71 lines
2.1 KiB
PHP
71 lines
2.1 KiB
PHP
<?php
|
|
// +----------------------------------------------------------------------
|
|
// | saiadmin [ saiadmin快速开发框架 ]
|
|
// +----------------------------------------------------------------------
|
|
// | Author: sai <1430792918@qq.com>
|
|
// +----------------------------------------------------------------------
|
|
namespace plugin\saiadmin\app\middleware;
|
|
|
|
use Webman\Http\Request;
|
|
use Webman\Http\Response;
|
|
use Webman\MiddlewareInterface;
|
|
use plugin\saiadmin\app\cache\UserAuthCache;
|
|
use plugin\saiadmin\app\cache\ReflectionCache;
|
|
use plugin\saiadmin\exception\SystemException;
|
|
|
|
/**
|
|
* 权限检查中间件
|
|
*/
|
|
class CheckAuth implements MiddlewareInterface
|
|
{
|
|
|
|
public function process(Request $request, callable $handler) : Response
|
|
{
|
|
$controller = $request->controller;
|
|
$action = $request->action;
|
|
|
|
// 通过反射获取控制器哪些方法不需要登录
|
|
$noNeedLogin = ReflectionCache::getNoNeedLogin($controller);
|
|
|
|
// 不登录访问,无需权限验证
|
|
if (in_array($action, $noNeedLogin)) {
|
|
return $handler($request);
|
|
}
|
|
|
|
// 登录信息
|
|
$token = getCurrentInfo();
|
|
if ($token === false) {
|
|
throw new SystemException('用户信息读取失败,无法访问或操作');
|
|
}
|
|
|
|
// 系统默认超级管理员,无需权限验证
|
|
if ($token['id'] === 1) {
|
|
return $handler($request);
|
|
}
|
|
|
|
// 2. 获取接口权限属性 (使用缓存类)
|
|
$permissions = ReflectionCache::getPermissionAttributes($controller, $action);
|
|
|
|
if (!empty($permissions) && !empty($permissions['slug'])) {
|
|
// 用户权限缓存
|
|
$auth = UserAuthCache::getUserAuth($token['id']);
|
|
|
|
if (!$this->checkPermissions($permissions, $auth)) {
|
|
throw new SystemException('权限不足,无法访问或操作');
|
|
}
|
|
}
|
|
|
|
return $handler($request);
|
|
}
|
|
|
|
/**
|
|
* 检查权限
|
|
*/
|
|
private function checkPermissions(array $attr, array $userPermissions): bool
|
|
{
|
|
// 直接对比 slug
|
|
return in_array($attr['slug'], $userPermissions);
|
|
}
|
|
|
|
}
|