First, create a data table
1, Think_auth_rule, rules table
ID: Primary KEY,
Name: Rule Unique identification,
Title: Chinese name of the rule
Status: 1 Normal, 0 disabled,
Condition: Regular expression, NULL indicates existence on validation, non-null representation by condition validation
DROP TABLE IF EXISTS' Think_auth_rule ';CREATE TABLE' Think_auth_rule ' (' id ' mediumint (8) unsigned not NULLauto_increment, ' name 'Char( the) not NULL DEFAULT "', ' title 'Char( -) not NULL DEFAULT "', ' type 'tinyint(1) not NULL DEFAULT '1', ' status 'tinyint(1) not NULL DEFAULT '1', ' condition 'Char( -) not NULL DEFAULT "', # Rule attachment conditions, rules that meet additional conditions are considered valid rulesPRIMARY KEY(' id '),UNIQUE KEY' name ' (' name ')) ENGINE=MyISAMDEFAULTCHARSET=UTF8;
2. Think_auth_group User Group table
ID: Primary KEY,
Title: User group Chinese name,
Rules: User groups have a rule ID, multiple rules "," separated,
Status: 1 Normal, 0 disabled
DROP TABLE IF EXISTS' Think_auth_group ';CREATE TABLE' Think_auth_group ' (' id ' mediumint (8) unsigned not NULLauto_increment, ' title 'Char( -) not NULL DEFAULT "', ' status 'tinyint(1) not NULL DEFAULT '1', ' rules 'Char( the) not NULL DEFAULT "', PRIMARY KEY(' id ')) ENGINE=MyISAMDEFAULTCHARSET=UTF8;
3. think_auth_group_access User Group Schedule
UID: User ID,
GROUP_ID: User Group ID
DROP TABLE IF EXISTS' think_auth_group_access ';CREATE TABLE' think_auth_group_access ' (' uid ' mediumint (8) unsigned not NULL, ' group_id ' Mediumint (8) unsigned not NULL, UNIQUE KEY' uid_group_id ' (' uid ', ' group_id '),KEY' uid ' (' uid '),KEY' group_id ' (' group_id ')) ENGINE=MyISAMDEFAULTCHARSET=UTF8;
4. Since the background administrator authority is authenticated, you also need to create a background administrator table Think_admin
DROP TABLE IF EXISTS' think_admin ';CREATE TABLE' think_admin ' (' ID ')int( One) unsigned not NULLAuto_increment COMMENT'Administrator ID', ' username 'varchar(255)DEFAULT NULLCOMMENT'Administrator Account', ' password 'varchar( +)DEFAULT NULLCOMMENT'Administrator Password', ' IP 'varchar(255)DEFAULT NULLCOMMENT'Last Login IP address', ' Login_time 'int( One)DEFAULT NULLCOMMENT'Last logon time', ' Login_count ' Mediumint (8) not NULLCOMMENT'Number of Logins', ' status 'tinyint(1) not NULL DEFAULT '1'COMMENT'account status, disabled for 0 enabled for 1', ' Create_time 'int( One)DEFAULT NULLCOMMENT'creation Time',PRIMARY KEY(' id ')) ENGINE=MyISAMDEFAULTCHARSET=UTF8;
5. Create a Website Member user table Think_user, authority authentication (background Administrator on User table additions and deletions to change the permissions)
DROP TABLE IF EXISTS' Think_user ';CREATE TABLE' Think_user ' (' ID ')int( One) unsigned not NULLAuto_increment COMMENT'Administrator ID', ' username 'varchar(255)DEFAULT NULLCOMMENT'Administrator Account', ' password 'varchar( +)DEFAULT NULLCOMMENT'Administrator Password', ' IP 'varchar(255)DEFAULT NULLCOMMENT'Last Login IP address', ' Login_time 'int( One)DEFAULT NULLCOMMENT'Last logon time', ' Login_count ' Mediumint (8) not NULLCOMMENT'Number of Logins', ' status 'tinyint(1) not NULL DEFAULT '1'COMMENT'account status, disabled for 0 enabled for 1', ' Create_time 'int( One)DEFAULT NULLCOMMENT'creation Time', PRIMARY KEY(' id ')) ENGINE=MyISAMDEFAULTCHARSET=UTF8;
#便于测试, insert a few dataInsert intoThink_user (' username ', ' password ')Values('Zhangsan','123456');Insert intoThink_user (' username ', ' password ')Values('Lisi','123456');Insert intoThink_user (' username ', ' password ')Values('Wangwu','123456');
Second, you need to configure config.php before using the Auth class
' Auth_config ' =>array ( ' auth_on ' = true,//authentication switch ' auth_type ' = + 1,//authentication method, 1 is always certified; 2 is login certified. ' auth_group ' = ' think_auth_group ',//user group data table name ' auth_group_access ' = ' think_auth_group_access ',// User group Schedule ' auth_rule ' + ' think_auth_rule ',//Permission rules table ' auth_user ' + ' think_admin '//user Information table
Write a public controller:
<?phpnamespace admin\controller;use think\controller;use think\auth;//Public Authority Authentication controller class Authcontroller extends Controller {protected function _initialize () {//session does not exist, does not allow direct access to if (!session (' aid ')) {$this->error (' not yet logged in, Jumping to login page ', U (' Public/login ')); The session exists without the need to verify the permissions $not_check = Array (' Index/clear/cache ', ' index/edit/pwd ', ' index/logout ', ' admin/admin_list ', ' Admin/admin/list ', ' admin/admin/edit ', ' admin/admin/add ');//The request module name/method name of the current operation (In_array (module_name. ') /‘. Controller_name. ' /‘. Action_name, $not _check)) {return true;} The following code dynamically judges permissions $auth = new Auth (); if (! $auth->check (module_name. ' /‘. Controller_name. ' /‘. Action_name,session (' aid ')) && session (' aid ') = 1) {$this->error (' no Permissions ');}}}
ThinkPHP3.2.3 the use of Auth.class.php in the full version