|
|
@@ -8,6 +8,8 @@ use Illuminate\Support\Str;
|
|
|
use Firebase\JWT\JWT;
|
|
|
use Firebase\JWT\Key;
|
|
|
use Illuminate\Support\Facades\Log;
|
|
|
+use App\Http\Api\AuthApi;
|
|
|
+use App\Http\Api\ChannelApi;
|
|
|
|
|
|
class AccessTokenController extends Controller
|
|
|
{
|
|
|
@@ -31,9 +33,31 @@ class AccessTokenController extends Controller
|
|
|
public function store(Request $request)
|
|
|
{
|
|
|
//
|
|
|
+ $user = AuthApi::current($request);
|
|
|
+ if (!$user) {
|
|
|
+ Log::error('未登录');
|
|
|
+ return $this->error(__('auth.failed'), [], 401);
|
|
|
+ }
|
|
|
$payload = $request->get('payload');
|
|
|
$result = array();
|
|
|
foreach ($payload as $key => $value) {
|
|
|
+ //鉴权
|
|
|
+ switch ($value['res_type']) {
|
|
|
+ case 'channel':
|
|
|
+ if ($value['power'] === 'edit') {
|
|
|
+ if (!ChannelApi::userCanEdit($user['user_uid'], $value['res_id'])) {
|
|
|
+ continue;
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ if (!ChannelApi::userCanRead($user['user_uid'], $value['res_id'])) {
|
|
|
+ continue;
|
|
|
+ }
|
|
|
+ }
|
|
|
+ break;
|
|
|
+ default:
|
|
|
+ continue;
|
|
|
+ break;
|
|
|
+ }
|
|
|
//获取token
|
|
|
$token = AccessToken::firstOrNew(
|
|
|
[
|
