From d9a932a14100c1799eef5beac9ca346c51ce415a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A6=99=E7=A0=81=E7=94=9F=E8=8A=B1?= <18523774412@qq.com> Date: Fri, 22 Mar 2024 01:03:48 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=E9=89=B4=E6=9D=83=E7=9B=B8=E5=85=B3?= =?UTF-8?q?=E8=A7=A3=E8=80=A6=E3=80=81=E7=BB=86=E8=8A=82=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/admin/library/Auth.php | 21 +++++-- app/api/controller/Account.php | 2 +- app/api/controller/Common.php | 21 ++++--- app/common/controller/Api.php | 16 +++-- app/common/controller/Backend.php | 30 +++++---- app/common/controller/Frontend.php | 27 +++++--- app/common/facade/Token.php | 11 ++-- app/common/library/Auth.php | 27 +++++--- app/common/library/Token.php | 12 ++++ app/common/library/token/Driver.php | 24 ++++---- .../token/TokenExpirationException.php | 16 +++++ app/common/library/token/driver/Mysql.php | 41 ++++++------- app/common/library/token/driver/Redis.php | 61 ++++++++----------- app/common/middleware/AllowCrossDomain.php | 2 +- config/buildadmin.php | 10 +-- 15 files changed, 192 insertions(+), 129 deletions(-) create mode 100644 app/common/library/token/TokenExpirationException.php diff --git a/app/admin/library/Auth.php b/app/admin/library/Auth.php index 5c6d6df3..5fc78dfb 100644 --- a/app/admin/library/Auth.php +++ b/app/admin/library/Auth.php @@ -35,6 +35,11 @@ class Auth extends \ba\Auth */ public const LOGGED_IN = 'logged in'; + /** + * token 入库 type + */ + public const TOKEN_TYPE = 'admin'; + /** * 是否登录 * @var bool @@ -125,8 +130,14 @@ class Auth extends \ba\Auth { $tokenData = Token::get($token); if ($tokenData) { + + /** + * 过期检查,过期则抛出 @see TokenExpirationException + */ + Token::tokenExpirationCheck($tokenData); + $userId = intval($tokenData['user_id']); - if ($userId > 0) { + if ($tokenData['type'] == self::TOKEN_TYPE && $userId > 0) { $this->model = Admin::where('id', $userId)->find(); if (!$this->model) { $this->setError('Account not exist'); @@ -176,8 +187,8 @@ class Auth extends \ba\Auth return false; } if (Config::get('buildadmin.admin_sso')) { - Token::clear('admin', $this->model->id); - Token::clear('admin-refresh', $this->model->id); + Token::clear(self::TOKEN_TYPE, $this->model->id); + Token::clear(self::TOKEN_TYPE . '-refresh', $this->model->id); } if ($keep) { @@ -194,7 +205,7 @@ class Auth extends \ba\Auth public function setRefreshToken(int $keepTime = 0): void { $this->refreshToken = Random::uuid(); - Token::set($this->refreshToken, 'admin-refresh', $this->model->id, $keepTime); + Token::set($this->refreshToken, self::TOKEN_TYPE . '-refresh', $this->model->id, $keepTime); } /** @@ -214,7 +225,7 @@ class Auth extends \ba\Auth if (!$this->token) { $this->token = Random::uuid(); - Token::set($this->token, 'admin', $this->model->id, $this->keepTime); + Token::set($this->token, self::TOKEN_TYPE, $this->model->id, $this->keepTime); } $this->model->commit(); } catch (Throwable $e) { diff --git a/app/api/controller/Account.php b/app/api/controller/Account.php index 57f855dd..83fc8e86 100644 --- a/app/api/controller/Account.php +++ b/app/api/controller/Account.php @@ -117,7 +117,7 @@ class Account extends Frontend $user = $this->auth->getUser(); if ($user[$params['type']]) { - if (!Token::check($params['accountVerificationToken'], $params['type'] . '-pass', $user->id, false)) { + if (!Token::check($params['accountVerificationToken'], $params['type'] . '-pass', $user->id)) { $this->error(__('You need to verify your account before modifying the binding information')); } } else { diff --git a/app/api/controller/Common.php b/app/api/controller/Common.php index d7b96dcf..dcd1e4e5 100644 --- a/app/api/controller/Common.php +++ b/app/api/controller/Common.php @@ -7,8 +7,11 @@ use Throwable; use ba\Captcha; use think\Response; use ba\ClickCaptcha; +use think\facade\Config; use app\common\facade\Token; use app\common\controller\Api; +use app\admin\library\Auth as AdminAuth; +use app\common\library\Auth as UserAuth; class Common extends Api { @@ -59,7 +62,7 @@ class Common extends Api public function refreshToken(): void { $refreshToken = $this->request->post('refreshToken'); - $refreshToken = Token::get($refreshToken, false); + $refreshToken = Token::get($refreshToken); if (!$refreshToken || $refreshToken['expire_time'] < time()) { $this->error(__('Login expired, please login again.')); @@ -67,20 +70,24 @@ class Common extends Api $newToken = Random::uuid(); - if ($refreshToken['type'] == 'admin-refresh') { - $baToken = $this->request->server('HTTP_BATOKEN', $this->request->request('batoken', '')); + // 管理员token刷新 + if ($refreshToken['type'] == AdminAuth::TOKEN_TYPE . '-refresh') { + $baToken = get_auth_token(); if (!$baToken) { $this->error(__('Invalid token')); } Token::delete($baToken); - Token::set($newToken, 'admin', $refreshToken['user_id'], 86400); - } elseif ($refreshToken['type'] == 'user-refresh') { - $baUserToken = $this->request->server('HTTP_BA_USER_TOKEN', $this->request->request('ba-user-token', '')); + Token::set($newToken, AdminAuth::TOKEN_TYPE, $refreshToken['user_id'], (int)Config::get('buildadmin.admin_token_keep_time')); + } + + // 会员token刷新 + if ($refreshToken['type'] == UserAuth::TOKEN_TYPE . '-refresh') { + $baUserToken = get_auth_token(['ba', 'user', 'token']); if (!$baUserToken) { $this->error(__('Invalid token')); } Token::delete($baUserToken); - Token::set($newToken, 'user', $refreshToken['user_id'], 86400); + Token::set($newToken, UserAuth::TOKEN_TYPE, $refreshToken['user_id'], (int)Config::get('buildadmin.user_token_keep_time')); } $this->success('', [ diff --git a/app/common/controller/Api.php b/app/common/controller/Api.php index 5c23d5c2..3cffcf1f 100644 --- a/app/common/controller/Api.php +++ b/app/common/controller/Api.php @@ -5,8 +5,10 @@ namespace app\common\controller; use Throwable; use think\App; use think\Response; +use think\facade\Db; use app\BaseController; use think\facade\Config; +use think\db\exception\PDOException; use think\exception\HttpResponseException; /** @@ -38,11 +40,17 @@ class Api extends BaseController */ protected function initialize(): void { + // 检查数据库连接 + try { + Db::execute("SELECT 1"); + } catch (PDOException $e) { + $this->error(mb_convert_encoding($e->getMessage(), 'UTF-8', 'UTF-8,GBK,GB2312,BIG5')); + } + + // 系统站点配置 if ($this->useSystemSettings) { - // ip检查 - ip_check(); - // 时区设定 - set_timezone(); + ip_check(); // ip检查 + set_timezone(); // 时区设定 } parent::initialize(); diff --git a/app/common/controller/Backend.php b/app/common/controller/Backend.php index d22dcdb8..e2987fd8 100644 --- a/app/common/controller/Backend.php +++ b/app/common/controller/Backend.php @@ -4,11 +4,9 @@ namespace app\common\controller; use Throwable; use think\Model; -use think\facade\Db; use think\facade\Event; use app\admin\library\Auth; -use think\db\exception\PDOException; -use think\exception\HttpResponseException; +use app\common\library\token\TokenExpirationException; class Backend extends Api { @@ -138,17 +136,22 @@ class Backend extends Api { parent::initialize(); - // 检测数据库连接 + $needLogin = !action_in_arr($this->noNeedLogin); + try { - Db::execute("SELECT 1"); - } catch (PDOException $e) { - $this->error(mb_convert_encoding($e->getMessage(), 'UTF-8', 'UTF-8,GBK,GB2312,BIG5')); + + // 初始化管理员鉴权实例 + $this->auth = Auth::instance(); + $token = get_auth_token(); + if ($token) $this->auth->init($token); + + } catch (TokenExpirationException) { + if ($needLogin) { + $this->error(__('Token expiration'), [], 409); + } } - $token = get_auth_token(); - $this->auth = Auth::instance(); - if (!action_in_arr($this->noNeedLogin)) { - $this->auth->init($token); + if ($needLogin) { if (!$this->auth->isLogin()) { $this->error(__('Please login first'), [ 'type' => $this->auth::NEED_LOGIN @@ -160,11 +163,6 @@ class Backend extends Api $this->error(__('You have no permission'), [], 401); } } - } elseif ($token) { - try { - $this->auth->init($token); - } catch (HttpResponseException) { - } } // 管理员验权和登录标签位 diff --git a/app/common/controller/Frontend.php b/app/common/controller/Frontend.php index b88e0e38..909d1ae3 100644 --- a/app/common/controller/Frontend.php +++ b/app/common/controller/Frontend.php @@ -6,6 +6,7 @@ use Throwable; use think\facade\Event; use app\common\library\Auth; use think\exception\HttpResponseException; +use app\common\library\token\TokenExpirationException; class Frontend extends Api { @@ -36,10 +37,23 @@ class Frontend extends Api public function initialize(): void { parent::initialize(); - $token = get_auth_token(['ba', 'user', 'token']); - $this->auth = Auth::instance(); - if (!action_in_arr($this->noNeedLogin)) { - $this->auth->init($token); + + $needLogin = !action_in_arr($this->noNeedLogin); + + try { + + // 初始化会员鉴权实例 + $this->auth = Auth::instance(); + $token = get_auth_token(['ba', 'user', 'token']); + if ($token) $this->auth->init($token); + + } catch (TokenExpirationException) { + if ($needLogin) { + $this->error(__('Token expiration'), [], 409); + } + } + + if ($needLogin) { if (!$this->auth->isLogin()) { $this->error(__('Please login first'), [ 'type' => $this->auth::NEED_LOGIN @@ -51,11 +65,6 @@ class Frontend extends Api $this->error(__('You have no permission'), [], 401); } } - } elseif ($token) { - try { - $this->auth->init($token); - } catch (HttpResponseException) { - } } // 会员验权和登录标签位 diff --git a/app/common/facade/Token.php b/app/common/facade/Token.php index 63f7137f..fdb6a289 100644 --- a/app/common/facade/Token.php +++ b/app/common/facade/Token.php @@ -8,11 +8,12 @@ use app\common\library\token\Driver; /** * Token 门面类 * @see Driver - * @method Driver get(string $token, bool $expirationException = true) static 获取 token 的数据 - * @method Driver set(string $token, string $type, int $user_id, int $expire = 0) static 设置 token - * @method Driver check(string $token, string $type, int $user_id, bool $expirationException = true) static 检查token是否有效 - * @method Driver delete(string $token) static 删除一个token - * @method Driver clear(string $type, int $user_id) static 清理一个用户的所有token + * @method array get(string $token) static 获取 token 的数据 + * @method bool set(string $token, string $type, int $userId, int $expire = 0) static 设置 token + * @method bool check(string $token, string $type, int $userId) static 检查token是否有效 + * @method bool delete(string $token) static 删除一个token + * @method bool clear(string $type, int $userId) static 清理一个用户的所有token + * @method void tokenExpirationCheck(array $token) static 检查一个token是否过期,过期则抛出token过期异常 */ class Token extends Facade { diff --git a/app/common/library/Auth.php b/app/common/library/Auth.php index 76d7bccc..9430703d 100644 --- a/app/common/library/Auth.php +++ b/app/common/library/Auth.php @@ -38,6 +38,11 @@ class Auth extends \ba\Auth */ public const LOGGED_IN = 'logged in'; + /** + * token 入库 type + */ + public const TOKEN_TYPE = 'user'; + /** * 是否登录 * @var bool @@ -133,8 +138,14 @@ class Auth extends \ba\Auth { $tokenData = Token::get($token); if ($tokenData) { + + /** + * 过期检查,过期则抛出 @see TokenExpirationException + */ + Token::tokenExpirationCheck($tokenData); + $userId = intval($tokenData['user_id']); - if ($tokenData['type'] == 'user' && $userId > 0) { + if ($tokenData['type'] == self::TOKEN_TYPE && $userId > 0) { $this->model = User::where('id', $userId)->find(); if (!$this->model) { $this->setError('Account not exist'); @@ -204,7 +215,7 @@ class Auth extends \ba\Auth try { $this->model = User::create($data); $this->token = Random::uuid(); - Token::set($this->token, 'user', $this->model->id, $this->keepTime); + Token::set($this->token, self::TOKEN_TYPE, $this->model->id, $this->keepTime); Db::commit(); Event::trigger('userRegisterSuccess', $this->model); } catch (Throwable $e) { @@ -260,8 +271,8 @@ class Auth extends \ba\Auth return false; } if (Config::get('buildadmin.user_sso')) { - Token::clear('user', $this->model->id); - Token::clear('user-refresh', $this->model->id); + Token::clear(self::TOKEN_TYPE, $this->model->id); + Token::clear(self::TOKEN_TYPE . '-refresh', $this->model->id); } if ($keep) { @@ -282,8 +293,8 @@ class Auth extends \ba\Auth $this->model = User::find($userId); if (!$this->model) return false; if (Config::get('buildadmin.user_sso')) { - Token::clear('user', $this->model->id); - Token::clear('user-refresh', $this->model->id); + Token::clear(self::TOKEN_TYPE, $this->model->id); + Token::clear(self::TOKEN_TYPE . '-refresh', $this->model->id); } return $this->loginSuccessful(); } @@ -321,7 +332,7 @@ class Auth extends \ba\Auth if (!$this->token) { $this->token = Random::uuid(); - Token::set($this->token, 'user', $this->model->id, $this->keepTime); + Token::set($this->token, self::TOKEN_TYPE, $this->model->id, $this->keepTime); } $this->model->commit(); } catch (Throwable $e) { @@ -402,7 +413,7 @@ class Auth extends \ba\Auth public function setRefreshToken(int $keepTime = 0): void { $this->refreshToken = Random::uuid(); - Token::set($this->refreshToken, 'user-refresh', $this->model->id, $keepTime); + Token::set($this->refreshToken, self::TOKEN_TYPE . '-refresh', $this->model->id, $keepTime); } /** diff --git a/app/common/library/Token.php b/app/common/library/Token.php index 66d16a2c..93519acf 100644 --- a/app/common/library/Token.php +++ b/app/common/library/Token.php @@ -6,6 +6,7 @@ use think\helper\Arr; use think\helper\Str; use think\facade\Config; use InvalidArgumentException; +use app\common\library\token\TokenExpirationException; /** * Token 管理类 @@ -215,4 +216,15 @@ class Token { return $this->getDriver()->clear($type, $user_id); } + + /** + * Token过期检查 + * @throws TokenExpirationException + */ + public function tokenExpirationCheck(array $token): void + { + if (isset($token['expire_time']) && $token['expire_time'] <= time()) { + throw new TokenExpirationException(); + } + } } \ No newline at end of file diff --git a/app/common/library/token/Driver.php b/app/common/library/token/Driver.php index 3785930b..07cc6ab6 100644 --- a/app/common/library/token/Driver.php +++ b/app/common/library/token/Driver.php @@ -22,31 +22,29 @@ abstract class Driver /** * 设置 token - * @param string $token Token - * @param string $type Type:admin|user - * @param int $user_id 用户ID - * @param int $expire 过期时间 + * @param string $token Token + * @param string $type Type + * @param int $userId 用户ID + * @param ?int $expire 过期时间 * @return bool */ - abstract function set(string $token, string $type, int $user_id, int $expire = 0): bool; + abstract function set(string $token, string $type, int $userId, int $expire = null): bool; /** * 获取 token 的数据 - * @param string $token Token - * @param bool $expirationException 过期直接抛出异常 + * @param string $token Token * @return array */ - abstract function get(string $token, bool $expirationException = true): array; + abstract function get(string $token): array; /** * 检查token是否有效 * @param string $token * @param string $type - * @param int $user_id - * @param bool $expirationException + * @param int $userId * @return bool */ - abstract function check(string $token, string $type, int $user_id, bool $expirationException = true): bool; + abstract function check(string $token, string $type, int $userId): bool; /** * 删除一个token @@ -58,10 +56,10 @@ abstract class Driver /** * 清理一个用户的所有token * @param string $type - * @param int $user_id + * @param int $userId * @return bool */ - abstract function clear(string $type, int $user_id): bool; + abstract function clear(string $type, int $userId): bool; /** * 返回句柄对象 diff --git a/app/common/library/token/TokenExpirationException.php b/app/common/library/token/TokenExpirationException.php new file mode 100644 index 00000000..ce91e6dc --- /dev/null +++ b/app/common/library/token/TokenExpirationException.php @@ -0,0 +1,16 @@ +options['expire']; } $expireTime = $expire !== 0 ? time() + $expire : 0; $token = $this->getEncryptedToken($token); - $this->handler->insert(['token' => $token, 'type' => $type, 'user_id' => $user_id, 'create_time' => time(), 'expire_time' => $expireTime]); + $this->handler->insert([ + 'token' => $token, + 'type' => $type, + 'user_id' => $userId, + 'create_time' => time(), + 'expire_time' => $expireTime, + ]); - // 每隔48小时清理一次过期缓存 + // 每隔48小时清理一次过期Token $time = time(); $lastCacheCleanupTime = Cache::get('last_cache_cleanup_time'); if (!$lastCacheCleanupTime || $lastCacheCleanupTime < $time - 172800) { @@ -63,32 +67,26 @@ class Mysql extends Driver /** * @throws Throwable */ - public function get(string $token, bool $expirationException = true): array + public function get(string $token): array { $data = $this->handler->where('token', $this->getEncryptedToken($token))->find(); if (!$data) { return []; } - // 返回未加密的token给客户端使用 - $data['token'] = $token; - // 返回剩余有效时间 - $data['expires_in'] = $this->getExpiredIn($data['expire_time'] ?? 0); - if ($data['expire_time'] && $data['expire_time'] <= time() && $expirationException) { - // token过期-触发前端刷新token - $response = Response::create(['code' => 409, 'msg' => __('Token expiration'), 'data' => $data], 'json'); - throw new HttpResponseException($response); - } + + $data['token'] = $token; // 返回未加密的token给客户端使用 + $data['expires_in'] = $this->getExpiredIn($data['expire_time'] ?? 0); // 返回剩余有效时间 return $data; } /** * @throws Throwable */ - public function check(string $token, string $type, int $user_id, bool $expirationException = true): bool + public function check(string $token, string $type, int $userId): bool { - $data = $this->get($token, $expirationException); - if (!$data || (!$expirationException && $data['expire_time'] && $data['expire_time'] <= time())) return false; - return $data['type'] == $type && $data['user_id'] == $user_id; + $data = $this->get($token); + if (!$data || ($data['expire_time'] && $data['expire_time'] <= time())) return false; + return $data['type'] == $type && $data['user_id'] == $userId; } /** @@ -103,10 +101,9 @@ class Mysql extends Driver /** * @throws Throwable */ - public function clear(string $type, int $user_id): bool + public function clear(string $type, int $userId): bool { - $this->handler->where('type', $type)->where('user_id', $user_id)->delete(); + $this->handler->where('type', $type)->where('user_id', $userId)->delete(); return true; } - } \ No newline at end of file diff --git a/app/common/library/token/driver/Redis.php b/app/common/library/token/driver/Redis.php index b2a5a8d6..9751b1fa 100644 --- a/app/common/library/token/driver/Redis.php +++ b/app/common/library/token/driver/Redis.php @@ -3,10 +3,8 @@ namespace app\common\library\token\driver; use Throwable; -use think\Response; use BadFunctionCallException; use app\common\library\token\Driver; -use think\exception\HttpResponseException; /** * @see Driver @@ -19,6 +17,11 @@ class Redis extends Driver */ protected array $options = []; + /** + * Token 过期后缓存继续保留的时间(s) + */ + protected int $expiredHold = 60 * 60 * 24 * 2; + /** * 构造函数 * @access public @@ -52,7 +55,7 @@ class Redis extends Driver /** * @throws Throwable */ - public function set(string $token, string $type, int $user_id, int $expire = null): bool + public function set(string $token, string $type, int $userId, int $expire = null): bool { if (is_null($expire)) { $expire = $this->options['expire']; @@ -62,28 +65,25 @@ class Redis extends Driver $tokenInfo = [ 'token' => $token, 'type' => $type, - 'user_id' => $user_id, + 'user_id' => $userId, 'create_time' => time(), 'expire_time' => $expireTime, ]; $tokenInfo = json_encode($tokenInfo, JSON_UNESCAPED_UNICODE); if ($expire) { - if ($type == 'admin' || $type == 'user') { - // 增加 redis中的 token 过期时间,以免 token 过期自动刷新永远无法触发 - $expire *= 2; - } + $expire += $this->expiredHold; $result = $this->handler->setex($token, $expire, $tokenInfo); } else { $result = $this->handler->set($token, $tokenInfo); } - $this->handler->sAdd($this->getUserKey($user_id), $token); + $this->handler->sAdd($this->getUserKey($type, $userId), $token); return $result; } /** * @throws Throwable */ - public function get(string $token, bool $expirationException = true): array + public function get(string $token): array { $key = $this->getEncryptedToken($token); $data = $this->handler->get($key); @@ -91,27 +91,20 @@ class Redis extends Driver return []; } $data = json_decode($data, true); - // 返回未加密的token给客户端使用 - $data['token'] = $token; - // 过期时间 - $data['expires_in'] = $this->getExpiredIn($data['expire_time'] ?? 0); - if ($data['expire_time'] && $data['expire_time'] <= time() && $expirationException) { - // token过期-触发前端刷新token - $response = Response::create(['code' => 409, 'msg' => __('Token expiration'), 'data' => $data], 'json'); - throw new HttpResponseException($response); - } + $data['token'] = $token; // 返回未加密的token给客户端使用 + $data['expires_in'] = $this->getExpiredIn($data['expire_time'] ?? 0); // 过期时间 return $data; } /** * @throws Throwable */ - public function check(string $token, string $type, int $user_id, bool $expirationException = true): bool + public function check(string $token, string $type, int $userId): bool { - $data = $this->get($token, $expirationException); - if (!$data || (!$expirationException && $data['expire_time'] && $data['expire_time'] <= time())) return false; - return $data['type'] == $type && $data['user_id'] == $user_id; + $data = $this->get($token); + if (!$data || ($data['expire_time'] && $data['expire_time'] <= time())) return false; + return $data['type'] == $type && $data['user_id'] == $userId; } /** @@ -119,12 +112,11 @@ class Redis extends Driver */ public function delete(string $token): bool { - $data = $this->get($token, false); + $data = $this->get($token); if ($data) { - $key = $this->getEncryptedToken($token); - $user_id = $data['user_id']; + $key = $this->getEncryptedToken($token); $this->handler->del($key); - $this->handler->sRem($this->getUserKey($user_id), $key); + $this->handler->sRem($this->getUserKey($data['type'], $data['user_id']), $key); } return true; } @@ -132,22 +124,23 @@ class Redis extends Driver /** * @throws Throwable */ - public function clear(string $type, int $user_id): bool + public function clear(string $type, int $userId): bool { - $keys = $this->handler->sMembers($this->getUserKey($user_id)); - $this->handler->del($this->getUserKey($user_id)); + $userKey = $this->getUserKey($type, $userId); + $keys = $this->handler->sMembers($userKey); + $this->handler->del($userKey); $this->handler->del($keys); return true; } /** * 获取会员的key - * @param $user_id + * @param $type + * @param $userId * @return string */ - protected function getUserKey($user_id): string + protected function getUserKey($type, $userId): string { - return $this->options['userprefix'] . $user_id; + return $this->options['prefix'] . $type . '-' . $userId; } - } \ No newline at end of file diff --git a/app/common/middleware/AllowCrossDomain.php b/app/common/middleware/AllowCrossDomain.php index 4709cbb2..2a862821 100644 --- a/app/common/middleware/AllowCrossDomain.php +++ b/app/common/middleware/AllowCrossDomain.php @@ -27,7 +27,7 @@ class AllowCrossDomain 'Access-Control-Allow-Credentials' => 'true', 'Access-Control-Max-Age' => 1800, 'Access-Control-Allow-Methods' => 'GET, POST, PATCH, PUT, DELETE, OPTIONS', - 'Access-Control-Allow-Headers' => 'think-lang, server, ba-user-token, batoken, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With', + 'Access-Control-Allow-Headers' => 'think-lang, server, ba_user_token, ba-user-token, ba_token, ba-token, batoken, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With', ]; /** diff --git a/config/buildadmin.php b/config/buildadmin.php index 2c54c2a2..24baed1a 100644 --- a/config/buildadmin.php +++ b/config/buildadmin.php @@ -59,12 +59,14 @@ return [ 'host' => '127.0.0.1', 'port' => 6379, 'password' => '', - 'select' => false, + // Db索引,非 0 以避免数据被意外清理 + 'select' => 1, 'timeout' => 0, - 'expire' => 0, + // 默认 token 有效时间 + 'expire' => 2592000, 'persistent' => false, - 'userprefix' => 'up:', - ] + 'prefix' => 'tk:', + ], ] ], // 自动写入管理员操作日志