work/application/project/middleware/Auth.php

<?php

namespace app\project\middleware;

use app\common\Model\ProjectNode;
use Closure;
use service\JwtService;
use service\NodeService;
use think\db\exception\DataNotFoundException;
use think\db\exception\ModelNotFoundException;
use think\exception\DbException;
use think\Request;

/**
 * 系统权限访问管理
 * Class Auth
 * @package app\admin\middleware
 */
class Auth
{
    /**
     * @param Request $request
     * @param Closure $next
     * @return mixed
     * @throws DataNotFoundException
     * @throws DbException
     * @throws ModelNotFoundException
     * @throws \think\Exception
     * @throws \think\exception\PDOException
     */
    public function handle($request, Closure $next)
    {
        list($module, $controller, $action) = [$request->module(), $request->controller(), $request->action()];
        $access = $this->buildAuth($node = NodeService::parseNodeStr("{$module}/{$controller}/{$action}"));
        $currentOrganizationCode = $request->header('organizationCode');
        if ($currentOrganizationCode) {
            setCurrentOrganizationCode($currentOrganizationCode);
        }
        // 登录状态检查
        if (!empty($access['is_login'])) {
            $authorization = $request->header('Authorization');
            $accessToken = '';
            if ($authorization) {
                $accessToken = explode(' ', $authorization)[1];
            }
            $data = JwtService::decodeToken($accessToken);
            $isError = isError($data);
            if ($isError) {
                //TODO 启用refreshToken
                if ($data['errno'] == 3) {
                    $msg = ['code' => 401, 'msg' => 'accessToken过期'];
                    return json($msg);
                }
                $msg = ['code' => 401, 'msg' => 'token过期，请重新登录'];
                return json($msg);
            }
            setCurrentMember(get_object_vars($data->data));
        }
        // 访问权限检查
        if (!empty($access['is_auth']) && !auth($node, 'project')) {
            return json(['code' => 403, 'msg' => '无权限操作资源，访问被拒绝']);
        }

        //第三资源初始化
        $storageConfig = config('storage.');
        if ($storageConfig) {
            foreach ($storageConfig as $key => $config) {
                if ($key == 'qiniu' || $key == 'oss') {
                    foreach ($config as $itemKey => $item) {
                        sysconf($itemKey, $item);
                    }
                }else{
                    sysconf($key, $config);
                }
            }
        }
        return $next($request);
    }

    /**
     * 根据节点获取对应权限配置
     * @param string $node 权限节点
     * @return array
     * @throws DataNotFoundException
     * @throws ModelNotFoundException
     * @throws DbException
     */
    private function buildAuth($node)
    {
        $info = ProjectNode::cache(true, 30)->where(['node' => $node])->find();
        return [
            'is_menu' => intval(!empty($info['is_menu'])),
            'is_auth' => intval(!empty($info['is_auth'])),
            'is_login' => empty($info['is_auth']) ? intval(!empty($info['is_login'])) : 1,
        ];
    }
}
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								<?php
 								namespace app\project\middleware;
 								use app\common\Model\ProjectNode;
-												增加文件上传至第三方存储

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-07-13 10:24:30 +08:00
+								use Closure;
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 18:13:18 +08:00
+								use service\JwtService;
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								use service\NodeService;
-												增加文件上传至第三方存储

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-07-13 10:24:30 +08:00
+								use think\db\exception\DataNotFoundException;
 								use think\db\exception\ModelNotFoundException;
 								use think\exception\DbException;
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								use think\Request;
 								/**
 								 * 系统权限访问管理
 								 * Class Auth
 								 * @package app\admin\middleware
 								 */
 								class Auth
 								{
 								    /**
 								     * @param Request $request
-												增加文件上传至第三方存储

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-07-13 10:24:30 +08:00
+								     * @param Closure $next
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								     * @return mixed
-												增加文件上传至第三方存储

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-07-13 10:24:30 +08:00
+								     * @throws DataNotFoundException
 								     * @throws DbException
 								     * @throws ModelNotFoundException
 								     * @throws \think\Exception
 								     * @throws \think\exception\PDOException
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								     */
-												增加文件上传至第三方存储

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-07-13 10:24:30 +08:00
+								    public function handle($request, Closure $next)
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								    {
 								        list($module, $controller, $action) = [$request->module(), $request->controller(), $request->action()];
 								        $access = $this->buildAuth($node = NodeService::parseNodeStr("{$module}/{$controller}/{$action}"));
 								        $currentOrganizationCode = $request->header('organizationCode');
 								        if ($currentOrganizationCode) {
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 18:13:18 +08:00
+								            setCurrentOrganizationCode($currentOrganizationCode);
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								        }
 								        // 登录状态检查
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 18:13:18 +08:00
+								        if (!empty($access['is_login'])) {
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 21:31:30 +08:00
+								            $authorization = $request->header('Authorization');
 								            $accessToken = '';
 								            if ($authorization) {
 								                $accessToken = explode(' ', $authorization)[1];
 								            }
 								            $data = JwtService::decodeToken($accessToken);
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 18:13:18 +08:00
+								            $isError = isError($data);
 								            if ($isError) {
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 21:31:30 +08:00
+								                //TODO 启用refreshToken
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 18:13:18 +08:00
+								                if ($data['errno'] == 3) {
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 21:31:30 +08:00
+								                    $msg = ['code' => 401, 'msg' => 'accessToken过期'];
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 18:13:18 +08:00
+								                    return json($msg);
 								                }
-												代码优化

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-02-14 10:59:34 +08:00
+								                $msg = ['code' => 401, 'msg' => 'token过期，请重新登录'];
-												接入JWT

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-01-29 18:13:18 +08:00
+								                return json($msg);
 								            }
 								            setCurrentMember(get_object_vars($data->data));
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								        }
 								        // 访问权限检查
 								        if (!empty($access['is_auth']) && !auth($node, 'project')) {
 								            return json(['code' => 403, 'msg' => '无权限操作资源，访问被拒绝']);
 								        }
-												增加文件上传至第三方存储

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-07-13 10:24:30 +08:00
 								        //第三资源初始化
 								        $storageConfig = config('storage.');
 								        if ($storageConfig) {
 								            foreach ($storageConfig as $key => $config) {
 								                if ($key == 'qiniu' || $key == 'oss') {
 								                    foreach ($config as $itemKey => $item) {
 								                        sysconf($itemKey, $item);
 								                    }
 								                }else{
 								                    sysconf($key, $config);
 								                }
 								            }
 								        }
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								        return $next($request);
 								    }
 								    /**
 								     * 根据节点获取对应权限配置
 								     * @param string $node 权限节点
 								     * @return array
-												增加文件上传至第三方存储

Signed-off-by: vilson <545522390@qq.com>

											
										
										
											2019-07-13 10:24:30 +08:00
+								     * @throws DataNotFoundException
 								     * @throws ModelNotFoundException
 								     * @throws DbException
-.0.0版本发布

											
										
										
											2019-01-17 11:05:47 +08:00
+								     */
 								    private function buildAuth($node)
 								    {
 								        $info = ProjectNode::cache(true, 30)->where(['node' => $node])->find();
 								        return [
 								            'is_menu' => intval(!empty($info['is_menu'])),
 								            'is_auth' => intval(!empty($info['is_auth'])),
 								            'is_login' => empty($info['is_auth']) ? intval(!empty($info['is_login'])) : 1,
 								        ];
 								    }
 								}