Home Explore Help
Register Sign In
Kirin
/
yatang
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: c144ab078d
Branches Tags
yatang
/
app
/
common
/
middleware
/
AdminTokenMiddleware.php

AdminTokenMiddleware.php 3.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102 
  1. <?php
    2. 

  2. 

  3. // +----------------------------------------------------------------------
    4. 

  4. // | CRMEB [ CRMEB赋能开发者,助力企业发展 ]
    5. 

  5. // +----------------------------------------------------------------------
    6. 

  6. // | Copyright (c) 2016~2020 https://www.crmeb.com All rights reserved.
    7. 

  7. // +----------------------------------------------------------------------
    8. 

  8. // | Licensed CRMEB并不是自由软件,未经许可不能去掉CRMEB相关版权
    9. 

  9. // +----------------------------------------------------------------------
    10. 

  10. // | Author: CRMEB Team <admin@crmeb.com>
    11. 

  11. // +----------------------------------------------------------------------
    12. 

  12. 

  13. 

  14. namespace app\common\middleware;
    15. 

  15. 

  16. use app\common\repositories\system\admin\AdminRepository;
    17. 

  17. use app\Request;
    18. 

  18. use crmeb\exceptions\AuthException;
    19. 

  19. use crmeb\services\JwtTokenService;
    20. 

  20. use Firebase\JWT\ExpiredException;
    21. 

  21. use think\exception\ValidateException;
    22. 

  22. use think\facade\Route;
    23. 

  23. use think\Response;
    24. 

  24. use Throwable;
    25. 

  25. 

  26. class AdminTokenMiddleware extends BaseMiddleware
    27. 

  27. {
    28. 

  28. 

  29.     /**
    30. 

  30.      * @param Request $request
    31. 

  31.      * @throws Throwable
    32. 

  32.      * @author xaboy
    33. 

  33.      * @day 2020-04-10
    34. 

  34.      */
    35. 

  35.     public function before(Request $request)
    36. 

  36.     {
    37. 

  37.         $force = $this->getArg(0, true);
    38. 

  38.         try {
    39. 

  39.             $token = trim($request->header('X-Token'));
    40. 

  40.             if(!$token) $token = trim($request->param('token',''));
    41. 

  41.             if (strpos($token, 'Bearer') === 0)
    42. 

  42.                 $token = trim(substr($token, 6));
    43. 

  43.             if (!$token)
    44. 

  44.                 throw new ValidateException('请登录');
    45. 

  45. 

  46.             /**
    47. 

  47.              * @var AdminRepository $repository
    48. 

  48.              */
    49. 

  49.             $repository = app()->make(AdminRepository::class);
    50. 

  50.             $service = new JwtTokenService();
    51. 

  51.             try {
    52. 

  52.                 $payload = $service->parseToken($token);
    53. 

  53.             } catch (ExpiredException $e) {
    54. 

  54.                 $repository->checkToken($token);
    55. 

  55.                 $payload = $service->decode($token);
    56. 

  56.             } catch (Throwable $e) {//Token 过期
    57. 

  57.                 throw new AuthException('token 已过期');
    58. 

  58.             }
    59. 

  59.             if ('admin' != $payload->jti[1])
    60. 

  60.                 throw new AuthException('无效的 token');
    61. 

  61. 

  62.             $admin = $repository->get($payload->jti[0]);
    63. 

  63.             if (!$admin)
    64. 

  64.                 throw new AuthException('账号不存在');
    65. 

  65.             if (!$admin['status'])
    66. 

  66.                 throw new AuthException('账号已被禁用');
    67. 

  67. 

  68.         } catch (Throwable $e) {
    69. 

  69.             if ($force)
    70. 

  70.                 throw  $e;
    71. 

  71.             $request->macro('isLogin', function () {
    72. 

  72.                 return false;
    73. 

  73.             });
    74. 

  74.             $request->macros(['tokenInfo', 'adminId', 'adminInfo', 'token'], function () {
    75. 

  75.                 throw new AuthException('请登录');
    76. 

  76.             });
    77. 

  77.             return;
    78. 

  78.         }
    79. 

  79.         $repository->updateToken($token);
    80. 

  80. 

  81.         $request->macro('isLogin', function () {
    82. 

  82.             return true;
    83. 

  83.         });
    84. 

  84.         $request->macro('tokenInfo', function () use (&$payload) {
    85. 

  85.             return $payload;
    86. 

  86.         });
    87. 

  87.         $request->macro('token', function () use (&$token) {
    88. 

  88.             return $token;
    89. 

  89.         });
    90. 

  90.         $request->macro('adminId', function () use (&$admin) {
    91. 

  91.             return $admin->admin_id;
    92. 

  92.         });
    93. 

  93.         $request->macro('adminInfo', function () use (&$admin) {
    94. 

  94.             return $admin;
    95. 

  95.         });
    96. 

  96.     }
    97. 

  97. 

  98.     public function after(Response $response)
    99. 

  99.     {
    100. 

  100.         // TODO: Implement after() method.
    101. 

  101.     }
    102. 

  102. }
    103.