Frontend.php 4.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155
  1. <?php
  2. namespace app\common\controller;
  3. use app\common\library\Auth;
  4. use think\Config;
  5. use think\Controller;
  6. use think\Hook;
  7. use think\Lang;
  8. use think\Loader;
  9. use think\Validate;
  10. /**
  11. * 前台控制器基类
  12. */
  13. class Frontend extends Controller
  14. {
  15. /**
  16. * 布局模板
  17. * @var string
  18. */
  19. protected $layout = '';
  20. /**
  21. * 无需登录的方法,同时也就不需要鉴权了
  22. * @var array
  23. */
  24. protected $noNeedLogin = [];
  25. /**
  26. * 无需鉴权的方法,但需要登录
  27. * @var array
  28. */
  29. protected $noNeedRight = [];
  30. /**
  31. * 权限Auth
  32. * @var Auth
  33. */
  34. protected $auth = null;
  35. public function _initialize()
  36. {
  37. //移除HTML标签
  38. $this->request->filter('trim,strip_tags,htmlspecialchars');
  39. $modulename = $this->request->module();
  40. $controllername = Loader::parseName($this->request->controller());
  41. $actionname = strtolower($this->request->action());
  42. // 如果有使用模板布局
  43. if ($this->layout) {
  44. $this->view->engine->layout('layout/' . $this->layout);
  45. }
  46. $this->auth = Auth::instance();
  47. // token
  48. $token = $this->request->server('HTTP_TOKEN', $this->request->request('token', \think\Cookie::get('token')));
  49. $path = str_replace('.', '/', $controllername) . '/' . $actionname;
  50. // 设置当前请求的URI
  51. $this->auth->setRequestUri($path);
  52. // 检测是否需要验证登录
  53. if (!$this->auth->match($this->noNeedLogin)) {
  54. //初始化
  55. $this->auth->init($token);
  56. //检测是否登录
  57. if (!$this->auth->isLogin()) {
  58. $this->error(__('Please login first'), 'index/user/login');
  59. }
  60. // 判断是否需要验证权限
  61. if (!$this->auth->match($this->noNeedRight)) {
  62. // 判断控制器和方法判断是否有对应权限
  63. if (!$this->auth->check($path)) {
  64. $this->error(__('You have no permission'));
  65. }
  66. }
  67. } else {
  68. // 如果有传递token才验证是否登录状态
  69. if ($token) {
  70. $this->auth->init($token);
  71. }
  72. }
  73. $this->view->assign('user', $this->auth->getUser());
  74. // 语言检测
  75. $lang = strip_tags($this->request->langset());
  76. $site = Config::get("site");
  77. $upload = \app\common\model\Config::upload();
  78. // 上传信息配置后
  79. Hook::listen("upload_config_init", $upload);
  80. // 配置信息
  81. $config = [
  82. 'site' => array_intersect_key($site, array_flip(['name', 'cdnurl', 'version', 'timezone', 'languages'])),
  83. 'upload' => $upload,
  84. 'modulename' => $modulename,
  85. 'controllername' => $controllername,
  86. 'actionname' => $actionname,
  87. 'jsname' => 'frontend/' . str_replace('.', '/', $controllername),
  88. 'moduleurl' => rtrim(url("/{$modulename}", '', false), '/'),
  89. 'language' => $lang
  90. ];
  91. $config = array_merge($config, Config::get("view_replace_str"));
  92. Config::set('upload', array_merge(Config::get('upload'), $upload));
  93. // 配置信息后
  94. Hook::listen("config_init", $config);
  95. // 加载当前控制器语言包
  96. $this->loadlang($controllername);
  97. $this->assign('site', $site);
  98. $this->assign('config', $config);
  99. }
  100. /**
  101. * 加载语言文件
  102. * @param string $name
  103. */
  104. protected function loadlang($name)
  105. {
  106. $name = Loader::parseName($name);
  107. Lang::load(APP_PATH . $this->request->module() . '/lang/' . $this->request->langset() . '/' . str_replace('.', '/', $name) . '.php');
  108. }
  109. /**
  110. * 渲染配置信息
  111. * @param mixed $name 键名或数组
  112. * @param mixed $value 值
  113. */
  114. protected function assignconfig($name, $value = '')
  115. {
  116. $this->view->config = array_merge($this->view->config ? $this->view->config : [], is_array($name) ? $name : [$name => $value]);
  117. }
  118. /**
  119. * 刷新Token
  120. */
  121. protected function token()
  122. {
  123. $token = $this->request->param('__token__');
  124. //验证Token
  125. if (!Validate::make()->check(['__token__' => $token], ['__token__' => 'require|token'])) {
  126. $this->error(__('Token verification error'), '', ['__token__' => $this->request->token()]);
  127. }
  128. //刷新Token
  129. $this->request->token();
  130. }
  131. }