优化

cad80472 · hangjun83 · 4fd03232 · cad80472 · cad80472
Commit cad80472 authored Dec 02, 2022 by hangjun83
2 changed files
--- a/server/app/Http/Controllers/Middleware/Authenticate.php
+++ b/server/app/Http/Controllers/Middleware/Authenticate.php
@@ -80,7 +80,7 @@ class Authenticate
                throw new UnauthorizedHttpException('JWTAuth','无效的平台token');
            }
            //验证平台来源
-            $result = $thirdPlatformService->checkUrlFrom($request->root());
+            $result = $thirdPlatformService->checkUrlFrom($request->ip());
            if(!$result){
                throw new UnauthorizedHttpException('JWTAuth','非法请求域名');
            }

--- a/server/app/Services/ThirdPlatform/ThirdPlatformService.php
+++ b/server/app/Services/ThirdPlatform/ThirdPlatformService.php
@@ -22,19 +22,25 @@ class ThirdPlatformService extends PlatformAbstractService
        return $platform ? $platform : [];
    }
-    public function checkUrlFrom($url)
+    public function checkUrlFrom($ip)
    {
        $platformInfo = $this->getPlatformInfo();
        if(!$platformInfo){
            return false;
        }
        if($platformInfo['platform_type'] == 'self'){
-            $domain = substr($url, 7);
+            $params = json_decode($platformInfo['platform_params'],true);
-            if(!Str::contains(strtolower((string) $platformInfo['platform_url']), $domain)){
+            if(!empty($params) && $params['whiteList']){
-                return false;
+                if(!empty($params['whiteList'])){
+                    foreach($params['whiteList'] as $whiteIp){
+                        if(Str::contains($whiteIp, $ip)){
+                            return true;
+                        }
+                    }
+                }
            }
        }
-        return true;
+        return false;
    }
    public function createPlatformToken($platformName)