2019-01-17 11:05:47 +08:00
|
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace app\project\middleware;
|
|
|
|
|
|
|
|
|
|
use app\common\Model\ProjectNode;
|
2019-07-13 10:24:30 +08:00
|
|
|
|
use Closure;
|
2019-01-29 18:13:18 +08:00
|
|
|
|
use service\JwtService;
|
2019-01-17 11:05:47 +08:00
|
|
|
|
use service\NodeService;
|
2019-07-13 10:24:30 +08:00
|
|
|
|
use think\db\exception\DataNotFoundException;
|
|
|
|
|
use think\db\exception\ModelNotFoundException;
|
|
|
|
|
use think\exception\DbException;
|
2019-01-17 11:05:47 +08:00
|
|
|
|
use think\Request;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 系统权限访问管理
|
|
|
|
|
* Class Auth
|
|
|
|
|
* @package app\admin\middleware
|
|
|
|
|
*/
|
|
|
|
|
class Auth
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* @param Request $request
|
2019-07-13 10:24:30 +08:00
|
|
|
|
* @param Closure $next
|
2019-01-17 11:05:47 +08:00
|
|
|
|
* @return mixed
|
2019-07-13 10:24:30 +08:00
|
|
|
|
* @throws DataNotFoundException
|
|
|
|
|
* @throws DbException
|
|
|
|
|
* @throws ModelNotFoundException
|
|
|
|
|
* @throws \think\Exception
|
|
|
|
|
* @throws \think\exception\PDOException
|
2019-01-17 11:05:47 +08:00
|
|
|
|
*/
|
2019-07-13 10:24:30 +08:00
|
|
|
|
public function handle($request, Closure $next)
|
2019-01-17 11:05:47 +08:00
|
|
|
|
{
|
|
|
|
|
list($module, $controller, $action) = [$request->module(), $request->controller(), $request->action()];
|
|
|
|
|
$access = $this->buildAuth($node = NodeService::parseNodeStr("{$module}/{$controller}/{$action}"));
|
|
|
|
|
$currentOrganizationCode = $request->header('organizationCode');
|
|
|
|
|
if ($currentOrganizationCode) {
|
2019-01-29 18:13:18 +08:00
|
|
|
|
setCurrentOrganizationCode($currentOrganizationCode);
|
2019-01-17 11:05:47 +08:00
|
|
|
|
}
|
|
|
|
|
// 登录状态检查
|
2019-01-29 18:13:18 +08:00
|
|
|
|
if (!empty($access['is_login'])) {
|
2019-01-29 21:31:30 +08:00
|
|
|
|
$authorization = $request->header('Authorization');
|
|
|
|
|
$accessToken = '';
|
|
|
|
|
if ($authorization) {
|
|
|
|
|
$accessToken = explode(' ', $authorization)[1];
|
|
|
|
|
}
|
|
|
|
|
$data = JwtService::decodeToken($accessToken);
|
2019-01-29 18:13:18 +08:00
|
|
|
|
$isError = isError($data);
|
|
|
|
|
if ($isError) {
|
2019-01-29 21:31:30 +08:00
|
|
|
|
//TODO 启用refreshToken
|
2019-01-29 18:13:18 +08:00
|
|
|
|
if ($data['errno'] == 3) {
|
2019-01-29 21:31:30 +08:00
|
|
|
|
$msg = ['code' => 401, 'msg' => 'accessToken过期'];
|
2019-01-29 18:13:18 +08:00
|
|
|
|
return json($msg);
|
|
|
|
|
}
|
2019-02-14 10:59:34 +08:00
|
|
|
|
$msg = ['code' => 401, 'msg' => 'token过期,请重新登录'];
|
2019-01-29 18:13:18 +08:00
|
|
|
|
return json($msg);
|
|
|
|
|
}
|
|
|
|
|
setCurrentMember(get_object_vars($data->data));
|
2019-01-17 11:05:47 +08:00
|
|
|
|
}
|
|
|
|
|
// 访问权限检查
|
|
|
|
|
if (!empty($access['is_auth']) && !auth($node, 'project')) {
|
|
|
|
|
return json(['code' => 403, 'msg' => '无权限操作资源,访问被拒绝']);
|
|
|
|
|
}
|
2019-07-13 10:24:30 +08:00
|
|
|
|
|
|
|
|
|
//第三资源初始化
|
|
|
|
|
$storageConfig = config('storage.');
|
|
|
|
|
if ($storageConfig) {
|
|
|
|
|
foreach ($storageConfig as $key => $config) {
|
|
|
|
|
if ($key == 'qiniu' || $key == 'oss') {
|
|
|
|
|
foreach ($config as $itemKey => $item) {
|
|
|
|
|
sysconf($itemKey, $item);
|
|
|
|
|
}
|
|
|
|
|
}else{
|
|
|
|
|
sysconf($key, $config);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-01-17 11:05:47 +08:00
|
|
|
|
return $next($request);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 根据节点获取对应权限配置
|
|
|
|
|
* @param string $node 权限节点
|
|
|
|
|
* @return array
|
2019-07-13 10:24:30 +08:00
|
|
|
|
* @throws DataNotFoundException
|
|
|
|
|
* @throws ModelNotFoundException
|
|
|
|
|
* @throws DbException
|
2019-01-17 11:05:47 +08:00
|
|
|
|
*/
|
|
|
|
|
private function buildAuth($node)
|
|
|
|
|
{
|
|
|
|
|
$info = ProjectNode::cache(true, 30)->where(['node' => $node])->find();
|
|
|
|
|
return [
|
|
|
|
|
'is_menu' => intval(!empty($info['is_menu'])),
|
|
|
|
|
'is_auth' => intval(!empty($info['is_auth'])),
|
|
|
|
|
'is_login' => empty($info['is_auth']) ? intval(!empty($info['is_login'])) : 1,
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
}
|