diff --git a/app/admin/BaseController.php b/app/admin/BaseController.php index 59faa7a..bc42f84 100644 --- a/app/admin/BaseController.php +++ b/app/admin/BaseController.php @@ -174,16 +174,11 @@ abstract class BaseController return (array)$tokenData['user']; } - private function verifyTokenFromHeader($token): ?array + protected function verifyTokenFromHeader($token): ?array { - $authHeader = $this->request->header('Authorization', ''); - if (!preg_match('/Bearer\s+(.+)/i', $authHeader, $matches)) { - return null; - } - try { $decoded = \Firebase\JWT\JWT::decode( - $matches[1], + $token, new \Firebase\JWT\Key(\app\service\JwtService::getSecret(), 'HS256') ); return (array)$decoded; diff --git a/app/admin/controller/MenuController.php b/app/admin/controller/MenuController.php index 6006f08..c542423 100644 --- a/app/admin/controller/MenuController.php +++ b/app/admin/controller/MenuController.php @@ -17,13 +17,33 @@ use app\model\AdminUserGroup; class MenuController extends BaseController { /** - * 获取当前登录用户的菜单接口 + * 获取用户菜单接口(需要传入用户ID) * @return \think\response\Json */ - public function getMyMenus() + public function getMenus(int $id) { try { - $userInfo = $this->getAdminUserInfo(); + $authHeader = $this->request->header('Authorization', ''); + + if (!preg_match('/Bearer\s+(.+)/i', $authHeader, $matches)) { + return json([ + 'code' => 401, + 'msg' => '未登录,请先登录', + 'data' => null + ]); + } + + $tokenData = $this->verifyTokenFromHeader($matches[1]); + + if (!$tokenData || !isset($tokenData['user'])) { + return json([ + 'code' => 401, + 'msg' => 'Token无效,请重新登录', + 'data' => null + ]); + } + + $userInfo = (array)$tokenData['user']; if (!$userInfo || !isset($userInfo['id']) || $userInfo['id'] == 0) { return json([ @@ -33,75 +53,6 @@ class MenuController extends BaseController ]); } - $user = AdminUser::where('id', $userInfo['id'])->find(); - - if (!$user) { - return json([ - 'code' => 404, - 'msg' => '用户不存在', - 'data' => null - ]); - } - - // 获取用户组权限信息 - $userGroup = AdminUserGroup::where('id', $user['group_id']) - ->find(); - - if (!$userGroup) { - return json([ - 'code' => 404, - 'msg' => '用户组不存在', - 'data' => null - ]); - } - - // 解析权限数组 - $menuIds = []; - if (!empty($userGroup['rights'])) { - $menuIds = is_array($userGroup['rights']) ? $userGroup['rights'] : json_decode($userGroup['rights'], true); - } - - // 如果权限为空,返回空数组 - if (empty($menuIds)) { - return json([ - 'code' => 200, - 'msg' => 'success', - 'data' => [] - ]); - } - - // 获取有权限的菜单 - $menus = SystemMenu::where('delete_time', null) - ->where('status', 1) - ->whereIn('id', $menuIds) - ->field('id,pid,title,path,component_path,icon,sort') - ->order('sort', 'asc') - ->select(); - - // 将菜单转换为树形结构 - $treeMenus = $this->buildMenuTree($menus->toArray()); - - return json([ - 'code' => 200, - 'msg' => 'success', - 'data' => $treeMenus - ]); - } catch (DbException $e) { - return json([ - 'code' => 500, - 'msg' => 'fail:' . $e->getMessage(), - 'data' => $e->getTraceAsString() - ]); - } - } - - /** - * 获取用户菜单接口(需要传入用户ID) - * @return \think\response\Json - */ - public function getMenus(int $id) - { - try { $user = AdminUser::where('id', $id) ->where('id', $id) ->find(); diff --git a/app/admin/route/app.php b/app/admin/route/app.php index 31feb04..5bd41d1 100644 --- a/app/admin/route/app.php +++ b/app/admin/route/app.php @@ -16,7 +16,6 @@ Route::get('user/info', 'app\\admin\\controller\\LoginController@userInfo'); // 菜单路由 Route::get('allmenu', 'app\\admin\\controller\\MenuController@getAllMenus'); -Route::get('menu/my', 'app\\admin\\controller\\MenuController@getMyMenus'); Route::get('menu/:id', 'app\\admin\\controller\\MenuController@getMenus'); Route::post('createMenu', 'app\\admin\\controller\\MenuController@createMenu'); Route::put('updateMenu/:id', 'app\\admin\\controller\\MenuController@updateMenu');