ivampiresp/Lae
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

改进 拿的 Token 具有全部权限

Browse Source
This commit is contained in:
iVampireSP.com 2023-02-18 17:39:31 +08:00
parent 777e028aea
commit 3f3d6efe61
No known key found for this signature in database
GPG Key ID: 2F7B001CA27A8132
2 changed files with 11 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
app/Http/Controllers/Web/AuthController.php
View File

@ -6,15 +6,14 @@
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Notifications\User\UserNotification; use App\Notifications\User\UserNotification;
use App\Rules\Domain;
use function back;
use function config;
use Illuminate\Http\RedirectResponse; use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Carbon; use Illuminate\Support\Carbon;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Cache; use Illuminate\Support\Facades\Cache;
use Illuminate\View\View; use Illuminate\View\View;
use function back;
use function config;
use function redirect; use function redirect;
use function session; use function session;
use function view; use function view;
@ -34,13 +33,13 @@ public function index(Request $request): View|RedirectResponse
$dashboardHost = parse_url(config('settings.dashboard.base_url'), PHP_URL_HOST); $dashboardHost = parse_url(config('settings.dashboard.base_url'), PHP_URL_HOST);
if ($callbackHost === $dashboardHost) { if ($callbackHost === $dashboardHost) {
if (! $request->user('web')->isRealNamed()) { if (!$request->user('web')->isRealNamed()) {
return redirect()->route('real_name.create')->with('status', '重定向已被打断,需要先实人认证。'); return redirect()->route('real_name.create')->with('status', '重定向已被打断,需要先实人认证。');
} }
$token = $request->user()->createToken('Dashboard')->plainTextToken; $token = $request->user()->createToken('Dashboard')->plainTextToken;
return redirect($callback.'?token='.$token); return redirect($callback . '?token=' . $token);
} }
session(['referer.domain' => parse_url($request->header('referer'), PHP_URL_HOST)]); session(['referer.domain' => parse_url($request->header('referer'), PHP_URL_HOST)]);
@ -85,18 +84,10 @@ public function newToken(Request $request): RedirectResponse
{ {
$request->validate([ $request->validate([
'name' => 'required|string|max:255', 'name' => 'required|string|max:255',
'domain' => ['nullable', 'string', 'max:255', new Domain],
]); ]);
$abilities = [];
if ($request->has('domain')) {
$abilities = ['domain-access:'.$request->input('domain')];
}
$token = $request->user()->createToken( $token = $request->user()->createToken(
$request->input('name'), $request->input('name'),
$abilities
); );
return back()->with('token', $token->plainTextToken); return back()->with('token', $token->plainTextToken);
@ -130,7 +121,7 @@ public function exitSudo(): RedirectResponse
public function showAuthRequest($token): View|RedirectResponse public function showAuthRequest($token): View|RedirectResponse
{ {
$data = Cache::get('auth_request:'.$token); $data = Cache::get('auth_request:' . $token);
if (empty($data)) { if (empty($data)) {
return redirect()->route('index')->with('error', '登录请求的 Token 不存在或已过期。'); return redirect()->route('index')->with('error', '登录请求的 Token 不存在或已过期。');
@ -154,7 +145,7 @@ public function storeAuthRequest(Request $request): RedirectResponse
'token' => 'required|string|max:128', 'token' => 'required|string|max:128',
]); ]);
$data = Cache::get('auth_request:'.$request->input('token')); $data = Cache::get('auth_request:' . $request->input('token'));
if (empty($data)) { if (empty($data)) {
return back()->with('error', '登录请求的 Token 不存在或已过期。'); return back()->with('error', '登录请求的 Token 不存在或已过期。');
@ -178,7 +169,7 @@ public function storeAuthRequest(Request $request): RedirectResponse
$data['token'] = $user->createToken($data['meta']['description'] ?? Carbon::now()->toDateString(), $abilities)->plainTextToken; $data['token'] = $user->createToken($data['meta']['description'] ?? Carbon::now()->toDateString(), $abilities)->plainTextToken;
} }
Cache::put('auth_request:'.$request->input('token'), $data, 60); Cache::put('auth_request:' . $request->input('token'), $data, 60);
return redirect()->route('index')->with('success', '登录请求已确认。'); return redirect()->route('index')->with('success', '登录请求已确认。');
} }

8
resources/views/confirm_redirect.blade.php
View File

@ -20,7 +20,7 @@
@php @php
session()->forget('callback'); session()->forget('callback');
session()->forget('referer.domain'); // session()->forget('referer.domain');
@endphp @endphp
<script> <script>
@ -40,9 +40,9 @@
<input type="hidden" name="name" placeholder="Token 名字" <input type="hidden" name="name" placeholder="Token 名字"
value="自动登录 - {{ date('Y-m-d H:i:s') }}"/> value="自动登录 - {{ date('Y-m-d H:i:s') }}"/>
@if($referer_host) {{-- @if($referer_host)--}}
<input type="hidden" name="domain" value="{{ $referer_host }}"/> {{-- <input type="hidden" name="domain" value="{{ $referer_host }}"/>--}}
@endif {{-- @endif--}}
<button type="submit" class="btn btn-primary">授权</button> <button type="submit" class="btn btn-primary">授权</button>