'登录+验证'

app/admin/controller/user/Auth.php

@@ -9,6 +9,8 @@ use support\Request;
 
 class Auth
 {
+    public $notNeedLogin = ['login'];
+
     public function login(Request $request)
     {
         $validate = new AuthValidate();
@@ -18,4 +20,21 @@ class Auth
 
         return AuthService::login($request->post());
     }
+
+    /**
+     * @Desc 刷新token
+     * @Author Gorden
+     * @Date 2024/2/21 17:10
+     *
+     * @return \support\Response
+     */
+    public function refreshToken()
+    {
+        return AuthService::refreshToken();
+    }
+
+    public function userInfo(Request $request)
+    {
+        return AuthService::userInfo($request);
+    }
 }

app/admin/service/user/AuthService.php

@@ -4,6 +4,7 @@ namespace app\admin\service\user;
 
 use app\model\SysUser;
 use support\Db;
+use support\Request;
 use Tinywan\Jwt\JwtToken;
 
 class AuthService
@@ -49,4 +50,28 @@ class AuthService
             return json_fail($e->getMessage());
         }
     }
+
+    /**
+     * @Desc 刷新token
+     * @Author Gorden
+     * @Date 2024/2/21 17:10
+     *
+     * @return \support\Response
+     */
+    public static function refreshToken()
+    {
+        $token = JwtToken::refreshToken();
+
+        return json_success('Token已刷新', $token);
+    }
+
+    public static function userInfo(Request $request)
+    {
+        $user = SysUser::select('join_user_role_id', 'join_user_dept_id', 'user_status', 'user_category', 'user_name', 'user_login_name', 'user_mobile', 'user_remark', 'user_extend_json', 'user_addtimes')
+            ->where('user_id', $request->adminId)
+            ->first()
+            ->toArray();
+
+        return json_success('', $user);
+    }
 }

app/admin/service/user/UserService.php

@@ -137,11 +137,10 @@ class UserService
     public static function updateStatus($id, $params)
     {
         try {
-            if (SysUser::where('user_id', $id)->update(['user_status' => $params['user_status']])) {
+            if (!SysUser::where('user_id', $id)->update(['user_status' => $params['user_status']])) {
                 throw new \Exception('用户状态修改失败');
             }
         } catch (\Exception $e) {
-            dd($e->getMessage());
             return json_fail('用户状态修改失败');
         }
 

app/middleware/AdminAuthCheck.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace app\middleware;
+
+use Tinywan\Jwt\Exception\JwtTokenException;
+use Tinywan\Jwt\JwtToken;
+use Webman\Http\Request;
+use Webman\Http\Response;
+use Webman\MiddlewareInterface;
+
+class AdminAuthCheck implements MiddlewareInterface
+{
+    public function process(Request $request, callable $handler): Response
+    {
+        try {
+            // 跳过不需要验证的控制器方法
+            $controller = new \ReflectionClass($request->controller);
+            $notNeedLogin = $controller->getDefaultProperties()['notNeedLogin'] ?? [];
+            if (in_array($request->action, $notNeedLogin)) {
+                return $handler($request);
+            }
+
+            $token = $request->header('Authorization');
+            if (!$token) {
+                throw new JwtTokenException('请先登录~', 500);
+            }
+            if (strpos($token, 'Bearer') === 0) {
+                $token = trim(substr($token, 6));
+            }
+            JwtToken::verify(1, $token);
+            $request->adminId = JwtToken::getCurrentId();
+            $request->adminJwtInfo = JwtToken::getExtend();
+
+            return $handler($request);
+        } catch (JwtTokenException $e) {
+            return json_fail($e->getMessage());
+        }
+    }
+}

config/plugin/tinywan/jwt/app.php

@@ -27,6 +27,8 @@ return [
         'cache_token_ttl' => 604800,
         // 缓存令牌前缀
         'cache_token_pre' => 'JWT:TOKEN:',
+        // 刷新缓存令牌前缀
+//        'cache_refresh_token_pre' => 'JWT:TOKEN:REFRESH:',
         // 用户信息模型
         'user_model' => function($uid){
             return [];

route/api.php

@@ -2,35 +2,49 @@
 
 use Webman\Route;
 
-/* 鉴权 */
-Route::post('/auth/login',[\app\admin\controller\user\Auth::class,'login']);
+Route::group('/admin', function () {
+    /* 鉴权 */
+    Route::group('/auth', function () {
+        Route::post('/login', [\app\admin\controller\user\Auth::class, 'login']);
+        Route::get('/userInfo', [\app\admin\controller\user\Auth::class, 'userInfo']);
+        Route::get('/refreshToken', [\app\admin\controller\user\Auth::class, 'refreshToken']);
+    })->middleware([
+        \app\middleware\AdminAuthCheck::class
+    ]);
 
-/* 角色管理 */
-Route::group('/role', function () {
-    Route::get('/list', [\app\admin\controller\role\Role::class, 'roleList']);
-    Route::get('/info/{id:\d+}', [\app\admin\controller\role\Role::class, 'roleInfo']);
-    Route::post('/add', [\app\admin\controller\role\Role::class, 'addRole']);
-    Route::post('/update/{id:\d+}', [\app\admin\controller\role\Role::class, 'updateRole']);
-    Route::delete('/delete/{id:\d+}', [\app\admin\controller\role\Role::class, 'delRole']);
-    Route::post('/updateStatus/{id:\d+}', [\app\admin\controller\role\Role::class, 'updateStatus']);
-});
+    /* 角色管理 */
+    Route::group('/role', function () {
+        Route::get('/list', [\app\admin\controller\role\Role::class, 'roleList']);
+        Route::get('/info/{id:\d+}', [\app\admin\controller\role\Role::class, 'roleInfo']);
+        Route::post('/add', [\app\admin\controller\role\Role::class, 'addRole']);
+        Route::post('/update/{id:\d+}', [\app\admin\controller\role\Role::class, 'updateRole']);
+        Route::delete('/delete/{id:\d+}', [\app\admin\controller\role\Role::class, 'delRole']);
+        Route::post('/updateStatus/{id:\d+}', [\app\admin\controller\role\Role::class, 'updateStatus']);
+    })->middleware([
+        \app\middleware\AdminAuthCheck::class
+    ]);
 
-/* 部门管理 */
-Route::group('/dept', function () {
-    Route::get('/list', [\app\admin\controller\dept\Dept::class, 'deptList']);
-    Route::get('/info/{id:\d+}', [\app\admin\controller\dept\Dept::class, 'deptInfo']);
-    Route::post('/add', [\app\admin\controller\dept\Dept::class, 'addDept']);
-    Route::post('/update/{id:\d+}', [\app\admin\controller\dept\Dept::class, 'updateDept']);
-    Route::post('/updateStatus/{id:\d+}', [\app\admin\controller\dept\Dept::class, 'updateStatus']);
-    Route::delete('/delete/{id:\d+}', [\app\admin\controller\dept\Dept::class, 'delDept']);
-});
+    /* 部门管理 */
+    Route::group('/dept', function () {
+        Route::get('/list', [\app\admin\controller\dept\Dept::class, 'deptList']);
+        Route::get('/info/{id:\d+}', [\app\admin\controller\dept\Dept::class, 'deptInfo']);
+        Route::post('/add', [\app\admin\controller\dept\Dept::class, 'addDept']);
+        Route::post('/update/{id:\d+}', [\app\admin\controller\dept\Dept::class, 'updateDept']);
+        Route::post('/updateStatus/{id:\d+}', [\app\admin\controller\dept\Dept::class, 'updateStatus']);
+        Route::delete('/delete/{id:\d+}', [\app\admin\controller\dept\Dept::class, 'delDept']);
+    })->middleware([
+        \app\middleware\AdminAuthCheck::class
+    ]);
 
-/* 用户管理 */
-Route::group('/user', function () {
-    Route::get('/list', [\app\admin\controller\user\User::class, 'userList']);
-    Route::get('/info/{id:\w+}', [\app\admin\controller\user\User::class, 'userInfo']);
-    Route::post('/add', [\app\admin\controller\user\User::class, 'addUser']);
-    Route::post('/update/{id:\w+}', [\app\admin\controller\user\User::class, 'updateUser']);
-    Route::post('/updateStatus/{id:\w+}', [\app\admin\controller\user\User::class, 'updateStatus']);
-    Route::delete('/delete/{id:\w+}', [\app\admin\controller\user\User::class, 'delUser']);
+    /* 用户管理 */
+    Route::group('/user', function () {
+        Route::get('/list', [\app\admin\controller\user\User::class, 'userList']);
+        Route::get('/info/{id:\w+}', [\app\admin\controller\user\User::class, 'userInfo']);
+        Route::post('/add', [\app\admin\controller\user\User::class, 'addUser']);
+        Route::post('/update/{id:\w+}', [\app\admin\controller\user\User::class, 'updateUser']);
+        Route::post('/updateStatus/{id:\w+}', [\app\admin\controller\user\User::class, 'updateStatus']);
+        Route::delete('/delete/{id:\w+}', [\app\admin\controller\user\User::class, 'delUser']);
+    })->middleware([
+        \app\middleware\AdminAuthCheck::class
+    ]);
 });