<?php namespace app\common\controller; use app\common\library\Auth; use think\Config; use think\exception\HttpResponseException; use think\exception\ValidateException; use think\Hook; use think\Lang; use think\Loader; use think\Request; use think\Response; use think\Route; use think\Db; /** * API控制器基类 */ class Api { /** * @var Request Request 实例 */ protected $request; /** * @var bool 验证失败是否抛出异常 */ protected $failException = false; /** * @var bool 是否批量验证 */ protected $batchValidate = false; /** * @var array 前置操作方法列表 */ protected $beforeActionList = []; /** * 无需登录的方法,同时也就不需要鉴权了 * @var array */ protected $noNeedLogin = []; /** * 无需鉴权的方法,但需要登录 * @var array */ protected $noNeedRight = []; /** * 权限Auth * @var Auth */ protected $auth = null; /** * 默认响应输出类型,支持json/xml * @var string */ protected $responseType = 'json'; /** * 构造方法 * @access public * @param Request $request Request 对象 */ public function __construct(Request $request = null) { $this->request = is_null($request) ? Request::instance() : $request; // 控制器初始化 $this->_initialize(); // 前置操作方法 if ($this->beforeActionList) { foreach ($this->beforeActionList as $method => $options) { is_numeric($method) ? $this->beforeAction($options) : $this->beforeAction($method, $options); } } } /** * 初始化操作 * @access protected */ protected function _initialize() { if (Config::get('url_domain_deploy')) { $domain = Route::rules('domain'); if (isset($domain['api'])) { if (isset($_SERVER['HTTP_ORIGIN'])) { header("Access-Control-Allow-Origin: " . $this->request->server('HTTP_ORIGIN')); header('Access-Control-Allow-Credentials: true'); header('Access-Control-Max-Age: 86400'); } if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') { if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) { header("Access-Control-Allow-Methods: GET, POST, OPTIONS"); } if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) { header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}"); } } } } //移除HTML标签 $this->request->filter('trim,strip_tags,htmlspecialchars'); $this->auth = Auth::instance(); $modulename = $this->request->module(); $controllername = strtolower($this->request->controller()); $actionname = strtolower($this->request->action()); // token $token = $this->request->server('HTTP_TOKEN', $this->request->request('token', \think\Cookie::get('token'))); $path = str_replace('.', '/', $controllername) . '/' . $actionname; // 设置当前请求的URI $this->auth->setRequestUri($path); // 检测是否需要验证登录 if (!$this->auth->match($this->noNeedLogin)) { //初始化 $this->auth->init($token); //检测是否登录 if (!$this->auth->isLogin()) { $this->error(__('Please login first'), null, 401); } // 判断是否需要验证权限 if (!$this->auth->match($this->noNeedRight)) { // 判断控制器和方法判断是否有对应权限 if (!$this->auth->check($path)) { $this->error(__('You have no permission'), null, 403); } } } else { // 如果有传递token才验证是否登录状态 if ($token) { $this->auth->init($token); } } $upload = \app\common\model\Config::upload(); // 上传信息配置后 Hook::listen("upload_config_init", $upload); Config::set('upload', array_merge(Config::get('upload'), $upload)); // 加载当前控制器语言包 $this->loadlang($controllername); } /** * 加载语言文件 * @param string $name */ protected function loadlang($name) { $name = Loader::parseName($name); Lang::load(APP_PATH . $this->request->module() . '/lang/' . $this->request->langset() . '/' . str_replace('.', '/', $name) . '.php'); } /** * 操作成功返回的数据 * @param string $msg 提示信息 * @param mixed $data 要返回的数据 * @param int $code 错误码,默认为1 * @param string $type 输出类型 * @param array $header 发送的 Header 信息 */ protected function success($msg = '', $data = null, $code = 1, $type = null, array $header = []) { $this->result($msg, $data, $code, $type, $header); } /** * 操作失败返回的数据 * @param string $msg 提示信息 * @param mixed $data 要返回的数据 * @param int $code 错误码,默认为0 * @param string $type 输出类型 * @param array $header 发送的 Header 信息 */ protected function error($msg = '', $data = null, $code = 0, $type = null, array $header = []) { $this->result($msg, $data, $code, $type, $header); } /** * 返回封装后的 API 数据到客户端 * @access protected * @param mixed $msg 提示信息 * @param mixed $data 要返回的数据 * @param int $code 错误码,默认为0 * @param string $type 输出类型,支持json/xml/jsonp * @param array $header 发送的 Header 信息 * @return void * @throws HttpResponseException */ protected function result($msg, $data = null, $code = 0, $type = null, array $header = []) { $result = [ 'code' => $code, 'msg' => $msg, 'time' => Request::instance()->server('REQUEST_TIME'), 'data' => $data, ]; // 如果未设置类型则自动判断 $type = $type ? $type : ($this->request->param(config('var_jsonp_handler')) ? 'jsonp' : $this->responseType); if (isset($header['statuscode'])) { $code = $header['statuscode']; unset($header['statuscode']); } else { //未设置状态码,根据code值判断 $code = $code >= 1000 || $code < 200 ? 200 : $code; } $response = Response::create($result, $type, $code)->header($header); throw new HttpResponseException($response); } /** * 前置操作 * @access protected * @param string $method 前置操作方法名 * @param array $options 调用参数 ['only'=>[...]] 或者 ['except'=>[...]] * @return void */ protected function beforeAction($method, $options = []) { if (isset($options['only'])) { if (is_string($options['only'])) { $options['only'] = explode(',', $options['only']); } if (!in_array($this->request->action(), $options['only'])) { return; } } elseif (isset($options['except'])) { if (is_string($options['except'])) { $options['except'] = explode(',', $options['except']); } if (in_array($this->request->action(), $options['except'])) { return; } } call_user_func([$this, $method]); } /** * 设置验证失败后是否抛出异常 * @access protected * @param bool $fail 是否抛出异常 * @return $this */ protected function validateFailException($fail = true) { $this->failException = $fail; return $this; } /** * 验证数据 * @access protected * @param array $data 数据 * @param string|array $validate 验证器名或者验证规则数组 * @param array $message 提示信息 * @param bool $batch 是否批量验证 * @param mixed $callback 回调方法(闭包) * @return array|string|true * @throws ValidateException */ protected function validate($data, $validate, $message = [], $batch = false, $callback = null) { if (is_array($validate)) { $v = Loader::validate(); $v->rule($validate); } else { // 支持场景 if (strpos($validate, '.')) { list($validate, $scene) = explode('.', $validate); } $v = Loader::validate($validate); !empty($scene) && $v->scene($scene); } // 批量验证 if ($batch || $this->batchValidate) { $v->batch(true); } // 设置错误信息 if (is_array($message)) { $v->message($message); } // 使用回调验证 if ($callback && is_callable($callback)) { call_user_func_array($callback, [$v, &$data]); } if (!$v->check($data)) { if ($this->failException) { throw new ValidateException($v->getError()); } return $v->getError(); } return true; } //分页 function page_array($count, $page, $array, $order) { global $countpage; #定全局变量 $page = (empty($page)) ? '1' : $page; #判断当前页面是否为空 如果为空就表示为第一页面 $start = ($page - 1) * $count; #计算每次分页的开始位置 if ($order == 1) { $array = array_reverse($array); } $totals = count($array); $countpage = ceil($totals / $count); #计算总页面数 $pagedata = array(); $pagedata = array_slice($array, $start, $count); return $pagedata; #返回查询数据 } //res function res($res) { if ($res) { $this->success('成功', 1); } else { $this->error('失败', 0); } } //计算距离 function getDistance($lng1, $lat1, $lng2, $lat2, $unit = 2, $decimal = 2) { $EARTH_RADIUS = 6370.996; // 地球半径系数 $PI = 3.1415926535898; $radLat1 = $lat1 * $PI / 180.0; $radLat2 = $lat2 * $PI / 180.0; $radLng1 = $lng1 * $PI / 180.0; $radLng2 = $lng2 * $PI / 180.0; $a = $radLat1 - $radLat2; $b = $radLng1 - $radLng2; $distance = 2 * asin(sqrt(pow(sin($a / 2), 2) + cos($radLat1) * cos($radLat2) * pow(sin($b / 2), 2))); $distance = $distance * $EARTH_RADIUS * 1000; if ($unit === 2) { $distance /= 1000; } return round($distance, $decimal); } /** * 检测Token * @access protected */ protected function is_token($token) { if (empty($token['token'])) { $this->error('请登录后在操作'); } $is_token = Db::name('user')->where(['token' => $token['token']])->find(); if (!$is_token) { $this->error('登陆已过期,请重新登陆'); } return $is_token['id']; } //生成订单号 public function order_sn() { @date_default_timezone_set("PRC"); $order_id_main = date('YmdHis') . rand(10000000, 99999999); //订单号码主体长度 $order_id_len = strlen($order_id_main); $order_id_sum = 0; for ($i = 0; $i < $order_id_len; $i++) { $order_id_sum += (int)(substr($order_id_main, $i, 1)); } //唯一订单号码(YYYYMMDDHHIISSNNNNNNNNCC) $osn = $order_id_main . str_pad((100 - $order_id_sum % 100) % 100, 2, '0', STR_PAD_LEFT); //生成唯一订单号 return $osn; } function httpPost($url, $date) { // 模拟提交数据函数 $curl = curl_init(); // 启动一个CURL会话 curl_setopt($curl, CURLOPT_URL, $url); // 要访问的地址 curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); // 对认证证书来源的检查 curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); // 从证书中检查SSL加密算法是否存在 curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器 curl_setopt($curl, CURLOPT_POST, true); // 发送一个常规的Post请求 curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($date)); // Post提交的数据包 curl_setopt($curl, CURLOPT_TIMEOUT, 30); // 设置超时限制防止死循环 curl_setopt($curl, CURLOPT_HEADER, false); // 显示返回的Header区域内容 curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); // 获取的信息以文件流的形式返回 curl_setopt($curl, CURLOPT_HEADER, true); //开启header curl_setopt($curl, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json; charset=utf-8' )); //类型为json $result = curl_exec($curl); // 执行操作 if (curl_errno($curl)) { echo 'Error POST' . curl_error($curl); } curl_close($curl); // 关键CURL会话 return $result; // 返回数据 } //检测验证码 function CheckCode($mobile, $code) { if (!$mobile || !\think\Validate::regex($mobile, "^1\d{10}$")) { $this->error(__('手机号不正确')); } $ret = Db::name('sms')->where('mobile', $mobile)->where('code', $code)->find(); if ($ret) { $time = time(); $times = $ret['createtime'] + 60 * 10; if ($time > $times) { $this->error(__('验证码已失效')); } } else { $this->error(__('验证码不正确')); } } }