TP框架 之think-auth权限认证
一、安装think-auth
composer require 5ini99/think-auth
二、数据表
-- ---------------------------- -- think_auth_rule,规则表, -- id:主键,name:规则唯一标识, title:规则中文名称 status 状态:为1正常,为0禁用,condition:规则表达式,为空表示存在就验证,不为空表示按照条件验证 -- ---------------------------- DROP TABLE IF EXISTS `think_auth_rule`; CREATE TABLE `think_auth_rule` ( `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, `name` char(80) NOT NULL DEFAULT '', `title` char(20) NOT NULL DEFAULT '', `type` tinyint(1) NOT NULL DEFAULT '1', `status` tinyint(1) NOT NULL DEFAULT '1', `condition` char(100) NOT NULL DEFAULT '', # 规则附件条件,满足附加条件的规则,才认为是有效的规则 PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; -- ---------------------------- -- think_auth_group 用户组表, -- id:主键, title:用户组中文名称, rules:用户组拥有的规则id, 多个规则","隔开,status 状态:为1正常,为0禁用 -- ---------------------------- DROP TABLE IF EXISTS `think_auth_group`; CREATE TABLE `think_auth_group` ( `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, `title` char(100) NOT NULL DEFAULT '', `status` tinyint(1) NOT NULL DEFAULT '1', `rules` char(80) NOT NULL DEFAULT '', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; -- ---------------------------- -- think_auth_group_access 用户组明细表 -- uid:用户id,group_id:用户组id -- ---------------------------- DROP TABLE IF EXISTS `think_auth_group_access`; CREATE TABLE `think_auth_group_access` ( `uid` mediumint(8) unsigned NOT NULL, `group_id` mediumint(8) unsigned NOT NULL, UNIQUE KEY `uid_group_id` (`uid`,`group_id`), KEY `uid` (`uid`), KEY `group_id` (`group_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
三、公共配置
四、代码实现
1、Base.php
<?php namespace app\index\controller; use think\auth\Auth; use think\Controller; class Base extends Controller { public function initialize() { parent::initialize(); $controller = request()->controller(); $action = request()->action(); $url = $controller.'/'.$action; $noCheck = ['Index/login', 'Index/index', 'Index/logout']; $uid = session('uid'); if ($uid != 1) { if (!in_array($url, $noCheck)) { if (!$uid) { $this->error('请先登陆系统!',url('index/login')); } $auth = new Auth(); if (!$auth->check($url, $uid)) { $this->error('没有权限', 'index/index'); } } } } }
2、Index.php
<?php namespace app\index\controller; class Index extends Base { public function index() { return $this->fetch(); } /** * 登录 * @return mixed */ public function login() { if ($this->request->isPost()) { $username = $this->request->post('username'); $password = $this->request->post('password'); $data = [ 'username' => $username, 'password' => $password ]; $result = $this->validate($data, 'app\index\validate\Member.login'); if ($result !== true) { $this->error($result); } $member = (new \app\index\model\Member)->login($data); if ($member === false) { $this->error('账号或密码不正确'); } session('uid', $member['id']); $this->redirect(url('index')); } return $this->fetch(); } public function logout() { session('uid', 0); $this->redirect('login'); } }
3、自定义标签 MyTag.php
<?php namespace app\common\taglib; use think\auth\Auth; use think\template\TagLib; class MyTag extends TagLib { protected $tags = [ 'auth' => ['attr' => 'rule', 'close' => 1] ]; /** * 权限判断标签 * @param $tag * @param $content * @return string */ public function tagAuth($tag, $content) { $rule = $tag['rule']; $auth = new Auth(); $uid = session('uid'); $res = $auth->check($rule, $uid); $parseStr = '<?php if(' . intval($res) . '): ?>' . $content .'<?php endif; ?>'; return $parseStr; } }
4、index.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> {MyTag:auth rule='Group/index'} <a href="{:url('Group/index')}">用户组</a> {/MyTag:auth} {MyTag:auth rule='Member/index'} <a href="{:url('Member/index')}">用户管理</a> {/MyTag:auth} {MyTag:auth rule='Rule/index'} <a href="{:url('Rule/index')}">规则管理</a> {/MyTag:auth} <a href="{:url('index/logout')}">退出</a> </body> </html>
五、效果图