From 79902bd4ce83a518e453072612bdca8a5a191095 Mon Sep 17 00:00:00 2001
From: "iVampireSP.com" <im@ivampiresp.com>
Date: Fri, 20 Jan 2023 00:06:38 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=20topic=20=E8=AE=A4=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Application/MqttAuthController.php        | 38 ++++++++++---------
 1 file changed, 21 insertions(+), 17 deletions(-)

diff --git a/app/Http/Controllers/Application/MqttAuthController.php b/app/Http/Controllers/Application/MqttAuthController.php
index 21d2888..4a82857 100644
--- a/app/Http/Controllers/Application/MqttAuthController.php
+++ b/app/Http/Controllers/Application/MqttAuthController.php
@@ -10,29 +10,32 @@
 
 class MqttAuthController extends Controller
 {
-    //
-
     public function authentication(Request $request): Response
     {
-        //
-        $client_id = $request->input('client_id');
+        $client_id = explode('.', $request->input('client_id'));
+
+        if (count($client_id) < 2) {
+            return $this->ignore();
+        }
+
         $username = $request->input('username');
-        $password = $request->input('password');
-
-
-        //    分割 username
         $usernames = explode('.', $username);
 
+        $password = $request->input('password');
+
         $module_id = $usernames[0] ?? null;
         $device_id = $usernames[1] ?? null;
 
-
         $module = (new Module)->where('id', $module_id)->first();
 
         if (!$module) {
             return $this->ignore();
         }
 
+        if ($client_id[0] !== $module->id) {
+            return $this->ignore();
+        }
+
         // 如果没有设置 device_id，那么就是模块自己的连接
         if (!$device_id) {
             // 让 api_token 可见
@@ -45,12 +48,9 @@ public function authentication(Request $request): Response
                 return $this->deny();
             }
         } else {
-            // 如果设置了 device_id，那么就是设备的连接
-
-            // 此时，我们得联系模块，让模块去验证设备。
-
+            // 如果设置了 device_id，那么就是设备的连接，此时，我们得联系模块，让模块去验证设备。
             $response = $module->baseRequest('post', 'mqtt/authentication', [
-                'client_id' => $client_id,
+                'client_id' => $client_id[1],
                 'device_id' => $device_id,
                 'password' => $password,
             ]);
@@ -93,8 +93,13 @@ public function authorization(Request $request): Response
             return $this->deny();
         }
 
+        $client_id = explode('.', $request->input('client_id'));
+        if (count($client_id) < 2) {
+            return $this->deny();
+        }
+
         $action = $request->input('action');
-        $client_id = $request->input('client_id');
+
         $username = $request->input('username');
         $topic = $request->input('topic');
 
@@ -114,7 +119,6 @@ public function authorization(Request $request): Response
 
         if (!$module) {
             // 不属于我们管理，跳过。
-            // Log::debug('不属于我们管理，跳过。');
             return $this->ignore();
         }
 
@@ -141,7 +145,7 @@ public function authorization(Request $request): Response
 
         // 联系模块，让模块去验证设备授权。
         $response = $module->baseRequest('post', 'mqtt/authorization', [
-            'client_id' => $client_id,
+            'client_id' => $client_id[1],
             'device_id' => $device_id,
             'type' => $action,
             'topic' => $topic,