接口获取数据增加token验证

3 years ago · f8bd3ba20a
3 changed files with 30 additions and 0 deletions
--- a/source/application/api/controller/library/Pass.php
+++ b/source/application/api/controller/library/Pass.php
@ -3,13 +3,22 @@ namespace app\api\controller\library;

 use app\api\controller\Controller;
 use app\common\dm\Dm;
+use app\common\exception\BaseException;
 use app\common\logic\PassFlow;
+use think\Session;

 class Pass extends Controller
 {

    protected $url = 'http://balib.cn:8999';

+    public function requestValiDate()
+    {
+        $token = $this->request->param('token');
+        if (empty($token)) throw new BaseException(['msg' => '缺少token参数']);
+        if ($token != Session::pull('__token__')) throw new BaseException(['msg' => 'token验证失败']);
+    }
+
    /**
     * 图书管数据接口
     * @return array
@ -19,6 +28,7 @@ class Pass extends Controller
     */
    public function allFlowTrends()
    {
+        $this->requestValiDate();
        $data = PassFlow::allFlowTrends();
        return $this->renderSuccess(compact('data'));
    }
@ -204,6 +214,7 @@ class Pass extends Controller
     */
    public function getLibraryHours24List()
    {
+        $this->requestValiDate();
        $data = PassFlow::getLibraryHours24List();
        return $this->renderSuccess(compact('data'));
    }
@ -217,6 +228,7 @@ class Pass extends Controller
     */
    public function getLibraryGroupHoursList()
    {
+        $this->requestValiDate();
        $data = PassFlow::getLibraryGroupHoursList();
        return $this->renderSuccess(compact('data'));
    }
@ -264,6 +276,7 @@ class Pass extends Controller
     */
    public function getLibraryLeaseData()
    {
+        $this->requestValiDate();
        $data = PassFlow::getLibraryLeaseData();
        return $this->renderSuccess(compact('data'));
    }
--- a/source/application/api/controller/pass/Passcc.php
+++ b/source/application/api/controller/pass/Passcc.php
@ -9,6 +9,7 @@ use app\common\exception\BaseException;
 use app\common\logic\PassFlow;
 use app\common\model\Pass;
 use think\Db;
+use think\Session;

 class Passcc extends Controller
 {
@ -19,6 +20,9 @@ class Passcc extends Controller

    public function _initialize()
    {
+        $token = $this->request->param('token');
+        if (empty($token)) throw new BaseException(['msg' => '缺少token参数']);
+        if ($token != Session::pull('__token__')) throw new BaseException(['msg' => 'token验证失败']);
        $type = $this->request->param('type');
        if (!empty($type) || is_numeric($type)) {
            if (!preg_match('/^[1-2]$/',$type)) throw new BaseException(['msg' => 'type字段参数错误']);
--- a/source/application/api/controller/xtool/Token.php
+++ b/source/application/api/controller/xtool/Token.php
@ -0,0 +1,13 @@
+<?php
+
+namespace app\api\controller\xtool;
+
+use app\api\controller\Controller;
+
+class Token extends Controller
+{
+    public function getToken()
+    {
+        return $this->renderSuccess(['token' => $this->request->token()]);
+    }
+}