LoginAuthMiddleware.php 2.4 KB

原文件审查历史永久链接

<?php

namespace App\Http\Middleware\Aside;

use App\Enums\Common\Code;
use App\Http\Logic\Aside\LoginLogic;
use App\Models\Manage\Group;
use App\Models\Manage\Manage;
use App\Models\Manage\Menu;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Str;

class LoginAuthMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
     */
    public function handle(Request $request, Closure $next)
    {
        $manage = LoginLogic::manage();
        if (!$manage) {
            return response(['code'=> Code::USER_LOGIN_ERROE,'msg'=>'当前用户未登录']);
        }
        //权限
        if($manage['id'] != Manage::ADMINISTRATOR_ID){ //排除超级管理员
            if($manage['status'] != 1){
                return response(['code'=> Code::USER_LOGIN_ERROE,'msg'=>'当前用户被禁用']);
            }
        }
        $groupInfo = $this->getGroup($manage);
        //获取当前操作的路由name
        $action = Route::currentRouteName();
        var_dump($action);
        die();
        //TODO::操作权限
        $this->viewOperateAuth($groupInfo,$action);
        return $next($request);
    }

    /**
     * @remark :查看角色是否被禁用
     * @name   :getGroup
     * @author :lyh
     * @method :post
     * @time   :2023/7/28 15:26
     */
    public function getGroup($manage){
        $groupModel = new Group();
        $groupInfo = $groupModel->read(['id'=>$manage['gid']]);
        if($groupInfo['status'] != 0){
            return response(['code'=> Code::USER_LOGIN_ERROE,'msg'=>'当前用户角色被禁用']);
        }
        return $groupInfo;
    }

    /**
     * @remark :查看操作权限
     * @name   :viewOperateAuth
     * @author :lyh
     * @method :post
     * @time   :2023/7/28 14:56
     */
    public function viewOperateAuth($groupInfo,$action){
        $menuModel = new Menu();
        $menu_id = $menuModel->read(['route_name'=>$action],['id']);
        if($menu_id !== false){
            if(strpos($groupInfo['rights'], $menu_id['id']) < 0){
                return response(['code'=>Code::USER_LOGIN_ERROE,'msg'=>'当前用户没有权限']);
            }
        }
    }
}