优化路由配置

app/controller/Game.php

@@ -14,15 +14,6 @@ class Game extends BaseController
      */
     public function list()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'list')) {
-            return json_error([], '没有查看游戏列表的权限');
-        }
-        
         // 获取查询参数
         $page = Request::get('page', 1, 'intval');
         $limit = Request::get('limit', 10, 'intval');
@@ -84,15 +75,6 @@ class Game extends BaseController
      */
     public function detail()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'detail')) {
-            return json_error([], '没有查看游戏详情的权限');
-        }
-        
         $id = Request::get('id', 0, 'intval');
         if (!$id) {
             return json_error([], '游戏ID不能为空');
@@ -124,15 +106,6 @@ class Game extends BaseController
      */
     public function create()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'create')) {
-            return json_error([], '没有创建游戏的权限');
-        }
-        
         $data = Request::only([
             'game_platform', 'game_id', 'title', 'title_en', 'image', 'image_en',
             'rtp', 'rtp_type', 'free_game_status', 'bet_line_count', 'bet_max_level',
@@ -171,15 +144,6 @@ class Game extends BaseController
      */
     public function update()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'update')) {
-            return json_error([], '没有更新游戏的权限');
-        }
-        
         $id = Request::post('id', 0, 'intval');
         if (!$id) {
             return json_error([], '游戏ID不能为空');
@@ -223,15 +187,6 @@ class Game extends BaseController
      */
     public function updateStatus()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'updateStatus')) {
-            return json_error([], '没有更新游戏状态的权限');
-        }
-        
         $id = Request::post('id', 0, 'intval');
         $status = Request::post('status', 0, 'intval');
         
@@ -264,15 +219,6 @@ class Game extends BaseController
      */
     public function batchUpdateStatus()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'batchUpdate')) {
-            return json_error([], '没有批量更新游戏状态的权限');
-        }
-        
         $ids = Request::post('ids', []);
         $status = Request::post('status', 0, 'intval');
         
@@ -305,15 +251,6 @@ class Game extends BaseController
      */
     public function statistics()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'statistics')) {
-            return json_error([], '没有查看游戏统计的权限');
-        }
-        
         try {
             $statistics = GameModel::getGameStatistics();
             return json_success($statistics, '获取成功');
@@ -327,11 +264,6 @@ class Game extends BaseController
      */
     public function getPlatforms()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
         try {
             $platforms = GameModel::getAllPlatforms();
             return json_success($platforms, '获取成功');
@@ -345,15 +277,6 @@ class Game extends BaseController
      */
     public function delete()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'delete')) {
-            return json_error([], '没有删除游戏的权限');
-        }
-        
         $id = Request::post('id', 0, 'intval');
         if (!$id) {
             return json_error([], '游戏ID不能为空');
@@ -380,15 +303,6 @@ class Game extends BaseController
      */
     public function export()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Game', 'export')) {
-            return json_error([], '没有导出游戏列表的权限');
-        }
-        
         // 获取所有过滤条件
         $filters = [
             'title' => Request::get('title', '', 'trim'),

app/controller/Player.php

@@ -14,14 +14,7 @@ class Player extends BaseController
      */
     public function list()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Player', 'list')) {
-            return json_error([], '没有查看玩家列表的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         // 获取查询参数
         $page = Request::get('page', 1, 'intval');
@@ -51,7 +44,7 @@ class Player extends BaseController
         
         try {
             // 获取玩家列表
-            $result = PlayerModel::getPlayerListByMerchant($loginInfo['merchant_id'], $page, $limit, $filters);
+            $result = PlayerModel::getPlayerListByMerchant($userInfo['merchant_id'], $page, $limit, $filters);
             
             // 处理列表数据
             foreach ($result['list'] as &$player) {
@@ -73,14 +66,7 @@ class Player extends BaseController
      */
     public function detail()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Player', 'detail')) {
-            return json_error([], '没有查看玩家详情的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $playerId = Request::get('player_id', 0, 'intval');
         if (!$playerId) {
@@ -88,7 +74,7 @@ class Player extends BaseController
         }
         
         try {
-            $player = PlayerModel::getPlayerDetail($playerId, $loginInfo['merchant_id']);
+            $player = PlayerModel::getPlayerDetail($playerId, $userInfo['merchant_id']);
             if (!$player) {
                 return json_error([], '玩家不存在');
             }
@@ -111,14 +97,7 @@ class Player extends BaseController
      */
     public function updateStatus()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Player', 'updateStatus')) {
-            return json_error([], '没有更新玩家状态的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $playerId = Request::post('player_id', 0, 'intval');
         $status = Request::post('status', 0, 'intval');
@@ -132,7 +111,7 @@ class Player extends BaseController
         }
         
         try {
-            $result = PlayerModel::updatePlayerStatus($playerId, $loginInfo['merchant_id'], $status);
+            $result = PlayerModel::updatePlayerStatus($playerId, $userInfo['merchant_id'], $status);
             if ($result) {
                 return json_success([], '状态更新成功');
             } else {
@@ -148,14 +127,7 @@ class Player extends BaseController
      */
     public function updateAdjustStatus()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Player', 'updateAdjustStatus')) {
-            return json_error([], '没有更新玩家调控状态的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $playerId = Request::post('player_id', 0, 'intval');
         $adjustStatus = Request::post('adjust_status', 0, 'intval');
@@ -173,7 +145,7 @@ class Player extends BaseController
         }
         
         try {
-            $result = PlayerModel::updatePlayerAdjustStatus($playerId, $loginInfo['merchant_id'], $adjustStatus);
+            $result = PlayerModel::updatePlayerAdjustStatus($playerId, $userInfo['merchant_id'], $adjustStatus);
             if ($result) {
                 return json_success([], '调控状态更新成功');
             } else {
@@ -189,17 +161,10 @@ class Player extends BaseController
      */
     public function statistics()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Player', 'statistics')) {
-            return json_error([], '没有查看玩家统计的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         try {
-            $statistics = PlayerModel::getPlayerStatistics($loginInfo['merchant_id']);
+            $statistics = PlayerModel::getPlayerStatistics($userInfo['merchant_id']);
             return json_success($statistics, '获取成功');
         } catch (\Exception $e) {
             return json_error([], '获取玩家统计失败：' . $e->getMessage());
@@ -211,14 +176,7 @@ class Player extends BaseController
      */
     public function batchUpdateStatus()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Player', 'batchUpdate')) {
-            return json_error([], '没有批量更新玩家状态的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $playerIds = Request::post('player_ids', []);
         $status = Request::post('status', 0, 'intval');
@@ -232,7 +190,7 @@ class Player extends BaseController
         }
         
         try {
-            $result = PlayerModel::batchUpdateStatus($playerIds, $loginInfo['merchant_id'], $status);
+            $result = PlayerModel::batchUpdateStatus($playerIds, $userInfo['merchant_id'], $status);
             if ($result > 0) {
                 return json_success(['updated' => $result], '批量更新成功');
             } else {
@@ -248,14 +206,7 @@ class Player extends BaseController
      */
     public function batchUpdateAdjustStatus()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Player', 'batchUpdate')) {
-            return json_error([], '没有批量更新玩家调控状态的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $playerIds = Request::post('player_ids', []);
         $adjustStatus = Request::post('adjust_status', 0, 'intval');
@@ -273,7 +224,7 @@ class Player extends BaseController
         }
         
         try {
-            $result = PlayerModel::batchUpdateAdjustStatus($playerIds, $loginInfo['merchant_id'], $adjustStatus);
+            $result = PlayerModel::batchUpdateAdjustStatus($playerIds, $userInfo['merchant_id'], $adjustStatus);
             if ($result > 0) {
                 return json_success(['updated' => $result], '批量更新成功');
             } else {
@@ -289,14 +240,7 @@ class Player extends BaseController
      */
     public function export()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Player', 'export')) {
-            return json_error([], '没有导出玩家列表的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         // 获取所有过滤条件
         $filters = [
@@ -320,7 +264,7 @@ class Player extends BaseController
         
         try {
             // 获取所有数据
-            $result = PlayerModel::getPlayerListByMerchant($loginInfo['merchant_id'], 1, 100000, $filters);
+            $result = PlayerModel::getPlayerListByMerchant($userInfo['merchant_id'], 1, 100000, $filters);
             
             // 生成CSV数据
             $csvData = "玩家ID,昵称,注册IP,登录IP,余额,今日输赢,历史输赢,今日下注,今日登录次数,历史登录次数,状态,调控状态,最后登录时间,注册时间\n";

app/controller/User.php

@@ -96,22 +96,14 @@ class User extends BaseController
     public function createUser()
     {
         // 获取当前登录用户信息
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        // 检查是否有创建用户权限
-        if (!checkPermission($loginInfo, 'user', 'create')) {
-            return json_error([], '没有创建用户的权限');
-        }
+        $userInfo = $this->request->userInfo;
 
         // 获取输入数据
         $data = Request::only([
             'user_name', 'nick_name', 'password', 'phone', 
             'user_role', 'white_list_ip'
         ]);
-        $data['merchant_id'] = $loginInfo['merchant_id'];
+        $data['merchant_id'] = $userInfo['merchant_id'];
 
         try {
             // 验证数据
@@ -122,7 +114,7 @@ class User extends BaseController
         
         // 验证角色是否存在
         if ($data['user_role'] > 0) {
-            $role = UserRoleModel::getRoleById($data['user_role'], $loginInfo['merchant_id']);
+            $role = UserRoleModel::getRoleById($data['user_role'], $userInfo['merchant_id']);
             if (!$role) {
                 return json_error([], '选择的角色不存在');
             }
@@ -149,14 +141,7 @@ class User extends BaseController
      */
     public function list()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'user', 'list')) {
-            return json_error([], '没有查看用户列表的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $page = Request::get('page', 1, 'intval');
         $limit = Request::get('limit', 10, 'intval');
@@ -165,7 +150,7 @@ class User extends BaseController
         $userRole = Request::get('user_role', 0, 'intval');
         
         $where = [
-            ['merchant_id', '=', $loginInfo['merchant_id']]
+            ['merchant_id', '=', $userInfo['merchant_id']]
         ];
         
         if ($userName) {
@@ -215,14 +200,7 @@ class User extends BaseController
      */
     public function detail()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'user', 'detail')) {
-            return json_error([], '没有查看用户详情的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $userId = Request::param('user_id', 0, 'intval');
         if (!$userId) {
@@ -230,7 +208,7 @@ class User extends BaseController
         }
         
         $user = UserModel::where('user_id', $userId)
-            ->where('merchant_id', $loginInfo['merchant_id'])
+            ->where('merchant_id', $userInfo['merchant_id'])
             ->field('user_id, user_name, nick_name, phone, user_role, merchant_id, white_list_ip, create_time, login_time, update_time')
             ->find();
             
@@ -240,7 +218,7 @@ class User extends BaseController
         
         // 获取角色信息
         if ($user->user_role > 0) {
-            $role = UserRoleModel::getRoleById($user->user_role, $loginInfo['merchant_id']);
+            $role = UserRoleModel::getRoleById($user->user_role, $userInfo['merchant_id']);
             $user->role_name = $role ? $role->role_name : '未分配角色';
             $user->role_privileges = $role ? $role->privileges : [];
         } else {
@@ -256,14 +234,7 @@ class User extends BaseController
      */
     public function update()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'user', 'update')) {
-            return json_error([], '没有编辑用户的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $userId = Request::post('user_id', 0, 'intval');
         if (!$userId) {
@@ -271,7 +242,7 @@ class User extends BaseController
         }
         
         $user = UserModel::where('user_id', $userId)
-            ->where('merchant_id', $loginInfo['merchant_id'])
+            ->where('merchant_id', $userInfo['merchant_id'])
             ->find();
             
         if (!$user) {
@@ -294,7 +265,7 @@ class User extends BaseController
         
         // 验证角色是否存在
         if (isset($data['user_role']) && $data['user_role'] > 0) {
-            $role = UserRoleModel::getRoleById($data['user_role'], $loginInfo['merchant_id']);
+            $role = UserRoleModel::getRoleById($data['user_role'], $userInfo['merchant_id']);
             if (!$role) {
                 return json_error([], '选择的角色不存在');
             }
@@ -318,26 +289,19 @@ class User extends BaseController
      */
     public function delete()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'user', 'delete')) {
-            return json_error([], '没有删除用户的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $userId = Request::post('user_id', 0, 'intval');
         if (!$userId) {
             return json_error([], '用户ID不能为空');
         }
         
-        if ($userId == $loginInfo['user_id']) {
+        if ($userId == $userInfo['user_id']) {
             return json_error([], '不能删除自己');
         }
         
         $user = UserModel::where('user_id', $userId)
-            ->where('merchant_id', $loginInfo['merchant_id'])
+            ->where('merchant_id', $userInfo['merchant_id'])
             ->find();
             
         if (!$user) {

app/controller/UserRole.php

@@ -11,40 +11,15 @@ use think\facade\Request;
 use think\facade\Cookie;
 
 class UserRole extends BaseController
-{
-    /**
-     * 获取所有权限配置
-     */
-    public function getPermissions()
-    {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'role', 'permissions')) {
-            return json_error([], '没有查看权限配置的权限');
-        }
-        
-        $permissions = Config::get('permission.permissions', []);
-        return json_success($permissions, '获取权限配置成功');
-    }
-    
+{   
     /**
      * 获取角色列表
      */
     public function list()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'role', 'list')) {
-            return json_error([], '没有查看角色列表的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
-        $list = UserRoleModel::getRoleList($loginInfo['merchant_id']);
+        $list = UserRoleModel::getRoleList($userInfo['merchant_id']);
         
         return json_success([
             'list' => $list,
@@ -57,21 +32,14 @@ class UserRole extends BaseController
      */
     public function detail()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'role', 'detail')) {
-            return json_error([], '没有查看角色详情的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $id = Request::param('id', 0, 'intval');
         if (!$id) {
             return json_error([], '角色ID不能为空');
         }
         
-        $role = UserRoleModel::getRoleById($id, $loginInfo['merchant_id']);
+        $role = UserRoleModel::getRoleById($id, $userInfo['merchant_id']);
         if (!$role) {
             return json_error([], '角色不存在');
         }
@@ -84,14 +52,7 @@ class UserRole extends BaseController
      */
     public function create()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'role', 'create')) {
-            return json_error([], '没有创建角色的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $data = Request::only(['role_name', 'privileges']);
         
@@ -103,11 +64,11 @@ class UserRole extends BaseController
             return json_error([], '权限配置不能为空');
         }
         
-        if (UserRoleModel::checkRoleExists($data['role_name'], $loginInfo['merchant_id'])) {
+        if (UserRoleModel::checkRoleExists($data['role_name'], $userInfo['merchant_id'])) {
             return json_error([], '角色名称已存在');
         }
         
-        $data['merchant_id'] = $loginInfo['merchant_id'];
+        $data['merchant_id'] = $userInfo['merchant_id'];
         
         try {
             $role = UserRoleModel::createRole($data);
@@ -122,14 +83,7 @@ class UserRole extends BaseController
      */
     public function update()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'role', 'update')) {
-            return json_error([], '没有编辑角色的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $id = Request::param('id', 0, 'intval');
         if (!$id) {
@@ -146,17 +100,17 @@ class UserRole extends BaseController
             return json_error([], '权限配置不能为空');
         }
         
-        $role = UserRoleModel::getRoleById($id, $loginInfo['merchant_id']);
+        $role = UserRoleModel::getRoleById($id, $userInfo['merchant_id']);
         if (!$role) {
             return json_error([], '角色不存在');
         }
         
-        if (UserRoleModel::checkRoleExists($data['role_name'], $loginInfo['merchant_id'], $id)) {
+        if (UserRoleModel::checkRoleExists($data['role_name'], $userInfo['merchant_id'], $id)) {
             return json_error([], '角色名称已存在');
         }
         
         try {
-            UserRoleModel::updateRole($id, $loginInfo['merchant_id'], $data);
+            UserRoleModel::updateRole($id, $userInfo['merchant_id'], $data);
             return json_success([], '更新角色成功');
         } catch (\Exception $e) {
             return json_error([], '更新角色失败：' . $e->getMessage());
@@ -168,21 +122,14 @@ class UserRole extends BaseController
      */
     public function delete()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'role', 'delete')) {
-            return json_error([], '没有删除角色的权限');
-        }
+        $userInfo = $this->request->userInfo;
         
         $id = Request::param('id', 0, 'intval');
         if (!$id) {
             return json_error([], '角色ID不能为空');
         }
         
-        $role = UserRoleModel::getRoleById($id, $loginInfo['merchant_id']);
+        $role = UserRoleModel::getRoleById($id, $userInfo['merchant_id']);
         if (!$role) {
             return json_error([], '角色不存在');
         }
@@ -193,14 +140,14 @@ class UserRole extends BaseController
         }
         
         $userCount = UserModel::where('user_role', $id)
-            ->where('merchant_id', $loginInfo['merchant_id'])
+            ->where('merchant_id', $userInfo['merchant_id'])
             ->count();
         if ($userCount > 0) {
             return json_error([], '该角色下还有用户，不能删除');
         }
         
         try {
-            UserRoleModel::deleteRole($id, $loginInfo['merchant_id']);
+            UserRoleModel::deleteRole($id, $userInfo['merchant_id']);
             return json_success([], '删除角色成功');
         } catch (\Exception $e) {
             return json_error([], '删除角色失败：' . $e->getMessage());

app/middleware.php

@@ -8,6 +8,6 @@ return [
     // Session初始化
     // \think\middleware\SessionInit::class
     
-    // 认证和权限中间件
-    \app\middleware\AuthMiddleware::class,
+    // 注意：AuthMiddleware 不能配置在这里，因为这里的中间件在路由分发前执行
+    // 需要在路由中配置中间件
 ];

app/middleware/AuthMiddleware.php

@@ -22,11 +22,11 @@ class AuthMiddleware
         
         // 白名单：不需要登录验证的操作
         $whiteList = [
-            'user.login',
-            'user.logout',
+            'User.login',
+            'User.logout',
         ];
         
-        $current = strtolower($controller . '.' . $action);
+        $current = $controller . '.' . $action;
         if (in_array($current, $whiteList)) {
             return $next($request);
         }

route/app.php

@@ -10,53 +10,31 @@
 // +----------------------------------------------------------------------
 use think\facade\Route;
 
-Route::get('think', function () {
-    return 'hello,ThinkPHP8!';
-});
-
-Route::get('hello/:name', 'index/hello');
-
 // 用户相关路由
 Route::group('user', function () {
     Route::post('login', 'User/login');
     Route::post('logout', 'User/logout');
-    Route::post('createUser', 'User/createUser');
+    Route::post('create_user', 'User/createUser');
     Route::get('list', 'User/list');
     Route::get('detail', 'User/detail');
     Route::post('update', 'User/update');
     Route::post('delete', 'User/delete');
-    // IP白名单相关
-    Route::post('validateIpWhiteList', 'User/validateIpWhiteList');
-    Route::get('getCurrentIp', 'User/getCurrentIp');
-    Route::get('checkIpWhiteList', 'User/checkIpWhiteList');
-});
+})->middleware(\app\middleware\AuthMiddleware::class);
 
 // 角色相关路由
-Route::group('role', function () {
+Route::group('user_role', function () {
     Route::get('list', 'UserRole/list');
     Route::get('detail', 'UserRole/detail');
     Route::post('create', 'UserRole/create');
     Route::post('update', 'UserRole/update');
     Route::post('delete', 'UserRole/delete');
-    Route::get('permissions', 'UserRole/getPermissions');
-});
+})->middleware(\app\middleware\AuthMiddleware::class);
 
 // 菜单相关路由
 Route::group('menu', function () {
-    Route::get('getMenuTree', 'Menu/getMenuTree');
-    Route::get('getBreadcrumb', 'Menu/getBreadcrumb');
-    Route::get('getControllerPermissions', 'Menu/getControllerPermissions');
-    Route::get('checkMenuPermission', 'Menu/checkMenuPermission');
-});
-
-// 权限相关路由
-Route::group('permission', function () {
-    Route::get('list', 'Permission/list');
-    Route::get('getGroups', 'Permission/getGroups');
-    Route::get('getPermissionsByGroup', 'Permission/getPermissionsByGroup');
-    Route::post('validatePermissions', 'Permission/validatePermissions');
-    Route::post('formatPermissions', 'Permission/formatPermissions');
-});
+    Route::get('get_user_menus', 'Menu/getUserMenus');
+    Route::get('get_all_permissions', 'Menu/getAllPermissions');
+})->middleware(\app\middleware\AuthMiddleware::class);
 
 // 玩家相关路由
 Route::group('player', function () {
@@ -68,7 +46,7 @@ Route::group('player', function () {
     Route::post('batchUpdateStatus', 'Player/batchUpdateStatus');
     Route::post('batchUpdateAdjustStatus', 'Player/batchUpdateAdjustStatus');
     Route::get('export', 'Player/export');
-});
+})->middleware(\app\middleware\AuthMiddleware::class);
 
 // 游戏相关路由
 Route::group('game', function () {
@@ -82,4 +60,4 @@ Route::group('game', function () {
     Route::get('getPlatforms', 'Game/getPlatforms');
     Route::post('delete', 'Game/delete');
     Route::get('export', 'Game/export');
-});
+})->middleware(\app\middleware\AuthMiddleware::class);