public function logout()
{
$token = parent::verifyToken();
if (false == $token) {
return parent::tokenError();
}
if (!empty($token->logout_time)) {
return parent::tokenError();
}
$dbToken = Token::findFirst("token='" . $token->token . "'");
if (false == $dbToken->delete()) {
return parent::serverError();
}
$this->session->destroy($token->token);
// 删除缓存中的token
return parent::success();
}
/**
* @api {post} /token 登录获得token
* @apiUse header
*
* @apiName logout
* @apiGroup Token
* @apiVersion 1.0.0
*
* @apiSuccess {Array} empty_array 空数组,无实际意义
*
* @apiUse errorExample
*/
public function logout()
{
$token = $this->session->get('token');
if (false == $token) {
return parent::tokenError();
}
if (!empty($token->logout_time)) {
return parent::tokenError();
}
$dbToken = Token::findFirst("token='" . $token->token . "'");
$dbToken->logout_time = time();
if (false == $dbToken->delete()) {
return parent::serverError();
}
$this->session->set('token', null);
// 设置token为null
return parent::success();
}
$roleName = $objRole->getName();
if ($roleName == 'Admin') {
foreach ($arrResources['Admin'] as $resource => $method) {
$acl->allow($roleName, $resource, $method);
}
}
if ($roleName == 'User') {
foreach ($arrResources['User'] as $resource => $method) {
$acl->allow($roleName, $resource, $method);
}
}
}
$app->before(function () use($app, $acl) {
$arrHandler = $app->getActiveHandler();
$controller = str_replace('Controller\\', '', get_class($arrHandler[0]));
$baseController = new BaseController();
$cacheToken = $baseController->verifyToken();
if (false == $cacheToken) {
$auth = 'User';
} else {
$auth = $cacheToken->auth;
}
$allowed = $acl->isAllowed($auth, $controller, $arrHandler[1]);
if (false == $allowed) {
$app->response = $baseController->tokenError();
// 返回无权限,提示信息和token错误一致
$app->response->send();
return false;
}
return true;
});
