new kernel, ms bearer
This commit is contained in:
@ -5,16 +5,18 @@ use kernel\modules\admin_themes\controllers\AdminThemeController;
|
||||
use Phroute\Phroute\RouteCollector;
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->group(["prefix" => "settings"], function (RouteCollector $router){
|
||||
App::$collector->group(["prefix" => "admin-themes"], function (RouteCollector $router){
|
||||
App::$collector->get('/', [AdminThemeController::class, 'actionIndex']);
|
||||
App::$collector->get('/activate', [AdminThemeController::class, 'actionActivate']);
|
||||
// App::$collector->get('/create', [\kernel\modules\menu\controllers\MenuController::class, 'actionCreate']);
|
||||
// App::$collector->post("/", [\kernel\modules\menu\controllers\MenuController::class, 'actionAdd']);
|
||||
// App::$collector->get('/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionView']);
|
||||
// App::$collector->any('/update/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionUpdate']);
|
||||
// App::$collector->any("/edit/{id}", [\kernel\modules\menu\controllers\MenuController::class, 'actionEdit']);
|
||||
// App::$collector->get('/delete/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionDelete']);
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router) {
|
||||
App::$collector->group(["prefix" => "settings"], function (RouteCollector $router) {
|
||||
App::$collector->group(["prefix" => "admin-themes"], function (RouteCollector $router) {
|
||||
App::$collector->get('/', [AdminThemeController::class, 'actionIndex']);
|
||||
App::$collector->get('/activate', [AdminThemeController::class, 'actionActivate']);
|
||||
// App::$collector->get('/create', [\kernel\modules\menu\controllers\MenuController::class, 'actionCreate']);
|
||||
// App::$collector->post("/", [\kernel\modules\menu\controllers\MenuController::class, 'actionAdd']);
|
||||
// App::$collector->get('/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionView']);
|
||||
// App::$collector->any('/update/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionUpdate']);
|
||||
// App::$collector->any("/edit/{id}", [\kernel\modules\menu\controllers\MenuController::class, 'actionEdit']);
|
||||
// App::$collector->get('/delete/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionDelete']);
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
@ -4,19 +4,24 @@ use kernel\App;
|
||||
use kernel\CgRouteCollector;
|
||||
use Phroute\Phroute\RouteCollector;
|
||||
|
||||
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router) {
|
||||
App::$collector->group(["prefix" => "settings"], function (RouteCollector $router){
|
||||
App::$collector->group(["prefix" => "menu"], function (RouteCollector $router){
|
||||
App::$collector->get('/', [\kernel\modules\menu\controllers\MenuController::class, 'actionIndex']);
|
||||
App::$collector->get('/page/{page_number}', [\kernel\modules\menu\controllers\MenuController::class, 'actionIndex']);
|
||||
App::$collector->get('/create', [\kernel\modules\menu\controllers\MenuController::class, 'actionCreate']);
|
||||
App::$collector->post("/", [\kernel\modules\menu\controllers\MenuController::class, 'actionAdd']);
|
||||
App::$collector->get('/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionView']);
|
||||
App::$collector->any('/update/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionUpdate']);
|
||||
App::$collector->any("/edit/{id}", [\kernel\modules\menu\controllers\MenuController::class, 'actionEdit']);
|
||||
App::$collector->get('/delete/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionDelete']);
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router){
|
||||
App::$collector->group(["prefix" => "settings"], function (RouteCollector $router){
|
||||
App::$collector->group(["prefix" => "menu"], function (RouteCollector $router){
|
||||
App::$collector->get('/', [\kernel\modules\menu\controllers\MenuController::class, 'actionIndex']);
|
||||
App::$collector->get('/page/{page_number}', [\kernel\modules\menu\controllers\MenuController::class, 'actionIndex']);
|
||||
App::$collector->get('/create', [\kernel\modules\menu\controllers\MenuController::class, 'actionCreate']);
|
||||
App::$collector->post("/", [\kernel\modules\menu\controllers\MenuController::class, 'actionAdd']);
|
||||
App::$collector->get('/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionView']);
|
||||
App::$collector->any('/update/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionUpdate']);
|
||||
App::$collector->any("/edit/{id}", [\kernel\modules\menu\controllers\MenuController::class, 'actionEdit']);
|
||||
App::$collector->get('/delete/{id}', [\kernel\modules\menu\controllers\MenuController::class, 'actionDelete']);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
||||
|
||||
17
kernel/modules/menu/table/columns/MenuDeleteActionColumn.php
Normal file
17
kernel/modules/menu/table/columns/MenuDeleteActionColumn.php
Normal file
@ -0,0 +1,17 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\menu\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class MenuDeleteActionColumn extends ActionColumn
|
||||
{
|
||||
|
||||
protected string $prefix = "/delete/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-danger'>Удалить</a> ";
|
||||
}
|
||||
}
|
||||
17
kernel/modules/menu/table/columns/MenuEditActionColumn.php
Normal file
17
kernel/modules/menu/table/columns/MenuEditActionColumn.php
Normal file
@ -0,0 +1,17 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\menu\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class MenuEditActionColumn extends ActionColumn
|
||||
{
|
||||
|
||||
protected string $prefix = "/update/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-success'>Редактировать</a> ";
|
||||
}
|
||||
}
|
||||
17
kernel/modules/menu/table/columns/MenuViewActionColumn.php
Normal file
17
kernel/modules/menu/table/columns/MenuViewActionColumn.php
Normal file
@ -0,0 +1,17 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\menu\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class MenuViewActionColumn extends ActionColumn
|
||||
{
|
||||
|
||||
protected string $prefix = "/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-primary'>Просмотр</a> ";
|
||||
}
|
||||
}
|
||||
@ -4,6 +4,7 @@ namespace kernel\modules\option\controllers;
|
||||
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\AdminController;
|
||||
use kernel\Flash;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\option\models\forms\CreateOptionForm;
|
||||
use kernel\modules\option\models\Option;
|
||||
@ -33,9 +34,11 @@ class OptionController extends AdminController
|
||||
if ($optionForm->validate()) {
|
||||
$option = $this->optionService->create($optionForm);
|
||||
if ($option) {
|
||||
Flash::setMessage("success", "Опция успешно создана.");
|
||||
$this->redirect('/admin/option');
|
||||
}
|
||||
}
|
||||
Flash::setMessage("error", $optionForm->getErrorsStr());
|
||||
$this->redirect('/admin/option/create');
|
||||
}
|
||||
|
||||
@ -95,6 +98,7 @@ class OptionController extends AdminController
|
||||
#[NoReturn] public function actionDelete(int $id): void
|
||||
{
|
||||
Option::find($id)->delete();
|
||||
Flash::setMessage("success", "Опция успешно удалена.");
|
||||
$this->redirect('/admin/option');
|
||||
}
|
||||
|
||||
|
||||
@ -16,7 +16,7 @@ class CreateOptionForm extends FormModel
|
||||
public function rules(): array
|
||||
{
|
||||
return [
|
||||
'key' => 'required|min-str-len:1|max-str-len:50',
|
||||
'key' => 'required|min-str-len:3|max-str-len:50',
|
||||
'value' => '',
|
||||
'label' => '',
|
||||
'status' => ''
|
||||
|
||||
@ -4,14 +4,16 @@ use kernel\App;
|
||||
use Phroute\Phroute\RouteCollector;
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router) {
|
||||
App::$collector->group(["prefix" => "option"], callback: function (RouteCollector $router) {
|
||||
App::$collector->get('/', [\kernel\modules\option\controllers\OptionController::class, 'actionIndex']);
|
||||
App::$collector->get('/page/{page_number}', [\kernel\modules\option\controllers\OptionController::class, 'actionIndex']);
|
||||
App::$collector->get('/create', [\kernel\modules\option\controllers\OptionController::class, 'actionCreate']);
|
||||
App::$collector->post("/", [\kernel\modules\option\controllers\OptionController::class, 'actionAdd']);
|
||||
App::$collector->get('/{id}', [\kernel\modules\option\controllers\OptionController::class, 'actionView']);
|
||||
App::$collector->any('/update/{id}', [\kernel\modules\option\controllers\OptionController::class, 'actionUpdate']);
|
||||
App::$collector->any("/edit/{id}", [\kernel\modules\option\controllers\OptionController::class, 'actionEdit']);
|
||||
App::$collector->get('/delete/{id}', [\kernel\modules\option\controllers\OptionController::class, 'actionDelete']);
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router) {
|
||||
App::$collector->group(["prefix" => "option"], callback: function (RouteCollector $router) {
|
||||
App::$collector->get('/', [\kernel\modules\option\controllers\OptionController::class, 'actionIndex']);
|
||||
App::$collector->get('/page/{page_number}', [\kernel\modules\option\controllers\OptionController::class, 'actionIndex']);
|
||||
App::$collector->get('/create', [\kernel\modules\option\controllers\OptionController::class, 'actionCreate']);
|
||||
App::$collector->post("/", [\kernel\modules\option\controllers\OptionController::class, 'actionAdd']);
|
||||
App::$collector->get('/{id}', [\kernel\modules\option\controllers\OptionController::class, 'actionView']);
|
||||
App::$collector->any('/update/{id}', [\kernel\modules\option\controllers\OptionController::class, 'actionUpdate']);
|
||||
App::$collector->any("/edit/{id}", [\kernel\modules\option\controllers\OptionController::class, 'actionEdit']);
|
||||
App::$collector->get('/delete/{id}', [\kernel\modules\option\controllers\OptionController::class, 'actionDelete']);
|
||||
});
|
||||
});
|
||||
});
|
||||
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\option\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class OptionDeleteActionColumn extends ActionColumn
|
||||
{
|
||||
protected string $prefix = "/delete/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-danger'>Удалить</a> ";
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\option\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class OptionEditActionColumn extends ActionColumn
|
||||
{
|
||||
protected string $prefix = "/update/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-success'>Редактировать</a> ";
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,18 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\option\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class OptionViewActionColumn extends ActionColumn
|
||||
{
|
||||
|
||||
protected string $prefix = "/";
|
||||
|
||||
public function fetch()
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-primary'>Просмотр</a> ";
|
||||
}
|
||||
|
||||
}
|
||||
@ -4,7 +4,10 @@ namespace kernel\modules\post\controllers;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\App;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\post\models\Post;
|
||||
use kernel\Request;
|
||||
use kernel\RestController;
|
||||
|
||||
class PostRestController extends RestController
|
||||
@ -19,4 +22,31 @@ class PostRestController extends RestController
|
||||
return ["user"];
|
||||
}
|
||||
|
||||
public function actionIndex(): void
|
||||
{
|
||||
$request = new Request();
|
||||
$page = $request->get('page') ?? 1;
|
||||
$perPage = $request->get('per_page') ?? 10;
|
||||
$query = $this->model->query();
|
||||
if (App::$user){
|
||||
$query->where("user_id", App::$user->id);
|
||||
}
|
||||
|
||||
if ($page > 1) {
|
||||
$query->skip(($page - 1) * $perPage)->take($perPage);
|
||||
} else {
|
||||
$query->take($perPage);
|
||||
}
|
||||
|
||||
$expand = $this->expand();
|
||||
$expandParams = explode( ",", $request->get('expand') ?? "");
|
||||
$finalExpand = array_intersect($expandParams, $expand);
|
||||
if ($finalExpand) {
|
||||
$res = $query->get()->load($finalExpand)->toArray();
|
||||
} else {
|
||||
$res = $query->get()->toArray();
|
||||
}
|
||||
|
||||
$this->renderApi($res);
|
||||
}
|
||||
}
|
||||
@ -4,20 +4,25 @@ use kernel\App;
|
||||
use kernel\CgRouteCollector;
|
||||
use Phroute\Phroute\RouteCollector;
|
||||
|
||||
App::$collector->filter('bearer', [\kernel\modules\secure\middlewares\BearerAuthMiddleware::class, "handler"]);
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->group(["prefix" => "post"], function (RouteCollector $router){
|
||||
App::$collector->get('/', [\kernel\modules\post\controllers\PostController::class, 'actionIndex']);
|
||||
App::$collector->get('/page/{page_number}', [\kernel\modules\post\controllers\PostController::class, 'actionIndex']);
|
||||
App::$collector->get('/create', [\kernel\modules\post\controllers\PostController::class, 'actionCreate']);
|
||||
App::$collector->post("/", [\kernel\modules\post\controllers\PostController::class, 'actionAdd']);
|
||||
App::$collector->get('/{id}', [\kernel\modules\post\controllers\PostController::class, 'actionView']);
|
||||
App::$collector->any('/update/{id}', [\kernel\modules\post\controllers\PostController::class, 'actionUpdate']);
|
||||
App::$collector->any("/edit/{id}", [\kernel\modules\post\controllers\PostController::class, 'actionEdit']);
|
||||
App::$collector->get('/delete/{id}', [\kernel\modules\post\controllers\PostController::class, 'actionDelete']);
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router) {
|
||||
App::$collector->group(["prefix" => "post"], function (RouteCollector $router) {
|
||||
App::$collector->get('/', [\kernel\modules\post\controllers\PostController::class, 'actionIndex']);
|
||||
App::$collector->get('/page/{page_number}', [\kernel\modules\post\controllers\PostController::class, 'actionIndex']);
|
||||
App::$collector->get('/create', [\kernel\modules\post\controllers\PostController::class, 'actionCreate']);
|
||||
App::$collector->post("/", [\kernel\modules\post\controllers\PostController::class, 'actionAdd']);
|
||||
App::$collector->get('/{id}', [\kernel\modules\post\controllers\PostController::class, 'actionView']);
|
||||
App::$collector->any('/update/{id}', [\kernel\modules\post\controllers\PostController::class, 'actionUpdate']);
|
||||
App::$collector->any("/edit/{id}", [\kernel\modules\post\controllers\PostController::class, 'actionEdit']);
|
||||
App::$collector->get('/delete/{id}', [\kernel\modules\post\controllers\PostController::class, 'actionDelete']);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
||||
$router->rest("post", [\kernel\modules\post\controllers\PostRestController::class]);
|
||||
App::$collector->group(['before' => 'bearer'], function (CgRouteCollector $router){
|
||||
$router->rest("post", [\kernel\modules\post\controllers\PostRestController::class]);
|
||||
});
|
||||
});
|
||||
16
kernel/modules/post/table/columns/PostDeleteActionColumn.php
Normal file
16
kernel/modules/post/table/columns/PostDeleteActionColumn.php
Normal file
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\post\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class PostDeleteActionColumn extends ActionColumn
|
||||
{
|
||||
protected string $prefix = "/delete/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-danger'>Удалить</a> ";
|
||||
}
|
||||
}
|
||||
16
kernel/modules/post/table/columns/PostEditActionColumn.php
Normal file
16
kernel/modules/post/table/columns/PostEditActionColumn.php
Normal file
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\post\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class PostEditActionColumn extends ActionColumn
|
||||
{
|
||||
protected string $prefix = "/update/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-success'>Редактировать</a> ";
|
||||
}
|
||||
}
|
||||
16
kernel/modules/post/table/columns/PostViewActionColumn.php
Normal file
16
kernel/modules/post/table/columns/PostViewActionColumn.php
Normal file
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\post\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class PostViewActionColumn extends actionColumn
|
||||
{
|
||||
protected string $prefix = "/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-primary'>Просмотр</a> ";
|
||||
}
|
||||
}
|
||||
@ -4,6 +4,8 @@ namespace kernel\modules\secure\controllers;
|
||||
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\AdminController;
|
||||
use kernel\Flash;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\secure\models\forms\LoginForm;
|
||||
use kernel\modules\user\service\UserService;
|
||||
|
||||
@ -25,7 +27,7 @@ class SecureController extends AdminController
|
||||
$this->cgView->render('login.php');
|
||||
}
|
||||
|
||||
public function actionAuth(): void
|
||||
#[NoReturn] public function actionAuth(): void
|
||||
{
|
||||
$loginForm = new LoginForm();
|
||||
$loginForm->load($_REQUEST);
|
||||
@ -39,21 +41,23 @@ class SecureController extends AdminController
|
||||
|
||||
$user = $this->userService->getByField($field, $loginForm->getItem("username"));
|
||||
if (!$user){
|
||||
throw new \Exception(message: "User not found");
|
||||
Flash::setMessage("error", "User not found.");
|
||||
$this->redirect("/admin/login", code: 302);
|
||||
}
|
||||
|
||||
if (password_verify($loginForm->getItem("password"), $user->password_hash)) {
|
||||
setcookie('user_id', $user->id, time()+60*60*24, '/', $_SERVER['SERVER_NAME'], false);
|
||||
$this->redirect("/admin");
|
||||
$this->redirect("/admin", code: 302);
|
||||
} else {
|
||||
$this->redirect("/admin/login");
|
||||
Flash::setMessage("error", "Username or password incorrect.");
|
||||
$this->redirect("/admin/login", code: 302);
|
||||
}
|
||||
}
|
||||
|
||||
#[NoReturn] public function actionLogout(): void
|
||||
{
|
||||
unset($_COOKIE['user_id']);
|
||||
setcookie('user_id', "", -1, '/', $_SERVER['SERVER_NAME'], false);
|
||||
setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
|
||||
$this->redirect("/", code: 302);
|
||||
}
|
||||
|
||||
|
||||
54
kernel/modules/secure/controllers/SecureRestController.php
Normal file
54
kernel/modules/secure/controllers/SecureRestController.php
Normal file
@ -0,0 +1,54 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\secure\controllers;
|
||||
|
||||
use Firebase\JWT\JWT;
|
||||
use Firebase\JWT\Key;
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\App;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\user\models\User;
|
||||
use kernel\Request;
|
||||
use kernel\RestController;
|
||||
use kernel\services\TokenService;
|
||||
use Random\RandomException;
|
||||
|
||||
class SecureRestController extends RestController
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->model = new User();
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws RandomException
|
||||
*/
|
||||
#[NoReturn] public function actionAuth(): void
|
||||
{
|
||||
$request = new Request();
|
||||
$data = $request->post();
|
||||
$model = $this->model->where('username', $data['username'])->first();
|
||||
$res = [];
|
||||
if ($model) {
|
||||
if (password_verify($data["password"], $model->password_hash)) {
|
||||
$model->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
|
||||
$model->access_token = match (App::$secure['token_type']) {
|
||||
"JWT" => TokenService::JWT($_ENV['SECRET_KEY'], 'HS256'),
|
||||
"md5" => TokenService::md5(),
|
||||
"crypt" => TokenService::crypt(),
|
||||
"hash" => TokenService::hash('sha256'),
|
||||
default => TokenService::random_bytes(20),
|
||||
};
|
||||
|
||||
$res = [
|
||||
"access_token" => $model->access_token,
|
||||
"access_token_expires_at" => $model->access_token_expires_at,
|
||||
];
|
||||
}
|
||||
$model->save();
|
||||
}
|
||||
|
||||
$this->renderApi($res);
|
||||
}
|
||||
|
||||
}
|
||||
@ -4,5 +4,7 @@
|
||||
"author": "ITGuild",
|
||||
"slug": "secure",
|
||||
"description": "Secure module",
|
||||
"routs": "routs/secure.php"
|
||||
"routs": "routs/secure.php",
|
||||
"dependence": "user",
|
||||
"show_in_admin": 0
|
||||
}
|
||||
48
kernel/modules/secure/middlewares/BearerAuthMiddleware.php
Normal file
48
kernel/modules/secure/middlewares/BearerAuthMiddleware.php
Normal file
@ -0,0 +1,48 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\secure\middlewares;
|
||||
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\App;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\Middleware;
|
||||
use kernel\modules\user\service\UserService;
|
||||
use kernel\Request;
|
||||
|
||||
class BearerAuthMiddleware extends Middleware
|
||||
{
|
||||
protected UserService $userService;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->userService = new UserService();
|
||||
}
|
||||
|
||||
function handler(): void
|
||||
{
|
||||
$request = new Request();
|
||||
$authorization = $request->getHeader("Authorization");
|
||||
if ($authorization){
|
||||
$authorization = explode(" ", $authorization);
|
||||
$type = $authorization[0];
|
||||
$token = $authorization[1];
|
||||
if ($type === "Bearer"){
|
||||
$user = $this->userService->getByAccessToken($token);
|
||||
if ($user){
|
||||
if ($user->access_token_expires_at > date("Y-m-d")){
|
||||
App::$user = $user;
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$this->returnError(403);
|
||||
}
|
||||
|
||||
#[NoReturn] public function returnError(int $code): void
|
||||
{
|
||||
http_response_code($code);
|
||||
die('Forbidden');
|
||||
}
|
||||
}
|
||||
@ -1,16 +1,11 @@
|
||||
<?php
|
||||
|
||||
use kernel\App;
|
||||
use kernel\CgRouteCollector;
|
||||
use Phroute\Phroute\RouteCollector;
|
||||
|
||||
App::$collector->filter("auth", function (){
|
||||
if(!isset($_COOKIE['user_id']))
|
||||
{
|
||||
header('Location: /admin/login', true, 302);
|
||||
|
||||
return false;
|
||||
}
|
||||
});
|
||||
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
|
||||
App::$collector->filter('bearer', [\kernel\modules\secure\middlewares\BearerAuthMiddleware::class, "handler"]);
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router){
|
||||
@ -19,4 +14,11 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->get('/login', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogin']);
|
||||
App::$collector->get('/logout', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogout']);
|
||||
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionAuth']);
|
||||
});
|
||||
});
|
||||
|
||||
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
||||
App::$collector->group(["prefix" => "secure"], function (CgRouteCollector $router) {
|
||||
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionAuth']);
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
@ -7,5 +7,5 @@
|
||||
"module_class": "kernel\\modules\\user\\UserModule",
|
||||
"module_class_file": "{KERNEL_MODULES}/user/UserModule.php",
|
||||
"routs": "routs/user.php",
|
||||
"dependence": "menu"
|
||||
"dependence": "menu,secure"
|
||||
}
|
||||
@ -19,6 +19,8 @@ return new class extends Migration
|
||||
$table->string('email', 255);
|
||||
$table->string('password_hash', 255);
|
||||
$table->integer('role')->default(1);
|
||||
$table->string('access_token', 255)->nullable(true);
|
||||
$table->dateTime('access_token_expires_at')->nullable(true);
|
||||
$table->timestamps();
|
||||
});
|
||||
}
|
||||
|
||||
@ -7,6 +7,8 @@ use Illuminate\Database\Eloquent\Model;
|
||||
* @property string $username
|
||||
* @property string $email
|
||||
* @property string $password_hash
|
||||
* @property string $access_token
|
||||
* @property string $access_token_expires_at
|
||||
* @method static find($id)
|
||||
*/
|
||||
class User extends Model {
|
||||
@ -15,7 +17,7 @@ class User extends Model {
|
||||
const ADMIN_USER_ROLE = 9;
|
||||
|
||||
protected $table = 'user';
|
||||
protected $fillable = ['username', 'email', 'password_hash', 'role'];
|
||||
protected $fillable = ['username', 'email', 'password_hash', 'role', 'access_token', 'access_token_expires_at'];
|
||||
protected array $dates = ['deleted at'];
|
||||
|
||||
public static function labels(): array
|
||||
@ -24,7 +26,7 @@ class User extends Model {
|
||||
'username' => 'Логин',
|
||||
'email' => 'Email',
|
||||
'created_at' => 'Создан',
|
||||
'updated_at' => 'Обновлен'
|
||||
'updated_at' => 'Обновлен',
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,14 +7,16 @@ use Phroute\Phroute\RouteCollector;
|
||||
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->group(["prefix" => "user"], callback: function (RouteCollector $router){
|
||||
App::$collector->get('/', [\kernel\modules\user\controllers\UserController::class, 'actionIndex']);
|
||||
App::$collector->get('/page/{page_number}', [\kernel\modules\user\controllers\UserController::class, 'actionIndex']);
|
||||
App::$collector->get('/create', [\kernel\modules\user\controllers\UserController::class, 'actionCreate']);
|
||||
App::$collector->post("/", [\kernel\modules\user\controllers\UserController::class, 'actionAdd']);
|
||||
App::$collector->get('/{id}', [\kernel\modules\user\controllers\UserController::class, 'actionView']);
|
||||
App::$collector->any('/update/{id}', [\kernel\modules\user\controllers\UserController::class, 'actionUpdate']);
|
||||
App::$collector->any("/edit/{id}", [\kernel\modules\user\controllers\UserController::class, 'actionEdit']);
|
||||
App::$collector->get('/delete/{id}', [\kernel\modules\user\controllers\UserController::class, 'actionDelete']);
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router) {
|
||||
App::$collector->group(["prefix" => "user"], callback: function (RouteCollector $router) {
|
||||
App::$collector->get('/', [\kernel\modules\user\controllers\UserController::class, 'actionIndex']);
|
||||
App::$collector->get('/page/{page_number}', [\kernel\modules\user\controllers\UserController::class, 'actionIndex']);
|
||||
App::$collector->get('/create', [\kernel\modules\user\controllers\UserController::class, 'actionCreate']);
|
||||
App::$collector->post("/", [\kernel\modules\user\controllers\UserController::class, 'actionAdd']);
|
||||
App::$collector->get('/{id}', [\kernel\modules\user\controllers\UserController::class, 'actionView']);
|
||||
App::$collector->any('/update/{id}', [\kernel\modules\user\controllers\UserController::class, 'actionUpdate']);
|
||||
App::$collector->any("/edit/{id}", [\kernel\modules\user\controllers\UserController::class, 'actionEdit']);
|
||||
App::$collector->get('/delete/{id}', [\kernel\modules\user\controllers\UserController::class, 'actionDelete']);
|
||||
});
|
||||
});
|
||||
});
|
||||
@ -33,6 +33,11 @@ class UserService
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $field
|
||||
* @param string $value
|
||||
* @return mixed
|
||||
*/
|
||||
public function getByField(string $field, string $value)
|
||||
{
|
||||
return User::where($field, $value)->first();
|
||||
@ -72,4 +77,9 @@ class UserService
|
||||
return '';
|
||||
}
|
||||
|
||||
public function getByAccessToken(string $token)
|
||||
{
|
||||
return $this->getByField("access_token", $token);
|
||||
}
|
||||
|
||||
}
|
||||
16
kernel/modules/user/table/columns/UserDeleteActionColumn.php
Normal file
16
kernel/modules/user/table/columns/UserDeleteActionColumn.php
Normal file
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\user\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class UserDeleteActionColumn extends ActionColumn
|
||||
{
|
||||
protected string $prefix = "/delete/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-danger'>Удалить</a> ";
|
||||
}
|
||||
}
|
||||
16
kernel/modules/user/table/columns/UserEditActionColumn.php
Normal file
16
kernel/modules/user/table/columns/UserEditActionColumn.php
Normal file
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\user\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class UserEditActionColumn extends ActionColumn
|
||||
{
|
||||
protected string $prefix = "/update/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-success'>Редактировать</a> ";
|
||||
}
|
||||
}
|
||||
16
kernel/modules/user/table/columns/UserViewActionColumn.php
Normal file
16
kernel/modules/user/table/columns/UserViewActionColumn.php
Normal file
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\user\table\columns;
|
||||
|
||||
use Itguild\Tables\ActionColumn\ActionColumn;
|
||||
|
||||
class UserViewActionColumn extends ActionColumn
|
||||
{
|
||||
protected string $prefix = "/";
|
||||
|
||||
public function fetch(): string
|
||||
{
|
||||
$link = $this->baseUrl . $this->prefix . $this->id;
|
||||
return " <a href='$link' class='btn btn-primary'>Просмотр</a> ";
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user