改进匿名认证

2023-02-07 17:45:31 +08:00 · 2023-02-07 17:45:31 +08:00 · f6e8b85a9d
commit f6e8b85a9d
parent 98ac5bb159
4 changed files with 49 additions and 18 deletions
--- a/app/Http/Controllers/Public/AuthRequestController.php
+++ b/app/Http/Controllers/Public/AuthRequestController.php
@ -14,13 +14,17 @@ public function store(Request $request): JsonResponse
    {
        $request->validate([
            'description' => 'required|string|max:255',
            'require_token' => 'nullable|boolean'
        ]);
        $token = Str::random(128);
        $data = [
            'meta' => [
                'description' => $request->input('description'),
                'token' => $token,
                'require_token' => $request->input('require_token', false),
            ]
        ];
        if ($request->user('module')) {
--- a/app/Http/Controllers/Web/AuthController.php
+++ b/app/Http/Controllers/Web/AuthController.php
@ -6,13 +6,14 @@
 use App\Http\Controllers\Controller;
 use App\Notifications\User\UserNotification;
 use function back;
 use function config;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Carbon;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Cache;
 use Illuminate\View\View;
 use function back;
 use function config;
 use function redirect;
 use function session;
 use function view;
@ -145,7 +146,17 @@ public function storeAuthRequest(Request $request): RedirectResponse
            return back()->with('error', '登录请求的 Token 已被使用。');
        }
-        $data['user'] = $request->user('web');
+        $user = $request->user('web');
        $data['user'] = $user->getOnlyPublic([], [
            'email',
            'email_verified_at',
            'real_name_verified_at',
        ]);
        if (isset($data['meta']['require_token']) && $data['meta']['require_token']) {
            $data['token'] = $user->createToken($data['meta']['description'] ?? Carbon::now()->toDateString())->plainTextToken;
        }
        Cache::put('auth_request:' . $request->input('token'), $data, 60);
--- a/app/Models/User.php
+++ b/app/Models/User.php
@ -29,10 +29,12 @@ class User extends Authenticatable implements MustVerifyEmail
    public array $publics = [
        'id',
        'uuid',
        'name',
        'email',
        'real_name',
        'balance',
        'user_group_id'
    ];
    /**
@ -174,10 +176,13 @@ public function selectPublic(): self|Builder|CachedBuilder
        return $this->select($this->publics);
    }
-    public function getOnlyPublic($excepts = []): array
+    public function getOnlyPublic($appened_excepts = [], $display = []): array
    {
-        if ($excepts) {
+        if ($display) {
-            $this->publics = array_diff($this->publics, $excepts);
+            $this->publics = array_merge($this->publics, $display);
        }
        if ($appened_excepts) {
            $this->publics = array_diff($this->publics, $appened_excepts);
        }
        return Arr::only($this->toArray(), $this->publics);
--- a/resources/views/auth/request.blade.php
+++ b/resources/views/auth/request.blade.php
@ -20,12 +20,23 @@
        想要获取你的用户信息。
    </h3>
-    <p>{{ $data['description'] }}</p>
+    <p>{{ $data['meta']['description'] }}</p>
    <br/>
    <p>
        在您同意后，您的 <b>ID</b>, <b>UUID</b>, <b>昵称</b>, <b>邮件信息 和 实人认证成功的时间(不包含个人信息)</b>, <b>余额</b>,
        <b>用户组 ID</b> 将会被发送给它们。
        @if ($data['meta']['require_token'])
            <br />
            你的 <b>Token</b> 将会新建一个，并发送给它们。
        @endif
    </p>
    @auth('web')
        <form method="POST" action="{{ route('auth_request.store') }}">
            @csrf
-            <input type="hidden" name="token" value="{{ $data['token'] }}">
+            <input type="hidden" name="token" value="{{ $data['meta']['token'] }}">
            <button type="submit" class="btn btn-primary">同意</button>
        </form>
    @else