preface
The company has recently set up a new project team to work on new projects. The company didn’t have much demand for back-office business, so it decided to take the time to make a fuss. Iview is used to manage the back-end front-end, egg.js is used for the back-end, and the scaffolding is based on EasyWebPack.
Authorization process (directly on the picture)
Access control
- Page-level control, front-end definition route meta added permission field to judge whether the side menu menu is displayed
// Route meta defines permission
meta: {
icon: "ios-contacts".title: "User Management".permission: "setting.user.view"
}
Copy the code- Button level control, custom instructions
Permission <Hello v-permission="['key1','key2'] />Copy the code- Key interface control, Node forwarding server interface, middleware to determine whether the operation within the permission
Some people may say, this interface authentication is not thrown to the backend to do ah! The fact is that the background students at the beginning of the plan are not clear how to do, the initial said that there is no time to do interface interception… Then set up their own front – end authentication and interface interception scheme
// Define the route file config.default.js
exports.api = {
ADMIN: {
prefix: "http://39.108.xxx.173:8181/api", and apis: {// Several ways to define an interface
LOGIN: "/auth/backend/login".// Login address
LOGIN_OUT: "/backend/users/logout/$p1$".// Resful style interface, $p1$is a placeholder for subsequent dynamic concatenation
ADD_ROLE: {
name: "/backend/roles".key: "setting.add.role" // To add a role, define a key if authentication is required}}}},// Front-end request example/API /__proxy_gateway_method_id=API_KEY_NAME&__gateway_place=ADMIN
router.get("/api/__proxy", controller.api.proxy.__proxy)
router.post("/api/__proxy", controller.api.proxy.__proxy)
router.put("/api/__proxy", controller.api.proxy.__proxy)
router.delete("/api/__proxy", controller.api.proxy.__proxy)
/* * Node middleware interface interception * 1. Whether session exists * 2. Check whether the client token is the same as the session token * 3. Whether requests made by the front end through the/API /__proxy interface are within permissions. * * / config. Default. Js definition
// Some code examples
module.exports = (a)= > {
return async function (ctx, next) {
let javaToken = ctx.cookies.get("javaToken", {
encrypt: true,})let sessionUser = ctx.session.user || {}
if(needPrmissionPath.indexOf(ctx.request.path) ! = =- 1) {
let {token, user_info, super_admin} = sessionUser
if (Object.keys(sessionUser).length && (javaToken === token) && user_info.status ! = =2) {
let {__gateway_method_id, __gateway_place} = ctx.request.query
let apiKey = utils.getApiKey(ctx, __gateway_method_id, __gateway_place)
if (apiKey) {
if((user_info.menus && user_info.menus.indexOf(apiKey)) ! = =- 1 || super_admin) {
await next()
} else {
ctx.body = {code: 4001.msg: "You don't have access to this interface."}}}else {
await next()
}
} else {
ctx.status = 401
ctx.body = {code: 401.msg: "Boy, don't think I don't know what you're up to."}}}else {
await next()
}
}
}
Copy the codeTo be continued (I will not work overtime next day)
Many functions are integrated in the late development of this management background. Image compression, pin push, template generation, lazy one command automatically build restart service.
“Generation templates. Mp4 (https://g.baojiesports.com/bps/0ae8d945/page.mp4)”
“Linux deployment service (https://g.baojiesports.com/bps/5c288edb/auto.mp4)”