1.0

app/Http/Controllers/ApiController.php

@@ -34,8 +34,9 @@ class ApiController extends Controller
     public $user_name = ""; //用户名称
 
     public function Entrance(Request $request, $id){
+
         $loginInfo = (new LoginModel())->checkLogin($request);
-        $this->user_id = $loginInfo["user_id"];  
+        $this->user_id = $loginInfo["user_id"];
         $this->user_name = $loginInfo["user_name"];
         $this->$id($request, $id);
     }

app/Http/Controllers/ServerController.php

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
 
 use App\Model\InquiryItemsModel;
 use App\Model\InquiryModel;
+use App\Model\LoginModel;
 use Illuminate\Http\Request;
 use App\Http\Requests;
 use DB;
@@ -20,6 +21,11 @@ class ServerController extends Controller
         $this->$id($request, $id);
     }
 
+    //生成登录token(目前只有pc在用)
+    public function ApiCreatePcToken($request){
+        (new LoginModel())->CreatePcToken($request);
+    }
+
     /*
      * 询报价导出
      */

app/Http/Kernel.php

@@ -2,6 +2,7 @@
 
 namespace App\Http;
 
+use App\Http\Middleware\EnableCrossRequestMiddleware;
 use Illuminate\Foundation\Http\Kernel as HttpKernel;
 
 class Kernel extends HttpKernel
@@ -15,6 +16,7 @@ class Kernel extends HttpKernel
      */
     protected $middleware = [
         \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
+        EnableCrossRequestMiddleware::class,
     ];
 
     /**
@@ -26,6 +28,7 @@ class Kernel extends HttpKernel
         'web' => [
             \App\Http\Middleware\CheckLogin::class,
             \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
+            EnableCrossRequestMiddleware::class,
         ],
 
         'api' => [

app/Http/Middleware/EnableCrossRequestMiddleware.php

+<?php
+namespace App\Http\Middleware;
+use Closure;
+class EnableCrossRequestMiddleware
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @param  \Closure $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $origin = @$_SERVER['HTTP_ORIGIN'] != "" ? $_SERVER['HTTP_ORIGIN'] : '';
+        if ($origin == ""){
+            return $next($request);
+        }
+        $origin_arr = explode('//', $origin);
+        $allow_origin = config('website.ALLOW_ORIGIN');
+
+        if(in_array($origin_arr['1'], $allow_origin)){
+            header('Access-Control-Allow-Origin:'.$origin_arr['0']."//".$origin_arr['1']);
+            header("Access-Control-Allow-Credentials: true");
+            header("Access-Control-Allow-Methods: *");
+            header("Access-Control-Allow-Headers: X-Requested-With,Content-Type,Access-Token,token,source");
+            header("Access-Control-Expose-Headers: *");
+        }
+
+        return $next($request);
+    }
+}
\ No newline at end of file

app/Http/function.php

@@ -1123,6 +1123,12 @@ function ExportLayui($errcode=0,$errmsg=0,$data=[],$count=0,$other=''){
     exit();
 }
 /*
+ * 数组转json
+ */
+function utf8JsonEncode($arr){
+    return  json_encode($arr, JSON_UNESCAPED_UNICODE|JSON_UNESCAPED_SLASHES);
+}
+/*
  * 返回拼接的搜索字符串
  * @param string $fen 分割的字符
  * @param array $key 查询字段

app/Http/routes.php

 <?php
 
-Route::match(['get', 'post'],'/api/{key}',          'ApiController@Entrance');
-Route::match(['get', 'post'],'/hd/{key}',           'HdController@Entrance');
 
 Route::group(['middleware' => 'web'], function () {
     Route::get('/',                                     'WebController@info');
     Route::match(['get', 'post'],'/web/{key}',          'WebController@info');
-  //  Route::match(['get', 'post'],'/api/{key}',          'ApiController@Entrance');
-  //  Route::match(['get', 'post'],'/hd/{key}',           'HdController@Entrance');
+    Route::match(['get', 'post'],'/api/{key}',          'ApiController@Entrance');
+    Route::match(['get', 'post'],'/hd/{key}',           'HdController@Entrance');
 });
 
 Route::match(['get', 'post'],'/server/{key}', 'ServerController@Entrance'); //对外提供导出回调接口
\ No newline at end of file

app/Model/LoginModel.php

@@ -23,39 +23,45 @@ class LoginModel extends Model
      * 检测登录
      */
     public function checkLogin($request){
-        $user_id = ""; //用户id
-        $user_name = ""; //用户名称
-        //允许跨域
-        $origin = isset($_SERVER['HTTP_ORIGIN'])? $_SERVER['HTTP_ORIGIN'] : '';
-        $origin_arr = explode('//', $origin);
-        $allow_origin = config('website.ALLOW_ORIGIN');
-        if(in_array($origin_arr['1'], $allow_origin)){
-            header('Access-Control-Allow-Origin:'.$origin);
-            header('Access-Control-Allow-Credentials:true');
-            header('Access-Control-Allow-Methods:POST');
-            header('Access-Control-Allow-Headers:x-requested-with,content-type');
-        }
-
         $Redis= \RedisDB::connection();
+
         //来自不一样的端，判断是否已经登录
-        $source = $request->input("source","pc"); //来源端：内部后台:pc  云芯系统：yunxin App: app 小程序：h5_app
-        switch ($source){
-            case "pc"://来源 内部后台
-                $oa_skey =  $request->cookie("oa_skey");
-                $oa_user_id =  $request->cookie("oa_user_id");
-                $key = $oa_user_id.":".substr($oa_skey,0,8);
-                $userInfo = $Redis->get($key);
+        $source = $request->header("source"); //来源端：内部后台:pc  云芯系统：yunxin App: app 小程序：h5_app
+        $token = $request->header("token");
+        if ($token == ""){
+            Export(1001,"参数 frq_token 不得为空");
+        }
+        $userInfoKey = $Redis->keys('frq_login_'.$token."*");
+        $userInfo = count($userInfoKey) ?  $Redis->get($userInfoKey[0]) : "";
+        if (empty($userInfo) || count($userInfo) == 0){
+            Export(1001,"请先登录");
+        }
+        $userInfo = \GuzzleHttp\json_decode($userInfo,true);
+        return ["user_id"=>$userInfo["user_id"],"user_name"=>$userInfo["user_name"]];
+    }
 
-                if (empty($oa_skey) || empty($oa_user_id) || empty($userInfo)){
-                    Export(1001,"请先登录");
-                }
-                $userInfoArr = \GuzzleHttp\json_decode($userInfo,true);
-                $user_id = $userInfoArr["userId"];
-                $user_name = $userInfoArr["email"];
-                break;
+  /*
+   * 生成token ,目前只有pc端要调用
+   */
+    public function CreatePcToken($request){
+        $Redis= \RedisDB::connection();
+        $user_id =  $request->input("user_id");
+        $user_name =  $request->input("user_name");
+        if (empty($user_id) || empty($user_name)){
+            Export(1001,"用户id 或者用户名称不得为空");
         }
-        return ["user_id"=>$user_id,"user_name"=>$user_name];
+        $key = md5($user_id.$user_name.time());
+        $expire = 3600*24;//过期24个小时
+        $res =  $Redis->setex('frq_login_'.$key."_uid_".$user_id, $expire, utf8JsonEncode(["user_id"=>$user_id,"user_name"=>$user_name]));
+        if ($res != 'OK'){
+           Export(1001,"写入缓存失败");
+        }
+        Export(0,"生成token成功",$key);
+    }
 
+    public function setLoginCookie($userId, $skey, $header, $expire)
+    {
+        setcookie('oa_user_id', $userId, $expire, '/', Config::get('website.cookieDomain'));
     }
 
     /*

config/website.php

@@ -34,7 +34,7 @@ return [
         'szfrq.ichunt.com',
         'yunxin.ichunt.com',
     ),
-
+    "cookieDomain" =>".liexin.com",
 
     "domain"           => "liexin.net",
     'export_domain' => "http://export.liexin.com", //通用导出网址