调整admin下的类库代码,将主要逻辑调整到extend下

This commit is contained in:
2023-09-23 17:30:45 +08:00
parent ea9b8b0e71
commit bee15dfea6
122 changed files with 5820 additions and 3837 deletions

View File

@@ -2,36 +2,8 @@
namespace app\admin\middleware;
use think\Request;
use base\admin\middleware\CsrfMiddlewareClass;
class CsrfMiddleware
class CsrfMiddleware extends CsrfMiddlewareClass
{
use \app\common\traits\JumpTrait;
public function handle(Request $request, \Closure $next)
{
if (env('adminsystem.IS_CSRF', true)) {
if (!in_array($request->method(), ['GET', 'HEAD', 'OPTIONS'])) {
// 跨域校验
$refererUrl = $request->header('REFERER', null);
$refererInfo = parse_url($refererUrl);
$host = $request->host(true);
if (!isset($refererInfo['host']) || $refererInfo['host'] != $host) {
$this->error('当前请求不合法!');
}
// CSRF校验
// @todo 兼容CK编辑器上传功能
$ckCsrfToken = $request->post('ckCsrfToken', null);
$data = !empty($ckCsrfToken) ? ['__token__' => $ckCsrfToken] : [];
$check = $request->checkToken('__token__', $data);
if (!$check) {
$this->error('请求验证失败,请重新刷新页面!');
}
}
}
return $next($request);
}
}

View File

@@ -2,55 +2,12 @@
namespace app\admin\middleware;
use think\facade\Log;
use think\facade\Request as FacadeRequest;
use think\Request;
use base\admin\middleware\SystemLogClass;
/**
* 系统操作日志中间件
* Class SystemLog.
*/
class SystemLog
class SystemLog extends SystemLogClass
{
/**
* 敏感信息字段,日志记录时需要加密.
* @var array
*/
protected $sensitiveParams = [
'password',
'password_again',
'phone',
'mobile',
];
public function handle(Request $request, \Closure $next)
{
$params = $request->param();
if (isset($params['s'])) {
unset($params['s']);
}
foreach ($params as $key => $val) {
in_array($key, $this->sensitiveParams) && $params[$key] = '***********';
}
$method = strtolower($request->method());
$url = $request->url();
if ($request->isAjax()) {
if (in_array($method, ['post', 'put', 'delete'])) {
$ip = FacadeRequest::ip();
$data = [
'admin_id' => session('admin.id'),
'url' => $url,
'method' => $method,
'ip' => $ip,
'content' => json_encode($params, JSON_UNESCAPED_UNICODE),
'useragent' => $_SERVER['HTTP_USER_AGENT'],
'create_time' => time(),
];
Log::debug(print_r($data, true));
}
}
return $next($request);
}
}