一、开放路由
在根目录下route文件夹下修改app.php文件,代码如下:
// 操作日志
Route::get('token/get_list','permission.Token/getList');// 获取操作日志列表
Route::post('token/get_all','permission.Token/getAll');// 获取操作日志所有数据
Route::post('token/get_info','permission.Token/getInfo');// 获取操作日志单条数据
二、开发日志控制管理
在根目录下app文件夹下controller文件夹下permission文件夹下添加操作日志控制文件类并命名为Token.php,代码如下
<?php
/**
* 用户操作记录管理
* User: 龙哥·三年风水
* Date: 2024/12/13
* Time: 15:54
*/
namespace app\controller\permission;
use app\controller\Base;
use app\model\common\Token as TokenModel;
use app\model\permission\Admin as AdminModel;
use app\model\permission\Menu as PMModel;
class Token extends Base
{
//分页数据
public function getList(){
$where = [];
$param = $this->request->param();
if (!empty($param['username'])) $where[] = ['pa.username', 'LIKE', '%' . $param['username'] . '%'];
if (!empty($param['create_time'])) $where[] = ['a.create_time', '=', $param['create_time']];
if (!empty($param['token_type']))$where[] = ['a.token_type', '=', $param['token_type']];
$join[] = ['permission_admin pa','a.admin_id = pa.id'];
$resList = TokenModel::dataList($where,'a.id,a.token_type,a.menu_name,pa.username,a.login_time', [$param['currentPage'], $param['currentSize']],'a.login_time DESC',$join);
$list = $resList['info'];
foreach ($list as $k => $v) {
$list[$k]['token_type'] = TokenModel::tokenType($v['token_type']);
$list[$k]['menu_name'] = PMModel::menunameTitle($v['menu_name']);
}
$res['list'] = $list;
$res['meat'] = $resList['page'];
$this->setToken(4,'PermissionTokenIndexList');
return succ('操作成功',$res);
}
//所有数据
public function getAll(){
$this->setToken(5,'PermissionTokenIndexAll');
$param = $this->request->param();
if (!empty($param['username'])) $where[] = ['pa.username', 'LIKE', '%' . $param['username'] . '%'];
if (!empty($param['create_time'])) $where[] = ['a.create_time', '=', $param['create_time']];
if (!empty($param['token_type']))$where[] = ['a.token_type', '=', $param['token_type']];
$join[] = ['permission_admin pa','a.admin_id = pa.id'];
$list = TokenModel::dataAll(['status' => 1], 'a.id,a.token_type,a.menu_name,pa.username,a.login_time', 'a.login_time DESC',$join);
foreach ($list as $k => $v) {
$list[$k]['token_type'] = TokenModel::tokenType($v['token_type']);
$list[$k]['menu_name'] = PMModel::menunameTitle($v['menu_name']);
}
return succ('操作成功',$list);
}
//单条数据
public function getInfo(){
$this->setToken(6,'PermissionTokenIndexDetails');
$id = $this->request->param('id', 0);
if(empty($id))return err('主键参数必须上传');
$data = TokenModel::dataFind(['id' => $id], 'token_type,menu_name,token,admin_id,random_number,create_time,login_time,expire_time',true);
if(!empty($data)){
$data['token_type'] = TokenModel::tokenType($data['token_type']);
$data['menu_name'] = PMModel::menunameTitle($data['menu_name']);
$data['username'] = AdminModel::dataFind(['id' => $data['admin_id']],'username',false);
$data['expire_time'] = date('Y-m-d H:i:s',$data['expire_time']);
unset($data['admin_id']);
}
return succ('操作成功',$data);
}
}三、修改日志数据控制层
在根目录下app文件夹下model文件夹下common文件夹下,修改Token.php文件,代码如下:
<?php
/**
* 登录用户数据管理
* User: 龙哥 三年风水
* Date: 2024/10/29
* Time: 10:26
*/
namespace app\model\common;
use app\model\Tools;
use Redis\Redis;
use app\model\param\System as SystemModel;
use app\model\permission\Admin;
class Token extends Tools
{
protected static $name = 'permission_token';
protected static $connection = 'mysql';
protected $pk = 'token';
//查询列表
public static function dataList($where,$field,$limit,$order,$join = []){
return self::dataLists(self::$name, $where, $field, $limit, $order, $join, self::$connection);
}
//所有数据
public static function dataAll($where,$field,$order,$join = []){
return self::dataAlls(self::$name, $where, $field, $order, $join, self::$connection);
}
//查询数据
public static function dataFind($where = [], $field, $findType = true)
{
return self::dataFinds(self::$name, $where, $field, $findType, self::$connection);
}
//保存数据
public static function save($data, $where = [])
{
return self::dataSaves(self::$name, $data, $where, self::$connection);
}
//修改token整个状态
public static function setToken($token, $attack, $clientIp){
$data['admin_id'] = 0;
$data['username'] = '';
$data['avatar'] = '';
$data['realname'] = '';
$data['email'] = '';
$data['ip'] = '';
$data['department_id'] = 0;
$data['grade_id'] = 0;
$data['role_id'] = 0;
$data['random_number'] = '';
$redisToken = Redis::select(config('cache.stores.redis.token_db'))->get('token_'.$token);
if(empty($redisToken))return array('status' => false, 'info' => 'token已经过期咯,请重新登录!', 'data' => $data);
//获取系统配置的过期时间
$systemParam = SystemModel::dataFind(['id' => 1],'platform_token_expira');
//验证是否跨站攻击
$attackToken = Redis::select(config('cache.stores.redis.token_db'))->get('token_' . $redisToken);
if(!empty($attackToken)){
if ($attackToken === $attack){
//如果传过来加密后的token与Redis里面记录的一样,就禁止访问、延长过期时间并加入黑名单
Redis::select(config('cache.stores.redis.token_db'))->expire('token_'.$token, $systemParam['platform_token_expira']);
//加入黑名单
//Redis::select(config('cache.stores.redis.default_db'))->sadd('black-list', $clientIp);
//return array('status' => false, 'info' => '跨站攻击', 'data' => $data);
}
}
Redis::select(config('cache.stores.redis.token_db'))->expire('token_'.$token, $systemParam['platform_token_expira']);
Redis::select(config('cache.stores.redis.token_db'))->setex('token_' . $redisToken, $systemParam['platform_token_expira'], $attack);
$resAdminFind = Admin::dataFind(['id' => $redisToken], 'username,avatar,realname,email,ip,department_id,grade_id,role_id,status',true);
if ($resAdminFind['status'] !== 1) return array('status' => false, 'info' => '该用户已被禁用', 'data' => $data);
$data['admin_id'] = $redisToken;
$data['username'] = $resAdminFind['username'];
$data['avatar'] = $resAdminFind['avatar'];
$data['realname'] = $resAdminFind['realname'];
$data['email'] = $resAdminFind['email'];
$data['ip'] = $resAdminFind['ip'];
$data['department_id'] = $resAdminFind['department_id'];
$data['grade_id'] = $resAdminFind['grade_id'];
$data['role_id'] = $resAdminFind['role_id'];
$data['random_number'] = self::dataFind(['token' => $token],'random_number',false);
return array('status' => true, 'info' => '', 'data' => $data);
}
/**
* 返回类型属性
* User: 龙哥·三年风水
* Date: 2024/12/13
* Time: 11:22
* @ param $tokenType 类型编号
* @ return mixed
*/
public static function tokenType($tokenType){
$arr = ["","登录","退出","自动退出","列表","所有","详情","保存","启禁用","删除","获取个人资料","修改个人资料","获取菜单权限","上传文件"];
return $arr[$tokenType];
}
}
