引入中间件作权限认证，简化大量验证代码

app/Http/Controllers/AdminController.php

@@ -28,14 +28,6 @@ class AdminController extends BaseController
 
     public function index(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $past = strtotime(date('Y-m-d', strtotime("-7 days")));
         $online = time() - 3600;
 
@@ -58,14 +50,6 @@ class AdminController extends BaseController
     // 用户列表
     public function userList(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $username = $request->get('username');
         $wechat = $request->get('wechat');
         $qq = $request->get('qq');
@@ -132,14 +116,6 @@ class AdminController extends BaseController
     // 添加账号
     public function addUser(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
             $username = $request->get('username');
             $password = $request->get('password');
@@ -228,14 +204,6 @@ class AdminController extends BaseController
     // 编辑账号
     public function editUser(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         if ($request->method() == 'POST') {
             $username = $request->get('username');
@@ -323,14 +291,6 @@ class AdminController extends BaseController
     // 删除用户
     public function delUser(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         if ($id == 1) {
             return Response::json(['status' => 'fail', 'data' => '', 'message' => '系统管理员不可删除']);
@@ -347,14 +307,6 @@ class AdminController extends BaseController
     // 节点列表
     public function nodeList(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $nodeList = SsNode::paginate(10);
         foreach ($nodeList as &$node) {
             // 在线人数
@@ -379,14 +331,6 @@ class AdminController extends BaseController
     // 添加节点
     public function addNode(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
             $name = $request->get('name');
             $group_id = $request->get('group_id');
@@ -447,14 +391,6 @@ class AdminController extends BaseController
     // 编辑节点
     public function editNode(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         if ($request->method() == 'POST') {
             $name = $request->get('name');
@@ -526,14 +462,6 @@ class AdminController extends BaseController
     // 删除节点
     public function delNode(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         $user = SsNode::where('id', $id)->delete();
         if ($user) {
@@ -546,17 +474,7 @@ class AdminController extends BaseController
     // 文章列表
     public function articleList(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
-        $articleList = Article::where('is_del', 0)->orderBy('sort', 'desc')->paginate(10);
-
-        $view['articleList'] = $articleList;
+        $view['articleList'] = Article::where('is_del', 0)->orderBy('sort', 'desc')->paginate(10);
 
         return Response::view('admin/articleList', $view);
     }
@@ -564,14 +482,6 @@ class AdminController extends BaseController
     // 添加文章
     public function addArticle(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
             $title = $request->get('title');
             $content = $request->get('content');
@@ -593,14 +503,6 @@ class AdminController extends BaseController
     // 编辑节点
     public function editArticle(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         if ($request->method() == 'POST') {
             $title = $request->get('title');
@@ -629,14 +531,6 @@ class AdminController extends BaseController
     // 删除文章
     public function delArticle(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         $user = Article::where('id', $id)->update(['is_del' => 1]);
         if ($user) {
@@ -649,14 +543,6 @@ class AdminController extends BaseController
     // 节点分组列表
     public function groupList(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $view['groupList'] = SsGroup::paginate(10);
 
         return Response::view('admin/groupList', $view);
@@ -665,14 +551,6 @@ class AdminController extends BaseController
     // 添加节点分组
     public function addGroup(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
             $name = $request->get('name');
             $level = $request->get('level');
@@ -691,14 +569,6 @@ class AdminController extends BaseController
     // 编辑节点分组
     public function editGroup(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         if ($request->method() == 'POST') {
             $name = $request->get('name');
@@ -725,14 +595,6 @@ class AdminController extends BaseController
     // 删除节点分组
     public function delGroup(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
 
         // 检查是否该分组下是否有节点
@@ -752,14 +614,6 @@ class AdminController extends BaseController
     // 流量日志
     public function trafficLog(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $trafficLogList = UserTrafficLog::with(['User', 'SsNode'])->orderBy('id', 'desc')->paginate(20);
         foreach ($trafficLogList as &$trafficLog) {
             $trafficLog->u = $this->flowAutoShow($trafficLog->u);
@@ -775,14 +629,6 @@ class AdminController extends BaseController
     // 格式转换(SS转SSR)
     public function convert(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
             $method = $request->get('method');
             $transfer_enable = $request->get('transfer_enable');
@@ -840,14 +686,6 @@ class AdminController extends BaseController
     // 下载转换好的JSON文件
     public function download(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if (!file_exists(public_path('downloads/convert.json'))) {
             exit('文件不存在');
         }
@@ -858,14 +696,6 @@ class AdminController extends BaseController
     // 数据导入
     public function import(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
 
             if (!$request->hasFile('uploadFile')) {
@@ -953,14 +783,6 @@ class AdminController extends BaseController
     // 导出配置信息
     public function export(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         if (empty($id)) {
             return Redirect::to('admin/userList');
@@ -1039,14 +861,6 @@ TXT;
     // 修改个人资料
     public function profile(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         if ($request->method() == 'POST') {
@@ -1081,14 +895,6 @@ TXT;
     // 流量监控
     public function monitor(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         if (empty($id)) {
             return Redirect::to('admin/userList');
@@ -1126,14 +932,6 @@ TXT;
     // 加密方式、混淆、协议列表
     public function config(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
             $name = $request->get('name');
             $type = $request->get('type', 1); // 类型：1-加密方式（method）、2-协议（protocol）、3-混淆（obfs）
@@ -1170,14 +968,6 @@ TXT;
     // 删除配置
     public function delConfig(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         $config = SsConfig::where('id', $id)->delete();
         if ($config) {
@@ -1190,14 +980,6 @@ TXT;
     // 设置默认配置
     public function setDefaultConfig(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
         if (empty($id)) {
             return Response::json(['status' => 'fail', 'data' => '', 'message' => '非法请求']);
@@ -1220,14 +1002,6 @@ TXT;
     // 日志分析
     public function analysis(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $file = storage_path('app/public/ssserver.log');
         if (!file_exists($file)) {
             $request->session()->flash('analysisErrorMsg', $file . ' 不存在，请先创建文件');
@@ -1261,14 +1035,6 @@ TXT;
     // 系统设置
     public function system(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $view = $this->systemConfig();
 
         return Response::view('admin/system', $view);
@@ -1277,14 +1043,6 @@ TXT;
     // 设置某个配置项
     public function setConfig(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $name = trim($request->get('name'));
         $value = trim($request->get('value'));
 
@@ -1321,14 +1079,6 @@ TXT;
     // 设置可生成邀请码数
     public function setInviteNum(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $value = intval($request->get('value'));
 
         Config::where('name', 'invite_num')->update(['value' => $value]);
@@ -1339,14 +1089,6 @@ TXT;
     // 设置网站名称
     public function setWebsiteName(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $value = trim($request->get('value'));
 
         Config::where('name', 'website_name')->update(['value' => $value]);
@@ -1357,14 +1099,6 @@ TXT;
     // 设置网站地址
     public function setWebsiteUrl(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $value = trim($request->get('value'));
 
         Config::where('name', 'website_url')->update(['value' => $value]);
@@ -1375,14 +1109,6 @@ TXT;
     // 设置重置密码次数
     public function setResetPasswordTimes(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $value = intval($request->get('value'));
 
         Config::where('name', 'reset_password_times')->update(['value' => $value]);
@@ -1393,14 +1119,6 @@ TXT;
     // 设置激活账号次数
     public function setActiveTimes(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $value = intval($request->get('value'));
 
         Config::where('name', 'active_times')->update(['value' => $value]);
@@ -1411,14 +1129,6 @@ TXT;
     // 设置激活账号次数
     public function setAddScoreRange(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $value = intval($request->get('value'));
 
         Config::where('name', 'login_add_score_range')->update(['value' => $value]);
@@ -1429,14 +1139,6 @@ TXT;
     // 设置微信、支付宝二维码
     public function setQrcode(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         // 微信二维码
         if ($request->hasFile('wechat_qrcode')) {
             $file = $request->file('wechat_qrcode');
@@ -1465,14 +1167,6 @@ TXT;
     // 邀请码列表
     public function inviteList(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $view['inviteList'] = Invite::with(['generator', 'user'])->paginate(10);
 
         return Response::view('admin/inviteList', $view);
@@ -1481,14 +1175,6 @@ TXT;
     // 生成邀请码
     public function makeInvite(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         for ($i = 0; $i < 5; $i++) {

app/Http/Controllers/CouponController.php

@@ -32,14 +32,6 @@ class CouponController extends BaseController
     // 添加商品
     public function addCoupon(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
             $name = $request->get('name');
             $type = $request->get('type');
@@ -93,14 +85,6 @@ class CouponController extends BaseController
     // 删除优惠券
     public function delCoupon(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
 
         Coupon::where('id', $id)->update(['is_del' => 1]);

app/Http/Controllers/ShopController.php

@@ -32,14 +32,6 @@ class ShopController extends BaseController
     // 添加商品
     public function addGoods(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         if ($request->method() == 'POST') {
             $name = $request->get('name');
             $traffic = $request->get('traffic');
@@ -87,14 +79,6 @@ class ShopController extends BaseController
     // 编辑商品
     public function editGoods(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
 
         if ($request->method() == 'POST') {
@@ -146,14 +130,6 @@ class ShopController extends BaseController
     // 删除商品
     public function delGoods(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
-        if (!$request->session()->get('user')['is_admin']) {
-            return Redirect::to('login');
-        }
-
         $id = $request->get('id');
 
         Goods::where('id', $id)->update(['is_del' => 1]);

app/Http/Controllers/UserController.php

@@ -39,10 +39,6 @@ class UserController extends BaseController
 
     public function index(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         $view['articleList'] = Article::where('is_del', 0)->orderBy('sort', 'desc')->orderBy('id', 'desc')->paginate(5);
@@ -73,10 +69,6 @@ class UserController extends BaseController
     // 修改个人资料
     public function profile(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         if ($request->method() == 'POST') {
@@ -166,10 +158,6 @@ class UserController extends BaseController
     // 节点列表
     public function nodeList(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         $nodeList = DB::table('ss_group_node')
@@ -237,10 +225,6 @@ TXT;
     // 流量日志
     public function trafficLog(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         // 30天内的流量
@@ -365,10 +349,6 @@ TXT;
     // 邀请码
     public function invite(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         // 已生成的邀请码数量
@@ -383,10 +363,6 @@ TXT;
     // 生成邀请码
     public function makeInvite(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         // 已生成的邀请码数量
@@ -777,10 +753,6 @@ TXT;
     // 积分兑换流量
     public function exchange(Request $request)
     {
-        if (!$request->session()->has('user')) {
-            return Redirect::to('login');
-        }
-
         $user = $request->session()->get('user');
 
         // 积分满100才可以兑换

app/Http/Kernel.php

@@ -56,5 +56,7 @@ class Kernel extends HttpKernel
         'can' => \Illuminate\Auth\Middleware\Authorize::class,
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
+        'admin' => \App\Http\Middleware\Admin::class,
+        'user' => \App\Http\Middleware\User::class
     ];
 }

app/Http/Middleware/Admin.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Redirect;
+
+class Admin
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if (!$request->session()->get('user')['is_admin']) {
+            return Redirect::to('login');
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/User.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Redirect;
+
+class User
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if (!$request->session()->has('user')) {
+            return Redirect::to('login');
+        }
+
+        return $next($request);
+    }
+}

resources/views/admin/addUser.blade.php

@@ -364,7 +364,7 @@
 
         // 生成随机密码
         function makePasswd() {
-            $.get("{{url('makePasswd')}}",  function(ret) {
+            $.get("{{url('admin/makePasswd')}}",  function(ret) {
                 $("#passwd").val(ret);
             });
         }

resources/views/admin/convert.blade.php

@@ -159,7 +159,7 @@
 
         // 下载
         function do_download() {
-            window.location.href = '{{url('download')}}';
+            window.location.href = '{{url('admin/download')}}';
         }
     </script>
 @endsection

resources/views/admin/editUser.blade.php

@@ -374,7 +374,7 @@
 
         // 生成随机密码
         function makePasswd() {
-            $.get("{{url('makePasswd')}}",  function(ret) {
+            $.get("{{url('admin/makePasswd')}}",  function(ret) {
                 $("#passwd").val(ret);
             });
         }

routes/web.php

@@ -2,82 +2,82 @@
 
 Route::any('/', 'AdminController@index'); // 首页
 Route::any('login', 'LoginController@index'); // 登录
-Route::any('logout', 'LoginController@logout'); // 退出
+Route::get('logout', 'LoginController@logout'); // 退出
 Route::any('register', 'RegisterController@index'); // 注册
-
-Route::get('admin', 'AdminController@index'); // 后台首页
-Route::any('admin/userList', 'AdminController@userList'); // 账号列表
-Route::any('admin/addUser', 'AdminController@addUser'); // 添加账号
-Route::any('admin/editUser', 'AdminController@editUser'); // 编辑账号
-Route::post('admin/delUser', 'AdminController@delUser'); // 删除账号
-Route::get('admin/nodeList', 'AdminController@nodeList'); // 节点列表
-Route::any('admin/addNode', 'AdminController@addNode'); // 添加节点
-Route::any('admin/editNode', 'AdminController@editNode'); // 编辑节点
-Route::post('admin/delNode', 'AdminController@delNode'); // 删除节点
-Route::get('admin/articleList', 'AdminController@articleList'); // 文章列表
-Route::any('admin/addArticle', 'AdminController@addArticle'); // 添加文章
-Route::any('admin/editArticle', 'AdminController@editArticle'); // 编辑文章
-Route::post('admin/delArticle', 'AdminController@delArticle'); // 删除文章
-Route::get('admin/groupList', 'AdminController@groupList'); // 文章列表
-Route::any('admin/addGroup', 'AdminController@addGroup'); // 添加文章
-Route::any('admin/editGroup', 'AdminController@editGroup'); // 编辑文章
-Route::post('admin/delGroup', 'AdminController@delGroup'); // 删除文章
-Route::get('ticket/ticketList', 'TicketController@ticketList'); // 工单列表
-Route::any('ticket/replyTicket', 'TicketController@replyTicket'); // 回复工单
-Route::post('ticket/closeTicket', 'TicketController@closeTicket'); // 关闭工单
-Route::get('admin/inviteList', 'AdminController@inviteList'); // 邀请码列表
-Route::post('admin/makeInvite', 'AdminController@makeInvite'); // 生成邀请码
-Route::any('admin/config', 'AdminController@config'); // 配置列表
-Route::any('admin/addConfig', 'AdminController@addConfig'); // 添加配置
-Route::post('admin/delConfig', 'AdminController@delConfig'); // 删除配置
-Route::post('admin/setDefaultConfig', 'AdminController@setDefaultConfig'); // 设置默认配置
-Route::get('admin/trafficLog', 'AdminController@trafficLog'); // 流量日志
-Route::any('admin/export', 'AdminController@export'); // 导出配置信息
-Route::any('admin/convert', 'AdminController@convert'); // 格式转换
-Route::any('admin/import', 'AdminController@import'); // 数据导入
-Route::get('admin/monitor', 'AdminController@monitor'); // 流量监控
-Route::any('admin/profile', 'AdminController@profile'); // 修改个人信息
-Route::any('admin/analysis', 'AdminController@analysis'); // 日志分析
-Route::any('admin/system', 'AdminController@system'); // 系统设置
-Route::post('admin/setConfig', 'AdminController@setConfig'); // 设置某个配置项
-Route::post('admin/setInviteNum', 'AdminController@setInviteNum'); // 可生成邀请码数
-Route::post('admin/setWebsiteName', 'AdminController@setWebsiteName'); // 设置网站名称
-Route::post('admin/setWebsiteUrl', 'AdminController@setWebsiteUrl'); // 设置网站地址
-Route::post('admin/setResetPasswordTimes', 'AdminController@setResetPasswordTimes'); // 设置重置密码次数
-Route::post('admin/setActiveTimes', 'AdminController@setActiveTimes'); // 设置激活账号次数
-Route::post('admin/setAddScoreRange', 'AdminController@setAddScoreRange'); // 设置登录加积分时间间隔
-Route::post('admin/setQrcode', 'AdminController@setQrcode'); // 设置充值二维码
-Route::get('makePasswd', 'AdminController@makePasswd'); // 获取随机密码
-Route::get('download', 'AdminController@download'); // 下载转换过的JSON配置
-
-Route::any('user', 'UserController@index'); // 用户首页
-Route::any('user/article', 'UserController@article'); // 文章详情
-Route::any('user/nodeList', 'UserController@nodeList'); // 节点列表
-Route::any('user/goodsList', 'UserController@goodsList'); // 商品列表
-Route::any('user/profile', 'UserController@profile'); // 修改个人信息
-Route::any('user/trafficLog', 'UserController@trafficLog'); // 流量日志
-Route::get('user/ticketList', 'UserController@ticketList'); // 工单
-Route::get('user/orderList', 'UserController@orderList'); // 订单
-Route::post('user/addTicket', 'UserController@addTicket'); // 快速添加工单
-Route::any('user/replyTicket', 'UserController@replyTicket'); // 回复工单
-Route::post('user/closeTicket', 'UserController@closeTicket'); // 关闭工单
-Route::post('user/redeemCoupon', 'UserController@redeemCoupon'); // 使用优惠券
-Route::any('user/addOrder', 'UserController@addOrder'); // 添加订单
-Route::any('user/invite', 'UserController@invite'); // 邀请码
-Route::any('user/makeInvite', 'UserController@makeInvite'); // 生成邀请码
 Route::any('resetPassword', 'UserController@resetPassword'); // 重设密码
 Route::any('reset/{token}', 'UserController@reset'); // 重设密码
 Route::any('activeUser', 'UserController@activeUser'); // 激活账号
-Route::any('active/{token}', 'UserController@active'); // 激活账号
-Route::post('user/exchange', 'UserController@exchange'); // 积分兑换流量
-
-Route::any('shop/goodsList', 'ShopController@goodsList'); // 商品列表
-Route::any('shop/addGoods', 'ShopController@addGoods'); // 添加商品
-Route::any('shop/editGoods', 'ShopController@editGoods'); // 编辑商品
-Route::post('shop/delGoods', 'ShopController@delGoods'); // 删除商品
+Route::get('active/{token}', 'UserController@active'); // 激活账号
 
-Route::any('coupon/couponList', 'CouponController@couponList'); // 优惠券列表
-Route::any('coupon/addCoupon', 'CouponController@addCoupon'); // 添加优惠券
-Route::post('coupon/delCoupon', 'CouponController@delCoupon'); // 删除优惠券
+Route::group(['middleware' => ['user', 'admin']], function() {
+    Route::get('admin', 'AdminController@index'); // 后台首页
+    Route::get('admin/userList', 'AdminController@userList'); // 账号列表
+    Route::any('admin/addUser', 'AdminController@addUser'); // 添加账号
+    Route::any('admin/editUser', 'AdminController@editUser'); // 编辑账号
+    Route::post('admin/delUser', 'AdminController@delUser'); // 删除账号
+    Route::get('admin/nodeList', 'AdminController@nodeList'); // 节点列表
+    Route::any('admin/addNode', 'AdminController@addNode'); // 添加节点
+    Route::any('admin/editNode', 'AdminController@editNode'); // 编辑节点
+    Route::post('admin/delNode', 'AdminController@delNode'); // 删除节点
+    Route::get('admin/articleList', 'AdminController@articleList'); // 文章列表
+    Route::any('admin/addArticle', 'AdminController@addArticle'); // 添加文章
+    Route::any('admin/editArticle', 'AdminController@editArticle'); // 编辑文章
+    Route::post('admin/delArticle', 'AdminController@delArticle'); // 删除文章
+    Route::get('admin/groupList', 'AdminController@groupList'); // 文章列表
+    Route::any('admin/addGroup', 'AdminController@addGroup'); // 添加文章
+    Route::any('admin/editGroup', 'AdminController@editGroup'); // 编辑文章
+    Route::post('admin/delGroup', 'AdminController@delGroup'); // 删除文章
+    Route::get('ticket/ticketList', 'TicketController@ticketList'); // 工单列表
+    Route::any('ticket/replyTicket', 'TicketController@replyTicket'); // 回复工单
+    Route::post('ticket/closeTicket', 'TicketController@closeTicket'); // 关闭工单
+    Route::get('admin/inviteList', 'AdminController@inviteList'); // 邀请码列表
+    Route::post('admin/makeInvite', 'AdminController@makeInvite'); // 生成邀请码
+    Route::any('admin/config', 'AdminController@config'); // 配置列表
+    Route::any('admin/addConfig', 'AdminController@addConfig'); // 添加配置
+    Route::post('admin/delConfig', 'AdminController@delConfig'); // 删除配置
+    Route::post('admin/setDefaultConfig', 'AdminController@setDefaultConfig'); // 设置默认配置
+    Route::get('admin/trafficLog', 'AdminController@trafficLog'); // 流量日志
+    Route::any('admin/export', 'AdminController@export'); // 导出配置信息
+    Route::any('admin/convert', 'AdminController@convert'); // 格式转换
+    Route::any('admin/import', 'AdminController@import'); // 数据导入
+    Route::get('admin/monitor', 'AdminController@monitor'); // 流量监控
+    Route::any('admin/profile', 'AdminController@profile'); // 修改个人信息
+    Route::get('admin/analysis', 'AdminController@analysis'); // 日志分析
+    Route::get('admin/system', 'AdminController@system'); // 系统设置
+    Route::post('admin/setConfig', 'AdminController@setConfig'); // 设置某个配置项
+    Route::post('admin/setInviteNum', 'AdminController@setInviteNum'); // 可生成邀请码数
+    Route::post('admin/setWebsiteName', 'AdminController@setWebsiteName'); // 设置网站名称
+    Route::post('admin/setWebsiteUrl', 'AdminController@setWebsiteUrl'); // 设置网站地址
+    Route::post('admin/setResetPasswordTimes', 'AdminController@setResetPasswordTimes'); // 设置重置密码次数
+    Route::post('admin/setActiveTimes', 'AdminController@setActiveTimes'); // 设置激活账号次数
+    Route::post('admin/setAddScoreRange', 'AdminController@setAddScoreRange'); // 设置登录加积分时间间隔
+    Route::post('admin/setQrcode', 'AdminController@setQrcode'); // 设置充值二维码
+    Route::get('admin/makePasswd', 'AdminController@makePasswd'); // 获取随机密码
+    Route::get('admin/download', 'AdminController@download'); // 下载转换过的JSON配置
+    Route::any('shop/goodsList', 'ShopController@goodsList'); // 商品列表
+    Route::any('shop/addGoods', 'ShopController@addGoods'); // 添加商品
+    Route::any('shop/editGoods', 'ShopController@editGoods'); // 编辑商品
+    Route::post('shop/delGoods', 'ShopController@delGoods'); // 删除商品
+    Route::any('coupon/couponList', 'CouponController@couponList'); // 优惠券列表
+    Route::any('coupon/addCoupon', 'CouponController@addCoupon'); // 添加优惠券
+    Route::post('coupon/delCoupon', 'CouponController@delCoupon'); // 删除优惠券
+});
 
-Route::any('user/takeAward', 'UserController@takeAward'); // 抽奖
+Route::group(['middleware' => ['user']], function(){
+    Route::any('user', 'UserController@index'); // 用户首页
+    Route::any('user/article', 'UserController@article'); // 文章详情
+    Route::get('user/nodeList', 'UserController@nodeList'); // 节点列表
+    Route::get('user/goodsList', 'UserController@goodsList'); // 商品列表
+    Route::get('user/trafficLog', 'UserController@trafficLog'); // 流量日志
+    Route::get('user/ticketList', 'UserController@ticketList'); // 工单
+    Route::post('user/addTicket', 'UserController@addTicket'); // 快速添加工单
+    Route::any('user/replyTicket', 'UserController@replyTicket'); // 回复工单
+    Route::post('user/closeTicket', 'UserController@closeTicket'); // 关闭工单
+    Route::get('user/orderList', 'UserController@orderList'); // 订单
+    Route::any('user/addOrder', 'UserController@addOrder'); // 添加订单
+    Route::post('user/redeemCoupon', 'UserController@redeemCoupon'); // 使用优惠券
+    Route::get('user/invite', 'UserController@invite'); // 邀请码
+    Route::post('user/makeInvite', 'UserController@makeInvite'); // 生成邀请码
+    Route::any('user/profile', 'UserController@profile'); // 修改个人信息
+    Route::post('user/exchange', 'UserController@exchange'); // 积分兑换流量
+});