $interceptor_default)));
+        if ($controller_enable) {
+            $interceptor_map = $interceptor_mapping['interceptors'];
+            if ($interceptor_map) {
+                $switch = array_shift($interceptor_map);
+                if (false == $switch) {
+                    $deny_interceptor = $interceptor_map;
+                    $final_interceptor = array_diff($interceptor_default, $deny_interceptor);
+                } else {
+                    $final_interceptor = array_unique($interceptor_map);
+                }
+            }
+            $action_mapping = $interceptor_mapping['actions'] ?? false;
+            if ($action_mapping) {        //指定方法使用哪些拦截器
+                foreach ($action_mapping as $val) {
+                    $action_id = array_shift($val);    //拦截器配置文件中的action
+                    $interceptor_map = $val[0];
+                    $switch = array_shift($interceptor_map);   //拦截器配置文件中action对应的拦截开关
+                    if ($action_id == $request_action) {
+                        if (false == $switch) {
+                            $final_interceptor = array_unique(array_merge($interceptor_map, $interceptor_global));
+                            $final_interceptor = array_diff($interceptor_default, array_diff($final_interceptor, $interceptor_global));
+                        } else {
+                            $final_interceptor = array_unique($interceptor_map);
+                        }
+                    }
+                }
+            }
+        }
+        foreach ($final_interceptor as $key => $item) {
+            $behaviors[$key] = [
+                'class' => $item,
+            ];
+        }
+        return $behaviors;
+    }
    public function fzmCrossHeader()
    {
        $this->lang = \Yii::$app->request->headers->get('lang') ?? 'zh-CN';

--- a/common/behaviors/LoginStatusAuthInterceptor.php
+++ b/common/behaviors/LoginStatusAuthInterceptor.php
+<?php
+/**
+ * Created by PhpStorm.
+ * User: jiaming
+ * Date: 2019/6/20
+ * Time: 11:11
+ */
+namespace common\behaviors;
+use yii\base\ActionFilter;
+use Yii;
+class LoginStatusAuthInterceptor extends ActionFilter
+{
+    public function beforeAction($action)
+    {
+        $auth_string = Yii::$app->request->headers->get('Authorization');
+        if (strstr($auth_string, 'Bearer')) {
+            return $this->frontAuth();
+        }
+        if (!$auth_string) {
+            $message = 'cms auth error';
+            $code = '40004';
+            goto doEnd;
+        }
+        $auth_arr = explode('||', $auth_string);
+        $cookies = [];
+        foreach ($auth_arr as $auth_item) {
+            $auth_item_item = explode('=', $auth_item);
+            $cookies[$auth_item_item[0]] = urlencode($auth_item_item[1]);
+        }
+        $curl = new FpfHttpClient();
+        $url = Yii::$app->fpf->getConfig('cms_auth_user_id', 'api');
+        $get_data = [];
+        $options = [
+            'cookies' => $cookies
+        ];
+        $result = $curl->get($url, $get_data, $options);
+        $result = json_decode($result, true);
+        if (isset($result['code']) && 200 == $result['code']) {
+            Yii::$app->request->setUserId($result['data']['zhaobi_uid']);
+            $base_service = new BaseService();
+            $items = $base_service->getBaseInfoByUserIds([$result['data']['zhaobi_uid']]);
+            $detail = $items[0];
+            $platform_code = $detail->plat;
+            $platform_id_mapping = Yii::$app->fpf->getConfig('platform_id_mapping', 'platform');
+            $platform_id = $platform_id_mapping[$platform_code] ?? '';
+            if (!$platform_id) {
+                $message = 'platform id get error';
+                $code = '40001';
+                goto doEnd;
+            }
+            Yii::$app->request->setPlatformId($platform_id);
+            return true;
+        } else {
+            $message = 'cms auth error';
+            $code = '40003';
+        }
+        doEnd :
+        // 返回错误
+        $response_message = new ResponseMsg();
+        $content = $response_message->jsonError($message, $code);
+        $content = response()->withHeaders($response_message->getHeaders())->withContent($content);
+        Yii::$app->response->data = $content;
+        Yii::$app->response->send();
+        return false;
+    }
+    public function frontAuth()
+    {
+        //验证用户token正确性
+    }
+}
\ No newline at end of file
--- a/common/behaviors/UserAuthInterceptor.php
+++ b/common/behaviors/UserAuthInterceptor.php
+<?php
+/**
+ * Created by PhpStorm.
+ * User: jiaming
+ * Date: 2019/6/20
+ * Time: 11:11
+ */
+namespace common\behaviors;
+use yii\base\ActionFilter;
+use Yii;
+class UserAuthInterceptor extends ActionFilter
+{
+    public function beforeAction($action)
+    {
+        if (!parent::beforeAction($action)){
+            return false;
+        }
+        $request_class = get_class($action->controller);
+        $request_action = $action->id;
+        $headers = Yii::$app->request->headers;
+        $Authorization = $headers['Authorization'] ?? null;
+        $user_id = Yii::$app->request->getUserId();
+        $platform_auth = Yii::$app->fpf->getConfig('plat_auth', 'platform_auth');
+        $platform_auth_map = $platform_auth[$platform_id] ?? null;
+        if(empty($platform_auth_map)){
+            $code = '40001';
+            $message = 'platform auth error';
+            goto doEnd;
+        }
+        $user_auth_map = $platform_auth_map[$user_id] ?? null;
+        if(empty($user_auth_map)){
+            $code = '40002';
+            $message = 'user auth error';
+            goto doEnd;
+        }
+        $auth_type_map = Yii::$app->fpf->getConfig($user_auth_map, 'platform_auth');
+        $switch = false;
+        foreach ($auth_type_map as $key => $auth_type){
+            if($request_class == $auth_type['class']){
+                $action_map = $auth_type['actions'];
+                $switch = true;
+                break;
+            }
+        }
+        if(false == $switch){
+            $code = '40003';
+            $message = 'controller auth error';
+            goto doEnd;
+        }
+        if(empty($action_map)){
+            return true;
+        }
+        if(in_array($request_action, $action_map)){
+            return true;
+        }else{
+            $code = '40004';
+            $message = 'action auth error';
+            goto doEnd;
+        }
+        doEnd :
+        // 返回错误
+        $response_message = new ResponseMsg();
+        $content = $response_message->jsonError($message, $code);
+        $content = response()->withHeaders($response_message->getHeaders())->withContent($content);
+        Yii::$app->response->data = $content;
+        Yii::$app->response->send();
+        return false;
+    }
+}
\ No newline at end of file