Strona główna Odkrywaj Pomoc
Zaloguj się
kucoin-test
/
kefu
2
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Drzewo: 4cab47b8c0
Gałęzie Tagi
kefu
/
app
/
common
/
middleware
/
CheckAuth.php

CheckAuth.php 2.3 KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. <?php
    2. 

  2. namespace app\common\middleware;
    3. 

  3. 

  4. use Exception;
    5. 

  5. use thans\jwt\exception\TokenInvalidException;
    6. 

  6. use thans\jwt\facade\JWTAuth;
    7. 

  7. use think\facade\Cache;
    8. 

  8. use think\facade\Request;
    9. 

  9. //验证权限
    10. 

  10. class CheckAuth
    11. 

  11. {
    12. 

  12.     public function handle($request, \Closure $next)
    13. 

  13.     {
    14. 

  14.         try {
    15. 

  15. 

  16.             //判断,如果当前控制的noNeedLogin 属性包含当前接口的名称,则不需要验证权限
    17. 

  17.             // $controller = $request->controller();
    18. 

  18.             // $action = $request->action();
    19. 

  19.             // $noNeedLogin = $controller->noNeedLogin;
    20. 

  20.             // if(in_array($action, $noNeedLogin)){
    21. 

  21.             //     return $next($request);
    22. 

  22.             // }
    23. 

  23.             $jwtData = JWTAuth::auth();
    24. 

  24.         } catch (Exception $exception) {
    25. 

  25. 

  26.             //token有误
    27. 

  27.             if (get_class($exception) == TokenInvalidException::class) {
    28. 

  28.                 return shutdown(lang('user.loginError'), -1);
    29. 

  29.             }
    30. 

  30. 

  31.             $errorMsgArr = [
    32. 

  32.                 'Must have token' => lang('user.mustToken'),
    33. 

  33.                 'The token is in blacklist.' => lang('user.blacklist'),
    34. 

  34.                 'The token is expired.' => lang('user.expired'),
    35. 

  35.                 'The token is in blacklist grace period list.' => lang('user.expired')
    36. 

  36.             ];
    37. 

  37.             return shutdown($errorMsgArr[$exception->getMessage()] ?? $exception->getMessage(), -1);
    38. 

  38.         }
    39. 

  39.         $adminInfo = [];
    40. 

  40.         if (!empty($jwtData['admin'])) {
    41. 

  41.             $adminInfo = $jwtData['admin']->getValue();
    42. 

  42.         }
    43. 

  43.         $userInfo = $jwtData['info']->getValue();
    44. 

  44. 

  45.         //解密token中的用户信息
    46. 

  46.         $userInfo = str_encipher($userInfo,false, config('app.aes_token_key'));
    47. 

  47. 

  48.         if (!$userInfo) {
    49. 

  49.             return shutdown(lang('user.loginError'), -1);
    50. 

  50.         }
    51. 

  51.         //解析json
    52. 

  52.         $userInfo = (array)json_decode($userInfo, true);
    53. 

  53.         
    54. 

  54.         if(cache('forbidUser_'.$userInfo['id'])){
    55. 

  55.             JWTAuth::invalidate(JWTAuth::token()->get());
    56. 

  56.             Cache::delete('forbidUser_'.$userInfo['id']);
    57. 

  57.             return shutdown(lang('user.forbid'), -1);
    58. 

  58.         }
    59. 

  59.         //已经登陆,将用户信息存入请求头
    60. 

  60.         $request->adminInfo  = $adminInfo;
    61. 

  61.         $request->userInfo  = $userInfo;
    62. 

  62.         $request->uid       = $userInfo['id'];
    63. 

  63.         $request->userToken = JWTAuth::token()->get();
    64. 

  64.         return $next($request);
    65. 

  65.     }
    66. 

  66. }
    67.