|
|
@@ -8,12 +8,13 @@ use App\Model\User;
|
|
|
use Hyperf\Di\Annotation\Inject;
|
|
|
use Phper666\JWTAuth\Exception\TokenValidException;
|
|
|
use Phper666\JWTAuth\JWT;
|
|
|
+use Phper666\JWTAuth\Util\JWTUtil;
|
|
|
use Psr\Container\ContainerInterface;
|
|
|
use Psr\Http\Message\ResponseInterface;
|
|
|
use Psr\Http\Server\MiddlewareInterface;
|
|
|
use Psr\Http\Message\ServerRequestInterface;
|
|
|
use Psr\Http\Server\RequestHandlerInterface;
|
|
|
-
|
|
|
+use App\Controller\Resource\ApiResource;
|
|
|
class TokenMiddleware implements MiddlewareInterface
|
|
|
{
|
|
|
|
|
|
@@ -37,26 +38,26 @@ class TokenMiddleware implements MiddlewareInterface
|
|
|
{
|
|
|
|
|
|
try {
|
|
|
- // 获取当前TOKEN
|
|
|
- $token = $this->jwt->getToken();
|
|
|
- var_dump($token);
|
|
|
- // 验证TOKEN有效性
|
|
|
- if($this->jwt->checkToken()){
|
|
|
+ // 根据具体业务判断逻辑走向,这里假设用户携带的token有效
|
|
|
+ $token = $request->getHeaderLine('Authorization') ?? '';
|
|
|
+ if (strlen($token) > 0) {
|
|
|
+ $token = JWTUtil::handleToken($token);
|
|
|
+ if ($token == false || !$this->jwt->checkToken($token)) {
|
|
|
+ throw new TokenValidException(__('api.1005'), 401);
|
|
|
+ }
|
|
|
+
|
|
|
$authId = $token->getClaim('authId');
|
|
|
$user = User::where('id', $authId)->where(['enable'=> 'T'])->first();
|
|
|
- var_dump($user);
|
|
|
if(!$user){
|
|
|
- throw new TokenValidException('Token未验证通过', 401);
|
|
|
+ throw new TokenValidException(__('api.1029'), 401);
|
|
|
}
|
|
|
-
|
|
|
}
|
|
|
|
|
|
} catch (\Exception $exception){
|
|
|
-
|
|
|
+ throw new TokenValidException(__('api.1006'), 401);
|
|
|
}
|
|
|
|
|
|
|
|
|
-
|
|
|
return $handler->handle($request);
|
|
|
}
|
|
|
}
|
