Home Explore Help
Register Sign In
Kirin
/
xny
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: b6521942fd
Branches Tags
xny
/
app
/
common
/
middleware
/
UserTokenMiddleware.php

UserTokenMiddleware.php 3.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 
  1. <?php
    2. 

  2. 

  3. // +----------------------------------------------------------------------
    4. 

  4. // | CRMEB [ CRMEB赋能开发者,助力企业发展 ]
    5. 

  5. // +----------------------------------------------------------------------
    6. 

  6. // | Copyright (c) 2016~2024 https://www.crmeb.com All rights reserved.
    7. 

  7. // +----------------------------------------------------------------------
    8. 

  8. // | Licensed CRMEB并不是自由软件,未经许可不能去掉CRMEB相关版权
    9. 

  9. // +----------------------------------------------------------------------
    10. 

  10. // | Author: CRMEB Team <admin@crmeb.com>
    11. 

  11. // +----------------------------------------------------------------------
    12. 

  12. 

  13. 

  14. namespace app\common\middleware;
    15. 

  15. 

  16. use think\facade\Log;
    17. 

  17. use app\common\repositories\user\UserRepository;
    18. 

  18. use app\Request;
    19. 

  19. use crmeb\exceptions\AuthException;
    20. 

  20. use crmeb\services\JwtTokenService;
    21. 

  21. use Firebase\JWT\ExpiredException;
    22. 

  22. use think\exception\ValidateException;
    23. 

  23. use think\facade\Cache;
    24. 

  24. use think\Response;
    25. 

  25. use Throwable;
    26. 

  26. 

  27. class UserTokenMiddleware extends BaseMiddleware
    28. 

  28. {
    29. 

  29. 

  30.     /**
    31. 

  31.      * @param Request $request
    32. 

  32.      * @throws Throwable
    33. 

  33.      * @author xaboy
    34. 

  34.      * @day 2020-04-10
    35. 

  35.      */
    36. 

  36.     public function before(Request $request)
    37. 

  37.     {
    38. 

  38.         $force = $this->getArg(0, true);
    39. 

  39.         try {
    40. 

  40.             $token = trim($request->header('X-Token'));
    41. 

  41.             if (strpos($token, 'Bearer') === 0)
    42. 

  42.                 $token = trim(substr($token, 6));
    43. 

  43.             if (!$token)
    44. 

  44.                 throw new ValidateException('请登录');
    45. 

  45.             $cache_token = Cache::get('user_' . $token);
    46. 

  46.             if (!$cache_token)
    47. 

  47.                 throw new AuthException('token 已过期,请重新登录');
    48. 

  48.             /**
    49. 

  49.              * @var UserRepository $repository
    50. 

  50.              */
    51. 

  51.             $repository = app()->make(UserRepository::class);
    52. 

  52.             $service = new JwtTokenService();
    53. 

  53.             try {
    54. 

  54.                 $payload = $service->parseToken($token);
    55. 

  55.             } catch (ExpiredException $e) {
    56. 

  56.                 $repository->checkToken($token);
    57. 

  57.                 $payload = $service->decode($token);
    58. 

  58.             } catch (Throwable $e) {//Token 过期
    59. 

  59.                 Log::info('token 已过期,请重新登录2'.$token);
    60. 

  60.                 throw new AuthException('token 已过期,请重新登录');
    61. 

  61.             }
    62. 

  62.             if ('user' != $payload->jti[1]){
    63. 

  63.                 throw new AuthException('无效的 token');
    64. 

  64.                 Log::info('无效的 token'.$payload->jti[1]);
    65. 

  65.             }
    66. 

  66.             $user = $repository->get($payload->jti[0]);
    67. 

  67.             if (!$user)
    68. 

  68.                 throw new AuthException('用户不存在');
    69. 

  69.             if (!$user['status'])
    70. 

  70.                 throw new AuthException('用户已被禁用');
    71. 

  71.             if ($user['cancel_time'])
    72. 

  72.                 throw new AuthException('用户不存在');
    73. 

  73. 

  74.         } catch (Throwable $e) {
    75. 

  75.             if ($force)
    76. 

  76.                 throw  $e;
    77. 

  77.             $request->macro('isLogin', function () {
    78. 

  78.                 return false;
    79. 

  79.             });
    80. 

  80.             $request->macros(['tokenInfo', 'uid', 'userInfo', 'token'], function () {
    81. 

  81.                 throw new AuthException('请登录');
    82. 

  82.             });
    83. 

  83.             return;
    84. 

  84.         }
    85. 

  85.         $repository->updateToken($token);
    86. 

  86. 

  87.         $request->macro('isLogin', function () {
    88. 

  88.             return true;
    89. 

  89.         });
    90. 

  90.         $request->macro('userType', function () {
    91. 

  91.             return 1;
    92. 

  92.         });
    93. 

  93.         $request->macro('tokenInfo', function () use (&$payload) {
    94. 

  94.             return $payload;
    95. 

  95.         });
    96. 

  96.         $request->macro('token', function () use (&$token) {
    97. 

  97.             return $token;
    98. 

  98.         });
    99. 

  99.         $request->macro('uid', function () use (&$user) {
    100. 

  100.             return $user->uid;
    101. 

  101.         });
    102. 

  102.         $request->macro('userInfo', function () use (&$user) {
    103. 

  103.             return $user;
    104. 

  104.         });
    105. 

  105.     }
    106. 

  106. 

  107.     public function after(Response $response)
    108. 

  108.     {
    109. 

  109.         // TODO: Implement after() method.
    110. 

  110.     }
    111. 

  111. }
    112.