18338781771/CRM
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
CRM/webman/app/middleware/AuthMiddleware.php
HESU\HESU 2dc378734f 客户与跟进
2025-03-14 14:27:33 +08:00

84 lines
2.8 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
namespace app\middleware;
use app\model\User;
use app\util\JwtUtil;
use app\util\Util;
use ReflectionClass;
use support\Redis;
use Webman\Http\Request;
use Webman\Http\Response;
use Webman\MiddlewareInterface;
use support\exception\BusinessException;
//class AuthMiddleware implements MiddlewareInterface
//{
// public function process(Request $request, callable $handler) : Response
// {
// //'这里是请求穿越阶段,也就是请求处理前';
//
// //$response = $handler($request); // 继续向洋葱芯穿越,直至执行控制器得到响应
//
// //composer require symfony/translation'这里是响应穿出阶段,也就是请求处理后';
//
// $result = Redis::set('user_id',time());
//
// $response = $handler($request); // 继续向洋葱芯穿越,直至执行控制器得到响应
//
// echo '这里是响应穿出阶段,也就是请求处理后';
//
// return $response;
// }
//}
class AuthMiddleware implements MiddlewareInterface
{
public function process(Request $request, callable $handler): Response
{
// 跳过不需要鉴权的路由(如登录接口)
// if ($request->path() === '/api/login') {
// return $handler($request);
// }
// 通过反射获取控制器哪些方法不需要登录
$controller = new ReflectionClass($request->controller);
$noNeedLogin = $controller->getDefaultProperties()['noNeedLogin'] ?? [];
$isLogin = !in_array($request->action, $noNeedLogin);
// 访问的方法需要登录
// if ($isLogin) {
// // 拦截请求,返回一个重定向响应,请求停止向洋葱芯穿越
// throw new BusinessException('请先登录', 302);
// }
// 从 Header 获取 Token
$token = $request->header('Authorization');
//需要登录并且未提供token
if ($isLogin && (!$token || !str_starts_with($token, 'Bearer '))) {
throw new BusinessException('请先登录', 302);
// throw new BusinessException('未提供 Token'.$isLogin, 401);
}
$token = substr($token, 7);
try {
// 验证 Token 并获取用户ID
$decoded = JwtUtil::verifyToken($token);
$userId = $decoded->sub;
$user = User::select(['id','name','sex','role','avatar','email','password'])
->find($userId);
if(!$user){
return Util::fail(['user'=>$user],trans('user_none'));
}
$user = $user->toArray();
// 将用户ID存入请求对象供后续使用
// $request->user = ['id' => $userId];
$request->user = $user;
return $handler($request);
} catch (BusinessException $e) {
return json(['code' => 401, 'msg' => $e->getMessage()]);
}
}
}
Reference in New Issue View Git Blame Copy Permalink