pleaseyang / ity Goto Github PK
View Code? Open in Web Editor NEW基于laravel + vue的基础后台,前后端分离,欢迎fork&start,不合理的地方也欢迎批评指正
License: MIT License
基于laravel + vue的基础后台,前后端分离,欢迎fork&start,不合理的地方也欢迎批评指正
License: MIT License
Lines 190 to 202 in b626989
web
的根目录是在public
,如果没做安全防范,恶意请求可以通过web方式直接下载到商户私钥文件cert/apiclient_key.pem
,存在安全隐患。
项目用到了Redis
,建议抛弃文件存储,商户私钥、商户证书、平台证书均可以以base64-string
形式存储在库中,\WeChatPay\Rsa::from
支持无感加载,详情可参考:
从证书中提取公钥
详见 PHP openssl_x509_parse 返回值。
加载时仅需增加协议即形如 Rsa::from('public.spki://' . $i_am_a_base64_string_without_envelope, Rsa::KEY_TYPE_PUBLIC)
。
当然Rsa::from
也支持原样以文件内容为字符串形式加载私钥及证书,详细用法可参考上述 RsaTest
测试用例覆盖方法。
see https://pay.weixin.qq.com/wiki/doc/apiv3/open/pay/wechatpay5_0.shtml
由于旧证书过期前的5天内,微信支付会同时使用新旧证书,因此为实现新老证书的平滑切换,商户系统需支持多平台证书。
Ity/app/Http/Controllers/Controller.php
Lines 47 to 49 in b626989
建议上述程序逻辑设计,支持多证书加载。
由于要做无痛刷新token功能,无痛刷新链接:
https://segmentfault.com/a/1190000012606246
期望在token过期后,在响应头里返回自定义header Authorization: bearer access_token
但是框架在token过期后,任然被中间件捕获到AuthorizationException,非期望的TokenExpiredException,
希望修复一下,谢谢!
bug反馈:当把jwt的ttl设置为1分钟后,无痛刷新token存在bug,希望作者核实一下。
操作过程:
1.设置jwt的ttl为1分钟。
2.创建刷新token的middleware,以下是刷新token的中间件代码:
checkForToken($request); //如果格式通过,验证是否是专属于这个的token //获取当前守护的名称 $current_guard = Auth::getDefaultDriver(); //获取当前token $token = Auth::getToken(); //即使过期了,也能获取到token里的载荷信息。 $payload = Auth::manager()->getJWTProvider()->decode($token->get()); //如果不包含guard字段或者guard所对应的值与当前的guard守护值不相同,证明是不属于当前guard守护的token if(empty($payload['guard']) || $payload['guard'] != $current_guard){ throw new TokenInvalidException(); } try{ //检测用户的登录状态,如果正常则通过 if($this->auth->parseToken()->authenticate()){ return $next($request); } throw new UnauthorizedHttpException('jwt-auth','未登录'); }catch(TokenExpiredException $exception){ try{ //刷新用户的token $token = $this->auth->refresh(); //使用一次性登录以保证此次请求的成功 Auth::onceUsingId($this->auth->manager()->getPayloadFactory()->buildClaimsCollection()->toPlainArray()['sub']); //将token存入数据库 $user = Auth::user(); SaveLastTokenJob::dispatch($user,$token); }catch(JWTException $exception) { //如果捕获到此异常,即代表refresh_token也过期了,用户无法刷新令牌,需要重新登录。 throw new UnauthorizedHttpException('jwt-auth', $exception->getMessage()); } } //在响应头中返回新的token return $this->setAuthenticationHeader($next($request), $token); } } 存在的bug: 当token过期后,这行代码$this->auth->parseToken()->authenticate()始终抛出的是UnauthorizedHttpException的exception,导致该中间件无法捕获TokenExpiredException 期望结果: token过期,应该抛出的是TokenExpiredExceptionIty/app/Http/Controllers/Controller.php
Lines 107 to 108 in b626989
当然这里的拼接方式是可以工作的,不过仍然建议用标准用法来构造请求,形如:
->chain('v3/pay/transactions/id/{transaction_id}')
->get(['query' => ['mchid' => $merchantId], 'transaction_id' => $transactionId])
另外建议增加依赖 iwechatpay/openapi dev包,上述代码即可以在JB
IDE上书写成
->v3->pay->transactions->id->_transaction_id_
->get(['query' => ['mchid' => $merchantId], 'transaction_id' => $transactionId])
即带请求数据结构基础语法提示。
我运行你的项目,发现me的返回数据,和你示例网站上的不一样。多了一个item。而且permissions 没有值。
{"success":true,"code":200,"locale":"zh-CN","message":"请求成功","data":{"item":{"id":1,"name":"admin","status":1,"email":"[email protected]","email_verified_at":null,"created_at":"2020-12-25 16:13:06","updated_at":"2020-12-25 16:13:06","accessedRoutes":[{"id":1,"pid":0,"path":"/system","component":"layout/Layout","name":"system","meta":{"title":"system","icon":"el-icon-s-tools","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"redirect":"noRedirect","children":[{"id":2,"pid":1,"path":"/permission-role","component":"rview","name":"permission-role","meta":{"title":"permission-role","icon":"lock","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"redirect":"noRedirect","children":[{"id":3,"pid":2,"path":"permissions","component":"permission/permissions","name":"permission.permissions","meta":{"title":"permission.permissions","icon":"el-icon-key","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"children":[{"id":4,"pid":3,"path":"permission/create","component":"permission/create","name":"permission.create","meta":{"title":"permission.create","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":5,"pid":3,"path":"permission/update","component":"permission/update","name":"permission.update","meta":{"title":"permission.update","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":6,"pid":3,"path":"permission/delete","component":"permission/delete","name":"permission.delete","meta":{"title":"permission.delete","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":7,"pid":3,"path":"permission","component":"permission/permission","name":"permission.permission","meta":{"title":"permission.permission","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]}]},{"id":8,"pid":2,"path":"roles","component":"role/roles","name":"role.roles","meta":{"title":"role.roles","icon":"el-icon-s-custom","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"children":[{"id":9,"pid":8,"path":"role/create","component":"role/create","name":"role.create","meta":{"title":"role.create","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":10,"pid":8,"path":"role/update","component":"role/update","name":"role.update","meta":{"title":"role.update","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":11,"pid":8,"path":"role/delete","component":"role/delete","name":"role.delete","meta":{"title":"role.delete","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":12,"pid":8,"path":"role/role","component":"role/role","name":"role.role","meta":{"title":"role.role","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":13,"pid":8,"path":"role/syncPermissions","component":"role/syncPermissions","name":"role.syncPermissions","meta":{"title":"role.syncPermissions","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":14,"pid":8,"path":"role/syncRoles","component":"role/syncRoles","name":"role.syncRoles","meta":{"title":"role.syncRoles","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]}]}]},{"id":21,"pid":1,"path":"/activeLogs","component":"activeLog/activeLogs","name":"activeLog.activeLogs","meta":{"title":"activeLog.activeLogs","icon":"el-icon-tickets","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"children":[]},{"id":22,"pid":1,"path":"/nginxLogs","component":"nginx/logs","name":"nginx.logs","meta":{"title":"nginx.logs","icon":"el-icon-tickets","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"children":[]},{"id":23,"pid":1,"path":"/exceptionErrors","component":"exceptionError/exceptionErrors","name":"exceptionError.exceptionErrors","meta":{"title":"exceptionError.exceptionErrors","icon":"el-icon-warning","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"children":[{"id":24,"pid":23,"path":"exceptionErrors/amended","component":"exceptionError/amended","name":"exceptionError.amended","meta":{"title":"exceptionError.amended","icon":"el-icon-warning","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]}]},{"id":25,"pid":1,"path":"/exceptionErrors/logFiles","component":"exceptionError/logFiles","name":"exceptionError.logFiles","meta":{"title":"exceptionError.logFiles","icon":"el-icon-tickets","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"children":[]},{"id":31,"pid":1,"path":"/files","component":"file/files","name":"file.files","meta":{"title":"file.files","icon":"el-icon-folder","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":false,"children":[{"id":32,"pid":31,"path":"file/makeDirectory","component":"file/makeDirectory","name":"file.makeDirectory","meta":{"title":"file.makeDirectory","icon":"el-icon-folder-add","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":33,"pid":31,"path":"file/deleteDirectory","component":"file/deleteDirectory","name":"file.deleteDirectory","meta":{"title":"file.deleteDirectory","icon":"el-icon-folder-delete","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":34,"pid":31,"path":"file/upload","component":"file/upload","name":"file.upload","meta":{"title":"file.upload","icon":"el-icon-upload","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":35,"pid":31,"path":"file/download","component":"file/download","name":"file.download","meta":{"title":"file.download","icon":"el-icon-download","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":36,"pid":31,"path":"file/delete","component":"file/delete","name":"file.delete","meta":{"title":"file.delete","icon":"el-icon-delete","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]}]}]},{"id":15,"pid":0,"path":"/admins","component":"layout/Layout","meta":{"title":"admin.admins","icon":"el-icon-user-solid","roles":[1],"noCache":true,"breadcrumb":false,"affix":false},"hidden":false,"children":[{"id":16,"pid":15,"path":"admin/create","component":"admin/create","name":"admin.create","meta":{"title":"admin.create","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":17,"pid":15,"path":"admin/update","component":"admin/update","name":"admin.update","meta":{"title":"admin.update","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":18,"pid":15,"path":"admin/delete","component":"admin/delete","name":"admin.delete","meta":{"title":"admin.delete","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":19,"pid":15,"path":"admin/admin","component":"admin/admin","name":"admin.admin","meta":{"title":"admin.admin","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":20,"pid":15,"path":"admin/syncPermissions","component":"admin/syncPermissions","name":"admin.syncPermissions","meta":{"title":"admin.syncPermissions","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"path":"index","component":"admin/admins","name":"admin.admins","hidden":false,"meta":{"title":"admin.admins","icon":"el-icon-user-solid","roles":[1],"noCache":true,"breadcrumb":true,"affix":false}}],"redirect":"noRedirect"},{"id":26,"pid":0,"path":"/users","component":"layout/Layout","meta":{"title":"user.users","icon":"el-icon-user","roles":[1],"noCache":true,"breadcrumb":false,"affix":false},"hidden":false,"children":[{"id":27,"pid":26,"path":"user/create","component":"user/create","name":"user.create","meta":{"title":"user.create","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":28,"pid":26,"path":"user/update","component":"user/update","name":"user.update","meta":{"title":"user.update","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":29,"pid":26,"path":"user/delete","component":"user/delete","name":"user.delete","meta":{"title":"user.delete","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"id":30,"pid":26,"path":"user/user","component":"user/user","name":"user.user","meta":{"title":"user.user","icon":"icon","roles":[1],"noCache":true,"breadcrumb":true,"affix":false},"hidden":true,"children":[]},{"path":"index","component":"user/users","name":"user.users","hidden":false,"meta":{"title":"user.users","icon":"el-icon-user","roles":[1],"noCache":true,"breadcrumb":true,"affix":false}}],"redirect":"noRedirect"},{"path":"*","redirect":"/404","hidden":true}],"roles":["App\Models\Admin\1",1],"unreadNotificationCount":0,"permissions":[]}}}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.