Files
ulthon_information/app/admin/controller/ApiKey.php
augushong dc116a1c77 feat(api): add article/attachment API endpoints, admin management, and API docs
- Articles API: list/detail/create/update/delete with source-based permission control
- Attachments API: upload/list/delete with source-based permission control
- ApiKeyInfo API: query current key permissions
- Admin ApiKey management: generate/regenerate/toggle/permission settings with layui UI
- Frontend API documentation page with complete interface reference
2026-04-27 00:38:57 +08:00

131 lines
3.6 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
namespace app\admin\controller;
use app\model\ApiKey as ApiKeyModel;
use think\facade\Session;
use think\facade\View;
class ApiKey extends Common
{
/**
* API Key 管理页面
*/
public function index()
{
$admin_id = Session::get('admin_id');
$api_key = ApiKeyModel::where('admin_id', $admin_id)->find();
if (!empty($api_key)) {
$api_key->api_key_preview = substr($api_key->getData('api_key'), 0, 8) . '...';
$api_key->status_text = $api_key->status == 1 ? '启用' : '禁用';
$api_key->create_time_text = date('Y-m-d H:i:s', $api_key->create_time);
}
View::assign('api_key', $api_key);
View::assign('admin_info', $this->adminInfo);
return View::fetch();
}
/**
* 生成 API Key
*/
public function generate()
{
$admin_id = Session::get('admin_id');
$name = $this->request->param('name', '');
$exists = ApiKeyModel::where('admin_id', $admin_id)->find();
if (!empty($exists)) {
return json_message('您已有 API Key如需更换请使用重新生成');
}
$raw_key = ApiKeyModel::generateKey($admin_id, $name);
return json_message(['api_key' => $raw_key, 'name' => $name], 0, 'API Key 生成成功,请妥善保管');
}
/**
* 重新生成 API Key
*/
public function regenerate()
{
$id = $this->request->param('id', 0);
$admin_id = Session::get('admin_id');
$api_key = ApiKeyModel::find($id);
if (empty($api_key) || $api_key->admin_id != $admin_id) {
return json_message('API Key 不存在或无权操作');
}
$raw_key = ApiKeyModel::regenerateKey($id);
return json_message(['api_key' => $raw_key], 0, 'API Key 已重新生成');
}
/**
* 启用/禁用 API Key
*/
public function toggle()
{
$id = $this->request->param('id', 0);
$admin_id = Session::get('admin_id');
$api_key = ApiKeyModel::find($id);
if (empty($api_key) || $api_key->admin_id != $admin_id) {
return json_message('API Key 不存在或无权操作');
}
$api_key->status = $api_key->status == 1 ? 0 : 1;
$api_key->save();
return json_message('', 0, '状态已更新');
}
/**
* 切换写权限
*/
public function toggleWrite()
{
$id = $this->request->param('id', 0);
$field = $this->request->param('field', '');
$value = $this->request->param('value', 0);
$admin_id = Session::get('admin_id');
if (!in_array($field, ['can_write_own', 'can_write_other'])) {
return json_message('无效的权限字段');
}
$api_key = ApiKeyModel::find($id);
if (empty($api_key) || $api_key->admin_id != $admin_id) {
return json_message('API Key 不存在或无权操作');
}
$api_key->$field = $value ? 1 : 0;
$api_key->save();
return json_message('', 0, '权限已更新');
}
/**
* 设置删除权限
*/
public function updateDelete()
{
$id = $this->request->param('id', 0);
$value = $this->request->param('value', 0);
$admin_id = Session::get('admin_id');
$api_key = ApiKeyModel::find($id);
if (empty($api_key) || $api_key->admin_id != $admin_id) {
return json_message('API Key 不存在或无权操作');
}
$api_key->can_delete = intval($value);
$api_key->save();
return json_message('', 0, '删除权限已更新');
}
}