整体代码布局调整

server/app/Http/Middleware/Authenticate.php → server/app/Http/Controllers/Middleware/Authenticate.php

@@ -9,7 +9,7 @@
  * with this source code in the file LICENSE.
  */
 
-namespace App\Http\Middleware;
+namespace App\Http\Controllers\Middleware;
 
 use App\Repositories\Enums\ResponseCodeEnum;
 use Closure;
@@ -73,6 +73,16 @@ class Authenticate
             $request->headers->set('authorization','bearer'.$decodeToken['hash']);
         }
 
+        //对用户权限进行判断验证
+        $currentUser = auth()->user();
+        /*echo "<pre>";
+        print_r($currentUser->permissions->toArray());
+        exit;*/
+
+        /*echo "<pre>";
+        print_R($request->route());
+        exit;*/
+
         return $next($request);
     }
 }

server/app/Http/Controllers/V1/Auth/AuthUserController.php

+<?php
+
+/*
+ * This file is part of the Jiannei/lumen-api-starter.
+ *
+ * (c) Jiannei <longjian.huang@foxmail.com>
+ *
+ * This source file is subject to the MIT license that is bundled
+ * with this source code in the file LICENSE.
+ */
+
+namespace App\Http\Controllers\V1\Auth;
+
+use Illuminate\Http\Request;
+use Jiannei\Response\Laravel\Support\Facades\Response;
+use App\Http\Controllers\V1\Controller;
+use App\Services\AuthService;
+use App\Services\RoleAndPermissionsService;
+
+class AuthUserController extends Controller
+{
+
+    protected $authService = null;
+
+    /**
+     * Create a new AuthController instance.
+     * @param \App\Services\AuthService $authService
+     */
+    public function __construct(AuthService $authService)
+    {
+        $this->authService = $authService;
+    }
+
+    /**
+     * @param \Illuminate\Http\Request $request
+     */
+    public function login(Request $request)
+    {
+        $message = [
+            'username.required' => "请输入用户名",
+            'password.required' => "请输入密码",
+        ];
+        $this->validateRequest($request, $message);
+
+        try{
+            $response = $this->authService->login($request);
+            return Response::success([
+                'token' => $response,
+            ], '登陆成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),$exception->getCode());
+        }
+    }
+
+    /**
+     * @param \Illuminate\Http\Request $request
+     */
+    public function logout(Request $request)
+    {
+        try{
+            $this->authService->logout($request);
+            return Response::success(null,'请求成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),$exception->getCode());
+        }
+    }
+
+
+    public function addUser(Request $request)
+    {
+        $message = [
+            'username.required' => "用户登陆账号必填",
+            'password.required' => "密码必填",
+            'type.required' => "用户类型必选",
+            'nickname.required' => "用户名称必填",
+            'email.required' => "邮箱必填",
+        ];
+        $this->validateRequest($request, $message);
+        try{
+            $this->authService->saveOrUpdateUser($request);
+            return Response::success(null,'请求成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),500);
+        }
+    }
+
+    public function editUser(Request $request)
+    {
+        $message = [
+            'type.required' => "用户类型必选",
+            'nickname.required' => "用户名称必填",
+            'email.required' => "邮箱必填",
+        ];
+        $this->validateRequest($request, $message);
+
+        try{
+            $this->authService->saveOrUpdateUser($request);
+            return Response::success(null,'请求成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),500);
+        }
+    }
+
+
+    public function changeUserStatus(Request $request, $id)
+    {
+       if(!$id){
+           return Response::fail('缺少id参数',500);
+       }
+
+       try{
+            $this->authService->updateUserStatus($request,$id);
+            return Response::success(null,'请求成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),500);
+        }
+
+    }
+
+    public function delUserByIds(Request $request)
+    {
+        $message = [
+            'ids.required' => "用户id必传",
+        ];
+        $this->validateRequest($request, $message);
+
+        try{
+            $this->authService->deleteUser($request);
+            return Response::success(null,'请求成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),500);
+        }
+    }
+
+    /**
+     * 获取用户信息
+     * @param Request $request
+     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Resources\Json\JsonResource
+     */
+    public function info(Request $request)
+    {
+        try{
+            $user = $this->authService->getUserInfo();
+            $service = app(RoleAndPermissionsService::class);
+            $service->getRolesToUser();
+            return Response::success([
+                'userinfo' => $user,
+            ], '请求成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),$exception->getCode());
+        }
+    }
+
+    public function listByPage(Request $request)
+    {
+        try{
+            $service = app(AuthService::class);
+            $roles = $service->listByPage($request);
+            return Response::success($service->formatKeysfromArray($roles,'toCamelCase'), '操作成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),500);
+        }
+    }
+
+
+    /**
+     * @param Request $request
+     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Resources\Json\JsonResource
+     */
+    public function resetPassword(Request $request)
+    {
+        $message = [
+            'oldpassword.required' => "请输入旧密码",
+            'newpassword.required' => "请输入新密码",
+        ];
+        $this->validateRequest($request, $message);
+        try{
+            $response = $this->authService->resetPassword($request);
+            return Response::success([], '更新成功');
+        }catch(\Exception $exception){
+            return Response::fail($exception->getMessage(),$exception->getCode());
+        }
+    }
+}

server/app/Http/V1/Controller.php → server/app/Http/Controllers/V1/Controller.php

@@ -9,7 +9,7 @@
  * with this source code in the file LICENSE.
  */
 
-namespace App\Http\V1;
+namespace App\Http\Controllers\V1;
 
 use Jiannei\Response\Laravel\Support\Facades\Response;
 use Jiannei\Response\Laravel\Support\Traits\ExceptionTrait;

server/app/Services/AuthService.php

@@ -53,6 +53,9 @@ class AuthService
             if( !$user = auth()->attempt($requestCriteria) ){
                 throw new UnauthorizedHttpException('authroization error','用户登陆授权失败，用户名或密码错误',null,ResponseCodeEnum::CLIENT_PARAMETER_ERROR);
             }
+            if(auth()->user()->toArray()['status'] == 0){
+                throw new UnauthorizedHttpException('authroization error','用户登陆授权失败，该用户已被冻结',null,ResponseCodeEnum::CLIENT_PARAMETER_ERROR);
+            }
             return $this->generateToken($user);
         }catch(\Exception $exception){
             throw new UnauthorizedHttpException('authroization error',$exception->getMessage(),null,ResponseCodeEnum::SERVICE_LOGIN_ERROR);
@@ -90,6 +93,11 @@ class AuthService
         if(!$params['page_size'] || $params['page_size'] == 0){
             $params['page_size'] = 10;
         }
+
+        if(isset($params['type'])){
+
+        }
+
         $users = $this->userRepository->paginate($params['page_size'],['id','username','nickname','email','token','is_admin','status','lastlogin','created_at','updated_at']);
         $returnRecord = [];
         if($users){
@@ -172,8 +180,9 @@ class AuthService
             // 如果编辑用户时选择了所属角色
             if(isset($params['role_ids']) && !empty($params['role_ids'])){
                 $ids = explode(',',$params['role_ids']);
-                $roles = Role::query()->whereIn('id',$ids)->get();
-                if(!$roles){
+                //获取需要分配的角色
+                $toBeAssignRoles = Role::query()->whereIn('id',$ids)->get();
+                if(!$toBeAssignRoles){
                     throw new \LogicException('角色不存在');
                 }
 
@@ -182,13 +191,13 @@ class AuthService
                 $belongRoles = $user->roles;
                 //角色
                 if(count($belongRoles->toArray()) > 0){
-                    $this->removeUserRoleAndPermission($user, $roles);
+                    $this->removeUserRoleAndPermission($user, $belongRoles);
                 }
-                $this->authroizeUserRoleAndPermission($user, $roles);
+                $this->authroizeUserRoleAndPermission($user, $toBeAssignRoles);
             }else{
-                $roles = $user->roles;
-                if(count($roles->toArray()) > 0){
-                    $this->removeUserRoleAndPermission($user,$roles);
+                $belongRoles = $user->roles;
+                if(count($belongRoles->toArray()) > 0){
+                    $this->removeUserRoleAndPermission($user,$belongRoles);
                 }
             }
         }

server/bootstrap/app.php

@@ -33,11 +33,10 @@ $app = new Laravel\Lumen\Application(
 );
 
 $app->withFacades();
+$app->withEloquent();
 
 //$app->register(Jenssegers\Mongodb\MongodbServiceProvider::class);
 
-$app->withEloquent();
-
 /*
 |--------------------------------------------------------------------------
 | Register Container Bindings
@@ -104,7 +103,7 @@ $app->middleware([
 ]);
 
 $app->routeMiddleware([
-    'superadmin' => App\Http\Middleware\Authenticate::class,
+    'permissions' => App\Http\Controllers\Middleware\Authenticate::class,
     //'userRole' => App\Http\Middleware\UserPermissionMiddleware::class,
     //'enum' => \Jiannei\Enum\Laravel\Http\Middleware\TransformEnums::class,
     //'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class,

server/bootstrap/route.php

@@ -8,5 +8,6 @@
 $api = app('Dingo\Api\Routing\Router');
 
 require __DIR__.'/../routes/api/auth.php';
+require __DIR__.'/../routes/api/permissions.php';
 
 return $app;

server/routes/api/auth.php

@@ -13,44 +13,28 @@
 
 $api->version('v1', function($api) {
 
-    $api->group(['namespace'=>'App\Http\V1\Auth','middleware' => ['api.auth','superadmin'], 'providers' => 'jwt'], function($api) {
+    $api->group(['namespace'=>'App\Http\Controllers\V1\Auth','middleware' => ['api.auth','permissions'], 'providers' => 'jwt'], function($api) {
 
         //用户相关
-        $api->post('/adminapi/user/add', ['uses'=>'AuthorizationController@addUser']);
-        $api->post('/adminapi/user/edit', ['uses'=>'AuthorizationController@editUser']);
-        $api->get('/adminapi/user/info', ['uses'=>'AuthorizationController@info']);
-        $api->post('/adminapi/auth/resetPassword', ['uses'=>'AuthorizationController@resetPassword']);
-        $api->get('/adminapi/user/listByPage', ['uses'=>'AuthorizationController@listByPage']);
-        $api->post('/adminapi/user/disable/{id}', ['uses'=>'AuthorizationController@changeUserStatus']);
-        $api->post('/adminapi/user/enable/{id}', ['uses'=>'AuthorizationController@changeUserStatus']);
-        $api->post('/adminapi/user/delByIds', ['uses'=>'AuthorizationController@delUserByIds']);
-
-        //菜单相关
-        $api->get('/adminapi/permission/menu/list', ['uses'=>'AuthorizationController@getMenuList']);
-        $api->post('/adminapi/permission/menu/edit', ['uses'=>'AuthorizationController@editMenus']);
-        $api->post('/adminapi/permission/menu/sub_add', ['uses'=>'AuthorizationController@addSubMenus']);
-        $api->post('/adminapi/permission/menu/del', ['uses'=>'AuthorizationController@deleteMenus']);
-        $api->get('/adminapi/permission/menu/all', ['uses'=>'AuthorizationController@getAllMenuList']);
-
-        //用户组相关
-        $api->get('/adminapi/permission/role/getAllByPage', ['uses'=>'AuthorizationController@getAllByPage']);
-        $api->get('/adminapi/permission/role/getAllList', ['uses'=>'AuthorizationController@getAllList']);
-        $api->post('/adminapi/permission/role/add', ['uses'=>'AuthorizationController@addRole']);
-        $api->post('/adminapi/permission/role/edit', ['uses'=>'AuthorizationController@editRole']);
-        $api->post('/adminapi/permission/role/delByIds', ['uses'=>'AuthorizationController@delByIds']);
-        $api->post('/adminapi/permission/role/editRolePermission', ['uses'=>'AuthorizationController@editRolePermission']);
-
-        $api->get('/adminapi/permission/dictData/defaultButtonPermission', ['uses'=>'AuthorizationController@getDefaultButtonPermission']);
+        $api->post('/adminapi/user/add', ['permission' => 'user.add', 'uses'=>'AuthUserController@addUser']);
+        $api->post('/adminapi/user/edit', ['permission' => 'user.edit', 'uses'=>'AuthUserController@editUser']);
+        $api->get('/adminapi/user/info', ['permission' => 'user.info', 'uses'=>'AuthUserController@info']);
+        $api->post('/adminapi/auth/resetPassword', ['permission' => 'auth.reset_password', 'uses'=>'AuthUserController@resetPassword']);
+        $api->get('/adminapi/user/listByPage', ['permission' => 'user.list_by_page', 'uses'=>'AuthUserController@listByPage']);
+        $api->post('/adminapi/user/disable/{id}', ['permission' => 'user.disable', 'uses'=>'AuthUserController@changeUserStatus']);
+        $api->post('/adminapi/user/enable/{id}', ['permission' => 'user.enable', 'uses'=>'AuthUserController@changeUserStatus']);
+        $api->post('/adminapi/user/delByIds', ['permission' => 'user.del_by_ids', 'uses'=>'AuthUserController@delUserByIds']);
+
     });
 
     //用户登陆
-    $api->group(['namespace'=>'App\Http\V1\Auth'], function($api) {
-        $api->post('/adminapi/auth/login', ['uses'=>'AuthorizationController@login']);
+    $api->group(['namespace'=>'App\Http\Controllers\V1\Auth'], function($api) {
+        $api->post('/adminapi/auth/login', ['uses'=>'AuthUserController@login']);
     });
 
     //用户登出
-    $api->group(['namespace'=>'App\Http\V1\Auth','middleware' => ['superadmin']], function($api) {
-        $api->get('/adminapi/auth/logout', ['uses'=>'AuthorizationController@logout']);
+    $api->group(['namespace'=>'App\Http\Controllers\V1\Auth','middleware' => ['superadmin']], function($api) {
+        $api->get('/adminapi/auth/logout', ['uses'=>'AuthUserController@logout']);
     });
 
 });

server/routes/api/permissions.php

+<?php
+
+/*
+|--------------------------------------------------------------------------
+| Application Routes
+|--------------------------------------------------------------------------
+|
+| Here is where you can register all of the routes for an application.
+| It is a breeze. Simply tell Lumen the URIs it should respond to
+| and give it the Closure to call when that URI is requested.
+|
+ */
+
+$api->version('v1', function($api) {
+
+    $api->group(['namespace'=>'App\Http\Controllers\V1','middleware' => ['api.auth','permissions'], 'providers' => 'jwt'], function($api) {
+
+        //菜单相关
+        $api->get('/adminapi/permission/menu/list', ['permission' => 'permission.menu.list', 'uses'=>'PermissionsController@getMenuList']);
+        $api->post('/adminapi/permission/menu/edit', ['permission' => 'permission.menu.edit', 'uses'=>'PermissionsController@editMenus']);
+        $api->post('/adminapi/permission/menu/sub_add', ['permission' => 'permission.menu.sub_add', 'uses'=>'PermissionsController@addSubMenus']);
+        $api->post('/adminapi/permission/menu/del', ['permission' => 'permission.menu.del', 'uses'=>'PermissionsController@deleteMenus']);
+        $api->get('/adminapi/permission/menu/all', ['permission' => 'permission.menu.all', 'uses'=>'PermissionsController@getAllMenuList']);
+
+        //角色相关
+        $api->get('/adminapi/permission/role/getAllByPage', ['permission' => 'permission.role.get_all_by_page', 'uses'=>'PermissionsController@getAllByPage']);
+        $api->get('/adminapi/permission/role/getAllList', ['permission' => 'permission.role.get_all_list', 'uses'=>'PermissionsController@getAllList']);
+        $api->post('/adminapi/permission/role/add', ['permission' => 'permission_role_add', 'uses'=>'PermissionsController@addRole']);
+        $api->post('/adminapi/permission/role/edit', ['permission' => 'permission.role.edit', 'uses'=>'PermissionsController@editRole']);
+        $api->post('/adminapi/permission/role/delByIds', ['permission' => 'permission.role.del_by_ids', 'uses'=>'PermissionsController@delByIds']);
+        $api->post('/adminapi/permission/role/editRolePermission', ['permission' => 'permission.role.edit_role_permission', 'uses'=>'PermissionsController@editRolePermission']);
+
+        $api->get('/adminapi/permission/dictData/defaultButtonPermission', ['permission' => 'permission.dict_data.default_button_permission', 'uses'=>'PermissionsController@getDefaultButtonPermission']);
+    });
+
+});
+