ivampiresp/Lae
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加 请求安全处理

Browse Source
This commit is contained in:
iVampireSP.com 2023-02-27 19:07:22 +08:00
parent 8b0025aa4b
commit dc5d9bca55
No known key found for this signature in database
GPG Key ID: 2F7B001CA27A8132
1 changed files with 41 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/Http/Controllers/Module/UserController.php
View File

@ -9,6 +9,7 @@
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Arr; use Illuminate\Support\Arr;
use Illuminate\Support\Facades\Cache;
class UserController extends Controller class UserController extends Controller
{ {
@ -74,10 +75,19 @@ public function update(Request $request, User $user): JsonResponse
$request->validate([ $request->validate([
'balance' => 'required|numeric|min:-10000|max:10000', 'balance' => 'required|numeric|min:-10000|max:10000',
'description' => 'required|string', 'description' => 'required|string',
'unique_id' => 'nullable|string',
]); ]);
$module = $request->user('module'); $module = $request->user('module');
if ($request->filled('balance')) {
if ($request->filled('unique_id')) {
$unique_id_cache_key = 'module:'.$request->user('module')->id.':balance:unique_id:'.$request->input('unique_id');
if (Cache::has($unique_id_cache_key)) {
return $this->error('重复的请求。');
}
}
$balance = $request->input('balance'); $balance = $request->input('balance');
if ($balance < 0) { if ($balance < 0) {
@ -110,6 +120,12 @@ public function update(Request $request, User $user): JsonResponse
]); ]);
} }
if ($request->filled('unique_id')) {
$unique_id_cache_key = 'module:'.$request->user('module')->id.':balance:unique_id:'.$request->input('unique_id');
Cache::put($unique_id_cache_key, $trans->id, now()->addDay());
}
}
$trans['commission'] = config('settings.billing.commission'); $trans['commission'] = config('settings.billing.commission');
return $this->success($trans); return $this->success($trans);