2025-03-14 14:27:33 +08:00
|
|
|
|
<?php
|
|
|
|
|
|
namespace app\middleware;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
use app\model\User;
|
|
|
|
|
|
use app\util\JwtUtil;
|
|
|
|
|
|
use app\util\Util;
|
|
|
|
|
|
use ReflectionClass;
|
|
|
|
|
|
use support\Redis;
|
|
|
|
|
|
use Webman\Http\Request;
|
|
|
|
|
|
use Webman\Http\Response;
|
|
|
|
|
|
use Webman\MiddlewareInterface;
|
|
|
|
|
|
use support\exception\BusinessException;
|
|
|
|
|
|
|
|
|
|
|
|
//class AuthMiddleware implements MiddlewareInterface
|
|
|
|
|
|
//{
|
|
|
|
|
|
// public function process(Request $request, callable $handler) : Response
|
|
|
|
|
|
// {
|
|
|
|
|
|
// //'这里是请求穿越阶段,也就是请求处理前';
|
|
|
|
|
|
//
|
|
|
|
|
|
// //$response = $handler($request); // 继续向洋葱芯穿越,直至执行控制器得到响应
|
|
|
|
|
|
//
|
|
|
|
|
|
// //composer require symfony/translation'这里是响应穿出阶段,也就是请求处理后';
|
|
|
|
|
|
//
|
|
|
|
|
|
// $result = Redis::set('user_id',time());
|
|
|
|
|
|
//
|
|
|
|
|
|
// $response = $handler($request); // 继续向洋葱芯穿越,直至执行控制器得到响应
|
|
|
|
|
|
//
|
|
|
|
|
|
// echo '这里是响应穿出阶段,也就是请求处理后';
|
|
|
|
|
|
//
|
|
|
|
|
|
// return $response;
|
|
|
|
|
|
// }
|
|
|
|
|
|
//}
|
|
|
|
|
|
|
|
|
|
|
|
class AuthMiddleware implements MiddlewareInterface
|
|
|
|
|
|
{
|
|
|
|
|
|
public function process(Request $request, callable $handler): Response
|
|
|
|
|
|
{
|
|
|
|
|
|
// 跳过不需要鉴权的路由(如登录接口)
|
|
|
|
|
|
// if ($request->path() === '/api/login') {
|
|
|
|
|
|
// return $handler($request);
|
|
|
|
|
|
// }
|
|
|
|
|
|
// 通过反射获取控制器哪些方法不需要登录
|
|
|
|
|
|
$controller = new ReflectionClass($request->controller);
|
|
|
|
|
|
$noNeedLogin = $controller->getDefaultProperties()['noNeedLogin'] ?? [];
|
|
|
|
|
|
|
|
|
|
|
|
$isLogin = !in_array($request->action, $noNeedLogin);
|
|
|
|
|
|
// 访问的方法需要登录
|
|
|
|
|
|
// if ($isLogin) {
|
|
|
|
|
|
// // 拦截请求,返回一个重定向响应,请求停止向洋葱芯穿越
|
|
|
|
|
|
// throw new BusinessException('请先登录', 302);
|
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
|
|
// 从 Header 获取 Token
|
|
|
|
|
|
$token = $request->header('Authorization');
|
|
|
|
|
|
|
|
|
|
|
|
//需要登录并且未提供token
|
|
|
|
|
|
if ($isLogin && (!$token || !str_starts_with($token, 'Bearer '))) {
|
|
|
|
|
|
throw new BusinessException('请先登录', 302);
|
|
|
|
|
|
// throw new BusinessException('未提供 Token'.$isLogin, 401);
|
2025-03-14 17:10:14 +08:00
|
|
|
|
}elseif(!$isLogin){
|
|
|
|
|
|
return $handler($request);
|
2025-03-14 14:27:33 +08:00
|
|
|
|
}
|
2025-03-14 17:10:14 +08:00
|
|
|
|
|
|
|
|
|
|
|
2025-03-14 14:27:33 +08:00
|
|
|
|
$token = substr($token, 7);
|
|
|
|
|
|
try {
|
|
|
|
|
|
// 验证 Token 并获取用户ID
|
|
|
|
|
|
$decoded = JwtUtil::verifyToken($token);
|
|
|
|
|
|
|
|
|
|
|
|
$userId = $decoded->sub;
|
|
|
|
|
|
|
|
|
|
|
|
$user = User::select(['id','name','sex','role','avatar','email','password'])
|
|
|
|
|
|
->find($userId);
|
|
|
|
|
|
if(!$user){
|
|
|
|
|
|
return Util::fail(['user'=>$user],trans('user_none'));
|
|
|
|
|
|
}
|
|
|
|
|
|
$user = $user->toArray();
|
|
|
|
|
|
|
|
|
|
|
|
// 将用户ID存入请求对象,供后续使用
|
|
|
|
|
|
// $request->user = ['id' => $userId];
|
|
|
|
|
|
$request->user = $user;
|
|
|
|
|
|
return $handler($request);
|
|
|
|
|
|
} catch (BusinessException $e) {
|
|
|
|
|
|
return json(['code' => 401, 'msg' => $e->getMessage()]);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
