commit
aeb19f7475
@ -3,10 +3,10 @@
|
||||
namespace common\models;
|
||||
|
||||
use Yii;
|
||||
use yii\base\NotSupportedException;
|
||||
use yii\behaviors\TimestampBehavior;
|
||||
use yii\db\ActiveRecord;
|
||||
use yii\web\IdentityInterface;
|
||||
use yii\web\UnauthorizedHttpException;
|
||||
|
||||
/**
|
||||
* User model
|
||||
@ -64,14 +64,25 @@ class User extends ActiveRecord implements IdentityInterface
|
||||
return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public static function findIdentityByAccessToken($token, $type = null)
|
||||
public function generateAccessToken()
|
||||
{
|
||||
throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
|
||||
$this->access_token = Yii::$app->security->generateRandomString();
|
||||
return $this->access_token;
|
||||
}
|
||||
|
||||
public static function findIdentityByAccessToken($token, $type = null)
|
||||
{
|
||||
$user = static::find()->where(['access_token' => $token, 'status' => self::STATUS_ACTIVE])->one();
|
||||
if (!$user) {
|
||||
return false;
|
||||
}
|
||||
if (strtotime($user->access_token_expired_at) < time()) {
|
||||
throw new UnauthorizedHttpException('the access - token expired ', -1);
|
||||
} else {
|
||||
return $user;
|
||||
}
|
||||
|
||||
}
|
||||
/**
|
||||
* Finds user by username
|
||||
*
|
||||
@ -186,4 +197,16 @@ class User extends ActiveRecord implements IdentityInterface
|
||||
{
|
||||
$this->password_reset_token = null;
|
||||
}
|
||||
|
||||
public function beforeSave($insert)
|
||||
{
|
||||
if (parent::beforeSave($insert)) {
|
||||
if ($this->isNewRecord) {
|
||||
$this->auth_key = Yii::$app->security->generateRandomString();
|
||||
}
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -0,0 +1,21 @@
|
||||
<?php
|
||||
|
||||
use yii\db\Migration;
|
||||
|
||||
/**
|
||||
* Handles adding columns to table `{{%user}}`.
|
||||
*/
|
||||
class m210708_141557_add_access_columns_to_user_table extends Migration
|
||||
{
|
||||
public function safeUp()
|
||||
{
|
||||
$this->addColumn('user', 'access_token', $this->string());
|
||||
$this->addColumn('user', 'access_token_expired_at', $this->dateTime());
|
||||
}
|
||||
|
||||
public function safeDown()
|
||||
{
|
||||
$this->dropColumn('user', 'access_token');
|
||||
$this->dropColumn('user', 'access_token_expired_at');
|
||||
}
|
||||
}
|
@ -15,6 +15,15 @@ return [
|
||||
|
||||
'modules' => [
|
||||
'api' => [
|
||||
'components' => [
|
||||
'user' => [
|
||||
'identityClass' => 'frontend\modules\api\models\User',
|
||||
'enableAutoLogin' => true,
|
||||
'enableSession' => false,
|
||||
'class' => 'frontend\modules\api\models\User',
|
||||
//'identityCookie' => ['name' => '_identity-api', 'httpOnly' => true],
|
||||
],
|
||||
],
|
||||
'class' => 'frontend\modules\api\Api',
|
||||
],
|
||||
'access' => [
|
||||
@ -32,6 +41,9 @@ return [
|
||||
'request' => [
|
||||
'csrfParam' => '_csrf-frontend',
|
||||
'baseUrl' => '',
|
||||
'parsers' => [
|
||||
'application/json' => 'yii\web\JsonParser',
|
||||
],
|
||||
],
|
||||
'user' => [
|
||||
'identityClass' => 'common\models\User',
|
||||
|
@ -3,16 +3,32 @@
|
||||
namespace frontend\modules\api\controllers;
|
||||
|
||||
use common\behaviors\GsCors;
|
||||
use common\models\Reports;
|
||||
use frontend\modules\api\models\ReportSearchForm;
|
||||
use JsonException;
|
||||
use Yii;
|
||||
use yii\filters\auth\CompositeAuth;
|
||||
use yii\filters\auth\HttpBearerAuth;
|
||||
use yii\filters\ContentNegotiator;
|
||||
use yii\rest\Controller;
|
||||
use yii\web\BadRequestHttpException;
|
||||
use yii\web\NotFoundHttpException;
|
||||
use yii\web\Response;
|
||||
|
||||
class ReportsController extends \yii\rest\Controller
|
||||
class ReportsController extends Controller
|
||||
{
|
||||
public function init()
|
||||
{
|
||||
parent::init(); // TODO: Change the autogenerated stub
|
||||
}
|
||||
|
||||
public function behaviors()
|
||||
{
|
||||
return [
|
||||
[
|
||||
'class' => \yii\filters\ContentNegotiator::className(),
|
||||
'class' => ContentNegotiator::className(),
|
||||
'formats' => [
|
||||
'application/json' => \yii\web\Response::FORMAT_JSON,
|
||||
'application/json' => Response::FORMAT_JSON,
|
||||
],
|
||||
],
|
||||
'corsFilter' => [
|
||||
@ -27,13 +43,84 @@ class ReportsController extends \yii\rest\Controller
|
||||
'X-Requested-With'
|
||||
],
|
||||
]
|
||||
],
|
||||
'authenticator' => [
|
||||
'class' => CompositeAuth::class,
|
||||
'authMethods' => [
|
||||
HttpBearerAuth::class,
|
||||
],
|
||||
]
|
||||
];
|
||||
}
|
||||
|
||||
public function actionIndex()
|
||||
public function actionIndex(): array
|
||||
{
|
||||
$reportsModel = new ReportSearchForm();
|
||||
|
||||
$params = Yii::$app->request->get();
|
||||
$reportsModel->attributes = $params;
|
||||
|
||||
if(!$reportsModel->validate()){
|
||||
return $reportsModel->errors;
|
||||
}
|
||||
return $reportsModel->byParams();
|
||||
}
|
||||
|
||||
public function actionCreate()
|
||||
{
|
||||
$reportsModel = new Reports();
|
||||
|
||||
$params = Yii::$app->request->get();
|
||||
$reportsModel->attributes = $params;
|
||||
|
||||
if(!$reportsModel->validate()){
|
||||
throw new BadRequestHttpException(json_encode($reportsModel->errors));
|
||||
}
|
||||
|
||||
$reportsModel->save();
|
||||
|
||||
return $reportsModel->toArray();
|
||||
}
|
||||
|
||||
public function actionDelete()
|
||||
{
|
||||
$id = Yii::$app->request->get('id');
|
||||
|
||||
$report = Reports::findOne($id);
|
||||
|
||||
if(null === $report) {
|
||||
throw new NotFoundHttpException('Report not found');
|
||||
}
|
||||
|
||||
if(false === ($report->delete())) {
|
||||
throw new JsonException('Report not deleted');
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
public function actionUpdate(): array
|
||||
{
|
||||
$params = Yii::$app->request->get();
|
||||
|
||||
$reportsModel = Reports::findone($params['id']);
|
||||
if(!isset($reportsModel)) {
|
||||
throw new NotFoundHttpException('report not found');
|
||||
}
|
||||
|
||||
if(isset($params['user_card_id'])) {
|
||||
throw new JsonException('constraint by user_card_id');
|
||||
}
|
||||
|
||||
$reportsModel->attributes = $params;
|
||||
|
||||
if(!$reportsModel->validate()){
|
||||
throw new BadRequestHttpException(json_encode($reportsModel->errors));
|
||||
}
|
||||
|
||||
$reportsModel->save();
|
||||
|
||||
return $reportsModel->toArray();
|
||||
}
|
||||
|
||||
}
|
||||
|
57
frontend/modules/api/controllers/UserController.php
Normal file
57
frontend/modules/api/controllers/UserController.php
Normal file
@ -0,0 +1,57 @@
|
||||
<?php
|
||||
|
||||
|
||||
namespace frontend\modules\api\controllers;
|
||||
|
||||
use common\models\User;
|
||||
use frontend\modules\api\models\LoginForm;
|
||||
use Yii;
|
||||
use yii\filters\ContentNegotiator;
|
||||
use yii\rest\ActiveController;
|
||||
use yii\helpers\ArrayHelper;
|
||||
use yii\filters\auth\QueryParamAuth;
|
||||
use yii\web\BadRequestHttpException;
|
||||
use yii\web\Response;
|
||||
|
||||
class UserController extends ActiveController
|
||||
{
|
||||
public $modelClass = User::class;
|
||||
|
||||
public function behaviors()
|
||||
{
|
||||
return ArrayHelper::merge(parent::behaviors(), [
|
||||
[
|
||||
'class' => ContentNegotiator::class,
|
||||
'formats' => [
|
||||
'application/json' => Response::FORMAT_JSON,
|
||||
],
|
||||
],
|
||||
'authenticatior' => [
|
||||
'class' => QueryParamAuth::class, //implement access token authentication
|
||||
'except' => ['login'], // no need to verify the access token method, pay attention to distinguish between $noAclLogin
|
||||
]
|
||||
]);
|
||||
}
|
||||
|
||||
public function actions()
|
||||
{
|
||||
$action = parent::actions(); // TODO: Change the autogenerated stub
|
||||
unset($action['index']);
|
||||
unset($action['create']);
|
||||
unset($action['update']);
|
||||
unset($action['delete']);
|
||||
}
|
||||
|
||||
|
||||
public function actionLogin()
|
||||
{
|
||||
$model = new LoginForm();
|
||||
if ($model->load(Yii::$app->getRequest()->getBodyParams(), '') && $model->login()) {
|
||||
return [
|
||||
'access_token' => $model->login(),
|
||||
];
|
||||
} else {
|
||||
throw new BadRequestHttpException(json_encode($model->errors));
|
||||
}
|
||||
}
|
||||
}
|
70
frontend/modules/api/models/LoginForm.php
Normal file
70
frontend/modules/api/models/LoginForm.php
Normal file
@ -0,0 +1,70 @@
|
||||
<?php
|
||||
|
||||
namespace frontend\modules\api\models;
|
||||
|
||||
use common\models\User;
|
||||
use Yii;
|
||||
use yii\base\Model;
|
||||
|
||||
/**
|
||||
* Login form
|
||||
*/
|
||||
class LoginForm extends Model
|
||||
{
|
||||
public $username;
|
||||
public $password;
|
||||
public $rememberMe = true;
|
||||
|
||||
private $_user;
|
||||
|
||||
Const EXPIRE_TIME = 604800; // token expiration time, valid for 7 days
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function rules()
|
||||
{
|
||||
return [
|
||||
// username and password are both required
|
||||
[['username', 'password'], 'required'],
|
||||
// rememberMe must be a boolean value
|
||||
['rememberMe', 'boolean'],
|
||||
// password is validated by validatePassword()
|
||||
['password', 'validatePassword'],
|
||||
];
|
||||
}
|
||||
|
||||
public function validatePassword($attribute)
|
||||
{
|
||||
if (!$this->hasErrors()) {
|
||||
$user = $this->getUser();
|
||||
if (!$user || !$user->validatePassword($this->password)) {
|
||||
$this->addError($attribute, 'Incorrect username or password.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function login()
|
||||
{
|
||||
if ($this->validate()) {
|
||||
//return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600 * 24 * 30 : 0);
|
||||
if ($this->getUser()) {
|
||||
$access_token = $this->_user->generateAccessToken();
|
||||
$this->_user->access_token_expired_at = date('Y-m-d', time() + static::EXPIRE_TIME);
|
||||
$this->_user->save();
|
||||
Yii::$app->user->login($this->_user, static::EXPIRE_TIME);
|
||||
return $access_token;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
protected function getUser()
|
||||
{
|
||||
if ($this->_user === null) {
|
||||
$this->_user = User::findByUsername($this->username);
|
||||
}
|
||||
|
||||
return $this->_user;
|
||||
}
|
||||
}
|
54
frontend/modules/api/models/ReportSearchForm.php
Normal file
54
frontend/modules/api/models/ReportSearchForm.php
Normal file
@ -0,0 +1,54 @@
|
||||
<?php
|
||||
|
||||
|
||||
namespace frontend\modules\api\models;
|
||||
|
||||
use common\models\Reports;
|
||||
use frontend\modules\card\models\UserCard;
|
||||
use yii\base\Model;
|
||||
|
||||
class ReportSearchForm extends Model
|
||||
{
|
||||
public $limit;
|
||||
public $offset;
|
||||
public $fromDate;
|
||||
public $toDate;
|
||||
public $user_id;
|
||||
|
||||
public function __construct($config = [])
|
||||
{
|
||||
$this->limit = 10;
|
||||
$this->offset = 0;
|
||||
$this->user_id = null;
|
||||
|
||||
$this->toDate = date('Y-m-d', time());
|
||||
$this->fromDate = date('Y-m-01', time());
|
||||
|
||||
parent::__construct($config);
|
||||
}
|
||||
|
||||
public function rules(): array
|
||||
{
|
||||
return [
|
||||
[['fromDate', 'toDate'], 'date', 'format' => 'php:Y-m-d'],
|
||||
[['limit', 'offset', 'user_id'], 'integer', 'min' => 0],
|
||||
];
|
||||
}
|
||||
|
||||
public function byParams()
|
||||
{
|
||||
$queryBuilder = Reports::find()
|
||||
->andWhere(['between', 'created_at', $this->fromDate, $this->toDate, $this->user_id])
|
||||
->limit($this->limit)
|
||||
->offset($this->offset);
|
||||
|
||||
if(isset($this->user_id)) {
|
||||
$userCardId = UserCard::findByUserId($this->user_id)->id;
|
||||
$queryBuilder->andWhere(['user_card_id' => $userCardId]);
|
||||
}
|
||||
|
||||
$data = $queryBuilder->all();
|
||||
|
||||
return $data;
|
||||
}
|
||||
}
|
@ -3,6 +3,7 @@
|
||||
namespace frontend\modules\card\models;
|
||||
|
||||
use common\models\CardSkill;
|
||||
use Yii;
|
||||
use yii\helpers\ArrayHelper;
|
||||
|
||||
class UserCard extends \common\models\UserCard
|
||||
@ -15,7 +16,7 @@ class UserCard extends \common\models\UserCard
|
||||
parent::init();
|
||||
|
||||
$skill = ArrayHelper::getColumn(
|
||||
CardSkill::find()->where(['card_id' => \Yii::$app->request->get('id')])->all(),
|
||||
CardSkill::find()->where(['card_id' => Yii::$app->request->get('id')])->all(),
|
||||
'skill_id'
|
||||
);
|
||||
|
||||
@ -26,7 +27,7 @@ class UserCard extends \common\models\UserCard
|
||||
|
||||
public function afterSave($insert, $changedAttributes)
|
||||
{
|
||||
$post = \Yii::$app->request->post('UserCard');
|
||||
$post = Yii::$app->request->post('UserCard');
|
||||
|
||||
if ($post['skill']) {
|
||||
CardSkill::deleteAll(['card_id' => $this->id]);
|
||||
@ -42,4 +43,9 @@ class UserCard extends \common\models\UserCard
|
||||
|
||||
parent::afterSave($insert, $changedAttributes); // TODO: Change the autogenerated stub
|
||||
}
|
||||
|
||||
public static function findByUserId($userId): ?UserCard
|
||||
{
|
||||
return self::findOne(['id_user' => $userId]);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user