first
This commit is contained in:
wushumin
69
server-api/app/middleware/AdminAuthMiddleware.php
Normal file
69
server-api/app/middleware/AdminAuthMiddleware.php
Normal file
@@ -0,0 +1,69 @@
|
||||
<?php
|
||||
|
||||
namespace app\middleware;
|
||||
|
||||
use app\support\AdminAuthService;
|
||||
use Webman\Http\Request;
|
||||
use Webman\Http\Response;
|
||||
use Webman\MiddlewareInterface;
|
||||
|
||||
class AdminAuthMiddleware implements MiddlewareInterface
|
||||
{
|
||||
public function process(Request $request, callable $handler): Response
|
||||
{
|
||||
$path = $request->path();
|
||||
if (!str_starts_with($path, '/api/admin')) {
|
||||
return $handler($request);
|
||||
}
|
||||
|
||||
if (in_array($path, ['/api/admin/ping', '/api/admin/auth/login'], true)) {
|
||||
return $handler($request);
|
||||
}
|
||||
|
||||
$authService = new AdminAuthService();
|
||||
$adminInfo = $authService->current($request);
|
||||
if (!$adminInfo) {
|
||||
return api_error('未登录或登录已过期', 401);
|
||||
}
|
||||
|
||||
$permissionCode = $this->permissionCode($path);
|
||||
if ($permissionCode !== '' && !$authService->hasPermission($adminInfo, $permissionCode)) {
|
||||
return api_error('无权访问该后台功能', 403);
|
||||
}
|
||||
|
||||
$request->setHeader('x-admin-id', (string)$adminInfo['id']);
|
||||
$request->setHeader('x-admin-name', (string)$adminInfo['name']);
|
||||
|
||||
return $handler($request);
|
||||
}
|
||||
|
||||
private function permissionCode(string $path): string
|
||||
{
|
||||
return match (true) {
|
||||
str_starts_with($path, '/api/admin/dashboard') => 'dashboard.view',
|
||||
str_starts_with($path, '/api/admin/orders'),
|
||||
str_starts_with($path, '/api/admin/order/') => 'orders.manage',
|
||||
str_starts_with($path, '/api/admin/appraisal-tasks'),
|
||||
str_starts_with($path, '/api/admin/appraisal-task/') => 'appraisal_tasks.manage',
|
||||
str_starts_with($path, '/api/admin/catalog/') => 'catalog.manage',
|
||||
str_starts_with($path, '/api/admin/reports'),
|
||||
str_starts_with($path, '/api/admin/report/') => 'reports.manage',
|
||||
str_starts_with($path, '/api/admin/messages') => 'messages.manage',
|
||||
str_starts_with($path, '/api/admin/tickets'),
|
||||
str_starts_with($path, '/api/admin/ticket/') => 'tickets.manage',
|
||||
str_starts_with($path, '/api/admin/users'),
|
||||
str_starts_with($path, '/api/admin/user/') => 'users.manage',
|
||||
str_starts_with($path, '/api/admin/customers'),
|
||||
str_starts_with($path, '/api/admin/customer/') => 'customers.manage',
|
||||
str_starts_with($path, '/api/admin/warehouses'),
|
||||
str_starts_with($path, '/api/admin/warehouse/') => 'warehouses.manage',
|
||||
str_starts_with($path, '/api/admin/material/') => 'materials.manage',
|
||||
str_starts_with($path, '/api/admin/access/') => 'access.manage',
|
||||
str_starts_with($path, '/api/admin/content/') => 'system.manage',
|
||||
str_starts_with($path, '/api/admin/system-configs') => 'system.manage',
|
||||
str_starts_with($path, '/api/admin/auth/me'),
|
||||
str_starts_with($path, '/api/admin/auth/logout') => '',
|
||||
default => '',
|
||||
};
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user