vue权限--后端控制路由

权限–后端控制路由

1、配置基础路由

# router/router.js
import Vue from 'vue'
import Router from 'vue-router'

Vue.use(Router)

export const StaticRouterMap = [
  {
    path: '/login',
    component: () => import('@/views/login/index'),
    hidden: true
  },
  {
    path: '/404',
    component: () => import('@/views/404'),
    hidden: true
  },
  {
    path: '/register',
    component: () => import('@/views/register/index'),
    hidden: true
  },
  {
    path: '/retrieve',
    component: () => import('@/views/retrieve/index'),
    hidden: true
  }

export default new Router({
  mode: 'hash', // 解决线上刷新404问题
  scrollBehavior: () => ({ y: 0 }),
  routes: StaticRouterMap
})

2、与后端定制路由表结构如下

/* generatemenu: 是否显示在侧边栏 */
/* perimit:是否需要写入权限数组 */
/* breadcrumb:是否显示在面包屑 */
/* 0:不是 1:是 */
[
    {
    path: '/',
    name: ''
    component: Layout,
    redirect: '/dashboard',
    title: '',
    icon: '',
    id: 1,
    parentId: null,
    generatemenu: 1,
    permit: 1,
    breadcrumb: 1,
    children: [{
      path: 'dashboard',
      name: 'Dashboard',
      component: '/sales-trend/index',
      redirect: '',
      title: '首页',
      icon: 'home',
      id: 11,
      parentId: 1,
      generatemenu: 0,
      breadcrumb: 0,
      permit: 1
    }]
  },
  {
    path: '/qiantao',
    name: 'Qiantao'
    component: Layout,
    redirect: '/qiantao/index',
    title: '嵌套的路由',
    icon: 'qiantao',
    id: 3,
    parentId: null,
    generatemenu: 1,
    permit: 0,
    breadcrumb: 1,
    children: [
      {
        path: 'list',
        name: 'List',
        component: '/qiantao/components/index',
        redirect: '',
        title: '嵌套首页',
        icon: '',
        id: 31,
        parentId: 3,
        generatemenu: 1,
        breadcrumb: 1,
        permit: 0
      },
      {
        path: 'record',
        name: 'Record',
        component: '/qiantao/components/record',
        redirect: '',
        title: '嵌套列表',
        icon: '',
        id: 32,
        parentId: 3,
        generatemenu: 1,
        breadcrumb: 1,
        permit: 0
      },
      {
          path: 'details',
          name: 'Details',
          component: '/qiantao/components/details',
          redirect: '',
          title: '详情',
          icon: '',
          id: 33,
          parentId: 3,
          generatemenu: 0,
          breadcrumb: 1,
          permit: 0
     }
    ]
  }
]

3、解析后端初始路由为前端可用路由

处理后端原始路由数据

# /utils/addRouter.js
/**
 * 生成路由
 * @param {Array} routerlist 格式化路由
 * @returns
 */
export function addRouter(routerlist) {
  const router = []
  try {
    routerlist.forEach((e, index) => {
      let e_new = {
        path: e.path,
        name: e.name,
        component: resolve => {
          e.component === 'layout' ? require([`@/layout`], resolve) : require([`@/views${e.component}`], resolve)
        }
      }
      if (e.redirect) {
        e_new = { ...e_new, redirect: e.redirect }
      }
      console.log(e_new, 'e')
      if (e.generateMenu === 0) {
        e_new = { ...e_new, hidden: true }
      }
      if (e.icon !== '' && e.title !== '') {
        if (e.breadcrumb === 0) {
          e_new = { ...e_new, meta: { title: e.title, icon: e.icon, breadcrumb: false, permit: e.permit }}
        } else {
          e_new = { ...e_new, meta: { title: e.title, icon: e.icon, breadcrumb: true, permit: e.permit }}
        }
      } else if (e.title !== '' && e.icon === '') {
        if (e.breadcrumb === 0) {
          e_new = { ...e_new, meta: { title: e.title, breadcrumb: false, permit: e.permit }}
        } else {
          e_new = { ...e_new, meta: { title: e.title, breadcrumb: true, permit: e.permit }}
        }
      }
      if (e.children) {
        const children = addRouter(e.children)
        // 保存权限
        e_new = { ...e_new, children: children }
      }
      router.push(e_new)
    })
  } catch (error) {
    console.error(error)
    return []
  }
  return router
}

4、合并路由

将处理后的路由与现有的router进行拼接,即将后端返回的动态路由与初始路由进行拼接

# src/permission
import router from '@/router'
import store from '@/store'
import user from '@/store/modules/user'
import { Message } from 'element-ui'
import NProgress from 'nprogress' // progress bar
import 'nprogress/nprogress.css' // progress bar style
import { getToken, removeToken } from '@/utils/auth' // get token from cookie
// import getPageTitle from '@/utils/get-page-title'
import { authorityMessage } from '@/api/user'
import { addRouter } from '@/utils/addRouter'

NProgress.configure({ showSpinner: false }) // NProgress Configuration

const whiteList = ['/login', '/register', '/retrieve', '/404'] // no redirect whitelist

router.beforeEach((to, from, next) => {
  NProgress.start()
  if (getToken()) {
    // 判断cookice是否存在 不存在即为未登录
    if (to.path !== '/login') {
      if (user.state.init) {
        // 获取了动态路由 data一定true,就无需再次请求 直接放行
        next()
      } else {
        // data为false,一定没有获取动态路由,就跳转到获取动态路由的方法
        gotoRouter(to, next)
      }
    } else {
      Message({ message: '您已经登录', type: 'info' })
      next('/')
    }
  } else {
    if (whiteList.indexOf(to.path) !== -1) {
      // 免登陆白名单 直接进入
      next()
    } else {
      if (to.path !== '/login') {
        // 重定向到登录页面 不能这么写 因为假如之前的角色是 管理员页面 后又登陆了非管理员 重定向的页面就可能不存在,就会导致404
        // next(`/login?redirect=${to.path}`)
        next('/login')
      } else {
        next()
      }
    }
  }
})

router.afterEach((to, from) => {
  NProgress.done() // 结束Progress
})

function gotoRouter(to, next) {
  // 获取动态路由的方法
  authorityMessage(store.getters.token).then(res => {
    // console.log('解析后端动态路由', res)
    const asyncRouter = addRouter(res.data) // 进行递归解析
    store.dispatch('user/authorityMessage', res.data)
    return asyncRouter
  }).then(asyncRouter => {
    // 后置添加404页面,防止刷新404
    asyncRouter.push({
      path: '*',
      redirect: '/404',
      hidden: true
    })
    router.addRoutes(asyncRouter) // vue-router提供的addRouter方法进行路由拼接
    store.dispatch('user/authorityMessage', asyncRouter) // 存储到vuex
    store.dispatch('user/getInfo')
    store.commit('user/set_init', true)
    next({ ...to, replace: true }) // hack方法 确保addRoutes已完成
  }).catch(e => {
    console.log(e)
    removeToken()
  })
}

Vuex内部逻辑

# store/modules/user.js
import { login, logout, getInfo, register, sendSms, changePassword } from '@/api/user'
import { getToken, setToken, removeToken } from '@/utils/auth'
import { StaticRouterMap } from '@/router'
import { resetRouter } from '@/router'
import session from '@/utils/session'

const getDefaultState = () => {
  return {
    token: getToken(),
    name: '',
    avatar: '',
    roles: [],
    init: false, // 是否完成初始化 // 默认未完成
    RouterList: [] // 动态路由
  }
}

const state = getDefaultState()

// 同步修改state数据
const mutations = {
  SET_TOKEN: (state, token) => {
    state.token = token
  },
  SET_NAME: (state, name) => {
    state.name = name
  },
  SET_AVATAR: (state, avatar) => {
    state.avatar = avatar
  },
  SET_ROLES: (state, roles) => {
    state.roles = roles
  },
  set_router: (state, RouterList) => {
    state.RouterList = RouterList
  },
  set_init: (state, status) => {
    state.init = status
  }
}
// 异步获取/修改数据
const actions = {
  // 登录
  login({ commit }, userInfo) {
    const { mobile, password } = userInfo
    return new Promise((resolve, reject) => {
      login({ mobile: mobile, password: password }).then(response => {
        const { data } = response
        // console.log('当前token', data.token)
        setToken(data.token)
        commit('SET_TOKEN', data.token)
        resolve()
      }).catch(error => {
        reject(error)
      })
    })
  },

  // 获取用户信息
  // get user info
  getInfo({ commit, state }) {
    return new Promise((resolve, reject) => {
      getInfo(state.token).then(response => {
        const { data } = response
        if (!data) {
          reject('Token验证失败,请重新登录.')
        } else {
          const { userName, avatar, roles, mobile } = data
          if (!userName) {
            commit('SET_NAME', mobile)
          } else {
            commit('SET_NAME', userName)
          }
          const avatarStr = avatar || './avatar.png'
          // commit('SET_NAME', mobile)
          commit('SET_AVATAR', avatarStr)
          // commit('SET_AVATAR', avatar)
          commit('SET_ROLES', roles)
          session.set(data)
          resolve(data)
        }
      }).catch(error => {
        reject(error)
      })
    })
  },
  // 动态设置路由 此为设置设置途径
  authorityMessage({ commit }, routerList) {
    commit('set_router', StaticRouterMap.concat(routerList)) // 进行路由拼接并存储
  },
  // user logout
  logout({ commit, state }) {
    return new Promise((resolve, reject) => {
      logout(state.token).then(res => {
        console.log('logout')
      })
      removeToken()
      session.clear()
      resetRouter()
      commit('SET_TOKEN', '')
      commit('set_router', [])
      commit('RESET_STATE')
      resolve()
    })
  },

  // 注册
  register({ commit }, userInfo) {
    const { mobile, password, code } = userInfo
    return new Promise((resolve, reject) => {
      register({ mobile: mobile, password: password, code: code }).then(response => {
        resolve()
      }).catch(error => {
        reject(error)
      })
    })
  },

  // 获取验证码
  sendSms({ commit }, userInfo) {
    return new Promise((resolve, reject) => {
      sendSms(userInfo).then(response => {
        resolve()
      }).catch(error => {
        reject(error, 82)
      })
    })
  },

  // 修改密码
  changePassword({ commit }, userInfo) {
    const { mobile, password, code } = userInfo
    return new Promise((resolve, reject) => {
      changePassword({ code: code, mobile: mobile, password: password }).then(response => {
        resolve()
      }).catch(error => {
        reject(error)
      })
    })
  },

  // remove token
  resetToken({ commit }) {
    return new Promise(resolve => {
      commit('SET_TOKEN', '')
      removeToken()
      resolve()
    })
  }
}
export default {
  namespaced: true,
  state,
  mutations,
  actions
}

5、修改侧边栏

# layout/components/Sidebat/index.vue
<template>
  ...
  <sidebar-item v-for="route in routerList" :key="route.path" :item="route" :base-path="route.path" />
  ...
template>
<script>
    ...
    import { mapGetters } from 'vuex'
    ...
    export default {
    	computed: {
            ...mapGetters([
              'routerList'
            ])
        }
    }
    ...
script>

6、指令权限

/src/directive/permit.js

import Vue from 'vue'
// 权限指令

const has = Vue.directive('has', {
  // 当被绑定的元素插入到 DOM 中时……
  inserted: function(el, binding, vnode) {
    let permit = []
    let permit1 = []
    // 获取指令按钮权限
    var characteristic = binding.value
    if (characteristic) permit = characteristic
    // 获取路由按钮权限
    permit1 = vnode.context.$route.meta.permit
    sessionStorage.setItem('permit', JSON.stringify(permit1))
    if (!Vue.prototype.$_has(permit)) {
      el.parentNode.removeChild(el)
    }
  }
})

// 权限检查方法
Vue.prototype.$_has = function(value) {
  let isExist = false
  // 获取用户按钮权限
  var btnPermissionsStr = JSON.parse(sessionStorage.getItem('permit'))
  if (btnPermissionsStr === undefined || btnPermissionsStr === null) {
    return false
  }
  for (var i = 0; i < value.length; i++) {
    let item = value[i]
    for (var j = 0; j < btnPermissionsStr.length; j++) {
      let pros = btnPermissionsStr[j]
      if (item === pros) {
        isExist = true
      }
    }
  }
  return isExist
}

export default has

在全局注册

# main.js
import has from '@/directive/permit.js'
Vue.use(has)

具体使用如下:

<span v-has="['evaluation_list_update']">删除span>

你可能感兴趣的:(Vue,vue.js,typescript,前端)