waibao
/
NN2023021801


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
							<?php
declare (strict_types=1);

namespace app\api\middleware;

use app\Request;
use app\api\services\UserAuthServices;
use interfaces\MiddlewareInterface;
use utils\RedisCache;

class AuthTokenMiddleWare implements MiddlewareInterface
{

    /**
     * 处理请求
     * @param Request $request
     * @param \Closure $next
     * @return mixed
     * @throws \Psr\SimpleCache\InvalidArgumentException
     */
    public function handle (Request $request, \Closure $next)
    {
        try {
            
            if (env('APP.WEB_IS_UPDATE') ){
                // 非测试IP访问，直接拦截
                $testIp = env('APP.TEST_IPS');
                $testIps = $testIp? $testIp : '';
                $currentIp = get_client_ip();
               
                if($testIps && !preg_match("/{$currentIp}/", $testIps)){
                   return api_error_return(['msg'=>'网站正在升级中', 'data'=>['ips'=> $testIps,'ip'=> $currentIp]]); 
                }
            }


            if (RedisCache::get('is_update_data')){
                return api_error_return(['msg'=>'更新数据中，请稍后几秒', 'data'=>null]);
            }

            if (env('API.IS_PUBLIC_REQUEST_VERIFY')){
                if (ISNOTREQUESTPASS($request->param())){
                    return api_error_return(['msg'=>'参数错误', 'data'=>null]);
                }

            }

            if (env('API.IS_SIGN_VERIFY')){
                if (empty($request->param('sign'))){
                    return api_error_return(['msg'=>'签名不存在', 'data'=>null]);
                }

                $sign = createApiSign($request->param());
                if ($request->param('sign') != $sign){
                    return api_error_return(['msg'=>'签名错误', 'data'=>['aa'=>$sign]]);
                }
                if (time() - $request->post('timestamp') > 20){
                    return api_error_return(['msg'=>'请求失败,稍后再试', 'data'=>null]);
                }
            }

            $token = trim($request->header('token', ''));

            if (empty($token)){
                return api_error_return(['msg'=>'请登录', 'code'=>401]);
            }else{
                try {
                    /** @var UserAuthServices $service */
                    $service = app()->make(UserAuthServices::class);

                    $user_info = $service->parseToken($token);

                    $authInfo = $service->parseToken($token)->toArray();

                } catch (\Exception $e) {

                    return api_error_return(['msg'=>$e->getMessage(), 'code'=>401]);
                }
                $data = $request->param(); // 请求参数
                $request->uid = is_null($authInfo) ? 0 : $authInfo['id']; // 用户uid
                $data['uid'] = $request->uid;
                $request->data = $data;
                $request->user = is_null($authInfo) ? null : $authInfo; // 用户信息
                $request->user_info = $user_info ?: null; // 用户信息
                $request->isLogin = true;
            }

        } catch (\Throwable $e) {
            return api_error_return($e->getMessage());
        }
        return $next($request);
    }
}