用戶表
CREATE TABLE `sys_user` (
`id` varchar(64) COLLATE utf8_bin NOT NULL COMMENT '用戶編號',
`ids` int(11) NOT NULL AUTO_INCREMENT COMMENT '自增的id',
`login_name` varchar(100) COLLATE utf8_bin NOT NULL COMMENT '登錄名',
`password` varchar(100) COLLATE utf8_bin NOT NULL COMMENT '密碼',
`name` varchar(30) COLLATE utf8_bin DEFAULT NULL COMMENT '姓名',
`email` varchar(200) COLLATE utf8_bin NOT NULL COMMENT '郵箱',
`phone` varchar(20) COLLATE utf8_bin NOT NULL COMMENT '電話',
`mobile` varchar(20) COLLATE utf8_bin DEFAULT NULL COMMENT '手機',
`login_ip` varchar(100) COLLATE utf8_bin DEFAULT NULL COMMENT '最后登陸IP',
`login_date` datetime DEFAULT NULL COMMENT '最后登陸時間',
`login_flag` int(11) DEFAULT NULL COMMENT '是否可登錄,1:可登陸,0:不可登陸',
`user_type` int(11) DEFAULT NULL COMMENT '用戶類型',
`photo` varchar(1000) COLLATE utf8_bin DEFAULT NULL COMMENT '用戶頭像(暫定保存路徑)',
`create_time` datetime DEFAULT NULL COMMENT '創建時間(申請時間)',
`update_time` datetime DEFAULT NULL COMMENT '更新時間(每次修改需要更新)',
`status` int(1) DEFAULT '2' COMMENT '狀態,0:無效;1:有效;2:待審核',
`unit_price` double DEFAULT '0' COMMENT '用戶單價(單位:元)',
`balance` double DEFAULT '0' COMMENT '用戶余額(單位:元)',
`password_md5` char(100) COLLATE utf8_bin DEFAULT NULL COMMENT 'md5密碼',
PRIMARY KEY (`ids`,`id`),
KEY `IDX_SYS_USER_LOGINNAME` (`login_name`),
KEY `IDX_SYS_USER_PHONE` (`phone`),
KEY `IDX_SYS_USER_MOBILE` (`mobile`),
KEY `IDX_SYS_USER_EMAIL` (`email`)
) ENGINE=InnoDB AUTO_INCREMENT=14 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
角色組
CREATE TABLE `sys_role` (
`id` varchar(64) COLLATE utf8_bin NOT NULL COMMENT '角色ID',
`ids` int(11) NOT NULL AUTO_INCREMENT COMMENT 'role表中的自增id',
`name` varchar(100) COLLATE utf8_bin DEFAULT NULL COMMENT '角色名稱',
`create_time` datetime DEFAULT NULL COMMENT '創建時間',
`update_time` datetime DEFAULT NULL COMMENT '更新時間',
`remarks` varchar(500) COLLATE utf8_bin DEFAULT NULL COMMENT '角色說明',
PRIMARY KEY (`ids`,`id`)
) ENGINE=InnoDB AUTO_INCREMENT=17 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
用戶角色組關系表
CREATE TABLE `sys_user_role` (
`user_id` varchar(64) COLLATE utf8_bin NOT NULL COMMENT '用戶ID',
`role_id` varchar(64) COLLATE utf8_bin NOT NULL COMMENT '角色ID',
`user_ids` int(11) NOT NULL COMMENT 'user表中的自增id',
`role_ids` int(11) NOT NULL COMMENT 'role表中的自增id'
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
權限表
CREATE TABLE `sys_menu` (
`id` int(11) NOT NULL AUTO_INCREMENT COMMENT '編號',
`parent_id` varchar(64) COLLATE utf8_bin DEFAULT NULL COMMENT '父級編號',
`id_path` varchar(2000) COLLATE utf8_bin DEFAULT NULL COMMENT '編號路徑',
`name` varchar(100) COLLATE utf8_bin DEFAULT NULL COMMENT '功能菜單名稱',
`name_path` varchar(2000) COLLATE utf8_bin DEFAULT NULL COMMENT '功能菜單路徑',
`sort` decimal(10,0) DEFAULT NULL COMMENT '排序',
`href` varchar(2000) COLLATE utf8_bin DEFAULT NULL COMMENT '鏈接',
`icon` varchar(1000) COLLATE utf8_bin DEFAULT NULL COMMENT '圖標路徑',
`permission` varchar(200) COLLATE utf8_bin DEFAULT NULL COMMENT 'shiro權限標識',
`is_show` int(1) DEFAULT NULL COMMENT '是否在菜單中顯示,1:顯示,0:不顯示',
`remarks` varchar(2000) COLLATE utf8_bin DEFAULT NULL COMMENT '功能菜單描述',
`platform` tinyint(2) DEFAULT '0' COMMENT '平台 1 php后台',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=70012 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
權限角色關系表
CREATE TABLE `sys_role_menu` (
`role_id` varchar(64) COLLATE utf8_bin DEFAULT NULL COMMENT '角色ID',
`menu_id` varchar(64) COLLATE utf8_bin DEFAULT NULL COMMENT '菜單ID',
`role_ids` int(11) NOT NULL COMMENT 'role表中的自增id'
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
驗證當前用戶的權限需要 先獲取當前用戶的信息(id) 然后去用戶角色表中查找他對應的角色 然后再去角色權限表中查找出當前的用戶的權限列表 看當前訪問的路由是否在權限列表中 如果在就可以訪問 如果不在就禁止訪問
這些信息都需要保存到session中 然后驗證的時候再取出來
login.php
<?php namespace iqiyi\Http\Controllers; use iqiyi\Models\SysRoleMenu; use iqiyi\Models\SysUserRole; use iqiyi\Models\SysRole; use Illuminate\Http\Request; use Illuminate\Support\Facades\Session; use iqiyi\Models\SysUser; use Illuminate\Support\Facades\DB; class Login extends Controller { public function __construct() { DB::connection()->enableQueryLog(); // 開啟查詢日志 } /** * @param Request $request * @return $this|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|void * */ public function index(Request $request) { DB::connection()->enableQueryLog(); $username = $request->username; $password = $request->password; $errors = $request->errors; $password = md5($password.config('iqiyi.md5key','Iqiyi')); $users = SysUser::where(['login_name'=>$username,'password_md5'=>$password])->first(); //echo $users['id']; //dd($users); $pri = []; // if($users){ // // 角色 // $roleids = []; // $role = SysUserRole::where('user_id',$users->id)->select('role_id')->where('role_id','<>','')->get(); // foreach ($role as $k=>$v){ // $roleids[] = $v['role_id']; // } // // 權限 // $menu = SysRoleMenu::whereIn('role_id',$roleids)->select('m.href')->leftjoin('sys_menu as m','sys_role_menu.menu_id','=','m.id')->get()->toArray(); // // foreach ($menu as $k=>$v){ // $pri[] = $v['href']; // } //// print_r(DB::getQueryLog()); //// dd($users, $menu, $pri); // } if($users){ // 角色 $roleids = []; $role = SysUserRole::where('user_ids',$users->ids)->select('role_ids')->where('role_ids','<>','')->get(); foreach ($role as $k=>$v){ $roleids[] = $v['role_ids']; } // 權限 $menu = SysRoleMenu::whereIn('role_ids',$roleids)->select('m.href')->leftjoin('sys_menu as m','sys_role_menu.menu_id','=','m.id')->get()->toArray(); foreach ($menu as $k=>$v){ $pri[] = $v['href']; } // print_r(DB::getQueryLog()); // dd($users, $role, $roleids, $menu, $pri); } // 權限判斷 // if($pri && $users){ // Session::put('userid',$users['id']); // Session::put('login_name',$users['login_name']); // Session::put('pri',json_encode($pri)); // echo 1; // $sessions = $request->session()->all(); // dump($sessions); // die; // return redirect('/'); // } if($pri && $users){ Session::put('userid',$users['ids']); Session::put('login_name',$users['login_name']); Session::put('pri',json_encode($pri)); // dump($users); // echo 1; // $sessions = $request->session()->all(); // dump($sessions); // die; return redirect('/'); } $error = ''; if($username && !$users){ $error = '用戶名或密碼錯誤'; } if(!$pri && $users){ $error = '用戶沒有權限'; } return view('login')->with([ 'error'=>$error, 'errors'=>$errors, ]); } /** * @param Request $request */ public function logout(Request $request){ Session::forget('userid'); return redirect('/'); } //$queries = \DB::getQueryLog(); // 獲取查詢日志 //dd($queries); // 即可查看執行的sql,傳入的參數等等 }
middleware/authAdmin.php (中間件)
<?php namespace iqiyi\Http\Middleware; use Closure; use Illuminate\Support\Facades\Session; class authAdmin { /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userid = Session::get('userid'); //dd(json_decode($pri,true)); $pri = Session::get('pri'); // dump($userid, $pri); if (!$userid || !$pri) { return redirect('/login'); } $url = $request->getRequestUri(); $postion = strpos($url, '?'); // 有?的標志 if ($postion) { $url = substr($url, 0, strpos($url, '?')); // 把路徑后面的?參數去掉 } $pri = json_decode($pri,true); // dd($userid, $url, $postion, $pri); if ($url =='/') { return $next($request); } if( !in_array($url,$pri)){ // echo 'error'; // return view('error'); return response()->view('error'); } if( !$userid){ return redirect('/login?errors=沒有權限'); } return $next($request); } }
給控制器配置中間件
routes/web.php
<?php /* |-------------------------------------------------------------------------- | Web Routes |-------------------------------------------------------------------------- | | Here is where you can register web routes for your application. These | routes are loaded by the RouteServiceProvider within a group which | contains the "web" middleware group. Now create something great! | */ Route::group(['middleware' => ['\iqiyi\Http\Middleware\VerifyCsrfToken::class']], function () { //支付訂單 Route::any('order/{action}', function(\iqiyi\Http\Controllers\Order $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); })->middleware('authAdmin'); // 報告 Route::any('report/{action}', function(\iqiyi\Http\Controllers\Report $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); })->middleware('authAdmin'); // 數據統計 Route::any('statistics/{action}', function(\iqiyi\Http\Controllers\Statistics $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); })->middleware('authAdmin'); // 圖片管理 Route::any('img/{action}', function(\iqiyi\Http\Controllers\Img $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); //dump($request); })->middleware('authAdmin'); // 用戶管理 Route::any('user/{action}', function(\iqiyi\Http\Controllers\User $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); })->middleware('authAdmin'); // 角色管理 Route::any('role/{action}', function(\iqiyi\Http\Controllers\Role $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); })->middleware('authAdmin'); // 菜單管理 Route::any('menu/{action}', function(\iqiyi\Http\Controllers\Menu $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); })->middleware('authAdmin'); Route::any('/login', 'Login@index'); Route::any('logout', 'Login@logout'); Route::any('/', 'Index@main')->middleware('authAdmin'); Route::any('import', 'Import@index')->middleware('authAdmin'); Route::any('import/{action}',function(\iqiyi\Http\Controllers\Import $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); })->middleware('authAdmin'); Route::any('stock/{action}',function(\iqiyi\Http\Controllers\Stock $index, $action,\Illuminate\Http\Request $request ){ return $index->$action($request); })->middleware('authAdmin'); Route::get('downreport/{filename}/{expname}', function($filename,$expname) { return response()->download(storage_path('report/'.$filename),$expname.'.xls'); })->middleware('authAdmin'); // Route::any('channel/{action}',function(\iqiyi\Http\Controllers\Channel $index, $action,\Illuminate\Http\Request $request ){ // return $index->$action($request); // })->middleware('authAdmin'); Route::any('importlist', 'Import@lists')->middleware('authAdmin'); });
->middleware('xxx')