Commit 5a2cc492 authored by 秦俊坤's avatar 秦俊坤

新增鉴权相关接口

parent 442a5616
<?php
namespace Meibuyu\Micro\Middleware;
use Meibuyu\Micro\Model\Auth;
use Meibuyu\Micro\Service\Interfaces\User\AuthenticationServiceInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
class AuthorizeMiddleware implements MiddlewareInterface
{
/**
* @Inject()
* @var AuthenticationServiceInterface
*/
private $authorizationService;
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
$route = $request->getUri()->getPath();
$token = token();
$applicationName = env('APP_NAME');
if (empty($route)) return $handler->handle($request);
//获取对应的 route 对应的权限,如果 route 是不需要登录鉴权,直接返回
$passed = $this->authRouter($applicationName, $route, $token);
if ($passed) {
return $handler->handle($request);
}
return response()->withStatus(403); //鉴权失败,错误码 403 forbidden
//route 是需要登录鉴权的,判断当前用户是佛有对应 route 的权限
}
/**
* 获取对应路由的权限,调用 RPC 服务
* @param $applicationName
* @param $route
* @param $token
* @return bool
*/
protected function authRouter($applicationName, $route, $token): bool
{
$userId = $this->getUserIdByToken($token);
return $this->authorizationService->authByRouter($applicationName, $route, $userId);
}
/**
* 根据 token 获取对应的 user_id
* @param $token
* @return int|mixed
*/
protected function getUserIdByToken($token)
{
if (empty($token)) return 0;
$user = redis()->get($token);
if ( ! $user) return 0;
$userArr = \json_decode($user, true);
return !empty($userArr['id']) ? $userArr['id'] : 0;
}
}
\ No newline at end of file
<?php
/**
* Created by PhpStorm.
* User: zero
* Date: 2020/5/26
* Time: 15:17
*/
namespace Meibuyu\Micro\Service\Interfaces\User;
interface AuthenticationServiceInterface
{
/**
* 获取对应用户能够看到的菜单
* @param string $name
* @param array $columns
* @return array
*/
public function getMenus($userId): array;
/**
* 获取对应用户的菜单权限
* @param $userId
* @return array
*/
public function getButtons($userId):array;
/**
* 获取对应路由的接口权限结果
* @param $router string 路由名字
* @param $applicationName string 应用名字
* @param $userId integer 用户 ID
* @return bool
*/
public function authByRouter($applicationName, $router, $userId): bool;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment