From 2ce0adfdca696726555432efa610c230a3d0c4a6 Mon Sep 17 00:00:00 2001
From: walkor <walkor@workerman.net>
Date: Fri, 9 Dec 2022 15:51:04 +0800
Subject: [PATCH] save

---
 .gitignore                                    |  1 +
 src/plugin/admin/api/Auth.php                 |  9 +++-
 src/plugin/admin/api/Menu.php                 |  6 ---
 src/plugin/admin/api/Middleware.php           | 15 +++++--
 .../admin/app/controller/IndexController.php  |  2 +
 .../app/controller/InstallController.php      | 43 ++++++++++++++++++-
 src/plugin/admin/app/functions.php            | 18 +++++---
 7 files changed, 75 insertions(+), 19 deletions(-)

diff --git a/.gitignore b/.gitignore
index b55a535..25bceaa 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,4 +5,5 @@
 .env
 src/plugin/admin/public/upload
 src/plugin/admin/config/database.php
+src/plugin/admin/config/thinkorm.php
 src/plugin/admin.zip
diff --git a/src/plugin/admin/api/Auth.php b/src/plugin/admin/api/Auth.php
index 70ddfb5..0ab9666 100644
--- a/src/plugin/admin/api/Auth.php
+++ b/src/plugin/admin/api/Auth.php
@@ -17,7 +17,7 @@ class Auth
      * @param string $controller
      * @param string $action
      * @return void
-     * @throws \ReflectionException
+     * @throws \ReflectionException|BusinessException
      */
     public static function access(string $controller, string $action)
     {
@@ -35,10 +35,15 @@ class Auth
      * @param int $code
      * @param string $msg
      * @return bool
-     * @throws \ReflectionException
+     * @throws \ReflectionException|BusinessException
      */
     public static function canAccess(string $controller, string $action, int &$code = 0, string &$msg = ''): bool
     {
+        if (!$controller) {
+            $msg = '无法识别当前控制器';
+            $code = 3;
+            return false;
+        }
         // 获取控制器鉴权信息
         $class = new \ReflectionClass($controller);
         $properties = $class->getDefaultProperties();
diff --git a/src/plugin/admin/api/Menu.php b/src/plugin/admin/api/Menu.php
index 551c31e..c482657 100644
--- a/src/plugin/admin/api/Menu.php
+++ b/src/plugin/admin/api/Menu.php
@@ -14,7 +14,6 @@ class Menu
 
     /**
      * 根据key获取菜单
-     *
      * @param $key
      * @return array
      */
@@ -26,7 +25,6 @@ class Menu
 
     /**
      * 根据id获得菜单
-     *
      * @param $id
      * @return array
      */
@@ -37,7 +35,6 @@ class Menu
 
     /**
      * 添加菜单
-     *
      * @param array $menu
      * @return int
      */
@@ -53,7 +50,6 @@ class Menu
 
     /**
      * 导入菜单
-     *
      * @param array $menu_tree
      * @return void
      */
@@ -81,7 +77,6 @@ class Menu
 
     /**
      * 删除菜单
-     *
      * @param $key
      * @return void
      */
@@ -103,7 +98,6 @@ class Menu
 
     /**
      * 获取菜单中某个(些)字段的值
-     *
      * @param $menu
      * @param null $column
      * @param null $index
diff --git a/src/plugin/admin/api/Middleware.php b/src/plugin/admin/api/Middleware.php
index d370046..02cc844 100644
--- a/src/plugin/admin/api/Middleware.php
+++ b/src/plugin/admin/api/Middleware.php
@@ -1,17 +1,24 @@
 <?php
 namespace plugin\admin\api;
 
-use plugin\admin\api\Auth;
-use plugin\admin\app\model\Option;
 use Webman\Http\Request;
 use Webman\Http\Response;
 use Webman\MiddlewareInterface;
+use support\exception\BusinessException;
 
 /**
- * 对外提供的中间件
+ * 对外提供的webman-admin鉴权中间件
  */
 class Middleware implements MiddlewareInterface
 {
+    /**
+     * 鉴权
+     * @param Request $request
+     * @param callable $handler
+     * @return Response
+     * @throws \ReflectionException
+     * @throws BusinessException
+     */
     public function process(Request $request, callable $handler): Response
     {
         $controller = $request->controller;
@@ -23,7 +30,7 @@ class Middleware implements MiddlewareInterface
             if ($request->expectsJson()) {
                 $response = json(['code' => $code, 'msg' => $msg, 'type' => 'error']);
             } else {
-                $response = \response($msg, $code);
+                $response = \response($msg, 401);
             }
         } else {
             $response = $request->method() == 'OPTIONS' ? response('') : $handler($request);
diff --git a/src/plugin/admin/app/controller/IndexController.php b/src/plugin/admin/app/controller/IndexController.php
index a749405..eaf55fc 100644
--- a/src/plugin/admin/app/controller/IndexController.php
+++ b/src/plugin/admin/app/controller/IndexController.php
@@ -5,6 +5,7 @@ namespace plugin\admin\app\controller;
 use plugin\admin\app\common\Util;
 use plugin\admin\app\model\User;
 use support\Db;
+use support\exception\BusinessException;
 use support\Request;
 use support\Response;
 use think\db\Where;
@@ -29,6 +30,7 @@ class IndexController
      * 后台主页
      * @param Request $request
      * @return Response
+     * @throws BusinessException
      */
     public function index(Request $request): Response
     {
diff --git a/src/plugin/admin/app/controller/InstallController.php b/src/plugin/admin/app/controller/InstallController.php
index b94df03..31f18ee 100644
--- a/src/plugin/admin/app/controller/InstallController.php
+++ b/src/plugin/admin/app/controller/InstallController.php
@@ -43,7 +43,7 @@ class InstallController extends Base
         $password = $request->post('password');
         $database = $request->post('database');
         $host = $request->post('host');
-        $port = $request->post('port');
+        $port = (int)$request->post('port') ?: 3306;
         $overwrite = $request->post('overwrite');
 
         try {
@@ -74,6 +74,7 @@ class InstallController extends Base
             'wa_rules',
             'wa_options',
             'wa_users',
+            'wa_uploads',
         ];
 
         if (!$overwrite) {
@@ -128,6 +129,46 @@ EOF;
 
         file_put_contents($database_config_file, $config_content);
 
+        $think_orm_config = <<<EOF
+<?php
+return [
+    'default' => 'mysql',
+    'connections' => [
+        'mysql' => [
+            // 数据库类型
+            'type' => 'mysql',
+            // 服务器地址
+            'hostname' => '$host',
+            // 数据库名
+            'database' => '$database',
+            // 数据库用户名
+            'username' => '$user',
+            // 数据库密码
+            'password' => '$password',
+            // 数据库连接端口
+            'hostport' => $port,
+            // 数据库连接参数
+            'params' => [
+                // 连接超时3秒
+                \PDO::ATTR_TIMEOUT => 3,
+            ],
+            // 数据库编码默认采用utf8
+            'charset' => 'utf8mb4',
+            // 数据库表前缀
+            'prefix' => '',
+            // 断线重连
+            'break_reconnect' => true,
+            // 关闭SQL监听日志
+            'trigger_sql' => true,
+            // 自定义分页类
+            'bootstrap' =>  ''
+        ],
+    ],
+];
+EOF;
+        file_put_contents(base_path() . '/plugin/admin/config/thinkorm.php', $think_orm_config);
+
+
         // 尝试reload
         if (function_exists('posix_kill')) {
             set_error_handler(function () {});
diff --git a/src/plugin/admin/app/functions.php b/src/plugin/admin/app/functions.php
index bf05ff9..b512f8f 100644
--- a/src/plugin/admin/app/functions.php
+++ b/src/plugin/admin/app/functions.php
@@ -93,14 +93,17 @@ function refresh_admin_session(bool $force = false)
     if (!$force && $time_now - $session_last_update_time < $session_ttl) {
         return null;
     }
-    $admin = Admin::find($admin_id)->toArray();
+    $session = request()->session();
+    $admin = Admin::find($admin_id);
     if (!$admin) {
-        throw new BusinessException('当前账户不存在或已被禁用');
+        $session->forget('admin');
+        return null;
     }
+    $admin = $admin->toArray();
     unset($admin['password']);
     $admin['roles'] = $admin['roles'] ? explode(',', $admin['roles']) : [];
     $admin['session_last_update_time'] = $time_now;
-    request()->session()->set('admin', $admin);
+    $session->set('admin', $admin);
 }
 
 
@@ -122,11 +125,14 @@ function refresh_user_session(bool $force = false)
     if (!$force && $time_now - $session_last_update_time < $session_ttl) {
         return null;
     }
-    $user = User::find($user_id)->toArray();
+    $session = request()->session();
+    $user = User::find($user_id);
     if (!$user) {
-        throw new BusinessException('当前账户不存在或已被禁用');
+        $session->forget('user');
+        return null;
     }
+    $user = $user->toArray();
     unset($user['password']);
     $user['session_last_update_time'] = $time_now;
-    request()->session()->set('user', $user);
+    $session->set('user', $user);
 }
\ No newline at end of file