Laravel中间件：为应用程序添加权限管理和用户角色控制

<?php

namespace AppHttpMiddleware;

use Closure;
use IlluminateSupportFacadesAuth;

class RoleMiddleware
{
    public function handle($request, Closure $next, $role)
    {
        if (!Auth::check() || !Auth::user()->hasRole($role)) {
            abort(403, 'Unauthorized.');
        }

        return $next($request);
    }
}

<?php

namespace AppModels;

use IlluminateDatabaseEloquentModel;

class Role extends Model
{
    public function permissions()
    {
        return $this->belongsToMany(Permission::class);
    }
}

class Permission extends Model
{
    public function roles()
    {
        return $this->belongsToMany(Role::class);
    }
}

<?php

namespace AppModels;

use IlluminateFoundationAuthUser as Authenticatable;

class User extends Authenticatable
{
    public function roles()
    {
        return $this->belongsToMany(Role::class);
    }

    public function hasRole($role)
    {
        if ($this->roles()->where('name', $role)->exists()) {
            return true;
        }

        return false;
    }
}

Route::group(['middleware' => 'role:admin'], function () {
    // 添加需要角色为admin的路由
});

Route::group(['middleware' => 'role:editor'], function () {
    // 添加需要角色为editor的路由
});

Route::group(['middleware' => 'role:user'], function () {
    // 添加需要角色为user的路由
});