mojiahui/dafuweng-saiadmin6.x
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
54aa0bd34fd1e7a35084a472aa2721106b6aa070
dafuweng-saiadmin6.x/server/app/api/middleware/AuthTokenMiddleware.php

59 lines
2.1 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
declare(strict_types=1);
namespace app\api\middleware;
use app\api\cache\AuthTokenCache;
use app\api\util\ReturnCode;
use plugin\saiadmin\exception\ApiException;
use Tinywan\Jwt\JwtToken;
use Tinywan\Jwt\Exception\JwtTokenException;
use Tinywan\Jwt\Exception\JwtTokenExpiredException;
use Webman\Http\Request;
use Webman\Http\Response;
use Webman\MiddlewareInterface;
/**
* 校验 auth-token 请求头JWT
* 用于 /api/v1/* 接口(除 /api/v1/authtoken 外)
* 请求头需携带 auth-token通过后注入 request->agent_id
*/
class AuthTokenMiddleware implements MiddlewareInterface
{
public function process(Request $request, callable $handler): Response
{
$token = $request->header('auth-token');
$token = $token !== null ? trim((string) $token) : '';
if ($token === '') {
throw new ApiException('请携带 auth-token', ReturnCode::UNAUTHORIZED);
}
try {
$decoded = JwtToken::verify(1, $token);
} catch (JwtTokenExpiredException $e) {
throw new ApiException('auth-token 已过期', ReturnCode::TOKEN_INVALID);
} catch (JwtTokenException $e) {
throw new ApiException('auth-token 无效', ReturnCode::TOKEN_INVALID);
} catch (\Throwable $e) {
throw new ApiException('auth-token 格式无效', ReturnCode::TOKEN_INVALID);
}
$extend = $decoded['extend'] ?? [];
if ((string) ($extend['plat'] ?? '') !== 'api_auth_token') {
throw new ApiException('auth-token 无效', ReturnCode::TOKEN_INVALID);
}
$agentId = trim((string) ($extend['agent_id'] ?? ''));
if ($agentId === '') {
throw new ApiException('auth-token 无效', ReturnCode::TOKEN_INVALID);
}
$currentToken = AuthTokenCache::getTokenByAgentId($agentId);
if ($currentToken === null || $currentToken !== $token) {
throw new ApiException('auth-token 无效或已失效', ReturnCode::TOKEN_INVALID);
}
$request->agent_id = $agentId;
return $handler($request);
}
}
Reference in New Issue View Git Blame Copy Permalink