验证角色，现在是由中间件来帮忙添加用户角色信息，跟进头部信息来的。实际的话可能就是跟进用户ID查数据库来得到。

2019-06-19 22:40:19 +08:00 · 2019-06-19 22:40:19 +08:00 · aaa24cac23
parent 81eee14d5d
commit aaa24cac23
2 changed files with 25 additions and 1 deletions
--- a/src/core/guards/demo-roles.guard.ts
+++ b/src/core/guards/demo-roles.guard.ts
@ -14,6 +14,15 @@ export class DemoRolesGuard implements CanActivate {

    const roles = this.reflector.get<string[]>('roles', context.getHandler())
    console.log(roles)
-    return false;
+
+    if (!roles) {
+      return true
+    }
+
+    const request = context.switchToHttp().getRequest();
+    const { user } = request;
+    const hasRole = () => user.roles.some(item => roles.includes(item))
+
+    return user && user.roles && hasRole();
  }
 }
--- a/src/core/middleware/demo.middleware.ts
+++ b/src/core/middleware/demo.middleware.ts
@ -4,6 +4,21 @@ import { Injectable, NestMiddleware } from '@nestjs/common';
 export class DemoMiddleware implements NestMiddleware {
  use(req: any, res: any, next: () => void) {
    console.log('hello ~')
+    req.user = {
+      roles: [
+        'guest'
+      ]
+    }
+
+    if (req.header('x-demo') === 'secret') {
+      req.user = {
+        roles: [
+          'member'
+        ]
+      }
+    }
+
+
    next();
  }
 }