Browse Source

add login check for apis

master
filesite 7 months ago
parent
commit
6d06b0ce2e
  1. 6
      plugins/Common.php
  2. 15
      themes/tajian/controller/FrontapiController.php
  3. 7
      themes/tajian/controller/SiteController.php
  4. 2
      themes/tajian/views/layout/main.php
  5. 3
      www/js/tajian.js

6
plugins/Common.php

@ -75,6 +75,7 @@ Class Common { @@ -75,6 +75,7 @@ Class Common {
//用户注册或登录成功时保存用户信息到session
//login_time, username, friends_code
//增加账号映射支持,配置项:tajia_user_map
public static function saveUserIntoSession($cellphone, $friends_code = '') {
if(session_status() !== PHP_SESSION_ACTIVE) {
session_start();
@ -87,6 +88,11 @@ Class Common { @@ -87,6 +88,11 @@ Class Common {
$friends_code = $_COOKIE['friends_code'];
}
//账号映射,手机号码转换成4位数字的短账号
if (!empty(FSC::$app['config']['tajia_user_map']) && !empty(FSC::$app['config']['tajia_user_map'][$username])) {
$username = FSC::$app['config']['tajia_user_map'][$username];
}
$_SESSION['login_time'] = $login_time;
$_SESSION['username'] = $username;
$_SESSION['friends_code'] = $friends_code;

15
themes/tajian/controller/FrontapiController.php

@ -58,6 +58,16 @@ Class FrontApiController extends SiteController { @@ -58,6 +58,16 @@ Class FrontApiController extends SiteController {
throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...');
}
//只允许添加到自己的收藏夹
$loginedUser = Common::getUserFromSession();
if (empty($loginedUser['username'])) {
throw new Exception('Oops,你还没登录哦');
}else if (
!empty(FSC::$app['config']['multipleUserUriParse'])
&& (empty(FSC::$app['user_id']) || FSC::$app['user_id'] != $loginedUser['username'])
) {
throw new Exception('Oops,请求地址有误');
}
$content = $this->post('content', '');
$title = $this->post('title', '');
@ -470,6 +480,7 @@ eof; @@ -470,6 +480,7 @@ eof;
$postParams = $this->post();
if (!empty($postParams)) {
$cellphone = $this->post('phoneNum', '');
$action = $this->post('action', 'register');
if (empty($cellphone) || Common::isCellphoneNumber($cellphone) == false) {
$err = "手机号码格式错误,请填写正确的手机号码";
@ -477,7 +488,7 @@ eof; @@ -477,7 +488,7 @@ eof;
$params = array(
'phoneNumber' => $cellphone,
'codeNumber' => $this->generateRandSmsCode(),
'action' => 'register',
'action' => $action,
);
$params['sign'] = $this->sign($params, FSC::$app['config']['service_3rd_api_key']);
@ -607,7 +618,7 @@ eof; @@ -607,7 +618,7 @@ eof;
if (empty($err)) { //如果数据检查通过,尝试登录
$newUser = Common::saveUserIntoSession($cellphone);
if (!empty($newUser)) {
$shareUrl = "/{$cellphone}/";
$shareUrl = "/{$newUser['username']}/";
$msg = "登录成功,开始收藏你喜欢的视频吧";
$code = 1;

7
themes/tajian/controller/SiteController.php

@ -173,6 +173,13 @@ Class SiteController extends Controller { @@ -173,6 +173,13 @@ Class SiteController extends Controller {
//添加新视频
public function actionNew() {
//判断是否已经登录,自动跳转到自己的添加视频网址
$loginedUser = Common::getUserFromSession();
if (!empty($loginedUser['username']) && !empty(FSC::$app['config']['multipleUserUriParse']) && empty(FSC::$app['user_id'])) {
$shareUrl = "/{$loginedUser['username']}/site/new/";
return $this->redirect($shareUrl);
}
//获取数据
$menus = array(); //菜单,一级目录
$htmlReadme = ''; //Readme.md 内容,底部网站详细介绍

2
themes/tajian/views/layout/main.php

@ -44,7 +44,7 @@ if (!empty(FSC::$app['config']['multipleUserUriParse']) && !empty(FSC::$app['use @@ -44,7 +44,7 @@ if (!empty(FSC::$app['config']['multipleUserUriParse']) && !empty(FSC::$app['use
<div class="menu_ls g_ls_menus">
<a class="this_set" href="<?=$linkPrefix?>/" title="">
<img src="/img/choice.svg" alt="星星图标" />
<span>推荐</span>
<span>首页</span>
</a>
<a href="<?=$linkPrefix?>/site/new" title="">
<img src="/img/addvideos.svg" alt="添加图标" />

3
www/js/tajian.js

@ -233,7 +233,8 @@ if ($('.bt_sms_JS').get(0)) { @@ -233,7 +233,8 @@ if ($('.bt_sms_JS').get(0)) {
//调用api发送验证码
var cellphone = $('input[name=username]').val();
var datas = {
'phoneNum': cellphone
'phoneNum': cellphone,
'action': $('#login_form').get(0) ? 'login' : 'register'
};
publicAjax(taJian.apis.sendSmsCode, 'POST', datas, function (data) {
if (data.code == 0 && data.err) {

Loading…
Cancel
Save