Browse Source

add login check for apis

master
filesite 7 months ago
parent
commit
6d06b0ce2e
  1. 6
      plugins/Common.php
  2. 15
      themes/tajian/controller/FrontapiController.php
  3. 7
      themes/tajian/controller/SiteController.php
  4. 2
      themes/tajian/views/layout/main.php
  5. 3
      www/js/tajian.js

6
plugins/Common.php

@ -75,6 +75,7 @@ Class Common {
//用户注册或登录成功时保存用户信息到session //用户注册或登录成功时保存用户信息到session
//login_time, username, friends_code //login_time, username, friends_code
//增加账号映射支持,配置项:tajia_user_map
public static function saveUserIntoSession($cellphone, $friends_code = '') { public static function saveUserIntoSession($cellphone, $friends_code = '') {
if(session_status() !== PHP_SESSION_ACTIVE) { if(session_status() !== PHP_SESSION_ACTIVE) {
session_start(); session_start();
@ -87,6 +88,11 @@ Class Common {
$friends_code = $_COOKIE['friends_code']; $friends_code = $_COOKIE['friends_code'];
} }
//账号映射,手机号码转换成4位数字的短账号
if (!empty(FSC::$app['config']['tajia_user_map']) && !empty(FSC::$app['config']['tajia_user_map'][$username])) {
$username = FSC::$app['config']['tajia_user_map'][$username];
}
$_SESSION['login_time'] = $login_time; $_SESSION['login_time'] = $login_time;
$_SESSION['username'] = $username; $_SESSION['username'] = $username;
$_SESSION['friends_code'] = $friends_code; $_SESSION['friends_code'] = $friends_code;

15
themes/tajian/controller/FrontapiController.php

@ -58,6 +58,16 @@ Class FrontApiController extends SiteController {
throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...');
} }
//只允许添加到自己的收藏夹
$loginedUser = Common::getUserFromSession();
if (empty($loginedUser['username'])) {
throw new Exception('Oops,你还没登录哦');
}else if (
!empty(FSC::$app['config']['multipleUserUriParse'])
&& (empty(FSC::$app['user_id']) || FSC::$app['user_id'] != $loginedUser['username'])
) {
throw new Exception('Oops,请求地址有误');
}
$content = $this->post('content', ''); $content = $this->post('content', '');
$title = $this->post('title', ''); $title = $this->post('title', '');
@ -470,6 +480,7 @@ eof;
$postParams = $this->post(); $postParams = $this->post();
if (!empty($postParams)) { if (!empty($postParams)) {
$cellphone = $this->post('phoneNum', ''); $cellphone = $this->post('phoneNum', '');
$action = $this->post('action', 'register');
if (empty($cellphone) || Common::isCellphoneNumber($cellphone) == false) { if (empty($cellphone) || Common::isCellphoneNumber($cellphone) == false) {
$err = "手机号码格式错误,请填写正确的手机号码"; $err = "手机号码格式错误,请填写正确的手机号码";
@ -477,7 +488,7 @@ eof;
$params = array( $params = array(
'phoneNumber' => $cellphone, 'phoneNumber' => $cellphone,
'codeNumber' => $this->generateRandSmsCode(), 'codeNumber' => $this->generateRandSmsCode(),
'action' => 'register', 'action' => $action,
); );
$params['sign'] = $this->sign($params, FSC::$app['config']['service_3rd_api_key']); $params['sign'] = $this->sign($params, FSC::$app['config']['service_3rd_api_key']);
@ -607,7 +618,7 @@ eof;
if (empty($err)) { //如果数据检查通过,尝试登录 if (empty($err)) { //如果数据检查通过,尝试登录
$newUser = Common::saveUserIntoSession($cellphone); $newUser = Common::saveUserIntoSession($cellphone);
if (!empty($newUser)) { if (!empty($newUser)) {
$shareUrl = "/{$cellphone}/"; $shareUrl = "/{$newUser['username']}/";
$msg = "登录成功,开始收藏你喜欢的视频吧"; $msg = "登录成功,开始收藏你喜欢的视频吧";
$code = 1; $code = 1;

7
themes/tajian/controller/SiteController.php

@ -173,6 +173,13 @@ Class SiteController extends Controller {
//添加新视频 //添加新视频
public function actionNew() { public function actionNew() {
//判断是否已经登录,自动跳转到自己的添加视频网址
$loginedUser = Common::getUserFromSession();
if (!empty($loginedUser['username']) && !empty(FSC::$app['config']['multipleUserUriParse']) && empty(FSC::$app['user_id'])) {
$shareUrl = "/{$loginedUser['username']}/site/new/";
return $this->redirect($shareUrl);
}
//获取数据 //获取数据
$menus = array(); //菜单,一级目录 $menus = array(); //菜单,一级目录
$htmlReadme = ''; //Readme.md 内容,底部网站详细介绍 $htmlReadme = ''; //Readme.md 内容,底部网站详细介绍

2
themes/tajian/views/layout/main.php

@ -44,7 +44,7 @@ if (!empty(FSC::$app['config']['multipleUserUriParse']) && !empty(FSC::$app['use
<div class="menu_ls g_ls_menus"> <div class="menu_ls g_ls_menus">
<a class="this_set" href="<?=$linkPrefix?>/" title=""> <a class="this_set" href="<?=$linkPrefix?>/" title="">
<img src="/img/choice.svg" alt="星星图标" /> <img src="/img/choice.svg" alt="星星图标" />
<span>推荐</span> <span>首页</span>
</a> </a>
<a href="<?=$linkPrefix?>/site/new" title=""> <a href="<?=$linkPrefix?>/site/new" title="">
<img src="/img/addvideos.svg" alt="添加图标" /> <img src="/img/addvideos.svg" alt="添加图标" />

3
www/js/tajian.js

@ -233,7 +233,8 @@ if ($('.bt_sms_JS').get(0)) {
//调用api发送验证码 //调用api发送验证码
var cellphone = $('input[name=username]').val(); var cellphone = $('input[name=username]').val();
var datas = { var datas = {
'phoneNum': cellphone 'phoneNum': cellphone,
'action': $('#login_form').get(0) ? 'login' : 'register'
}; };
publicAjax(taJian.apis.sendSmsCode, 'POST', datas, function (data) { publicAjax(taJian.apis.sendSmsCode, 'POST', datas, function (data) {
if (data.code == 0 && data.err) { if (data.code == 0 && data.err) {

Loading…
Cancel
Save