How to use the Hyperf framework for permission management

How to use the Hyperf framework for permission management

In today's Internet era, permission management is an important issue. When we develop an application, sometimes we need to control users' access to system resources based on their identities and roles. In this regard, the Hyperf framework provides us with powerful tools and methods. This article will introduce how to use the Hyperf framework for permission management and provide specific code examples.

1. Install the Hyperf framework

First, we need to install the Hyperf framework. You can use composer to complete the installation and run the following command:

$ composer create-project hyperf/hyperf-skeleton

After the installation is completed, enter the project directory and run the following command to start the Hyperf server:

$ php bin/hyperf.php start

2. Define permission rules

In the Hyperf framework, we can define permission rules through annotations. First, we need to define permission rules in the config/autoload/permissions.php file, for example:

<?php

use HyperfPermissionModelPermission;

Permission::create([
    'name' => 'user-manage',
    'display_name' => '用户管理',
]);

Permission::create([
    'name' => 'article-manage',
    'display_name' => '文章管理',
]);

In the above code, we define two permission rules, namely user management and article management.

3. Create middleware

Next, we need to create a middleware to check whether the user has permission to access a certain route. Middleware can be created through the following command:

$ php bin/hyperf.php gen:middleware CheckPermission

Then, edit the app/Middleware/CheckPermissionMiddleware.php file to implement the permission check logic. Here is an example:

<?php

declare(strict_types=1);

namespace AppMiddleware;

use HyperfHttpServerContractResponseInterface as HttpResponse;
use HyperfUtilsApplicationContext;
use PsrContainerContainerInterface;
use PsrHttpMessageResponseInterface;
use PsrHttpMessageServerRequestInterface;
use PsrHttpServerMiddlewareInterface;
use PsrHttpServerRequestHandlerInterface;

class CheckPermissionMiddleware implements MiddlewareInterface
{
    /**
     * @var HttpResponse
     */
    protected $response;

    public function __construct(ContainerInterface $container)
    {
        $this->response = ApplicationContext::getContainer()->get(HttpResponse::class);
    }

    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        // 在这里实现权限检查逻辑
        $permissions = $request->getAttribute('permissions', []);

        foreach ($permissions as $permission) {
            if (! $this->hasPermission($permission)) {
                return $this->response->json([
                    'code' => 403,
                    'message' => '没有权限访问该资源',
                ]);
            }
        }

        return $handler->handle($request);
    }

    protected function hasPermission($permission)
    {
        // 在这里实现检查用户是否拥有该权限的逻辑
        // 返回true表示有权限，返回false表示没有权限
    }
}

In the above code, we specify the permissions to check by passing a permissions parameter in the request. In the process method, we loop through the incoming permissions parameter and call the hasPermission method to check whether the user has the permission. If there is no permission, we return a 403 error.

4. Perform permission check

In routes that require permission check, we can use middleware to check the user's permissions. The following is an example:

<?php

use AppMiddlewareCheckPermissionMiddleware;

Router::get('/users', 'UserController@index')
    ->middleware([
        new CheckPermissionMiddleware([
            'user-manage',
        ]),
    ]);

In the above code, we specify the middleware to use through the middleware method. In this example, we use CheckPermissionMiddleware and pass in a user-manage permission.

Through the above steps, we can implement simple permission management in the Hyperf framework. By defining permission rules, creating middleware and using middleware to perform permission checks, we are able to control users' access to system resources based on their identity and role.

Summary:

The Hyperf framework provides convenient tools and methods for permission management. In this article, we learned how to define permission rules, create middleware, and use middleware for permission checking. Through these steps, we can easily implement permission management functions and control users' access to system resources based on their identities and roles. I hope this article can help you use the Hyperf framework for permission management.

The above is the detailed content of How to use the Hyperf framework for permission management. For more information, please follow other related articles on the PHP Chinese website!