Frontend.php 4.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158
  1. <?php
  2. namespace app\common\controller;
  3. use app\common\library\Auth;
  4. use think\Config;
  5. use think\Controller;
  6. use think\Hook;
  7. use think\Lang;
  8. use think\Loader;
  9. use think\Validate;
  10. /**
  11. * 前台控制器基类
  12. */
  13. class Frontend extends Controller
  14. {
  15. /**
  16. * 布局模板
  17. * @var string
  18. */
  19. protected $layout = '';
  20. /**
  21. * 无需登录的方法,同时也就不需要鉴权了
  22. * @var array
  23. */
  24. protected $noNeedLogin = [];
  25. /**
  26. * 无需鉴权的方法,但需要登录
  27. * @var array
  28. */
  29. protected $noNeedRight = [];
  30. /**
  31. * 权限Auth
  32. * @var Auth
  33. */
  34. protected $auth = null;
  35. public function _initialize()
  36. {
  37. //移除HTML标签
  38. $this->request->filter('trim,strip_tags,htmlspecialchars');
  39. $modulename = $this->request->module();
  40. $controllername = Loader::parseName($this->request->controller());
  41. $actionname = strtolower($this->request->action());
  42. // 检测IP是否允许
  43. check_ip_allowed();
  44. // 如果有使用模板布局
  45. if ($this->layout) {
  46. $this->view->engine->layout('layout/' . $this->layout);
  47. }
  48. $this->auth = Auth::instance();
  49. // token
  50. $token = $this->request->server('HTTP_TOKEN', $this->request->request('token', \think\Cookie::get('token')));
  51. $path = str_replace('.', '/', $controllername) . '/' . $actionname;
  52. // 设置当前请求的URI
  53. $this->auth->setRequestUri($path);
  54. // 检测是否需要验证登录
  55. if (!$this->auth->match($this->noNeedLogin)) {
  56. //初始化
  57. $this->auth->init($token);
  58. //检测是否登录
  59. if (!$this->auth->isLogin()) {
  60. $this->error(__('Please login first'), 'index/user/login');
  61. }
  62. // 判断是否需要验证权限
  63. if (!$this->auth->match($this->noNeedRight)) {
  64. // 判断控制器和方法判断是否有对应权限
  65. if (!$this->auth->check($path)) {
  66. $this->error(__('You have no permission'));
  67. }
  68. }
  69. } else {
  70. // 如果有传递token才验证是否登录状态
  71. if ($token) {
  72. $this->auth->init($token);
  73. }
  74. }
  75. $this->view->assign('user', $this->auth->getUser());
  76. // 语言检测
  77. $lang = strip_tags($this->request->langset());
  78. $site = Config::get("site");
  79. $upload = \app\common\model\Config::upload();
  80. // 上传信息配置后
  81. Hook::listen("upload_config_init", $upload);
  82. // 配置信息
  83. $config = [
  84. 'site' => array_intersect_key($site, array_flip(['name', 'cdnurl', 'version', 'timezone', 'languages'])),
  85. 'upload' => $upload,
  86. 'modulename' => $modulename,
  87. 'controllername' => $controllername,
  88. 'actionname' => $actionname,
  89. 'jsname' => 'frontend/' . str_replace('.', '/', $controllername),
  90. 'moduleurl' => rtrim(url("/{$modulename}", '', false), '/'),
  91. 'language' => $lang
  92. ];
  93. $config = array_merge($config, Config::get("view_replace_str"));
  94. Config::set('upload', array_merge(Config::get('upload'), $upload));
  95. // 配置信息后
  96. Hook::listen("config_init", $config);
  97. // 加载当前控制器语言包
  98. $this->loadlang($controllername);
  99. $this->assign('site', $site);
  100. $this->assign('config', $config);
  101. }
  102. /**
  103. * 加载语言文件
  104. * @param string $name
  105. */
  106. protected function loadlang($name)
  107. {
  108. $name = Loader::parseName($name);
  109. Lang::load(APP_PATH . $this->request->module() . '/lang/' . $this->request->langset() . '/' . str_replace('.', '/', $name) . '.php');
  110. }
  111. /**
  112. * 渲染配置信息
  113. * @param mixed $name 键名或数组
  114. * @param mixed $value 值
  115. */
  116. protected function assignconfig($name, $value = '')
  117. {
  118. $this->view->config = array_merge($this->view->config ? $this->view->config : [], is_array($name) ? $name : [$name => $value]);
  119. }
  120. /**
  121. * 刷新Token
  122. */
  123. protected function token()
  124. {
  125. $token = $this->request->param('__token__');
  126. //验证Token
  127. if (!Validate::make()->check(['__token__' => $token], ['__token__' => 'require|token'])) {
  128. $this->error(__('Token verification error'), '', ['__token__' => $this->request->token()]);
  129. }
  130. //刷新Token
  131. $this->request->token();
  132. }
  133. }