public function logout() { $token = parent::verifyToken(); if (false == $token) { return parent::tokenError(); } if (!empty($token->logout_time)) { return parent::tokenError(); } $dbToken = Token::findFirst("token='" . $token->token . "'"); if (false == $dbToken->delete()) { return parent::serverError(); } $this->session->destroy($token->token); // 删除缓存中的token return parent::success(); }
/** * @api {post} /token 登录获得token * @apiUse header * * @apiName logout * @apiGroup Token * @apiVersion 1.0.0 * * @apiSuccess {Array} empty_array 空数组,无实际意义 * * @apiUse errorExample */ public function logout() { $token = $this->session->get('token'); if (false == $token) { return parent::tokenError(); } if (!empty($token->logout_time)) { return parent::tokenError(); } $dbToken = Token::findFirst("token='" . $token->token . "'"); $dbToken->logout_time = time(); if (false == $dbToken->delete()) { return parent::serverError(); } $this->session->set('token', null); // 设置token为null return parent::success(); }
$roleName = $objRole->getName(); if ($roleName == 'Admin') { foreach ($arrResources['Admin'] as $resource => $method) { $acl->allow($roleName, $resource, $method); } } if ($roleName == 'User') { foreach ($arrResources['User'] as $resource => $method) { $acl->allow($roleName, $resource, $method); } } } $app->before(function () use($app, $acl) { $arrHandler = $app->getActiveHandler(); $controller = str_replace('Controller\\', '', get_class($arrHandler[0])); $baseController = new BaseController(); $cacheToken = $baseController->verifyToken(); if (false == $cacheToken) { $auth = 'User'; } else { $auth = $cacheToken->auth; } $allowed = $acl->isAllowed($auth, $controller, $arrHandler[1]); if (false == $allowed) { $app->response = $baseController->tokenError(); // 返回无权限,提示信息和token错误一致 $app->response->send(); return false; } return true; });