module()); $c = strtolower($request->controller()); $a = strtolower($request->action()); //提交方式拦截 $scan = new \com\Scan(); $response = $scan->webscan_Check(); $allow = $params['allow']; //登录用户可访问 $permission = $params['permission']; //无限制 /*获取头部信息*/ $header = $request->header(); $authKey = trim($header['authkey']); $paramArr = $request->param(); $platform = $paramArr['platform'] ? '_'.$paramArr['platform'] : ''; //请求分类(mobile,ding) $cache = Cache::get('Auth_'.$authKey.$platform); $userInfo = $cache['userInfo']; if (in_array($a, $permission)) { return true; } if (empty($userInfo['id'])) { header('Content-Type:application/json; charset=utf-8'); exit(json_encode(['code'=>101,'error'=>'请先登录'])); } if ($userInfo['id'] == 1) { return true; } if (in_array($a, $allow)) { return true; } //管理员角色 $adminTypes = adminGroupTypes($userInfo['id']); if (in_array(1,$adminTypes)) { return true; } //操作权限 $res_per = checkPerByAction($m, $c, $a); if (!$res_per) { header('Content-Type:application/json; charset=utf-8'); exit(json_encode(['code'=>102,'error'=>'无权操作'])); } } }