Home Explore Help
Register Sign In
Kirin
/
yatang
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: c144ab078d
Branches Tags
yatang
/
app
/
common
/
middleware
/
UserTokenMiddleware.php

UserTokenMiddleware.php 3.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 
  1. <?php
    2. 

  2. 

  3. // +----------------------------------------------------------------------
    4. 

  4. // | CRMEB [ CRMEB赋能开发者,助力企业发展 ]
    5. 

  5. // +----------------------------------------------------------------------
    6. 

  6. // | Copyright (c) 2016~2020 https://www.crmeb.com All rights reserved.
    7. 

  7. // +----------------------------------------------------------------------
    8. 

  8. // | Licensed CRMEB并不是自由软件,未经许可不能去掉CRMEB相关版权
    9. 

  9. // +----------------------------------------------------------------------
    10. 

  10. // | Author: CRMEB Team <admin@crmeb.com>
    11. 

  11. // +----------------------------------------------------------------------
    12. 

  12. 

  13. 

  14. namespace app\common\middleware;
    15. 

  15. 

  16. use app\common\repositories\user\UserRepository;
    17. 

  17. use app\Request;
    18. 

  18. use crmeb\exceptions\AuthException;
    19. 

  19. use crmeb\services\JwtTokenService;
    20. 

  20. use Firebase\JWT\ExpiredException;
    21. 

  21. use think\exception\ValidateException;
    22. 

  22. use think\Response;
    23. 

  23. use Throwable;
    24. 

  24. 

  25. class UserTokenMiddleware extends BaseMiddleware
    26. 

  26. {
    27. 

  27. 

  28.     /**
    29. 

  29.      * @param Request $request
    30. 

  30.      * @throws Throwable
    31. 

  31.      * @author xaboy
    32. 

  32.      * @day 2020-04-10
    33. 

  33.      */
    34. 

  34.     public function before(Request $request)
    35. 

  35.     {
    36. 

  36.         $force = $this->getArg(0, true);
    37. 

  37.         try {
    38. 

  38.             $token = trim($request->header('X-Token'));
    39. 

  39. 

  40. //            $longitude = explode(',', $lonlat)[0] ?? 0;
    41. 

  41. //            $latitude = explode(',', $lonlat)[1] ?? 0;
    42. 

  42. 

  43.             if (strpos($token, 'Bearer') === 0)
    44. 

  44.                 $token = trim(substr($token, 6));
    45. 

  45.             if (!$token)
    46. 

  46.                 throw new ValidateException('请登录');
    47. 

  47. 

  48.             /**
    49. 

  49.              * @var UserRepository $repository
    50. 

  50.              */
    51. 

  51.             $repository = app()->make(UserRepository::class);
    52. 

  52.             $service = new JwtTokenService();
    53. 

  53.             try {
    54. 

  54.                 $payload = $service->parseToken($token);
    55. 

  55.             } catch (ExpiredException $e) {
    56. 

  56.                 $repository->checkToken($token);
    57. 

  57.                 $payload = $service->decode($token);
    58. 

  58.             } catch (Throwable $e) {//Token 过期
    59. 

  59.                 throw new AuthException('token 已过期');
    60. 

  60.             }
    61. 

  61.             if ('user' != $payload->jti[1])
    62. 

  62.                 throw new AuthException('无效的 token');
    63. 

  63. 

  64.             $user = $repository->get($payload->jti[0]);
    65. 

  65.             if (!$user)
    66. 

  66.                 throw new AuthException('账号不存在');
    67. 

  67.             if (!$user['status'])
    68. 

  68.                 throw new AuthException('账号已被禁用');
    69. 

  69.         } catch (Throwable $e) {
    70. 

  70.             if ($force)
    71. 

  71.                 throw  $e;
    72. 

  72.             $request->macro('isLogin', function () {
    73. 

  73.                 return false;
    74. 

  74.             });
    75. 

  75.             $request->macros(['tokenInfo', 'uid', 'userInfo', 'token'], function () {
    76. 

  76.                 throw new AuthException('请登录');
    77. 

  77.             });
    78. 

  78.             return;
    79. 

  79.         }
    80. 

  80.         $repository->updateToken($token);
    81. 

  81. 

  82.         $request->macro('isLogin', function () {
    83. 

  83.             return true;
    84. 

  84.         });
    85. 

  85.         $request->macro('tokenInfo', function () use (&$payload) {
    86. 

  86.             return $payload;
    87. 

  87.         });
    88. 

  88.         $request->macro('token', function () use (&$token) {
    89. 

  89.             return $token;
    90. 

  90.         });
    91. 

  91.         $request->macro('uid', function () use (&$user) {
    92. 

  92.             return $user->uid;
    93. 

  93.         });
    94. 

  94.         $request->macro('userInfo', function () use (&$user) {
    95. 

  95.             return $user;
    96. 

  96.         });
    97. 

  97.     }
    98. 

  98. 

  99.     public function after(Response $response)
    100. 

  100.     {
    101. 

  101.         // TODO: Implement after() method.
    102. 

  102.     }
    103. 

  103. }
    104.