一、安装think-auth
composer require 5ini99/think-auth
二、数据表
-- ----------------------------
-- think_auth_rule,规则表,
-- id:主键,name:规则唯一标识, title:规则中文名称 status 状态:为1正常,为0禁用,condition:规则表达式,为空表示存在就验证,不为空表示按照条件验证
-- ----------------------------
DROP TABLE IF EXISTS `think_auth_rule`;
CREATE TABLE `think_auth_rule` (
`id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,
`name` char(80) NOT NULL DEFAULT '',
`title` char(20) NOT NULL DEFAULT '',
`type` tinyint(1) NOT NULL DEFAULT '1',
`status` tinyint(1) NOT NULL DEFAULT '1',
`condition` char(100) NOT NULL DEFAULT '', # 规则附件条件,满足附加条件的规则,才认为是有效的规则
PRIMARY KEY (`id`),
UNIQUE KEY `name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- ----------------------------
-- think_auth_group 用户组表,
-- id:主键, title:用户组中文名称, rules:用户组拥有的规则id, 多个规则","隔开,status 状态:为1正常,为0禁用
-- ----------------------------
DROP TABLE IF EXISTS `think_auth_group`;
CREATE TABLE `think_auth_group` (
`id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,
`title` char(100) NOT NULL DEFAULT '',
`status` tinyint(1) NOT NULL DEFAULT '1',
`rules` char(80) NOT NULL DEFAULT '',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- ----------------------------
-- think_auth_group_access 用户组明细表
-- uid:用户id,group_id:用户组id
-- ----------------------------
DROP TABLE IF EXISTS `think_auth_group_access`;
CREATE TABLE `think_auth_group_access` (
`uid` mediumint(8) unsigned NOT NULL,
`group_id` mediumint(8) unsigned NOT NULL,
UNIQUE KEY `uid_group_id` (`uid`,`group_id`),
KEY `uid` (`uid`),
KEY `group_id` (`group_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
三、公共配置
四、代码实现
1、Base.php
<?php
namespace app\index\controller;
use think\auth\Auth;
use think\Controller;
class Base extends Controller
{
public function initialize()
{
parent::initialize();
$controller = request()->controller();
$action = request()->action();
$url = $controller.'/'.$action;
$noCheck = ['Index/login', 'Index/index', 'Index/logout'];
$uid = session('uid');
if ($uid != 1) {
if (!in_array($url, $noCheck)) {
if (!$uid) {
$this->error('请先登陆系统!',url('index/login'));
}
$auth = new Auth();
if (!$auth->check($url, $uid)) {
$this->error('没有权限', 'index/index');
}
}
}
}
}
2、Index.php
<?php
namespace app\index\controller;
class Index extends Base
{
public function index()
{
return $this->fetch();
}
/**
* 登录
* @return mixed
*/
public function login()
{
if ($this->request->isPost()) {
$username = $this->request->post('username');
$password = $this->request->post('password');
$data = [
'username' => $username,
'password' => $password
];
$result = $this->validate($data, 'app\index\validate\Member.login');
if ($result !== true) {
$this->error($result);
}
$member = (new \app\index\model\Member)->login($data);
if ($member === false) {
$this->error('账号或密码不正确');
}
session('uid', $member['id']);
$this->redirect(url('index'));
}
return $this->fetch();
}
public function logout()
{
session('uid', 0);
$this->redirect('login');
}
}
3、自定义标签 MyTag.php
<?php
namespace app\common\taglib;
use think\auth\Auth;
use think\template\TagLib;
class MyTag extends TagLib
{
protected $tags = [
'auth' => ['attr' => 'rule', 'close' => 1]
];
/**
* 权限判断标签
* @param $tag
* @param $content
* @return string
*/
public function tagAuth($tag, $content)
{
$rule = $tag['rule'];
$auth = new Auth();
$uid = session('uid');
$res = $auth->check($rule, $uid);
$parseStr = '<?php if(' . intval($res) . '): ?>' . $content .'<?php endif; ?>';
return $parseStr;
}
}
4、index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
{MyTag:auth rule='Group/index'}
<a href="{:url('Group/index')}">用户组</a>
{/MyTag:auth}
{MyTag:auth rule='Member/index'}
<a href="{:url('Member/index')}">用户管理</a>
{/MyTag:auth}
{MyTag:auth rule='Rule/index'}
<a href="{:url('Rule/index')}">规则管理</a>
{/MyTag:auth}
<a href="{:url('index/logout')}">退出</a>
</body>
</html>
五、效果图
![[SWPUCTF 2021 新生赛]Do_you_know_http](https://img-blog.csdnimg.cn/direct/5f6e966753a04f50ac19fc9635cfb2d5.png)
