mirror of
https://gitee.com/koogua/course-tencent-cloud.git
synced 2025-06-20 19:07:03 +08:00
dd99631f6e
* Merge remote-tracking branch 'gitee/xiaochong0302/I280IZ' into xiaocho… * 初步完成开放登录,待线上测试7 * Merge branch 'demo' of gitee.com:koogua/course-tencent-cloud into xiao… * 初步完成开放登录,待线上测试6 * !30 开放登录线上测试5 * !29 开放登录线上测试5 * 初步完成开放登录,待线上测试5 * !28 开放登录线上测试4 * 初步完成开放登录,待线上测试4 * !27 开放登录线上测试3 * 初步完成开放登录,待线上测试3 * !26 开放登录线上测试2 * 初步完成开放登录,待线上测试2 * !25 开放登录线上测试 * 初步完成开放登录,待线上测试 * !22 验证更新h5支付 * Merge remote-tracking branch 'remotes/gitee/develop' into demo * !20 验证更新h5支付 * Merge branch 'develop' of https://gitee.com/koogua/course-tencent-clou… * !16 v1.2.0阶段性合并 * 删除调试断点代码 * 删除重复的signature方法 * Merge branch 'develop' of https://gitee.com/koogua/course-tencent-clou… * demo后台增加统计 * !5 更新版本号1.1.0 * !4 v1.1.0版本develop->demo * Merge branch 'develop' into demo * 1.增加changelog.md * Merge branch 'develop' into demo * Merge branch 'develop' into demo * Merge branch 'develop' into demo * !1 精简优化代码 * Merge branch 'develop' into demo * 合并修改
132 lines
3.1 KiB
PHP
132 lines
3.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Admin\Controllers;
|
|
|
|
use App\Models\Audit as AuditModel;
|
|
use App\Services\Auth\Admin as AdminAuth;
|
|
use App\Traits\Response as ResponseTrait;
|
|
use App\Traits\Security as SecurityTrait;
|
|
use Phalcon\Mvc\Dispatcher;
|
|
|
|
class Controller extends \Phalcon\Mvc\Controller
|
|
{
|
|
|
|
/**
|
|
* @var array
|
|
*/
|
|
protected $authInfo;
|
|
|
|
use ResponseTrait;
|
|
use SecurityTrait;
|
|
|
|
public function beforeExecuteRoute(Dispatcher $dispatcher)
|
|
{
|
|
/**
|
|
* demo分支拒绝数据提交
|
|
*/
|
|
if ($this->isNotSafeRequest()) {
|
|
$dispatcher->forward([
|
|
'controller' => 'public',
|
|
'action' => 'forbidden',
|
|
]);
|
|
return false;
|
|
}
|
|
|
|
if ($this->isNotSafeRequest()) {
|
|
$this->checkHttpReferer();
|
|
$this->checkCsrfToken();
|
|
}
|
|
|
|
$this->checkRateLimit();
|
|
|
|
$this->authInfo = $this->getAuthInfo();
|
|
|
|
if (!$this->authInfo) {
|
|
$dispatcher->forward([
|
|
'controller' => 'public',
|
|
'action' => 'auth',
|
|
]);
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* 管理员忽略权限检查
|
|
*/
|
|
if ($this->authInfo['root'] == 1) {
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* 特例白名单
|
|
*/
|
|
$whitelist = [
|
|
'controllers' => ['public', 'index', 'vod', 'upload', 'test', 'xm_course'],
|
|
'routes' => ['admin.package.guiding'],
|
|
];
|
|
|
|
$controller = $dispatcher->getControllerName();
|
|
|
|
/**
|
|
* 特定控制器忽略权限检查
|
|
*/
|
|
if (in_array($controller, $whitelist['controllers'])) {
|
|
return true;
|
|
}
|
|
|
|
$route = $this->router->getMatchedRoute();
|
|
|
|
/**
|
|
* 特定路由忽略权限检查
|
|
*/
|
|
if (in_array($route->getName(), $whitelist['routes'])) {
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* 执行路由权限检查
|
|
*/
|
|
if (!in_array($route->getName(), $this->authInfo['routes'])) {
|
|
$dispatcher->forward([
|
|
'controller' => 'public',
|
|
'action' => 'forbidden',
|
|
]);
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
public function initialize()
|
|
{
|
|
$this->view->setVar('auth_info', $this->authInfo);
|
|
}
|
|
|
|
public function afterExecuteRoute(Dispatcher $dispatcher)
|
|
{
|
|
if ($this->request->isPost()) {
|
|
|
|
$audit = new AuditModel();
|
|
|
|
$audit->user_id = $this->authInfo['id'];
|
|
$audit->user_name = $this->authInfo['name'];
|
|
$audit->user_ip = $this->request->getClientAddress();
|
|
$audit->req_route = $this->router->getMatchedRoute()->getName();
|
|
$audit->req_path = $this->request->getServer('REQUEST_URI');
|
|
$audit->req_data = $this->request->getPost();
|
|
|
|
$audit->create();
|
|
}
|
|
}
|
|
|
|
protected function getAuthInfo()
|
|
{
|
|
/**
|
|
* @var AdminAuth $auth
|
|
*/
|
|
$auth = $this->getDI()->get('auth');
|
|
|
|
return $auth->getAuthInfo();
|
|
}
|
|
|
|
}
|