2025-02-15 12:13:10 +08:00
|
|
|
|
<?php
|
|
|
|
|
|
namespace App\Middleware;
|
|
|
|
|
|
|
2025-02-20 14:01:57 +08:00
|
|
|
|
use app\model\User;
|
2025-02-15 12:13:10 +08:00
|
|
|
|
use Tinywan\Jwt\JwtToken;
|
|
|
|
|
|
use App\Utils\ApiResponse;
|
|
|
|
|
|
use Webman\Http\Request;
|
|
|
|
|
|
use Webman\Http\Response;
|
|
|
|
|
|
use Webman\MiddlewareInterface;
|
|
|
|
|
|
|
|
|
|
|
|
use ReflectionClass;
|
|
|
|
|
|
|
|
|
|
|
|
class JwtAuthMiddleware implements MiddlewareInterface
|
|
|
|
|
|
{
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 处理请求
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param Request $request
|
|
|
|
|
|
* @param callable $handler
|
|
|
|
|
|
* @return Response
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function process(Request $request, callable $handler): Response
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 通过反射获取不需要登录的方法
|
|
|
|
|
|
*/
|
|
|
|
|
|
$controller = new ReflectionClass($request->controller);
|
|
|
|
|
|
/**
|
|
|
|
|
|
* apidoc 直接继续向洋葱芯穿越
|
|
|
|
|
|
*/
|
|
|
|
|
|
if($controller->name=='hg\apidoc\Controller'){
|
|
|
|
|
|
return $handler($request);
|
|
|
|
|
|
}
|
2025-02-20 19:46:39 +08:00
|
|
|
|
// var_dump($controller->name);
|
2025-02-15 12:13:10 +08:00
|
|
|
|
$noNeedLogin = $controller->getDefaultProperties()['noNeedLogin'] ?? [];
|
|
|
|
|
|
if (in_array($request->action, $noNeedLogin)) {
|
|
|
|
|
|
// 不需要登录的方法继续向洋葱芯穿越
|
|
|
|
|
|
return $handler($request);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 获取 Authorization 头部中的 token,通常格式为 "Bearer <token>"
|
2025-02-16 00:28:13 +08:00
|
|
|
|
$token1 = $request->header('Authorization');
|
|
|
|
|
|
$token2 =$request->header('Token');
|
|
|
|
|
|
$token_tmp = !empty($token1) ? $token1 : $token2;
|
|
|
|
|
|
|
|
|
|
|
|
if (strpos($token_tmp,"Bearer ") === false) {
|
|
|
|
|
|
$token= 'Bearer '.$token_tmp;
|
|
|
|
|
|
}else{
|
|
|
|
|
|
$token= $token_tmp;
|
|
|
|
|
|
}
|
2025-02-15 12:13:10 +08:00
|
|
|
|
// 检查 token 是否为空
|
|
|
|
|
|
if (empty($token)) {
|
2025-02-18 19:57:55 +08:00
|
|
|
|
// return ApiResponse::error(401, ['error' => '缺少令牌'], '未授权');
|
|
|
|
|
|
return response('',401,['error' => '缺少令牌']);
|
2025-02-15 12:13:10 +08:00
|
|
|
|
}
|
2025-02-16 00:28:13 +08:00
|
|
|
|
// var_dump($token);
|
2025-02-15 12:13:10 +08:00
|
|
|
|
|
|
|
|
|
|
// 移除 Bearer 前缀并获取纯 token
|
|
|
|
|
|
// if (strpos($token, 'Bearer ') === 0) {
|
|
|
|
|
|
// $token = substr($token, 7); // 去掉 "Bearer " 部分
|
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
|
// 解码 token,返回用户信息
|
|
|
|
|
|
$decoded = JwtToken::getExtend($token);
|
2025-02-20 17:56:05 +08:00
|
|
|
|
if(!empty($decoded['user_type'])&&$decoded['user_type']=='user'){
|
2025-02-20 19:46:39 +08:00
|
|
|
|
if (false !== strstr($controller->name, 'admin')) {
|
|
|
|
|
|
return response('',401,['error' => '无权限']);
|
|
|
|
|
|
}
|
2025-02-20 17:56:05 +08:00
|
|
|
|
$user=User::find($decoded['id']);
|
|
|
|
|
|
if($user->status==0){
|
|
|
|
|
|
return response('',401,['error' => '用户封禁']);
|
|
|
|
|
|
}
|
2025-02-20 14:01:57 +08:00
|
|
|
|
}
|
2025-02-20 17:56:05 +08:00
|
|
|
|
$user=User::find($decoded['id']);
|
|
|
|
|
|
// if($user->status==0){
|
|
|
|
|
|
// return response('',401,['error' => '用户封禁']);
|
|
|
|
|
|
// }
|
2025-02-15 12:13:10 +08:00
|
|
|
|
// var_dump($decoded);
|
|
|
|
|
|
} catch (\Exception $e) {
|
2025-02-16 00:28:13 +08:00
|
|
|
|
var_dump($e);
|
2025-02-15 12:13:10 +08:00
|
|
|
|
// 解码失败,返回无效令牌错误
|
2025-02-18 19:57:55 +08:00
|
|
|
|
// return ApiResponse::error(401, ['error' => '无效的令牌'], '无效的令牌');
|
|
|
|
|
|
return response('',401,['error' => '无效的令牌']);
|
2025-02-15 12:13:10 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 将解码后的用户信息存储到请求对象的 user 属性中
|
|
|
|
|
|
// $request = $request->withAttribute('user', $decoded);
|
|
|
|
|
|
$request->data = $decoded;
|
|
|
|
|
|
// 继续处理请求,传递给下一个中间件或控制器,并返回响应
|
|
|
|
|
|
return $handler($request);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
