// +----------------------------------------------------------------------
declare (strict_types=1);
namespace app\admin\middleware;
use think\exception\HttpResponseException;
class Auth
{
use \app\common\library\Jump;
/**
* 错误模板,主题文件夹下
* @var string
*/
protected $error_tmpl = '/error';
protected $success_tmpl = '/success';
public function handle($request, \Closure $next)
{
$user = app('user');
if (!$user->id) {
return redirect((string)url('/login/index'))->remember();
}
$action = strtolower($request->action());
// if ($action=='batches') { // 批量修改默认设置与修改权限一致
// $action = 'edit';
// }
$url = str_replace('.','/',$request->controller()).'/'.$action;
$url = strtolower($url);
$bl = $user->check($url, $user->id);
if (!$bl) {
if ($request->isAjax()) {
$this->error(__('No permission'));
} else {
throw new HttpResponseException(response('403
'.__('No permission').'
'));
}
}
return $next($request);
}
}