Blogger Information
Blog 37
fans 0
comment 0
visits 21168
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
综合实战第七课:后台系统开发-PHP培训九期线上班
渡劫小能手
Original
693 people have browsed it

后台框架搭建

后台验证用户名和密码

使用Auth::attempt方法验证,返回true或者false<br />注意引用 use Illuminate\Support\Facades\Auth; <br />注意在model中指定查询的表名 protected $table='xpcms_admin';

  1. if (Auth::attempt(['username'=>$username,'password'=>$pwd,'status'=>1])){
  2. return json_encode(array('code'=>0,'msg'=>'登录成功'));
  3. }else{
  4. return json_encode(array('code'=>1,'msg'=>'登录失败'));
  5. }

使用auth中间件验证登录

实现直接输入路由,验证是否登录,没登录直接跳转到登录页面

  1. Route::get('/admins/account/login', 'admins\Account@login')->name('login');
  2. Route::get('/admins/home/index', 'admins\Home@index')->middleware('auth');

使用自定义中间件控制访问菜单权限

通过session查出group_id,group_id对应group表中的gid,可以查出当前登录者的权限范围rights<br />通过controller和action查出访问的mid,看看这个mid在不在登陆者权限范围内,就可以决定是否能够访问该菜单

定义中间件
  1. <?php
  2. //权限验证中间件
  3. namespace app\Http\Middleware;
  4. use Closure;
  5. use Illuminate\Support\Facades\Auth;
  6. use Illuminate\Support\Facades\DB;
  7. class Rightvalidates{
  8. public function handle($request,Closure $next){
  9. //通过$request获取当前访问的菜单id
  10. $url = $request->route()->getActionName();
  11. $res = explode('@',$url);
  12. //取出方法名称
  13. $action = $res[1];
  14. $res = explode('\\',$res[0]);
  15. $controller = $res[count($res)-1];
  16. $curmenu = DB::table('xpcms_admin_menu')->where('controller',$controller)->where('action',$action)->first();
  17. if (!$curmenu){
  18. return response('当前菜单不存在',200);
  19. }
  20. //使用Auth的user方法,从session中取出attempt存的信息
  21. $_admin = Auth::user()->toArray();
  22. //管理员的group_id
  23. $group_id = $_admin['group_id'];
  24. //查询管理组拥有的权限
  25. $rights = DB::table('xpcms_admin_group')->where('gid',$group_id)->first();
  26. if (!$rights){
  27. return response('该角色不存在',200);
  28. }
  29. //该用户所能访问的菜单id列表
  30. $mymenus = json_decode($rights->rights,true);
  31. //当前菜单的id在不在$mymenus里面?
  32. if (!in_array($curmenu->mid,$mymenus)){
  33. return response('权限不足',200);
  34. }
  35. return $next($request);
  36. }
  37. }
注册中间件

\App\Http\Middleware 中注册

  1. protected $routeMiddleware = [
  2. 'auth' => \App\Http\Middleware\Authenticate::class,
  3. 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
  4. 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
  5. 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
  6. 'can' => \Illuminate\Auth\Middleware\Authorize::class,
  7. 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
  8. 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
  9. 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
  10. 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
  11. //权限校验中间件
  12. 'rightvalidates' => \App\Http\Middleware\Rightvalidates::class,
  13. ];
触发中间件
  1. Route::namespace('admins')->middleware(['auth','rightvalidates'])->group(function (){
  2. Route::get('/admins/home/index', 'Home@index');
  3. Route::get('/admins/home/welcome', 'Home@welcome');
  4. });

路由分组管理

  1. Route::namespace('admins')->middleware('auth')->group(function (){
  2. Route::get('/admins/home/index', 'Home@index');
  3. Route::get('/admins/home/welcome', 'Home@welcome');
  4. });
Correcting teacher:天蓬老师天蓬老师

Correction status:qualified

Teacher's comments:后台的架构起来, 后面的工作就有了载体 , 就快了
Statement of this Website
The copyright of this blog article belongs to the blogger. Please specify the address when reprinting! If there is any infringement or violation of the law, please contact admin@php.cn Report processing!
All comments Speak rationally on civilized internet, please comply with News Comment Service Agreement
0 comments
Author's latest blog post