How PHP and UniApp implement user rights management
In Web development, user rights management is a very important function. It can control users' access rights to different functions and resources in the system and ensure the security and integrity of the system. This article will introduce how to use PHP and UniApp to implement user rights management, with corresponding code examples.
1. Database design
Before we begin, we first need to design a database to store user and permission-related information. The following is a simple database design:
- User table (user): used to store basic information of users, including user ID, user name, password, etc.
- Role table (role): used to store role information, including role ID, role name, etc.
- Permission table (permission): used to store permission information of functions and resources in the system, including permission ID, permission name, etc.
- User role association table (user_role): used to establish the association between users and roles.
- Role permission association table (role_permission): used to establish the association between roles and permissions.
2. PHP backend implementation
- User login verification
When a user logs in, we need to verify whether the user’s username and password are correct. The following is a simple login verification code example:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | <?php
$username = $_POST [ 'username' ];
$password = $_POST [ 'password' ];
$query = "SELECT * FROM user WHERE username='$username' AND password='$password'" ;
$result = mysqli_query( $connection , $query );
if (mysqli_num_rows( $result ) == 1) {
$token = generateToken( $username );
echo json_encode([ 'status' => 'success' , 'token' => $token ]);
} else {
echo json_encode([ 'status' => 'failed' , 'message' => 'Invalid username or password' ]);
}
?>
|
Copy after login
- User permission verification
When verifying user permissions, we need to find the corresponding permissions based on the user's role. The following is a simple permission verification code example:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | <?php
$token = $_POST [ 'token' ];
$permissionId = $_POST [ 'permissionId' ];
if (validateToken( $token )) {
$query = "SELECT role_id FROM user_role WHERE user_id='$userId'" ;
$result = mysqli_query( $connection , $query );
$roleIds = mysqli_fetch_all( $result , MYSQLI_ASSOC);
$query = "SELECT * FROM role_permission WHERE role_id IN (" . implode( ',' , $roleIds ) . ")" ;
$result = mysqli_query( $connection , $query );
$permissions = mysqli_fetch_all( $result , MYSQLI_ASSOC);
$hasPermission = false;
foreach ( $permissions as $permission ) {
if ( $permission [ 'permission_id' ] == $permissionId ) {
$hasPermission = true;
break ;
}
}
echo json_encode([ 'hasPermission' => $hasPermission ]);
} else {
echo json_encode([ 'hasPermission' => false]);
}
?>
|
Copy after login
3. UniApp front-end implementation
- User login page
In the user login page, we need Send the username and password entered by the user to the backend for verification, and obtain the returned token. The following is a simple login page code example:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | < template >
< view >
< input v-model = "username" type = "text" placeholder = "Username" />
< input v-model = "password" type = "password" placeholder = "Password" />
< button @ click = "login" >Login</ button >
</ view >
</ template >
< script >
export default {
data() {
return {
username: '',
password: ''
}
},
methods: {
login() {
// 发送登录请求给后端
uni.request({
url: '/api/login.php',
method: 'POST',
data: {
username: this.username,
password: this.password
},
success: (res) => {
if (res.data.status === 'success') {
// 登录成功,保存token到本地
uni.setStorageSync('token', res.data.token);
uni.navigateTo({
url: '/pages/home/home'
});
} else {
// 登录失败,提示错误信息
uni.showToast({
title: res.data.message,
icon: 'none'
});
}
}
});
}
}
}
</ script >
|
Copy after login
- Permission verification
On the page that needs to verify user permissions, we need to send the user's token and permission ID to end for verification. The following is a simple permission verification code example:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | export default {
data() {
return {
hasPermission: false
}
},
mounted() {
uni.request({
url: '/api/validatePermission.php' ,
method: 'POST' ,
data: {
token: uni.getStorageSync( 'token' ),
permissionId: 1
},
success: (res) => {
this .hasPermission = res.data.hasPermission;
}
});
}
}
|
Copy after login
Through the above method, we can implement user permission management functions based on PHP and UniApp. When a user logs in, we verify the user's username and password and generate a token to return to the client. The client saves the token locally and sends it to the backend for verification where verification permissions are required. The backend searches for the role and permissions corresponding to the user based on the token, and returns the permission verification results to the client.
I hope this article can help you understand how PHP and UniApp implement user rights management. Of course, there may be more complex requirements in actual projects, but the core idea is the same. As long as we follow good database design and reasonable code logic, we can implement a safe and reliable user rights management system.
The above is the detailed content of How to implement user rights management with PHP and UniApp. For more information, please follow other related articles on the PHP Chinese website!