tp rbac``` /** * 保存新建的资源 * 登录控制器 * @param \think\Request $re

/**
 * 保存新建的资源
 * 登录控制器
 * @param  \think\Request  $request
 * @return \think\Response
 */
public function save()
{
    //
    $username = \request()->post('username');
    $password = \request()->post('password');
    $userInfo = \app\common\model\Admin::where('username',$username)->findOrEmpty();
    if(!$userInfo){
        return fail(2001,'用户名不能为空');
    }
    if($userInfo->password != encryptPasswords($password)){
        return fail(2001,'密码错误');
    }
    ```
    $captcha = $request->post('captcha');
    ```
    if (!captcha_check($captcha)) {
      return json(['code'=>200,'msg'=>'验证码不正确','data'=>[]]);
    }
    ```
    ```
    //查权限-角色id-查角色-角色权限关联id-权限-循环展示
    $role_id = $userInfo->role_id;
    $role_name = \app\common\model\Role::find($role_id);
    $auth_id = $role_name->role_auth_ids;
    $authInfo = \app\common\model\Auth::whereIn('id',$auth_id)->select()->toArray();
    $result = [];
    foreach ($authInfo as $v){
        $result[] = $v['auth_c'].'/'.$v['auth_a'];
    }
    \cache('authInfo',$result);
    $token = JWTAuth::builder(['user_id'=>$userInfo->id]);
    return success(['token'=>$token],'登录成功',200);
}

/**
 * 显示权限列表
 * @return \think\Response
 */
public function index()
{
    //
    $list = \app\common\model\Auth::select()->toArray();
    $result = encrypt_handle_dates($list);
    foreach ($result as $v){
        echo str_repeat('   ',$v['level']).$v['auth_name']."\n";
    }
    return success($result);
}

class Admin
{
    /**
     * 处理请求
     *
     * @param \think\Request $request
     * @param \Closure       $next
     * @return Response
     */
    public function handle($request, \Closure $next)
    {
        //
        try {
            $user_id = JWTAuth::auth()['user_id']->getValue();
            $auth = Cache::get('authInfo');
            $routes = \request()->controller().'/'.\request()->action();
            if(!in_array($routes,$auth)){
                abort(2001,'无权限访问');
            }
            if($user_id){
               $check_seconds = $this->checkRequestSeconds();
               if($check_seconds){
                   abort(2001,'请求频繁');
               }
               $check_sign = $this->checkRequestSign();
               if($check_sign){
                   abort(2001,'签名错误');
               }
            }else{
                abort(2001,'请先登录');
            }
            return $next($request);
        }catch (FileException $fileException){
            return fail($fileException->getMessage());
        }catch (HttpException $httpException){
            return fail($httpException->getMessage());
        }catch (JWTException $JWTException){
            return fail($JWTException->getMessage());
        }
    }
    /**
     * 频次
     */
    public function checkRequestSeconds(){
        $route = \request()->controller().\request()->action();
        $is_result = Cache::get($route);
        if(!$is_result){
            Cache::set($route,1,60);
        }else{
            Cache::inc($route);
        }
        if($is_result > 30){
            abort(2001,'请求频繁');
        }
    }
    /**
     * 签名-获取所有-前端签名-删除-排序-加密-对比
     */
    public function checkRequestSign(){
        $param = \request()->all();
        if(!isset($param['sign'])){
            abort(2001,'签名不能为空');
        }
        $sign = $param['sign'];
        unset($param['sign']);
        ksort($param);
        $str = '';
        foreach ($param as $k=>$v){
            $str.=$k.$v;
        }
        $client = md5($str);
        if($client != $sign){
            abort(2001,'签名错误');
        }

    }
}