longfei
/
72crm-11.0-PHP
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
30 коммитов
1 ветка
Дерево: ce8c8fa3eb
веток Теги
${ item.name }
Создать ветку ${ searchTerm }
из 'ce8c8fa3eb'
${ noResults }
72crm-11.0-PHP/application/common/behavior/AuthenticateBehavior.php

AuthenticateBehavior.php 2.3KB
История Исходник

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. <?php

  2. // +----------------------------------------------------------------------

  3. // | Description: WEB端权限判断

  4. // +----------------------------------------------------------------------

  5. // | Author:  Michael_xu | gengxiaoxu@5kcrm.com  

  6. // +----------------------------------------------------------------------

  7. namespace app\common\behavior;

  8. 

  9. use think\Cache;

  10. use think\Request;

  11. use think\Db;

  12. 

  13. class AuthenticateBehavior

  14. {

  15. 	public function run(&$params)

  16. 	{

  17.         /*防止跨域*/      

  18.         header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);

  19.         header('Access-Control-Allow-Credentials: true');

  20.         header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');

  21.         header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, authKey, sessionId");        

  22.         $request = Request::instance();

  23.         $m = strtolower($request->module());

  24.         $c = strtolower($request->controller());

  25.         $a = strtolower($request->action());        

  26.         //提交方式拦截

  27.         $scan = new \com\Scan();

  28.         $response = $scan->webscan_Check();            

  29. 		

  30. 		$allow = $params['allow']; //登录用户可访问

  31. 		$permission = $params['permission']; //无限制

  32. 		/*获取头部信息*/ 

  33.         $header = $request->header();

  34.         $authKey = trim($header['authkey']);

  35.         

  36. 		$paramArr = $request->param();

  37.         $platform = $paramArr['platform'] ? '_'.$paramArr['platform'] : ''; //请求分类(mobile,ding)

  38.         $cache = Cache::get('Auth_'.$authKey.$platform);

  39.         $userInfo = $cache['userInfo'];

  40.     	

  41.     	if (in_array($a, $permission)) {

  42.     		return true;

  43.     	}   

  44. 

  45.     	if (empty($userInfo['id'])) {

  46. 			header('Content-Type:application/json; charset=utf-8');

  47.             exit(json_encode(['code'=>101,'error'=>'请先登录']));

  48.     	}

  49. 		if ($userInfo['id'] == 1) {

  50.     		return true;

  51.     	}

  52.     	if (in_array($a, $allow)) {

  53. 			return true;

  54.     	}

  55.         //管理员角色

  56.         $adminTypes = adminGroupTypes($userInfo['id']);

  57.         if (in_array(1,$adminTypes)) {

  58.             return true;

  59.         }        

  60.         //操作权限

  61.     	$res_per = checkPerByAction($m, $c, $a); 

  62.     	if (!$res_per) {

  63. 			header('Content-Type:application/json; charset=utf-8');

  64.             exit(json_encode(['code'=>102,'error'=>'无权操作']));

  65.     	}

  66. 	}

  67. }