lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-15 05:00:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

prepare for beta8

Browse Source
This commit is contained in:
xiaomlove
2021-06-04 21:04:12 +08:00
parent 9a4ef55b12
commit 34a6c2e1f4
10 changed files with 100 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/Http/Middleware/Permission.php
View File

@@ -18,14 +18,13 @@ class Permission
*/
public function handle(Request $request, Closure $next)
{
/** @var User $user */
$user = $request->user();
$targetClass = User::CLASS_MODERATOR;
$log = sprintf('user: %s, class: %s, target class: %s', $user->id, $user->class, $targetClass);
if (!$user || $user->class < $targetClass) {
do_log("$log, denied!");
if (!$user || !$user->canAccessAdmin()) {
do_log("denied!");
throw new UnauthorizedException('Unauthorized!');
}
do_log("$log, allow!");
do_log("allow!");
return $next($request);
}
}

10
app/Models/User.php
View File

@@ -247,4 +247,14 @@ class User extends Authenticatable
return $this->update($update);
}
public function canAccessAdmin()
{
$targetClass = self::CLASS_MODERATOR;
if (!$this->class || $this->class < $targetClass) {
do_log(sprintf('user: %s, no class or class < %s, can not access admin.', $this->id, $targetClass));
return false;
}
return true;
}
}

6
app/Repositories/AuthenticateRepository.php
View File

@@ -4,6 +4,7 @@ namespace App\Repositories;
use App\Http\Resources\UserResource;
use App\Models\User;
use Illuminate\Support\Facades\DB;
use Illuminate\Validation\UnauthorizedException;
class AuthenticateRepository extends BaseRepository
{
@@ -11,10 +12,13 @@ class AuthenticateRepository extends BaseRepository
{
$user = User::query()
->where('username', $username)
->first(array_merge(User::$commonFields, ['secret', 'passhash']));
->first(array_merge(User::$commonFields, ['class', 'secret', 'passhash']));
if (!$user || md5($user->secret . $password . $user->secret) != $user->passhash) {
throw new \InvalidArgumentException('Username or password invalid.');
}
if (!$user->canAccessAdmin()) {
throw new UnauthorizedException('Unauthorized!');
}
$tokenName = __METHOD__ . __LINE__;
$token = DB::transaction(function () use ($user, $tokenName) {
$user->tokens()->delete();