与多样青春搭+账后授权登录打通

2025-05-15 16:23:50 +08:00 · 2025-05-15 16:23:50 +08:00 · a5f8f72080
commit a5f8f72080
parent ad25ce659e
12 changed files with 240 additions and 9 deletions
--- a/application/admin/lang/zh-cn/auth/api/key.php
+++ b/application/admin/lang/zh-cn/auth/api/key.php
@ -1,6 +1,7 @@
 <?php
 return [
    'Name'       => '用户描述',
    'Key'        => '分配的key',
    'Public_key' => '对方调用公钥'
 ];
--- a/application/admin/view/auth/api/key/add.html
+++ b/application/admin/view/auth/api/key/add.html
@ -1,5 +1,11 @@
 <form id="add-form" class="form-horizontal" role="form" data-toggle="validator" method="POST" action="">
    <div class="form-group">
        <label class="control-label col-xs-12 col-sm-2">{:__('Name')}:</label>
        <div class="col-xs-12 col-sm-8">
            <input id="c-name" class="form-control" name="row[name]" type="text">
        </div>
    </div>
    <div class="form-group">
        <label class="control-label col-xs-12 col-sm-2">{:__('Key')}:</label>
        <div class="col-xs-12 col-sm-8">
@ -9,7 +15,7 @@
    <div class="form-group">
        <label class="control-label col-xs-12 col-sm-2">{:__('Public_key')}:</label>
        <div class="col-xs-12 col-sm-8">
-            <input id="c-public_key" class="form-control" name="row[public_key]" type="text">
+            <textarea id="c-public_key" class="form-control " rows="5" name="row[public_key]" cols="50"></textarea>
        </div>
    </div>
    <div class="form-group layer-footer">
--- a/application/admin/view/auth/api/key/edit.html
+++ b/application/admin/view/auth/api/key/edit.html
@ -1,5 +1,11 @@
 <form id="edit-form" class="form-horizontal" role="form" data-toggle="validator" method="POST" action="">
    <div class="form-group">
        <label class="control-label col-xs-12 col-sm-2">{:__('Name')}:</label>
        <div class="col-xs-12 col-sm-8">
            <input id="c-name" class="form-control" name="row[name]" type="text" value="{$row.name|htmlentities}">
        </div>
    </div>
    <div class="form-group">
        <label class="control-label col-xs-12 col-sm-2">{:__('Key')}:</label>
        <div class="col-xs-12 col-sm-8">
@ -9,7 +15,7 @@
    <div class="form-group">
        <label class="control-label col-xs-12 col-sm-2">{:__('Public_key')}:</label>
        <div class="col-xs-12 col-sm-8">
-            <input id="c-public_key" class="form-control" name="row[public_key]" type="text" value="{$row.public_key|htmlentities}">
+            <textarea id="c-public_key" class="form-control " rows="5" name="row[public_key]" cols="50">{$row.public_key|htmlentities}</textarea>
        </div>
    </div>
    <div class="form-group layer-footer">
--- a/application/api/controller/Index.php
+++ b/application/api/controller/Index.php
@ -102,6 +102,8 @@ class Index extends Api
            "unpaid_activity_cancel_time"=> config("site.unpaid_activity_cancel_time"),
            "unpaid_activity_expire_time"=> config("site.unpaid_activity_expire_time"),
            "miniapp_activity_swtich"=> config("site.miniapp_activity_swtich"),
            "classes_wx_miniapp_id"=>config('site.classes_wx_miniapp_id'),
        ];
        $customer_service = [
            "image"=>cdnurl(config('site.customer_service_image'),true),
--- a/application/api/controller/User.php
+++ b/application/api/controller/User.php
@ -6,6 +6,7 @@ use addons\xilufitness\services\login\LoginService;
 use app\common\controller\Api;
 use app\common\library\Ems;
 use app\common\library\Sms;
 use app\common\model\auth\api\Key;
 use app\common\model\dyqc\ManystoreShop;
 use app\common\model\manystore\UserAuth;
 use app\common\model\school\activity\Activity;
@ -23,7 +24,7 @@ use app\admin\library\Wechat;
 */
 class User extends Api
 {
-    protected $noNeedLogin = ["registerLogin","getTtOpenid","decodeTtData",'getOpenid','decodeData','login', 'mobilelogin', 'register', 'resetpwd', 'changeemail', 'changemobile', 'third'];
+    protected $noNeedLogin = ["auto_login_token","registerLogin","getTtOpenid","decodeTtData",'getOpenid','decodeData','login', 'mobilelogin', 'register', 'resetpwd', 'changeemail', 'changemobile', 'third'];
    protected $noNeedRight = '*';
    protected $miniConfig;
@ -683,6 +684,57 @@ class User extends Api
    /**
     * 获取跳转小程序自动登录传参
     * @ApiParams (name="encryption", type="string", required=false, description="是否公钥加密 1是，0否, 默认 是")
     */
    public function auto_login_token()
    {
        $encryption = $this->request->param("encryption/d", 1);
        $key = $this->request->param("key/s", "hschool");
        // token
        $token = $this->login_token;
        //接入大模型
        $public_key = Key::where("key",$key)->value("public_key");
        if(!$public_key) return $this->error("非法请求");
        $encrypted = null;
        if($token){
            //已登录
            //公钥加密
 //            echo "=== 公钥加密，私钥解密 ===\n";
            $encryption_data = [
                "token"=>$token,
                "time"=>time(),
                "encryption_data"=>null,
            ];
            //生成json 数据 格式不变
            $url_data = json_encode($encryption_data);
            $encrypted = '';
            if (!openssl_public_encrypt($url_data, $encrypted, $public_key)) {
                $this->error("公钥加密失败: " . openssl_error_string());
            }
 //            echo "加密后的数据（Base64）: " . base64_encode($encrypted) . "\n";
        }
        if($encryption){
            $data =[
                "token"=>null,
                "time"=>null,
                "encryption_data"=> base64_encode($encrypted), //编码用于传输
            ];
        }else{
            $data =$encryption_data;
        }
        $this->success('获取成功',$data);
    }
--- a/application/api/controller/openapi/Base.php
+++ b/application/api/controller/openapi/Base.php
@ -0,0 +1,76 @@
 <?php
 namespace app\api\controller\openapi;
 use app\common\controller\Api;
 class Base extends Api
 {
    protected $noNeedLogin = '*';
    protected $noNeedRight = '*';
    protected $decrypt_data = [];
    /**
     * 初始化操作
     * @access protected
     */
    protected function _initialize()
    {
        parent::_initialize();
        $this->checkToken();
    }
    public function checkToken()
    {
        // token
        $key = $this->request->param('key/s',"");
        $encryption_data = $this->request->param('encryption_data/s',"");
        $sign = $this->request->param('sign/s',"");
        if (!$encryption_data) {
            $this->error('异常的调用');
        }
        //根据key查询公钥库
        $public_key = \app\common\model\auth\api\Key::where('key', $key)->value("public_key");
        if (!$public_key) {
            $this->error('非法访问！');
        }
        $decrypted = '';
        if (!openssl_public_decrypt(base64_decode($sign), $decrypted, $public_key)) {
            $this->error('非法访问！');
        }
        $sign_data = json_decode($decrypted, true);
        //取出时间戳
        $timestamp = $sign_data['timestamp'];
        //授权有效时间只有3分钟
        if (time() - $timestamp > 180) {
            $this->error('授权已过期');
        }
        //公钥解密加密数据
        if($encryption_data){
            $decrypt_data = '';
            if (!openssl_public_decrypt(base64_decode($encryption_data), $decrypt_data, $public_key)) {
                $this->error('非法访问！');
            }
            $this->decrypt_data = json_decode($decrypt_data, true);
            //如果有当前服务器的token，塞入当前服务，重新加载父类_initialize方法
            if(!empty($this->decrypt_data['token'])){
                 $token = $this->decrypt_data['token'];
                 $this->auth->init($token);
            }
        }
    }
 }
--- a/application/api/controller/openapi/User.php
+++ b/application/api/controller/openapi/User.php
@ -0,0 +1,41 @@
 <?php
 namespace app\api\controller\openapi;
 /**
 * 本服务器openid:用户开放接口
 */
 class User extends Base
 {
    /**
     * 初始化操作
     * @access protected
     */
    protected function _initialize()
    {
        parent::_initialize();
    }
    /**
     * @ApiTitle( 用户中心)
     * @ApiSummary(用户中心)
     * @ApiMethod(POST)
     * @ApiParams(name = "key", type = "string",required=false,description = "调用key")
     * @ApiParams(name = "encryption_data", type = "string",required=true,description = "加密数据")
     * @ApiParams(name = "sign", type = "string",required=true,description = "签名")
     * @ApiReturn({
     *
     *})
     */
    public function index()
    {
        $user_id = 0;
        $user = $this->auth->getUser();//登录用户
        if($user)$user_id = $user['id'];
        if(!$user_id) $this->error(__('请登录'));
        $this->success('请求成功',$user);
    }
 }
--- a/application/api/controller/school/NewActivity.php
+++ b/application/api/controller/school/NewActivity.php
@ -165,6 +165,7 @@ class NewActivity extends Base
        try{
            //当前申请状态
            $res = $this->model::getVaildList($params);
            $count = $this->model::getVaildList($params,true);
 //            if($user_id =='670153'){
 //               file_put_contents("ceshi66.txt",(new AppointmentOrder())->getLastSql());
 //            }
@ -172,7 +173,7 @@ class NewActivity extends Base
            $this->error($e->getMessage());
        }
-        $this->success('查询成功', ["list"=>$res]);
+        $this->success('查询成功', ["list"=>$res,"count"=>$count]);
    }
--- a/application/common/controller/Api.php
+++ b/application/common/controller/Api.php
@ -65,6 +65,9 @@ class Api
     */
    protected $responseType = 'json';
    protected $login_token = null;
    /**
     * 构造方法
     * @access public
@ -136,7 +139,7 @@ class Api
        // token
        $token = $this->request->server('HTTP_TOKEN', $this->request->request('token', \think\Cookie::get('token')));
-
+        $this->login_token = $token;
        $path = str_replace('.', '/', $controllername) . '/' . $actionname;
        // 设置当前请求的URI
        $this->auth->setRequestUri($path);
--- a/application/common/model/auth/api/Key.php
+++ b/application/common/model/auth/api/Key.php
@ -0,0 +1,40 @@
 <?php
 namespace app\common\model\auth\api;
 use think\Model;
 class Key extends Model
 {
    // 表名
    protected $name = 'api_key';
    // 自动写入时间戳字段
    protected $autoWriteTimestamp = false;
    // 定义时间戳字段名
    protected $createTime = false;
    protected $updateTime = false;
    protected $deleteTime = false;
    // 追加属性
    protected $append = [
    ];
 }
--- a/application/common/model/school/activity/Activity.php
+++ b/application/common/model/school/activity/Activity.php
@ -684,7 +684,7 @@ class Activity extends BaseModel
    /**
     * 获取所有活动列表
     */
-    public static function getVaildList($params) {
+    public static function getVaildList($params,$count=false) {
        extract($params);
        $a = (new self)->getWithAlisaName().'.';
        $with = ['user'];
@ -930,6 +930,10 @@ class Activity extends BaseModel
 //            throw new \Exception("现版本不支持");
            $selfetch = $selfetch->having("distance <= {$nearby}");
        }
        if($count){
            $total = $selfetch->count();
            return $total;
        }
@ -1300,7 +1304,7 @@ class Activity extends BaseModel
            if($trans){
                self::rollbackTrans();
            }
-            throw new \Exception($e->getMessage().$e->getFile().$e->getLine());
+            throw new \Exception($e->getMessage());
        }
        return $row;
    }
--- a/public/assets/js/backend/auth/api/key.js
+++ b/public/assets/js/backend/auth/api/key.js
@ -28,7 +28,6 @@ define(['jquery', 'bootstrap', 'backend', 'table', 'form'], function ($, undefin
                        {field: 'id', title: __('Id')},
                        {field: 'name', title: __('Name'), operate: 'LIKE', table: table, class: 'autocontent', formatter: Table.api.formatter.content},
                        {field: 'key', title: __('Key'), operate: 'LIKE', table: table, class: 'autocontent', formatter: Table.api.formatter.content},
                        {field: 'public_key', title: __('Public_key'), operate: 'LIKE', table: table, class: 'autocontent', formatter: Table.api.formatter.content},
                        {field: 'operate', title: __('Operate'), table: table, events: Table.api.events.operate, formatter: Table.api.formatter.operate}
                    ]
                ]