shulang
/
webman
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
webman/app/middleware/JwtAuthMiddleware.php

95 lines
3.2 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
namespace App\Middleware;
use app\model\User;
use Tinywan\Jwt\JwtToken;
use App\Utils\ApiResponse;
use Webman\Http\Request;
use Webman\Http\Response;
use Webman\MiddlewareInterface;
use ReflectionClass;
class JwtAuthMiddleware implements MiddlewareInterface
{
/**
* 处理请求
*
* @param Request $request
* @param callable $handler
* @return Response
*/
public function process(Request $request, callable $handler): Response
{
/**
* 通过反射获取不需要登录的方法
*/
$controller = new ReflectionClass($request->controller);
/**
* apidoc 直接继续向洋葱芯穿越
*/
if($controller->name=='hg\apidoc\Controller'){
return $handler($request);
}
// var_dump($controller->name);
$noNeedLogin = $controller->getDefaultProperties()['noNeedLogin'] ?? [];
if (in_array($request->action, $noNeedLogin)) {
// 不需要登录的方法继续向洋葱芯穿越
return $handler($request);
}
// 获取 Authorization 头部中的 token通常格式为 "Bearer <token>"
$token1 = $request->header('Authorization');
$token2 =$request->header('Token');
$token_tmp = !empty($token1) ? $token1 : $token2;
if (strpos($token_tmp,"Bearer ") === false) {
$token= 'Bearer '.$token_tmp;
}else{
$token= $token_tmp;
}
// 检查 token 是否为空
if (empty($token)) {
// return ApiResponse::error(401, ['error' => '缺少令牌'], '未授权');
return response('',401,['error' => '缺少令牌']);
}
// var_dump($token);
// 移除 Bearer 前缀并获取纯 token
// if (strpos($token, 'Bearer ') === 0) {
// $token = substr($token, 7); // 去掉 "Bearer " 部分
// }
try {
// 解码 token返回用户信息
$decoded = JwtToken::getExtend($token);
if(!empty($decoded['user_type'])&&$decoded['user_type']=='user'){
if (false !== strstr($controller->name, 'admin')) {
return response('',401,['error' => '无权限']);
}
$user=User::find($decoded['id']);
if($user->status==0){
return response('',401,['error' => '用户封禁']);
}
}
$user=User::find($decoded['id']);
// if($user->status==0){
// return response('',401,['error' => '用户封禁']);
// }
// var_dump($decoded);
} catch (\Exception $e) {
var_dump($e);
// 解码失败,返回无效令牌错误
// return ApiResponse::error(401, ['error' => '无效的令牌'], '无效的令牌');
return response('',401,['error' => '无效的令牌']);
}
// 将解码后的用户信息存储到请求对象的 user 属性中
// $request = $request->withAttribute('user', $decoded);
$request->data = $decoded;
// 继续处理请求,传递给下一个中间件或控制器,并返回响应
return $handler($request);
}
}
Reference in New Issue View Git Blame Copy Permalink