Example #1
0
 /**
  * 检查 token 对应的用户是否有权限访问接口
  *
  * @param  string            $token  用于API权限验证的 token
  * @param  string            $action 控制器类名及方法(不包含命名空间)
  * @param  \App\Http\Request $req    HTTP 请求对象
  * @return array
  */
 public function valid_token($token, $action, &$req = null) : array
 {
     if (!$token || strlen($token) !== 32) {
         return [-101, '请提供有效的 token'];
     }
     $dateline = time();
     $uid = mem_get('api_' . $token);
     if ($uid === false) {
         $m_al = new ApiLogin();
         $api_login = $m_al->find(['token' => $token, 'dateline >=' => $dateline - self::CACHE_TIME], 'uid, token, dateline');
         if ($api_login) {
             $uid = $api_login['uid'];
             mem_set('api_' . $token, $uid, self::CACHE_TIME);
         } else {
             return [-102, 'token不匹配'];
         }
     }
     // 检查权限
     $key_rights = 'api_rights_' . $uid;
     $key_allowed_ip = 'api_allowed_ip_' . $uid;
     $uid_rights = mem_get($key_rights);
     $allowed_ip = mem_get($key_allowed_ip);
     if ($uid_rights === false) {
         $m_au = new ApiUser();
         $api_user = $m_au->find(['uid' => $uid], 'rights, allowed_ip');
         if (!$api_user) {
             return [-103, 'token 对应的用户不存在'];
         }
         $uid_rights = $api_user['rights'];
         $allowed_ip = $api_user['allowed_ip'];
         mem_set($key_rights, $uid_rights, self::CACHE_TIME);
         mem_set($key_allowed_ip, $allowed_ip, self::CACHE_TIME);
     }
     list($controller, $method) = explode(':', $action, 2);
     if (!$this->check_rights($uid_rights, $controller, $method)) {
         return [-104, '您没有权限访问该接口'];
     }
     // 检查IP是否允许
     $ip = $_SERVER['REMOTE_ADDR'];
     if ($allowed_ip && strpos($allowed_ip, $ip) === false) {
         return [-105, '您的IP无权限访问接口'];
     }
     $req = $this->set_extra_args($req, $uid_rights, $action);
     return [0, $uid];
 }
Example #2
0
	<?php 
}
?>

<div class="page-header" style="margin: 0 0 20px;">
	<h2>
		<a href="<?php 
echo URL::route('home');
?>
" class="pull-right btn btn-default">Back to List</a>
		Timer Details
	</h2>
</div>
<?php 
$name = MapItem::find($timer->itemID);
$user = ApiUser::find($timer->user_id);
$sys_tmp = preg_split("/\\ [IVX]+/", $name->itemName);
$system = $sys_tmp[0];
?>
<h3><a href="http://evemaps.dotlan.net/system/<?php 
echo $system;
?>
"><?php 
echo $name->itemName;
?>
</a></h3>
<h4><?php 
echo date('Y-m-d H:i:s e', strtotime($timer->timeExiting));
?>
 - <?php 
echo Carbon::createFromTimeStamp(strtotime($timer->timeExiting))->diffForHumans();
Example #3
0
 private function updateUser($token, $result)
 {
     // validate permissions
     $permission = 0;
     foreach (Config::get('braveapi.auth-edit-tags') as $tag) {
         if (in_array($tag, $result->tags)) {
             $permission = 1;
             break;
         }
     }
     // per user overrides
     foreach (Config::get('braveapi.auth-edit-users') as $id) {
         if ($id == $result->character->id) {
             $permission = 1;
             break;
         }
     }
     // Get alliance info
     $api = new Brave\API(Config::get('braveapi.application-endpoint'), Config::get('braveapi.application-identifier'), Config::get('braveapi.local-private-key'), Config::get('braveapi.remote-public-key'));
     $alliance_result = $api->lookup->alliance(array('search' => $result->alliance->id, 'only' => 'short'));
     /*
     if($result->character->id == 93647416)
     {
     	dd($result);
     }
     */
     // check for existing user
     $userfound = ApiUser::find($result->character->id);
     if ($userfound == false) {
         // no user found, create it
         $userfound = ApiUser::create(array('id' => $result->character->id, 'token' => $token, 'remember_token' => '', 'character_name' => $result->character->name, 'alliance_id' => $result->alliance->id, 'alliance_name' => $result->alliance->name, 'alliance_ticker' => $alliance_result->short, 'tags' => json_encode($result->tags), 'status' => 1, 'permission' => $permission));
     } else {
         // update the existing user
         $userfound->token = $token;
         $userfound->status = 1;
         $userfound->permission = $permission;
         $userfound->token = $token;
         $userfound->character_name = $result->character->name;
         $userfound->alliance_id = $result->alliance->id;
         $userfound->alliance_name = $result->alliance->name;
         $userfound->alliance_ticker = $alliance_result->short;
         $userfound->permission = $permission;
         $userfound->tags = json_encode($result->tags);
         $userfound->save();
     }
     return $userfound;
 }