add platform

2026-04-03 14:10:57 +08:00 · 2021-06-22 18:51:58 +08:00
parent 5a5733cf0b
commit 76a6ad6ed3
5 changed files with 38 additions and 1 deletions
--- a/admin/src/utils/axios.js
+++ b/admin/src/utils/axios.js
@@ -10,6 +10,7 @@ axios.defaults.withCredentials = true
 axios.defaults.headers['X-Requested-With'] = 'XMLHttpRequest'
 axios.defaults.headers['Content-Type'] = 'application/json'
 axios.defaults.headers['Accept'] = 'application/json'
+axios.defaults.headers['Platform'] = 'admin'
 // axios.defaults.headers['Authorization'] = 'Bearer ' + localGet('token')

 axios.interceptors.request.use(config => {
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -42,6 +42,7 @@ class Kernel extends HttpKernel
        'api' => [
            'throttle:api',
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
+            \App\Http\Middleware\Platform::class,
        ],
    ];

--- a/app/Http/Middleware/Permission.php
+++ b/app/Http/Middleware/Permission.php
@@ -20,7 +20,7 @@ class Permission
    {
        /** @var User $user */
        $user = $request->user();
-        if (!$user || !$user->canAccessAdmin()) {
+        if (!$user || (IS_PLATFORM_ADMIN && !$user->canAccessAdmin())) {
            do_log("denied!");
            throw new UnauthorizedException('Unauthorized!');
        }
--- a/app/Http/Middleware/Platform.php
+++ b/app/Http/Middleware/Platform.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class Platform
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if (empty(CURRENT_PLATFORM)) {
+            throw new \InvalidArgumentException("Require platform header.");
+        }
+        if (!in_array(CURRENT_PLATFORM, PLATFORMS)) {
+            throw new \InvalidArgumentException("Invalid platform: " . CURRENT_PLATFORM);
+        }
+        return $next($request);
+    }
+}
--- a/include/constants.php
+++ b/include/constants.php
@@ -12,6 +12,14 @@ defined('ROOT_PATH') || define('ROOT_PATH', dirname(__DIR__) . '/');
 defined('CURRENT_SCRIPT') || define('CURRENT_SCRIPT', strstr(basename($_SERVER['SCRIPT_FILENAME']), '.', true));
 defined('IS_ANNOUNCE') || define('IS_ANNOUNCE', CURRENT_SCRIPT == 'announce');

+defined('PLATFORM_ADMIN') || define('PLATFORM_ADMIN', 'admin');
+defined('PLATFORM_USER') || define('PLATFORM_USER', 'user');
+defined('PLATFORMS') || define('PLATFORMS', [PLATFORM_ADMIN, PLATFORM_USER]);
+defined('CURRENT_PLATFORM') || define('CURRENT_PLATFORM', $_SERVER['HTTP_PLATFORM'] ?? '');
+defined('IS_PLATFORM_ADMIN') || define('IS_PLATFORM_ADMIN', CURRENT_PLATFORM == PLATFORM_ADMIN);
+defined('IS_PLATFORM_USER') || define('IS_PLATFORM_USER', CURRENT_PLATFORM == PLATFORM_USER);
+
+
 //define the REQUEST_ID
 if (!defined('REQUEST_ID')) {
    if (!empty($_SERVER['HTTP_X_REQUEST_ID'])) {