From f6e8b85a9dd95d834a8c5b139fa58bd22b51f613 Mon Sep 17 00:00:00 2001 From: "iVampireSP.com" Date: Tue, 7 Feb 2023 17:45:31 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=B9=E8=BF=9B=20=E5=8C=BF=E5=90=8D?= =?UTF-8?q?=E8=AE=A4=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Public/AuthRequestController.php | 14 ++++++---- app/Http/Controllers/Web/AuthController.php | 27 +++++++++++++------ app/Models/User.php | 11 +++++--- resources/views/auth/request.blade.php | 15 +++++++++-- 4 files changed, 49 insertions(+), 18 deletions(-) diff --git a/app/Http/Controllers/Public/AuthRequestController.php b/app/Http/Controllers/Public/AuthRequestController.php index 359ea20..20e4e6e 100644 --- a/app/Http/Controllers/Public/AuthRequestController.php +++ b/app/Http/Controllers/Public/AuthRequestController.php @@ -14,13 +14,17 @@ public function store(Request $request): JsonResponse { $request->validate([ 'description' => 'required|string|max:255', + 'require_token' => 'nullable|boolean' ]); $token = Str::random(128); $data = [ - 'description' => $request->input('description'), - 'token' => $token, + 'meta' => [ + 'description' => $request->input('description'), + 'token' => $token, + 'require_token' => $request->input('require_token', false), + ] ]; if ($request->user('module')) { @@ -37,7 +41,7 @@ public function store(Request $request): JsonResponse ]); } - Cache::put('auth_request:'.$token, $data, 120); + Cache::put('auth_request:' . $token, $data, 120); $data['url'] = route('auth_request.show', $token); @@ -46,13 +50,13 @@ public function store(Request $request): JsonResponse public function show($token): JsonResponse { - $data = Cache::get('auth_request:'.$token); + $data = Cache::get('auth_request:' . $token); if (empty($data)) { return $this->error('Token 不存在或已过期。'); } - if (! isset($data['user'])) { + if (!isset($data['user'])) { $data['user'] = null; } diff --git a/app/Http/Controllers/Web/AuthController.php b/app/Http/Controllers/Web/AuthController.php index 5ad85e7..b6d265e 100644 --- a/app/Http/Controllers/Web/AuthController.php +++ b/app/Http/Controllers/Web/AuthController.php @@ -6,13 +6,14 @@ use App\Http\Controllers\Controller; use App\Notifications\User\UserNotification; -use function back; -use function config; use Illuminate\Http\RedirectResponse; use Illuminate\Http\Request; +use Illuminate\Support\Carbon; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Cache; use Illuminate\View\View; +use function back; +use function config; use function redirect; use function session; use function view; @@ -32,13 +33,13 @@ public function index(Request $request): View|RedirectResponse $dashboardHost = parse_url(config('settings.dashboard.base_url'), PHP_URL_HOST); if ($callbackHost === $dashboardHost) { - if (! Auth::guard('web')->user()->isRealNamed()) { + if (!Auth::guard('web')->user()->isRealNamed()) { return redirect()->route('real_name.create')->with('status', '重定向已被打断,需要先实人认证。'); } $token = $request->user()->createToken('Dashboard')->plainTextToken; - return redirect($callback.'?token='.$token); + return redirect($callback . '?token=' . $token); } return redirect()->route('confirm_redirect'); @@ -111,7 +112,7 @@ public function exitSudo(): RedirectResponse public function showAuthRequest($token): View|RedirectResponse { - $data = Cache::get('auth_request:'.$token); + $data = Cache::get('auth_request:' . $token); if (empty($data)) { return redirect()->route('index')->with('error', '登录请求的 Token 不存在或已过期。'); @@ -135,7 +136,7 @@ public function storeAuthRequest(Request $request): RedirectResponse 'token' => 'required|string|max:128', ]); - $data = Cache::get('auth_request:'.$request->input('token')); + $data = Cache::get('auth_request:' . $request->input('token')); if (empty($data)) { return back()->with('error', '登录请求的 Token 不存在或已过期。'); @@ -145,9 +146,19 @@ public function storeAuthRequest(Request $request): RedirectResponse return back()->with('error', '登录请求的 Token 已被使用。'); } - $data['user'] = $request->user('web'); + $user = $request->user('web'); - Cache::put('auth_request:'.$request->input('token'), $data, 60); + $data['user'] = $user->getOnlyPublic([], [ + 'email', + 'email_verified_at', + 'real_name_verified_at', + ]); + + if (isset($data['meta']['require_token']) && $data['meta']['require_token']) { + $data['token'] = $user->createToken($data['meta']['description'] ?? Carbon::now()->toDateString())->plainTextToken; + } + + Cache::put('auth_request:' . $request->input('token'), $data, 60); return redirect()->route('index')->with('success', '登录请求已确认。'); } diff --git a/app/Models/User.php b/app/Models/User.php index 8b1307d..e3d007e 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -29,10 +29,12 @@ class User extends Authenticatable implements MustVerifyEmail public array $publics = [ 'id', + 'uuid', 'name', 'email', 'real_name', 'balance', + 'user_group_id' ]; /** @@ -174,10 +176,13 @@ public function selectPublic(): self|Builder|CachedBuilder return $this->select($this->publics); } - public function getOnlyPublic($excepts = []): array + public function getOnlyPublic($appened_excepts = [], $display = []): array { - if ($excepts) { - $this->publics = array_diff($this->publics, $excepts); + if ($display) { + $this->publics = array_merge($this->publics, $display); + } + if ($appened_excepts) { + $this->publics = array_diff($this->publics, $appened_excepts); } return Arr::only($this->toArray(), $this->publics); diff --git a/resources/views/auth/request.blade.php b/resources/views/auth/request.blade.php index 9d74d3c..64c5904 100644 --- a/resources/views/auth/request.blade.php +++ b/resources/views/auth/request.blade.php @@ -20,12 +20,23 @@ 想要获取你的用户信息。 -

{{ $data['description'] }}

+

{{ $data['meta']['description'] }}

+ +
+

+ 在您同意后,您的 ID, UUID, 昵称, 邮件信息 和 实人认证成功的时间(不包含个人信息), 余额, + 用户组 ID 将会被发送给它们。 + @if ($data['meta']['require_token']) +
+ 你的 Token 将会新建一个,并发送给它们。 + @endif +

+ @auth('web')
@csrf - +
@else