route = new Route(); // } public function index() { $doc = $GLOBALS['doc']; $doc = ltrim($doc, '/'); if (substr($doc, -1) === '/') { $doc = $doc . "index.md"; } // var_dump($doc); // exit; $doc = empty($doc) ? 'index.md' : $doc; if (pathinfo($doc,PATHINFO_EXTENSION) != 'md') { $doc = $doc . ".md"; } $filename = DATA_PATH . $doc; $text = ""; $toc = ""; $content = ""; if ($is_file_exists = file_exists($filename)) { $parsedownExtension = new \ParsedownExtension(); $parsedownExtension->setTocEnabled(true); $text = file_get_contents($filename); $res = $parsedownExtension->text($text); $toc = $res['toc']; $content = $res['content']; } $this->assign('doc',$doc); $this->assign('is_file_exists', $is_file_exists); $this->assign('text',$text); $this->assign('toc',$toc); $this->assign('content',$content); $this->fetch(); } public function editor() { $doc = $GLOBALS['doc']; var_dump($doc); exit; $this->fetch(); } public function save() { $this->validate(); // $doc = $_POST['doc']; // $content = $_POST['content']; // 获取payload json数据，转换成数组形式 $postData = file_get_contents('php://input'); $requests = !empty($postData) ? json_decode($postData, true) : []; $doc = $requests['doc']; $content = $requests['content']; $pathinfo = pathinfo($doc); $dir_name = DATA_PATH . $pathinfo['dirname']; if (!is_dir($dir_name) && !mkdir($dir_name, 0744, true)) { die(json_encode(['code'=>2, 'msg'=>'目录创建失败'])); } $filename = DATA_PATH . $doc; $res = file_put_contents($filename, $content); if ($res === false) { echo json_encode(['code'=>2, 'msg'=>'保存失败']); } else { echo json_encode(['code'=>0, 'msg'=>'保存成功, 字数:' . $res]); } die(); } public function login() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = htmlentities($_POST['username']); $password = htmlentities($_POST['password']); $sql = "select * from sys_user where username='" . $username . "' limit 0,1"; $mysqlite = new MySqlite(); $user = $mysqlite->getOne($sql); if ($username !== $user['username'] && md5($password) !== $user['password']) { throw new RRException("用户名或密码错误!", 401); } // 用户名和密码正确，则签发tokon $nowtime = time(); $jwtInfo = [ 'iss' => 'huwhois@163.com', //签发者 'iat' => $nowtime, //签发时间 'nbf' => $nowtime + 10, //在什么时间之后该jwt才可用 'exp' => $nowtime + 64800, //过期时间-18h 'data' => [ 'userid' => $user['id'], 'username' => $username ] ]; $token = JWT::encode($jwtInfo, KEY); echo json_encode(['code'=>0, 'msg'=>'success', 'token'=>$token]); } die(); } private function validate () { $jwt = isset($_SERVER['HTTP_TOKEN']) ? $_SERVER['HTTP_TOKEN'] : ''; if (empty($jwt)) { throw new RRException("You do not have permission to access.", 401); } try { JWT::$leeway = 60; $decoded = JWT::decode($jwt, KEY, ['HS256']); $arr = (array)$decoded; if ($arr['exp'] < time()) { throw new RRException("认证信息已过期, 请重新登录.", 401); } } catch(\Exception $e) { throw new RRException($e->getMessage(), 401); } return true; } }