最近公司项目不是很忙,可以写个博客总结一下,最近公司项目的后台管理系统使用了vue-admin-template作为主要框架,这里可以安利以下真的很不错,封装了很多主要功能
地址:
https://panjiachen.github.io/vue-element-admin-site/zh/
相应配套教程:
https://juejin.cn/post/6844903476661583880
项目中权限控制和公司实际业务不一样的是,后台管理系统中可以配置多个角色,每个角色所配置的权限都是不同的,可以动态调整的,因此并不能按照官方教程中的把每个页面路由所需要的role直接写在路由表里,然后用户登陆后再从用户拥有的role去递归遍历出可以访问的路由
和公司后台人员商量后,决定后台直接返回用户所拥有的路由权限,前端根据path去匹配,后台返回的数据长这样
1.首先是用户登录,在项目根目录store文件夹下有modules,集合管理了所有vuex模块,其中有个user,改写其中的actions,
login({ commit }, userInfo) {
let { account, pwd, rsa } = userInfo;
var encryptor = new JSEncrypt();
encryptor.setPublicKey(rsa)//设置公钥
account = account.trim();
pwd = md5(pwd.trim()).toUpperCase();
let rsaPassWord = encryptor.encrypt(pwd);
let rsaAccount = encryptor.encrypt(account);
return new Promise((resolve, reject) => {
pcLogin({ account: rsaAccount, pwd: rsaPassWord }).then(response => {
commit(‘SET_TOKEN‘, response);
setToken(response)
resolve();
}).catch(error => {
reject(error)
})
})
},
2.login页面下进行表单验证后直接调用action即可,因为在每个vuex子文件下加了namespaced: true,所以在action前要加上目录名user
handleLogin() {
this.$refs.loginForm.validate((valid) => {
if (valid) {
if (!this.loginForm.rsa) {
this.$message.error("登录失败,获取私钥失败!");
return false;
}
this.loading = true;
this.$store
.dispatch("user/login", this.loginForm)
.then((res) => {
this.$message.success("登录成功!");
this.getAssetUserMenuTree();
this.loading = false;
this.getUserInfo();
this.getRand();
})
.catch(() => {
this.loading = false;
this.getRand();
});
} else {
return false;
this.getRand();
}
});
},
3.在获取用户token以后可以调获取用户路由权限的接口getAssetUserMenuTree,再获取可以访问的路由的时候判断当前登录页的url上的是否有需要有重定向回去的页面,如果没有就直接跳转第一个路由路径
getAssetUserMenuTree() {
// 新方法
this.$store.dispatch("permission/generateRoutes").then((res) => {
this.$router.addRoutes(res);
this.$router.push({
path: this.redirect ? this.redirect : res[0].path,
});
});
//旧方法需要依赖session
// const res = await getAssetUserMenuTree();
// let router = this.recursionRouter(res, Main);
// if (router.length > 0) {
// window.sessionStorage.removeItem("asyncRouter");
// window.sessionStorage.setItem("asyncRouter", JSON.stringify(router));
// //实时挂载路由到侧边方法一
// this.$router.options.routes = router;
// this.$router.addRoutes(router);
// this.$router.push({ path: router[0].path, replace: true });
// }
},
4.在store目录下的permission.js改写其中的方法,这个方法使用了一个递归路由函数,比较接口返回的路由和全部路由,匹配出符合条件的路由
const actions = {
generateRoutes({ commit }) {
return new Promise(resolve => {
getAssetUserMenuTree().then(res => {
let accessedRoutes = []
accessedRoutes = recursionRouter(res, allRouter)
console.log(accessedRoutes);
commit(‘SET_ROUTES‘, accessedRoutes)
resolve(accessedRoutes)
})
})
}
}
5.allRouter就是router文件夹中index中的asyncRoutes(全部所需权限的路由),引入即可
function recursionRouter(userRouter = [], allRouter = []) {
var realRoutes = [];
allRouter.forEach((v, i) => {
// activeMenu 用于关联没有显示但是需要的路由
let activeMenu = "";
if (v.meta && v.meta.activeMenu) {
activeMenu = v.meta.activeMenu || "";
}
userRouter.forEach((item, index) => {
if (item.path === v.path || item.path === activeMenu) {
if (item.children && item.children.length > 0) {
v.children = recursionRouter(item.children, v.children);
}
realRoutes.push(v);
}
});
});
return realRoutes;
}
成功渲染侧边路由
6.现在还有一个问题因为是动态添加的路由,所以在页面刷新的时候会丢失,所以在permission.js中改写路由的导航守卫钩子,每次路由跳转的时候用户是否登录,如果是登录状态且没有动态路由表(permission_routes)则重新调获取用户路由表的接口
import router from ‘./router‘
import store from ‘./store‘
import { Message } from ‘element-ui‘
import NProgress from ‘nprogress‘
import ‘nprogress/nprogress.css‘
import { getToken } from ‘@/utils/auth‘ //从cookie获取token的方法
import getPageTitle from ‘@/utils/get-page-title‘
NProgress.configure({ showSpinner: true }) // 每个页面头部进度条配置
const whiteList = [‘/login‘] // 不需要token的白名单
router.beforeEach(async (to, from, next) => {
NProgress.start()
document.title = getPageTitle(to.meta.title)
const hasToken = getToken()
if (store.getters.permission_routes.length > 0) {
next()
} else {
if (hasToken) {
if (to.path === ‘/login‘) {
next()
} else {
store.dispatch(‘permission/generateRoutes‘).then((res) => { // 生成可访问的路由表
router.addRoutes(res) // 动态添加可访问路由表
next({ ...to, replace: true }) // hack方法 确保addRoutes已完成 ,设置replace为true,不会再页面历史记录下留下记录
})
console.log(‘刷新页面--->重新获取用户权限‘)
}
} else {
//没有token的情况下
if (whiteList.indexOf(to.path) !== -1) {
// 如果在白名单下有此路由路径,则直接跳转(不需要token)
next()
} else {
// 否则直接重定向到登录页
next(`/login?redirect=${to.path}`)
NProgress.done()
}
}
}
})
router.afterEach(() => {
NProgress.done()
})
贴一下之前另一个后台管理系统依靠session实现的方式:
1.登录页面获取用户信息权限
2.登陆后获取用户拥有的子系统权限
3.子系统需要从新窗口打开,里面的侧边栏也是根据权限动态生成
引入全部路由表:
import SettingManager from "@/router/SettingManager.js"; import PartyConstruction from "@/router/PartyConstruction.js"; import VillageAffairs from "@/router/VillageAffairs.js"; import Duty from "@/router/Duty.js"; import AppOperation from "@/router/AppOperation.js"; import Assets from "@/router/Assets.js"; import SmartTraffic from "@/router/SmartTraffic.js";
点击子系统:
squareClick(item) {
let path = item.path || "";
let children = item.children || [];
if (path == "" || children == []) {
this.$message("敬请期待");
return;
}
if (item.path.indexOf("http") > -1) {
window.open(item.path, "_blank");
} else {
let fullRouter;
let router;
if (item.path == "/SettingManager") {
fullRouter = SettingManager;
} else if (item.path == "/Assets") {
fullRouter = Assets;
} else if (item.path == "/PartyConstruction") {
fullRouter = PartyConstruction;
} else if (item.path == "/Duty") {
fullRouter = Duty;
} else if (item.path == "/AppOperation") {
fullRouter = AppOperation;
} else if (item.path == "/VillageAffairs") {
fullRouter = VillageAffairs;
} else if (item.path == "/SmartTraffic") {
fullRouter = SmartTraffic;
}
router = this.recursionRouter(children, fullRouter);
if (router.length > 0) {
this.$store.dispatch(
"app/setSubSysInfo",
JSON.stringify({
name: item.mate.title,
})
);
window.sessionStorage.removeItem("asyncRouter");
window.sessionStorage.setItem("asyncRouter", JSON.stringify(router));
let { href } = this.$router.resolve({
path: router[0].path, // 取路由的第一个
replace: true,
});
window.open(href, "_blank");
}
}
},
路由的index.js
// 需要权限的路由
export let asyncRoutes = [
...SettingManager, // 设置
...PartyConstruction,
...VillageAffairs,
...Duty,
...AppOperation,
...Assets,
...SmartTraffic
]
// 动态添加的路由,暂存至session,跳转至新页面
let accessedRouters = []
if (sessionStorage.getItem(‘asyncRouter‘)) {
let localRoutes = [...JSON.parse(sessionStorage.getItem(‘asyncRouter‘))];
function convertRouter(asyncRouterMap) {
const accessedRouters = []
if (asyncRouterMap) {
asyncRouterMap.forEach(item => {
var parent = generateRouter(item, true)
var children = []
if (item.children) {
item.children.forEach(child => {
children.push(generateRouter(child, false))
})
}
parent.children = children
accessedRouters.push(parent)
})
}
// accessedRouters.push({ path: ‘*‘, redirect: ‘/404‘, hidden: true })
return accessedRouters
}
// 自动生成的map
let AutoComponentsMap = parseMap(asyncRoutes);
function generateRouter(item, isParent) {
var router = {
path: item.path,
name: item.name,
meta: item.meta,
hidden: item.hidden,
alwaysShow: item.alwaysShow,
redirect: item.redirect,
children: item.children,
// component: isParent ? Layout : componentsMap[item.name] //手动map映射
component: isParent ? Layout : AutoComponentsMap[item.name].component //自动map映射
}
return router
}
// 手动写一份map映射路由表(废弃)
const componentsMap = {
PartyConstruction: () => import(‘@/layout‘),
organizationalLife: () => import(‘@/pages/partyConstruction/organizationalLife/index.vue‘),
organizationalLifeAdd: () => import(‘@/pages/partyConstruction/organizationalLife/add.vue‘),
OrganizationalLifeDetail: () => import(‘@/pages/partyConstruction/organizationalLife/detail.vue‘),
};
// 平铺素有路由name保存为Map集合(待优化)
function parseMap(arr) {
const routesMap = {} //路由map
function flat(arr) {
return arr.reduce((pre, cur) => {
if (cur.name) {
routesMap[cur.name] = cur;
}
return pre.concat(Array.isArray(cur.children) ? flat(cur.children) : cur)
}, [])
}
flat(arr);
return routesMap
}
accessedRouters = convertRouter(localRoutes);
}
const createRouter = () =>
new Router({
scrollBehavior: () => ({ y: 0 }),
routes: [...constantRoutes, ...accessedRouters]
});
const router = createRouter();
放在session的路由安全性有很大隐患,所以近期会换成第一种那种形式