vue后台管理前端实现权限控制
实现思路:
- 用户登录之后把用户信息存储到vuex中。
// store.user.js
import { login, logout, getInfo } from '@/api/user'
import { getToken, setToken, removeToken } from '@/utils/auth'
import { resetRouter } from '@/router'
const getDefaultState = () => {
return {
token: getToken(),
name: '',
avatar: '',
role:[],
}
}
const state = getDefaultState()
const mutations = {
RESET_STATE: (state) => {
Object.assign(state, getDefaultState())
},
SET_TOKEN: (state, token) => {
state.token = token
},
SET_NAME: (state, name) => {
state.name = name
},
SET_AVATAR: (state, avatar) => {
state.avatar = avatar
},
setRole:(state,role)=>{
state.role = role
}
}
const actions = {
// user login
login({ commit }, userInfo) {
const { username, password } = userInfo
return new Promise((resolve, reject) => {
login({ username: username.trim(), password: password }).then(response => {
const { data } = response
commit('SET_TOKEN', data.token)
setToken(data.token)
resolve()
}).catch(error => {
reject(error)
})
})
},
// get user info
getInfo({ commit, state }) {
return new Promise((resolve, reject) => {
getInfo(state.token).then(response => {
const { data } = response
if (!data) {
return reject('Verification failed, please Login again.')
}
const { name, avatar,roles } = data
console.log(data,'data---')
commit('SET_NAME', name)
commit('SET_AVATAR', avatar)
commit('setRole', roles)
resolve(data)
}).catch(error => {
reject(error)
})
})
},
// user logout
logout({ commit, state }) {
return new Promise((resolve, reject) => {
logout(state.token).then(() => {
removeToken() // must remove token first
console.log('退出登录')
resetRouter()
commit('RESET_STATE')
commit('setRole', [])
resolve()
}).catch(error => {
reject(error)
})
})
},
// remove token
resetToken({ commit }) {
return new Promise(resolve => {
removeToken() // must remove token first
commit('RESET_STATE')
resolve()
})
}
}
export default {
namespaced: true,
state,
mutations,
actions
}
- 配置路由信息,这里需要分两块,一块是默认的路由信息,不需要进行权限配置的,比如登录页面,首页,404页面等,需要配置权限的路由在路由的meta中添加:meta: { role:[‘admin’]}。
// router.js
import Vue from 'vue'
import Router from 'vue-router'
Vue.use(Router)
import Layout from '@/layout'
export const constantRoutes = [
{
path: '/login',
component: () => import('@/views/login/index'),
hidden: true
},
{
path: '/404',
component: () => import('@/views/404'),
hidden: true
},
{
path: '/',
component: Layout,
redirect: '/home',
children: [{
path: 'home',
name: 'home',
component: () => import('@/views/home/index'),
meta: { title: 'home', icon: 'dashboard' }
}]
},
// 404 page must be placed at the end !!!
{ path: '*', redirect: '/404', hidden: true }
]
export const asyncRoutes = [
{
path: '/editPage',
component: Layout,
children: [
{
path: 'index',
name: 'editPage',
component: () => import('@/views/edit/index'),
meta: {
title: '编辑页面',
icon: 'form',
role:['editor']
}
}
],
meta: {
title: '编辑页面',
icon: 'form',
role:['editor']
}
},
{
path: '/adminPage',
component: Layout,
children: [
{
path: 'index',
name: 'adminPage',
component: () => import('@/views/adminPage/index'),
meta: {
title: '管理员页面',
icon: 'form',
role:['admin']
}
}
],
meta: {
title: '管理员页面',
icon: 'form',
role:['admin']
}
},
{
path: '/otherPage',
component: Layout,
children: [
{
path: 'index',
name: 'otherPage',
component: () => import('@/views/otherPage/index'),
meta: {
title: '其他页面',
icon: 'form',
}
}
]
}
]
const createRouter = () => new Router({
scrollBehavior: () => ({ y: 0 }),
routes: constantRoutes
})
const router = createRouter()
// 重置路由
export function resetRouter() {
const newRouter = createRouter()
router.matcher = newRouter.matcher // reset router
}
export default router
- 在router.beforeEach钩子函数中判断有没有获取到用户的权限,并且根据用户权限配置组装好路由表,通过router.addRoutes(route)方法来动态的添加路由
import router from './router'
import store from './store'
import { Message } from 'element-ui'
import NProgress from 'nprogress' // progress bar
import 'nprogress/nprogress.css' // progress bar style
import { getToken } from '@/utils/auth' // get token from cookie
import getPageTitle from '@/utils/get-page-title'
NProgress.configure({ showSpinner: false }) // NProgress Configuration
const whiteList = ['/login'] // no redirect whitelist
router.beforeEach(async(to, from, next) => {
// start progress bar
NProgress.start()
// set page title
document.title = getPageTitle(to.meta.title)
// determine whether the user has logged in
const hasToken = getToken()
if (hasToken) {
if (to.path === '/login') {
// if is logged in, redirect to the home page
next({ path: '/' })
NProgress.done()
} else {
const hasGetUserInfo = store.getters.name
if (hasGetUserInfo) {
next()
} else {
try {
// get user info
// await store.dispatch('user/getInfo')
const {roles} = await store.dispatch('user/getInfo')
const route = await store.dispatch('permission/getRoute',roles)
// ['admin']
console.log(roles,'info')
console.log(route,'route')
router.addRoutes(route)
next()
} catch (error) {
// remove token and go to login page to re-login
await store.dispatch('user/resetToken')
Message.error(error || 'Has Error')
next(`/login?redirect=${to.path}`)
NProgress.done()
}
}
}
} else {
/* has no token*/
if (whiteList.indexOf(to.path) !== -1) {
// in the free login whitelist, go directly
next()
} else {
// other pages that do not have permission to access are redirected to the login page.
next(`/login?redirect=${to.path}`)
NProgress.done()
}
}
})
router.afterEach(() => {
// finish progress bar
NProgress.done()
})
- 根据用户角色来组装路由表
// store/permission.js
import {constantRoutes,asyncRoutes} from '@/router/index'
function hasPermission(role,roleItem){
if(roleItem.meta && roleItem.meta.role){
return roleItem.meta.role.some(item=>role.includes(item))
}else{
return true
}
}
function getRoute (arr,role){
let routeArr = []
arr.forEach(item=>{
console.log(item)
if(hasPermission(role,item)){
if(item.children){
item.children = getRoute(item.children,role)
}
routeArr.push(item)
}
})
return routeArr
}
const state = {
routeList:[]
}
const mutations = {
setRoutes(state,payload){
state.routeList = payload
}
}
const actions = {
getRoute({ commit }, data) {
return new Promise((resolve,reject)=>{
// console.log(data)
let arr = constantRoutes.concat(getRoute(asyncRoutes,data))
console.log(arr)
commit('setRoutes', arr)
resolve(arr)
})
// commit('CHANGE_SETTING', data)
}
}
export default {
namespaced: true,
state,
mutations,
actions
}
- 把添加好的路由通过el-menu组件来渲染菜单
<template>
<div :class="{'has-logo':showLogo}">
<logo v-if="showLogo" :collapse="isCollapse" />
<el-scrollbar wrap-class="scrollbar-wrapper">
<el-menu
:default-active="activeMenu"
:collapse="isCollapse"
:background-color="variables.menuBg"
:text-color="variables.menuText"
:unique-opened="false"
:active-text-color="variables.menuActiveText"
:collapse-transition="false"
mode="vertical"
>
<sidebar-item v-for="route in routes" :key="route.path" :item="route" :base-path="route.path" />
</el-menu>
</el-scrollbar>
</div>
</template>
<script>
import { mapGetters,mapState } from 'vuex'
import Logo from './Logo'
import SidebarItem from './SidebarItem'
import variables from '@/styles/variables.scss'
export default {
components: { SidebarItem, Logo },
computed: {
...mapGetters([
'sidebar'
]),
...mapState({
routes:(state)=>state.permission.routeList
}),
// routes() {
// return this.$router.options.routes
// },
activeMenu() {
const route = this.$route
const { meta, path } = route
// if set path, the sidebar will highlight the path you set
if (meta.activeMenu) {
return meta.activeMenu
}
return path
},
showLogo() {
return this.$store.state.settings.sidebarLogo
},
variables() {
return variables
},
isCollapse() {
return !this.sidebar.opened
}
},
}
</script>
- 退出登录,把vuex中存储的用户信息清空,把路由信息重置,再跳转到登录页面
- 实现按钮级的权限, 通过自定义指令来实现实现各种按钮的权限展示,获取用户的角色权限来和按钮上的权限进行比对来实现当前按钮是否展示
import Vue from 'vue';
import store from '@/store/index'
function permission(el, data){
const {value} = data
const {role} = store.state.user
// 判断有没有权限
let isPermission = value.some(item=>role.includes(item))
// 如果没有权限
if(!isPermission){
// 移除当前节点
el.parentNode && el.parentNode.removeChild(el)
}
}
Vue.directive('permission',{
inserted(el,data){
permission(el,data)
},
update(el,data){
permission(el,data)
}
})
使用自定义权限指令
<template>
<div class="dashboard-container">
<div class="dashboard-text">name: {{ name }}</div>
<el-button v-permission="['admin']">添加</el-button>
<el-button v-permission="['admin','editor']">修改</el-button>
</div>
</template>
<script>
import { mapGetters } from 'vuex'
export default {
name: 'Dashboard',
computed: {
...mapGetters([
'name'
])
}
}
</script>
<style lang="scss" scoped>
.dashboard {
&-container {
margin: 30px;
}
&-text {
font-size: 30px;
line-height: 46px;
}
}
</style>