|
|
@@ -0,0 +1,80 @@
|
|
|
+<?php
|
|
|
+declare (strict_types=1);
|
|
|
+
|
|
|
+namespace app\middleware;
|
|
|
+
|
|
|
+use app\service\MenuService;
|
|
|
+use Firebase\JWT\JWT;
|
|
|
+use Firebase\JWT\Key;
|
|
|
+use think\facade\Config;
|
|
|
+use think\Response;
|
|
|
+
|
|
|
+class AuthMiddleware
|
|
|
+{
|
|
|
+ /**
|
|
|
+ * 处理请求
|
|
|
+ */
|
|
|
+ public function handle($request, \Closure $next)
|
|
|
+ {
|
|
|
+ // 获取当前控制器和操作
|
|
|
+ $controller = $request->controller();
|
|
|
+ $action = $request->action();
|
|
|
+
|
|
|
+ // 白名单:不需要登录验证的操作
|
|
|
+ $whiteList = [
|
|
|
+ 'index.index',
|
|
|
+ 'index.login',
|
|
|
+ 'index.logout',
|
|
|
+ 'index.captcha'
|
|
|
+ ];
|
|
|
+
|
|
|
+ $current = strtolower($controller . '.' . $action);
|
|
|
+ if (in_array($current, $whiteList)) {
|
|
|
+ return $next($request);
|
|
|
+ }
|
|
|
+
|
|
|
+ // 验证登录状态
|
|
|
+ $userInfo = $this->checkLogin($request);
|
|
|
+ if (!$userInfo) {
|
|
|
+ return json_error([], '请先登录', 401);
|
|
|
+ }
|
|
|
+
|
|
|
+ // 将用户信息注入请求
|
|
|
+ $request->userInfo = $userInfo;
|
|
|
+ $request->userId = (int)$userInfo['user_id'];
|
|
|
+
|
|
|
+ // 验证权限
|
|
|
+ if (!$this->checkPermission((int)$userInfo['user_id'], $controller, $action)) {
|
|
|
+ return json_error([], '无权限访问', 403);
|
|
|
+ }
|
|
|
+
|
|
|
+ return $next($request);
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 检查登录状态
|
|
|
+ */
|
|
|
+ protected function checkLogin($request): ?array
|
|
|
+ {
|
|
|
+ $token = $request->cookie('auth_token');
|
|
|
+ if (!$token) {
|
|
|
+ return null;
|
|
|
+ }
|
|
|
+
|
|
|
+ $decoded = parseToken($token);
|
|
|
+ if (!$decoded) {
|
|
|
+ return null;
|
|
|
+ }
|
|
|
+
|
|
|
+ return $decoded;
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 检查权限
|
|
|
+ */
|
|
|
+ protected function checkPermission(int $userId, string $controller, string $action): bool
|
|
|
+ {
|
|
|
+ // 使用MenuService检查权限
|
|
|
+ return MenuService::checkPermission($userId, $controller, $action);
|
|
|
+ }
|
|
|
+}
|
aiden