//登录
public function loginDo(CheckLogin $request)
{
$postData=$request->all();
// auth登录
$data=auth()->attempt(['username'=>$postData['username'],'password'=>$postData['password']]);
if(!$data){
return redirect('admin/login')->withErrors(['error'=>'用户名或密码错误']);
}
session(['username'=>$postData['username']]);
$id=auth()->id();
$res=User::with(['Role','Role.Node'])->where('id',$id)->get()->toArray();
// 根据角色查所有权限
$datas=[];
foreach($res as $val) {
$datas = $val['role']['node'];
}
$routeName=array_column($datas,'route_name');
// 权限存缓存
session(['node'=>$routeName]);
return redirect('index');
}中间件:
public function handle(Request $request, Closure $next)
{
// 检测用户是否登录
if(!auth()->check()){
return redirect('admin/login')->withErrors(['error'=>'请登录']);
}
return $next($request);
}// 取出缓存中的拥有权限
$node=session('node');
// dd($node);
// 权限验证
if(auth()->user()['username']!=config('admin.admin')){
if(!in_array($request->path(),$node)){
return redirect('welcome')->withErrors('权限不足');
}
}
return $next($request);
}