增加通过 Token 获取用户

2023-01-18 23:38:31 +08:00 · 2023-01-18 23:38:31 +08:00 · 5a91506904
commit 5a91506904
parent 4200f5f4aa
3 changed files with 30 additions and 3 deletions
--- a/app/Http/Controllers/Modules/UserController.php
+++ b/app/Http/Controllers/Modules/UserController.php
@ -4,9 +4,11 @@

 use App\Http\Controllers\Controller;
 use App\Models\Host;
+use App\Models\PersonalAccessToken;
 use App\Models\User;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use Illuminate\Support\Arr;

 class UserController extends Controller
 {
@ -91,4 +93,21 @@ public function update(Request $request, User $user): JsonResponse
        return $this->updated();
    }

+    public function auth($token): JsonResponse
+    {
+        $token = PersonalAccessToken::findToken($token);
+
+        // 画饼: 验证 Token 能力，比如是否可以访问这个模块
+
+        return $token ? $this->success(Arr::only(
+            $token->tokenable
+                ->makeVisible('real_name')
+                ->toArray()
+            ,
+            [
+                'id', 'name', 'email', 'real_name'
+            ]
+        )) : $this->notFound();
+    }
+
 }
--- a/app/Models/User.php
+++ b/app/Models/User.php
@ -41,6 +41,7 @@ class User extends Authenticatable
    protected $hidden = [
        'password',
        'remember_token',
+        'real_name',
        'id_card',
    ];

@ -59,7 +60,13 @@ class User extends Authenticatable
        'birthday_at',
    ];

-    // id card 必须加密
+    public array $publics = [
+        'id',
+        'name',
+        'email',
+        'real_name',
+        'balance',
+    ];

    protected static function boot()
    {
@ -145,8 +152,8 @@ public function scopeBirthday()

    public function selectPublic(): User
    {
-        // 过滤掉私有字段
-        return $this->select(['id', 'name', 'email_md5', 'created_at']);
+        // 仅需选择公开的
+        return $this->select($this->publics);
    }

    public function startTransfer(User $to, string $amount, string|null $description)
--- a/routes/modules.php
+++ b/routes/modules.php
@ -22,6 +22,7 @@
 // 用户信息
 Route::resource('users', UserController::class)->only(['index', 'show', 'update']);

+Route::get('token/{token}', [UserController::class, 'auth']);
 Route::get('users/{user}/hosts', [UserController::class, 'hosts']);

 Route::post('broadcast/users/{user}', [BroadcastController::class, 'broadcast_to_user']);