finance-pay/app/adminapi/http/middleware/AuthMiddleware.php

89 lines
2.6 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
// +----------------------------------------------------------------------
// | likeadmin快速开发前后端分离管理后台PHP版
// +----------------------------------------------------------------------
// | 欢迎阅读学习系统程序代码,建议反馈是我们前进的动力
// | 开源版本可自由商用可去除界面版权logo
// | gitee下载https://gitee.com/likeshop_gitee/likeadmin
// | github下载https://github.com/likeshop-github/likeadmin
// | 访问官网https://www.likeadmin.cn
// | likeadmin团队 版权所有 拥有最终解释权
// +----------------------------------------------------------------------
// | author: likeadminTeam
// +----------------------------------------------------------------------
declare (strict_types=1);
namespace app\adminapi\http\middleware;
use app\common\{
cache\AdminAuthCache,
service\JsonService
};
use think\helper\Str;
/**
* 权限验证中间件
* Class AuthMiddleware
* @package app\adminapi\http\middleware
*/
class AuthMiddleware
{
/**
* @notes 权限验证
* @param $request
* @param \Closure $next
* @return mixed
* @author 令狐冲
* @date 2021/7/2 19:29
*/
public function handle($request, \Closure $next)
{
//不登录访问,无需权限验证
if ($request->controllerObject->isNotNeedLogin()) {
return $next($request);
}
//系统默认超级管理员,无需权限验证
if (1 === $request->adminInfo['root']) {
return $next($request);
}
$adminAuthCache = new AdminAuthCache($request->adminInfo['admin_id']);
// 当前访问路径
$accessUri = strtolower($request->controller() . '/' . $request->action());
// 全部路由
$allUri = $this->formatUrl($adminAuthCache->getAllUri());
// 判断该当前访问的uri是否存在不存在无需验证
if (!in_array($accessUri, $allUri)) {
return $next($request);
}
// 当前管理员拥有的路由权限
$AdminUris = $adminAuthCache->getAdminUri() ?? [];
$AdminUris = $this->formatUrl($AdminUris);
if (in_array($accessUri, $AdminUris)) {
return $next($request);
}
return JsonService::fail('权限不足,无法访问或操作');
}
/**
* @notes 格式化URL
* @param array $data
* @return array|string[]
* @author 段誉
* @date 2022/7/7 15:39
*/
public function formatUrl(array $data)
{
return array_map(function ($item) {
return strtolower(Str::camel($item));
}, $data);
}
}