|
<?php
namespace app;
use app\View;
use app\RRException;
use \Firebase\JWT\JWT;
use app\MySqlite;
define('KEY', 'bf731bcb3f5e52ec1b8b12c95f503d7a'); //密钥
class Index extends View
{
// public function __construct(){
// // $this->route = new Route();
// }
public function index()
{
$doc = $GLOBALS['doc'];
$doc = ltrim($doc, '/');
if (substr($doc, -1) === '/') {
$doc = $doc . "index.md";
}
// var_dump($doc);
// exit;
$doc = empty($doc) ? 'index.md' : $doc;
if (pathinfo($doc,PATHINFO_EXTENSION) != 'md') {
$doc = $doc . ".md";
}
$filename = DATA_PATH . $doc;
$text = "";
$toc = "";
$content = "";
if ($is_file_exists = file_exists($filename)) {
$parsedownExtension = new \ParsedownExtension();
$parsedownExtension->setTocEnabled(true);
$text = file_get_contents($filename);
$res = $parsedownExtension->text($text);
$toc = $res['toc'];
$content = $res['content'];
}
$this->assign('doc',$doc);
$this->assign('is_file_exists', $is_file_exists);
$this->assign('text',$text);
$this->assign('toc',$toc);
$this->assign('content',$content);
$this->fetch();
}
public function editor()
{
$doc = $GLOBALS['doc'];
var_dump($doc);
exit;
$this->fetch();
}
public function save()
{
$this->validate();
// $doc = $_POST['doc'];
// $content = $_POST['content'];
// 获取payload json数据,转换成数组形式
$postData = file_get_contents('php://input');
$requests = !empty($postData) ? json_decode($postData, true) : [];
$doc = $requests['doc'];
$content = $requests['content'];
$pathinfo = pathinfo($doc);
$dir_name = DATA_PATH . $pathinfo['dirname'];
if (!is_dir($dir_name) && !mkdir($dir_name, 0744, true)) {
die(json_encode(['code'=>2, 'msg'=>'目录创建失败']));
}
$filename = DATA_PATH . $doc;
$res = file_put_contents($filename, $content);
if ($res === false) {
echo json_encode(['code'=>2, 'msg'=>'保存失败']);
} else {
echo json_encode(['code'=>0, 'msg'=>'保存成功, 字数:' . $res]);
}
die();
}
public function login()
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$username = htmlentities($_POST['username']);
$password = htmlentities($_POST['password']);
$sql = "select * from sys_user where username='" . $username . "' limit 0,1";
$mysqlite = new MySqlite();
$user = $mysqlite->getOne($sql);
if ($username !== $user['username'] && md5($password) !== $user['password']) {
throw new RRException("用户名或密码错误!", 401);
}
// 用户名和密码正确,则签发tokon
$nowtime = time();
$jwtInfo = [
'iss' => 'huwhois@163.com', //签发者
'iat' => $nowtime, //签发时间
'nbf' => $nowtime + 10, //在什么时间之后该jwt才可用
'exp' => $nowtime + 64800, //过期时间-18h
'data' => [
'userid' => $user['id'],
'username' => $username
]
];
$token = JWT::encode($jwtInfo, KEY);
echo json_encode(['code'=>0, 'msg'=>'success', 'token'=>$token]);
}
die();
}
private function validate ()
{
$jwt = isset($_SERVER['HTTP_TOKEN']) ? $_SERVER['HTTP_TOKEN'] : '';
if (empty($jwt)) {
throw new RRException("You do not have permission to access.", 401);
}
try {
JWT::$leeway = 60;
$decoded = JWT::decode($jwt, KEY, ['HS256']);
$arr = (array)$decoded;
if ($arr['exp'] < time()) {
throw new RRException("认证信息已过期, 请重新登录.", 401);
}
} catch(\Exception $e) {
throw new RRException($e->getMessage(), 401);
}
return true;
}
}
|
