何书鹏 / recruit · 提交

转到一个项目

作者 Karson
提交 a34086faf51c640a259cc56e736465e6900985c8 1 个父辈 1a7d4e27

新增独立的后台管理入口 

修复前台Auth类权限的BUG
修复后台自动登录的BUG
移除空余的配置文件和第三方前端插件
内嵌 并排对比
正在显示 14 个修改的文件 包含 168 行增加29 行删除
@@ -12,8 +12,8 @@ use think\Validate; @@ -12,8 +12,8 @@ use think\Validate;
12 class Index extends Backend 12 class Index extends Backend
13 { 13 {
14 14
15 - protected $noNeedLogin = ['login', 'logout'];  
16 - protected $noNeedRight = ['index']; 15 + protected $noNeedLogin = ['login'];
  16 + protected $noNeedRight = ['index', 'logout'];
17 protected $layout = ''; 17 protected $layout = '';
18 18
19 public function _initialize() 19 public function _initialize()
@@ -79,7 +79,7 @@ class Auth extends \fast\Auth @@ -79,7 +79,7 @@ class Auth extends \fast\Auth
79 if ($id && $keeptime && $expiretime && $key && $expiretime > time()) 79 if ($id && $keeptime && $expiretime && $key && $expiretime > time())
80 { 80 {
81 $admin = Admin::get($id); 81 $admin = Admin::get($id);
82 - if (!$admin) 82 + if (!$admin || !$admin->token)
83 { 83 {
84 return false; 84 return false;
85 } 85 }
@@ -165,7 +165,7 @@ class Backend extends Controller @@ -165,7 +165,7 @@ class Backend extends Controller
165 'controllername' => $controllername, 165 'controllername' => $controllername,
166 'actionname' => $actionname, 166 'actionname' => $actionname,
167 'jsname' => 'backend/' . str_replace('.', '/', $controllername), 167 'jsname' => 'backend/' . str_replace('.', '/', $controllername),
168 - 'moduleurl' => url("/{$modulename}", '', false), 168 + 'moduleurl' => rtrim(url("/{$modulename}", '', false), '/'),
169 'language' => $lang, 169 'language' => $lang,
170 'referer' => Session::get("referer") 170 'referer' => Session::get("referer")
171 ]; 171 ];
@@ -7,17 +7,42 @@ use app\common\model\Configvalue; @@ -7,17 +7,42 @@ use app\common\model\Configvalue;
7 use think\Config; 7 use think\Config;
8 use think\Controller; 8 use think\Controller;
9 use think\Lang; 9 use think\Lang;
  10 +use think\Session;
10 11
11 class Frontend extends Controller 12 class Frontend extends Controller
12 { 13 {
13 14
14 /** 15 /**
  16 + * 返回码,默认为null,当设置了该值后将输出json数据
  17 + * @var int
  18 + */
  19 + protected $code = null;
  20 +
  21 + /**
  22 + * 返回内容,默认为null,当设置了该值后将输出json数据
  23 + * @var mixed
  24 + */
  25 + protected $data = null;
  26 +
  27 + /**
  28 + * 返回文本,默认为空
  29 + * @var mixed
  30 + */
  31 + protected $msg = '';
  32 +
  33 + /**
15 * 34 *
16 * @var Auth 35 * @var Auth
17 */ 36 */
18 protected $user = null; 37 protected $user = null;
19 38
20 /** 39 /**
  40 + * 无需登录的方法,默认全部都无需登录
  41 + * @var array
  42 + */
  43 + protected $noNeedLogin = ['*'];
  44 +
  45 + /**
21 * 布局模板 46 * 布局模板
22 * @var string 47 * @var string
23 */ 48 */
@@ -39,9 +64,20 @@ class Frontend extends Controller @@ -39,9 +64,20 @@ class Frontend extends Controller
39 // 检测当前是否登录并进行初始化 64 // 检测当前是否登录并进行初始化
40 $this->user->init(); 65 $this->user->init();
41 66
  67 + // 检测是否需要验证登录
  68 + if (!$this->user->match($this->noNeedLogin))
  69 + {
  70 + //检测是否登录
  71 + if (!$this->user->isLogin())
  72 + {
  73 + $url = Session::get('referer');
  74 + $url = $url ? $url : $this->request->url();
  75 + $this->error(__('Please login first'), url('/user/login', ['url' => $url]));
  76 + }
  77 + }
  78 +
42 // 将auth对象渲染至视图 79 // 将auth对象渲染至视图
43 $this->view->assign("user", $this->user); 80 $this->view->assign("user", $this->user);
44 -  
45 // 如果有使用模板布局 81 // 如果有使用模板布局
46 if ($this->layout) 82 if ($this->layout)
47 { 83 {
@@ -78,4 +114,17 @@ class Frontend extends Controller @@ -78,4 +114,17 @@ class Frontend extends Controller
78 Lang::load(APP_PATH . $this->request->module() . '/lang/' . Lang::detect() . '/' . str_replace('.', '/', $name) . '.php'); 114 Lang::load(APP_PATH . $this->request->module() . '/lang/' . Lang::detect() . '/' . str_replace('.', '/', $name) . '.php');
79 } 115 }
80 116
  117 + /**
  118 + * 析构方法
  119 + *
  120 + */
  121 + public function __destruct()
  122 + {
  123 + //判断是否设置code值,如果有则变动response对象的正文
  124 + if (!is_null($this->code))
  125 + {
  126 + $this->result($this->data, $this->code, $this->msg, 'json');
  127 + }
  128 + }
  129 +
81 } 130 }
@@ -9,12 +9,13 @@ use fast\ucenter\client\Client; @@ -9,12 +9,13 @@ use fast\ucenter\client\Client;
9 use think\Cookie; 9 use think\Cookie;
10 use think\Db; 10 use think\Db;
11 use think\Exception; 11 use think\Exception;
  12 +use think\Request;
12 use think\Validate; 13 use think\Validate;
13 14
14 /** 15 /**
15 * Auth类 16 * Auth类
16 */ 17 */
17 -class Auth 18 +class Auth implements \JsonSerializable, \ArrayAccess
18 { 19 {
19 20
20 const ERR_ACCOUNT_IS_INCORRECT = 'Account is incorrect'; 21 const ERR_ACCOUNT_IS_INCORRECT = 'Account is incorrect';
@@ -58,6 +59,15 @@ class Auth @@ -58,6 +59,15 @@ class Auth
58 return self::$instance; 59 return self::$instance;
59 } 60 }
60 61
  62 + /**
  63 + *
  64 + * @return User
  65 + */
  66 + public function getModel()
  67 + {
  68 + return $this->user;
  69 + }
  70 +
61 public function __get($name) 71 public function __get($name)
62 { 72 {
63 return $this->check() ? $this->user->$name : NULL; 73 return $this->check() ? $this->user->$name : NULL;
@@ -277,6 +287,10 @@ class Auth @@ -277,6 +287,10 @@ class Auth
277 { 287 {
278 return FALSE; 288 return FALSE;
279 } 289 }
  290 + if (Token::identity($token) != $user['id'])
  291 + {
  292 + return FALSE;
  293 + }
280 $this->user = $user; 294 $this->user = $user;
281 $this->_logined = TRUE; 295 $this->_logined = TRUE;
282 return TRUE; 296 return TRUE;
@@ -415,8 +429,7 @@ class Auth @@ -415,8 +429,7 @@ class Auth
415 } 429 }
416 } 430 }
417 // 调用事务删除账号 431 // 调用事务删除账号
418 - $result = Db::transaction(function($db) use($user_id)  
419 - { 432 + $result = Db::transaction(function($db) use($user_id) {
420 // 删除会员 433 // 删除会员
421 User::destroy($user_id); 434 User::destroy($user_id);
422 435
@@ -458,6 +471,31 @@ class Auth @@ -458,6 +471,31 @@ class Auth
458 return md5(md5($password) . $salt); 471 return md5(md5($password) . $salt);
459 } 472 }
460 473
  474 +
  475 +
  476 + /**
  477 + * 检测当前控制器和方法是否匹配传递的数组
  478 + *
  479 + * @param array $arr 需要验证权限的数组
  480 + */
  481 + public function match($arr = [])
  482 + {
  483 + $request = Request::instance();
  484 + $arr = is_array($arr) ? $arr : explode(',', $arr);
  485 + if (!$arr)
  486 + {
  487 + return FALSE;
  488 + }
  489 + // 是否存在
  490 + if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr))
  491 + {
  492 + return TRUE;
  493 + }
  494 +
  495 + // 没找到匹配
  496 + return FALSE;
  497 + }
  498 +
461 /** 499 /**
462 * 同步登录信息 500 * 同步登录信息
463 * @param int $sync 是否同步登录到UC 501 * @param int $sync 是否同步登录到UC
@@ -577,4 +615,36 @@ class Auth @@ -577,4 +615,36 @@ class Auth
577 return __($this->_error); 615 return __($this->_error);
578 } 616 }
579 617
  618 + public function __toString()
  619 + {
  620 + return $this->user->toJson();
  621 + }
  622 +
  623 + // JsonSerializable
  624 + public function jsonSerialize()
  625 + {
  626 + return $this->user->toArray();
  627 + }
  628 +
  629 + // ArrayAccess
  630 + public function offsetSet($name, $value)
  631 + {
  632 + $this->user->setAttr($name, $value);
  633 + }
  634 +
  635 + public function offsetExists($name)
  636 + {
  637 + return $this->user->__isset($name);
  638 + }
  639 +
  640 + public function offsetUnset($name)
  641 + {
  642 + $this->user->__unset($name);
  643 + }
  644 +
  645 + public function offsetGet($name)
  646 + {
  647 + return $this->user->getAttr($name);
  648 + }
  649 +
580 } 650 }
@@ -18,6 +18,7 @@ class User extends Frontend @@ -18,6 +18,7 @@ class User extends Frontend
18 18
19 // 使用布局 19 // 使用布局
20 protected $layout = 'bootstrap'; 20 protected $layout = 'bootstrap';
  21 + protected $noNeedLogin = ['*'];
21 22
22 public function _initialize() 23 public function _initialize()
23 { 24 {
  1 +<?php
  2 +
  3 +// +----------------------------------------------------------------------
  4 +// | ThinkPHP [ WE CAN DO IT JUST THINK ]
  5 +// +----------------------------------------------------------------------
  6 +// | Copyright (c) 2006-2016 http://thinkphp.cn All rights reserved.
  7 +// +----------------------------------------------------------------------
  8 +// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
  9 +// +----------------------------------------------------------------------
  10 +// | Author: liu21st <liu21st@gmail.com>
  11 +// +----------------------------------------------------------------------
  12 +// [ 后台入口文件 ]
  13 +// 使用此文件可以达到隐藏admin模块的效果
  14 +// 建议将admin.php改成其它任意的文件名,同时修改config.php中的'deny_module_list',把admin模块也添加进去
  15 +// 定义应用目录
  16 +define('APP_PATH', __DIR__ . '/../application/');
  17 +
  18 +// 判断是否安装FastAdmin
  19 +if (!file_exists(APP_PATH . 'admin/command/Install/install.lock'))
  20 +{
  21 + header("location:./install.php");
  22 + exit;
  23 +}
  24 +
  25 +// 加载框架引导文件
  26 +require __DIR__ . '/../thinkphp/base.php';
  27 +
  28 +// 绑定到admin模块
  29 +\think\Route::bind('admin');
  30 +
  31 +// 设置根url
  32 +\think\Url::root('');
  33 +
  34 +// 执行应用
  35 +\think\App::run()->send();
@@ -42,7 +42,8 @@ define(['jquery', 'bootstrap', 'backend', 'table', 'form'], function ($, undefin @@ -42,7 +42,8 @@ define(['jquery', 'bootstrap', 'backend', 'table', 'form'], function ($, undefin
42 {field: 'createtime', title: __('Create time'), formatter: Table.api.formatter.datetime, operate: 'BETWEEN', type: 'datetime', addclass: 'datetimepicker', data: 'data-date-format="YYYY-MM-DD HH:mm:ss"'}, 42 {field: 'createtime', title: __('Create time'), formatter: Table.api.formatter.datetime, operate: 'BETWEEN', type: 'datetime', addclass: 'datetimepicker', data: 'data-date-format="YYYY-MM-DD HH:mm:ss"'},
43 //我们向操作栏额外添加上一个详情按钮,并保留已有的编辑和删除控制,同时为这个按钮添加上点击事件 43 //我们向操作栏额外添加上一个详情按钮,并保留已有的编辑和删除控制,同时为这个按钮添加上点击事件
44 {field: 'operate', title: __('Operate'), events: Controller.api.events.operate, formatter: function (value, row, index) { 44 {field: 'operate', title: __('Operate'), events: Controller.api.events.operate, formatter: function (value, row, index) {
45 - return Table.api.formatter.operate.call(this, value, row, index, table); 45 + var detail = '<a class="btn btn-xs btn-success btn-detail">详情</a> ';
  46 + return detail + Table.api.formatter.operate.call(this, value, row, index, table);
46 }} 47 }}
47 ], 48 ],
48 ], 49 ],
@@ -24,8 +24,6 @@ require.config({ @@ -24,8 +24,6 @@ require.config({
24 // 以下的包从bower的libs目录加载 24 // 以下的包从bower的libs目录加载
25 'jquery': '../libs/jquery/dist/jquery.min', 25 'jquery': '../libs/jquery/dist/jquery.min',
26 'bootstrap': '../libs/bootstrap/dist/js/bootstrap.min', 26 'bootstrap': '../libs/bootstrap/dist/js/bootstrap.min',
27 - 'bootstrap-validator': '../libs/bootstrap-validator/dist/validator.min',  
28 - 'bootstrap-dialog': '../libs/bootstrap3-dialog/dist/js/bootstrap-dialog.min',  
29 'bootstrap-datetimepicker': '../libs/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min', 27 'bootstrap-datetimepicker': '../libs/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min',
30 'bootstrap-select': '../libs/bootstrap-select/dist/js/bootstrap-select.min', 28 'bootstrap-select': '../libs/bootstrap-select/dist/js/bootstrap-select.min',
31 'bootstrap-table': '../libs/bootstrap-table/dist/bootstrap-table.min', 29 'bootstrap-table': '../libs/bootstrap-table/dist/bootstrap-table.min',
@@ -33,13 +31,10 @@ require.config({ @@ -33,13 +31,10 @@ require.config({
33 'bootstrap-table-mobile': '../libs/bootstrap-table/dist/extensions/mobile/bootstrap-table-mobile', 31 'bootstrap-table-mobile': '../libs/bootstrap-table/dist/extensions/mobile/bootstrap-table-mobile',
34 'bootstrap-table-lang': '../libs/bootstrap-table/dist/locale/bootstrap-table-zh-CN', 32 'bootstrap-table-lang': '../libs/bootstrap-table/dist/locale/bootstrap-table-zh-CN',
35 'tableexport': '../libs/tableExport.jquery.plugin/tableExport.min', 33 'tableexport': '../libs/tableExport.jquery.plugin/tableExport.min',
36 - 'dropzone': '../libs/dropzone/dist/min/dropzone-amd-module.min',  
37 - 'less': '../libs/less/dist/less.min',  
38 'dragsort': '../libs/dragsort/jquery.dragsort', 34 'dragsort': '../libs/dragsort/jquery.dragsort',
39 'sortable': '../libs/Sortable/Sortable.min', 35 'sortable': '../libs/Sortable/Sortable.min',
40 'addtabs': '../libs/jquery-addtabs/jquery.addtabs', 36 'addtabs': '../libs/jquery-addtabs/jquery.addtabs',
41 'slimscroll': '../libs/jquery-slimscroll/jquery.slimscroll', 37 'slimscroll': '../libs/jquery-slimscroll/jquery.slimscroll',
42 - 'crontab': '../libs/jqcron/src/jqCron.cn',  
43 'summernote': '../libs/summernote/dist/lang/summernote-zh-CN.min', 38 'summernote': '../libs/summernote/dist/lang/summernote-zh-CN.min',
44 'validator-core': '../libs/nice-validator/dist/jquery.validator', 39 'validator-core': '../libs/nice-validator/dist/jquery.validator',
45 'validator-lang': '../libs/nice-validator/dist/local/zh-CN', 40 'validator-lang': '../libs/nice-validator/dist/local/zh-CN',
@@ -98,11 +93,6 @@ require.config({ @@ -98,11 +93,6 @@ require.config({
98 deps: ['bootstrap', 'slimscroll'], 93 deps: ['bootstrap', 'slimscroll'],
99 exports: '$.AdminLTE' 94 exports: '$.AdminLTE'
100 }, 95 },
101 - 'crontab': ['../libs/jqcron/src/jqCron', 'css!../libs/jqcron/src/jqCron.css'],  
102 - 'bootstrap-checkbox': ['jquery'],  
103 - 'bootstrap-radio': ['jquery'],  
104 - 'bootstrap-switch': ['jquery'],  
105 - 'bootstrap-dialog': ['css!../libs/bootstrap3-dialog/dist/css/bootstrap-dialog.min.css'],  
106 'bootstrap-datetimepicker': [ 96 'bootstrap-datetimepicker': [
107 'moment/locale/zh-cn', 97 'moment/locale/zh-cn',
108 // 'css!../libs/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css', 98 // 'css!../libs/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css',
@@ -24,8 +24,6 @@ require.config({ @@ -24,8 +24,6 @@ require.config({
24 // 以下的包从bower的libs目录加载 24 // 以下的包从bower的libs目录加载
25 'jquery': '../libs/jquery/dist/jquery.min', 25 'jquery': '../libs/jquery/dist/jquery.min',
26 'bootstrap': '../libs/bootstrap/dist/js/bootstrap.min', 26 'bootstrap': '../libs/bootstrap/dist/js/bootstrap.min',
27 - 'bootstrap-validator': '../libs/bootstrap-validator/dist/validator.min',  
28 - 'bootstrap-dialog': '../libs/bootstrap3-dialog/dist/js/bootstrap-dialog.min',  
29 'bootstrap-datetimepicker': '../libs/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min', 27 'bootstrap-datetimepicker': '../libs/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min',
30 'bootstrap-select': '../libs/bootstrap-select/dist/js/bootstrap-select.min', 28 'bootstrap-select': '../libs/bootstrap-select/dist/js/bootstrap-select.min',
31 'bootstrap-table': '../libs/bootstrap-table/dist/bootstrap-table.min', 29 'bootstrap-table': '../libs/bootstrap-table/dist/bootstrap-table.min',
@@ -33,13 +31,10 @@ require.config({ @@ -33,13 +31,10 @@ require.config({
33 'bootstrap-table-mobile': '../libs/bootstrap-table/dist/extensions/mobile/bootstrap-table-mobile', 31 'bootstrap-table-mobile': '../libs/bootstrap-table/dist/extensions/mobile/bootstrap-table-mobile',
34 'bootstrap-table-lang': '../libs/bootstrap-table/dist/locale/bootstrap-table-zh-CN', 32 'bootstrap-table-lang': '../libs/bootstrap-table/dist/locale/bootstrap-table-zh-CN',
35 'tableexport': '../libs/tableExport.jquery.plugin/tableExport.min', 33 'tableexport': '../libs/tableExport.jquery.plugin/tableExport.min',
36 - 'dropzone': '../libs/dropzone/dist/min/dropzone-amd-module.min',  
37 - 'less': '../libs/less/dist/less.min',  
38 'dragsort': '../libs/dragsort/jquery.dragsort', 34 'dragsort': '../libs/dragsort/jquery.dragsort',
39 'sortable': '../libs/Sortable/Sortable.min', 35 'sortable': '../libs/Sortable/Sortable.min',
40 'addtabs': '../libs/jquery-addtabs/jquery.addtabs', 36 'addtabs': '../libs/jquery-addtabs/jquery.addtabs',
41 'slimscroll': '../libs/jquery-slimscroll/jquery.slimscroll', 37 'slimscroll': '../libs/jquery-slimscroll/jquery.slimscroll',
42 - 'crontab': '../libs/jqcron/src/jqCron.cn',  
43 'summernote': '../libs/summernote/dist/lang/summernote-zh-CN.min', 38 'summernote': '../libs/summernote/dist/lang/summernote-zh-CN.min',
44 'validator-core': '../libs/nice-validator/dist/jquery.validator', 39 'validator-core': '../libs/nice-validator/dist/jquery.validator',
45 'validator-lang': '../libs/nice-validator/dist/local/zh-CN', 40 'validator-lang': '../libs/nice-validator/dist/local/zh-CN',
@@ -98,11 +93,6 @@ require.config({ @@ -98,11 +93,6 @@ require.config({
98 deps: ['bootstrap', 'slimscroll'], 93 deps: ['bootstrap', 'slimscroll'],
99 exports: '$.AdminLTE' 94 exports: '$.AdminLTE'
100 }, 95 },
101 - 'crontab': ['../libs/jqcron/src/jqCron', 'css!../libs/jqcron/src/jqCron.css'],  
102 - 'bootstrap-checkbox': ['jquery'],  
103 - 'bootstrap-radio': ['jquery'],  
104 - 'bootstrap-switch': ['jquery'],  
105 - 'bootstrap-dialog': ['css!../libs/bootstrap3-dialog/dist/css/bootstrap-dialog.min.css'],  
106 'bootstrap-datetimepicker': [ 96 'bootstrap-datetimepicker': [
107 'moment/locale/zh-cn', 97 'moment/locale/zh-cn',
108 // 'css!../libs/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css', 98 // 'css!../libs/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css',
@@ -34,6 +34,7 @@ define(['jquery', 'bootstrap', 'backend', 'toastr', 'moment', 'bootstrap-table', @@ -34,6 +34,7 @@ define(['jquery', 'bootstrap', 'backend', 'toastr', 'moment', 'bootstrap-table',
34 mobileResponsive: true, 34 mobileResponsive: true,
35 cardView: true, 35 cardView: true,
36 checkOnInit: true, 36 checkOnInit: true,
  37 + escape:true,
37 extend: { 38 extend: {
38 index_url: '', 39 index_url: '',
39 add_url: '', 40 add_url: '',
1 <?php 1 <?php
2 /** 2 /**
3 * FastAdmin安装程序 3 * FastAdmin安装程序
  4 + *
  5 + * 安装完成后建议删除此文件
4 * @author Karson 6 * @author Karson
5 * @website http://www.fastadmin.net 7 * @website http://www.fastadmin.net
6 */ 8 */