feat(api): add article/attachment API endpoints, admin management, and API docs

- Articles API: list/detail/create/update/delete with source-based permission control
- Attachments API: upload/list/delete with source-based permission control
- ApiKeyInfo API: query current key permissions
- Admin ApiKey management: generate/regenerate/toggle/permission settings with layui UI
- Frontend API documentation page with complete interface reference
This commit is contained in:
augushong
2026-04-27 00:38:57 +08:00
parent ac4d34884e
commit dc116a1c77
7 changed files with 1365 additions and 0 deletions

View File

@@ -0,0 +1,130 @@
<?php
namespace app\admin\controller;
use app\model\ApiKey as ApiKeyModel;
use think\facade\Session;
use think\facade\View;
class ApiKey extends Common
{
/**
* API Key 管理页面
*/
public function index()
{
$admin_id = Session::get('admin_id');
$api_key = ApiKeyModel::where('admin_id', $admin_id)->find();
if (!empty($api_key)) {
$api_key->api_key_preview = substr($api_key->getData('api_key'), 0, 8) . '...';
$api_key->status_text = $api_key->status == 1 ? '启用' : '禁用';
$api_key->create_time_text = date('Y-m-d H:i:s', $api_key->create_time);
}
View::assign('api_key', $api_key);
View::assign('admin_info', $this->adminInfo);
return View::fetch();
}
/**
* 生成 API Key
*/
public function generate()
{
$admin_id = Session::get('admin_id');
$name = $this->request->param('name', '');
$exists = ApiKeyModel::where('admin_id', $admin_id)->find();
if (!empty($exists)) {
return json_message('您已有 API Key如需更换请使用重新生成');
}
$raw_key = ApiKeyModel::generateKey($admin_id, $name);
return json_message(['api_key' => $raw_key, 'name' => $name], 0, 'API Key 生成成功,请妥善保管');
}
/**
* 重新生成 API Key
*/
public function regenerate()
{
$id = $this->request->param('id', 0);
$admin_id = Session::get('admin_id');
$api_key = ApiKeyModel::find($id);
if (empty($api_key) || $api_key->admin_id != $admin_id) {
return json_message('API Key 不存在或无权操作');
}
$raw_key = ApiKeyModel::regenerateKey($id);
return json_message(['api_key' => $raw_key], 0, 'API Key 已重新生成');
}
/**
* 启用/禁用 API Key
*/
public function toggle()
{
$id = $this->request->param('id', 0);
$admin_id = Session::get('admin_id');
$api_key = ApiKeyModel::find($id);
if (empty($api_key) || $api_key->admin_id != $admin_id) {
return json_message('API Key 不存在或无权操作');
}
$api_key->status = $api_key->status == 1 ? 0 : 1;
$api_key->save();
return json_message('', 0, '状态已更新');
}
/**
* 切换写权限
*/
public function toggleWrite()
{
$id = $this->request->param('id', 0);
$field = $this->request->param('field', '');
$value = $this->request->param('value', 0);
$admin_id = Session::get('admin_id');
if (!in_array($field, ['can_write_own', 'can_write_other'])) {
return json_message('无效的权限字段');
}
$api_key = ApiKeyModel::find($id);
if (empty($api_key) || $api_key->admin_id != $admin_id) {
return json_message('API Key 不存在或无权操作');
}
$api_key->$field = $value ? 1 : 0;
$api_key->save();
return json_message('', 0, '权限已更新');
}
/**
* 设置删除权限
*/
public function updateDelete()
{
$id = $this->request->param('id', 0);
$value = $this->request->param('value', 0);
$admin_id = Session::get('admin_id');
$api_key = ApiKeyModel::find($id);
if (empty($api_key) || $api_key->admin_id != $admin_id) {
return json_message('API Key 不存在或无权操作');
}
$api_key->can_delete = intval($value);
$api_key->save();
return json_message('', 0, '删除权限已更新');
}
}