LoginAuthMiddleware.php
1.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<?php
namespace App\Http\Middleware\Bside;
use App\Enums\Common\Code;
use App\Models\User\ProjectMenu;
use App\Models\User\ProjectRole as ProjectRoleModel;
use App\Services\ProjectServer;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cache;
class LoginAuthMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
$token = $request->header('token');
if(!isset($token) || empty($token)){
return response(['code'=>Code::USER_ERROR,'msg'=>'当前用户未登录']);
}
$info = Cache::get($token);
if(empty($info)){
return response(['code'=>Code::USER_ERROR,'msg'=>'当前用户未登录']);
}
// 设置数据信息
$project = ProjectServer::useProject($info['project_id']);
if(empty($project)){
return response(['code'=>Code::USER_ERROR,'msg'=>'数据库未配置']);
}
//操作权限设置
$projectRoleModel = new ProjectRoleModel();
$role_info = $projectRoleModel->read(['id'=>$info['role_id']]);
//获取当前操作的控制器与方法
$action = $request->route()->getAction();
//查询当前用户是否拥有权限操作
$projectMenuModel = new ProjectMenu();
$menu_id = $projectMenuModel->read(['action'=>$action['as']],['id']);
if($menu_id !== false){
if(strpos($role_info['role_menu'], $menu_id['id']) < 0){
return response(['code'=>Code::USER_ERROR,'msg'=>'当前用户没有权限']);
}
}
return $next($request);
}
}