在ThinkPHP中实现权限管理,通常涉及以下几个步骤:
以下是一个基本的实现步骤:
首先,你需要一个用户模型和一个登录控制器来处理用户的登录和认证。
// application\model\User.php
namespace app\model;
use think\Model;
class User extends Model
{
// 用户模型
}
// application\controller\AuthController.php
namespace app\controller;
use think\Controller;
use app\model\User;
use think\Request;
class AuthController extends Controller
{
public function login(Request $request)
{
$username = $request->param('username');
$password = $request->param('password');
$user = User::where('username', $username)->find();
if ($user && password_verify($password, $user->password)) {
session('user_id', $user->id);
return json(['status' => 'success', 'message' => '登录成功']);
} else {
return json(['status' => 'error', 'message' => '用户名或密码错误']);
}
}
public function logout()
{
session(null);
return json(['status' => 'success', 'message' => '登出成功']);
}
}
定义角色模型和角色控制器。
// application\model\Role.php
namespace app\model;
use think\Model;
class Role extends Model
{
// 角色模型
}
// application\controller\RoleController.php
namespace app\controller;
use think\Controller;
use app\model\Role;
class RoleController extends Controller
{
public function index()
{
$roles = Role::select();
return json($roles);
}
public function add(Request $request)
{
$roleName = $request->param('role_name');
$role = new Role();
$role->role_name = $roleName;
$role->save();
return json(['status' => 'success', 'message' => '角色添加成功']);
}
}
定义权限模型和权限控制器。
// application\model\Permission.php
namespace app\model;
use think\Model;
class Permission extends Model
{
// 权限模型
}
// application\controller\PermissionController.php
namespace app\controller;
use think\Controller;
use app\model\Permission;
class PermissionController extends Controller
{
public function index()
{
$permissions = Permission::select();
return json($permissions);
}
public function add(Request $request)
{
$permissionName = $request->param('permission_name');
$permission = new Permission();
$permission->permission_name = $permissionName;
$permission->save();
return json(['status' => 'success', 'message' => '权限添加成功']);
}
}
使用中间件来控制访问权限。
// application\middleware\AuthMiddleware.php
namespace app\middleware;
use think\Request;
use think\Response;
class AuthMiddleware
{
public function handle(Request $request, \Closure $next)
{
if (!session('?user_id')) {
return response()->json(['status' => 'error', 'message' => '请先登录'], 401);
}
$userId = session('user_id');
$user = \app\model\User::find($userId);
if (!$user) {
return response()->json(['status' => 'error', 'message' => '用户不存在'], 401);
}
$request->user = $user;
return $next($request);
}
}
在控制器中使用中间件:
// application\controller\UserController.php
namespace app\controller;
use think\Controller;
use app\model\User;
use app\middleware\AuthMiddleware;
class UserController extends Controller
{
protected $middleware = [AuthMiddleware::class];
public function index()
{
return json(['status' => 'success', 'message' => '欢迎,' . $this->request->user->username]);
}
}
定义角色和权限的关联表,并在模型中定义关系。
// application\model\Role.php
namespace app\model;
use think\Model;
class Role extends Model
{
public function permissions()
{
return $this->belongsToMany(Permission::class, 'role_permission');
}
}
// application\model\Permission.php
namespace app\model;
use think\Model;
class Permission extends Model
{
public function roles()
{
return $this->belongsToMany(Role::class, 'role_permission');
}
}
通过以上步骤,你可以在ThinkPHP中实现一个基本的权限管理系统。根据实际需求,你可以进一步扩展和优化这个系统。