// +---------------------------------------------------------------------- declare (strict_types=1); namespace app\store\controller; use cores\BaseController; use app\store\service\Auth as AuthService; use app\common\service\store\User as StoreUserService; use cores\exception\BaseException; use app\common\model\Merchant as MerchantModel; /** * 商户后台控制器基类 * Class BaseController * @package app\store\controller */ class Controller extends BaseController { // 商家登录信息 protected array $store; // 当前商城ID protected int $storeId; // 当前商户ID protected int $merchantId = 0; // 当前控制器名称 protected string $controller = ''; // 当前方法名称 protected string $action = ''; // 当前路由uri protected string $routeUri = ''; // 当前路由:分组名称 protected string $group = ''; // 登录验证白名单 protected array $allowAllAction = [ 'passport/login', 'passport/logout', 'map/transfer', ]; /** * 强制验证当前访问的控制器方法method * 例: [ 'login' => 'POST' ] * @var array */ protected array $methodRules = []; /** * 后台初始化 * @throws BaseException * @throws \think\db\exception\DataNotFoundException * @throws \think\db\exception\DbException * @throws \think\db\exception\ModelNotFoundException */ public function initialize() { // 获取当前登录的商城ID $this->getStoreId(); // 设置管理员登录信息 $this->setStoreInfo(); // 当前路由信息 $this->getRouteinfo(); // 验证登录状态 $this->checkLogin(); // 验证当前API权限 $this->checkPrivilege(); // 强制验证当前访问的控制器方法method $this->checkMethodRules(); $this->getMerchantId(); } /** * 设置管理员登录信息 */ private function setStoreInfo() { $this->store = StoreUserService::getLoginInfo(); } /** * 验证当前路由权限 * @return void * @throws BaseException * @throws \think\db\exception\DataNotFoundException * @throws \think\db\exception\DbException * @throws \think\db\exception\ModelNotFoundException */ private function checkPrivilege(): void { // 在开发模式下, 建议把此处代码暂时屏蔽, 开发完成后在超管后台新增菜单和api if (!AuthService::getInstance()->checkPrivilege('/' . $this->routeUri)) { throwError('很抱歉,没有当前api的访问权限 ' . $this->routeUri); } } /** * 解析当前路由参数 (分组名称、控制器名称、方法名) */ protected function getRouteinfo() { // 控制器名称 $this->controller = uncamelize($this->request->controller()); // 方法名称 $this->action = $this->request->action(); // 控制器分组 (用于定义所属模块) $groupstr = strstr($this->controller, '.', true); $this->group = $groupstr !== false ? $groupstr : $this->controller; // 当前uri $this->routeUri = "{$this->controller}/$this->action"; } /** * 验证登录状态 * @return void * @throws BaseException */ private function checkLogin(): void { // 验证当前请求是否在白名单 if (in_array($this->routeUri, $this->allowAllAction)) { return; } // 验证登录状态 if (empty($this->store) || (int)$this->store['is_login'] !== 1) { throwError('请先登录后再访问', config('status.not_logged')); } } /** * 获取当前登录的商城ID */ protected function getStoreId() { $this->storeId = $this->request->storeId(); } /** * 获取当前登录的商城ID */ protected function getMerchantId() { $user = StoreUserService::getLoginInfo(); if (!empty($user)) { $this->merchantId = MerchantModel::getMerchantId($user['user']['user_name']); } } /** * 强制验证当前访问的控制器方法method * @return void * @throws BaseException */ private function checkMethodRules(): void { if (!isset($this->methodRules[$this->action])) { return; } $methodRule = $this->methodRules[$this->action]; $currentMethod = $this->request->method(); if (empty($methodRule)) { return; } if (is_array($methodRule) && in_array($currentMethod, $methodRule)) { return; } if (is_string($methodRule) && $methodRule == $currentMethod) { return; } throwError('illegal request method'); } }