mirror of
https://gitee.com/technical-laohu/mpay_v2_webman.git
synced 2026-04-22 01:54:25 +08:00
重构初始化
This commit is contained in:
技术老胡
62
app/http/admin/middleware/AdminAuthMiddleware.php
Normal file
62
app/http/admin/middleware/AdminAuthMiddleware.php
Normal file
@@ -0,0 +1,62 @@
|
||||
<?php
|
||||
|
||||
namespace app\http\admin\middleware;
|
||||
|
||||
use app\service\system\access\AdminAuthService;
|
||||
use support\Context;
|
||||
use Webman\Http\Request;
|
||||
use Webman\Http\Response;
|
||||
use Webman\MiddlewareInterface;
|
||||
|
||||
/**
|
||||
* 管理员认证中间件。
|
||||
*
|
||||
* 负责读取管理员 token,并把管理员身份写入请求上下文。
|
||||
*/
|
||||
class AdminAuthMiddleware implements MiddlewareInterface
|
||||
{
|
||||
/**
|
||||
* 构造函数,注入对应依赖。
|
||||
*/
|
||||
public function __construct(
|
||||
protected AdminAuthService $adminAuthService
|
||||
) {
|
||||
}
|
||||
|
||||
/**
|
||||
* 处理请求。
|
||||
*/
|
||||
public function process(Request $request, callable $handler): Response
|
||||
{
|
||||
$token = trim((string) ($request->header('authorization', '') ?: $request->header('x-admin-token', '')));
|
||||
$token = preg_replace('/^Bearer\s+/i', '', $token) ?: $token;
|
||||
|
||||
if ($token === '') {
|
||||
if ((int) env('AUTH_MIDDLEWARE_STRICT', 1) === 1) {
|
||||
return json([
|
||||
'code' => 401,
|
||||
'msg' => 'admin unauthorized',
|
||||
'data' => null,
|
||||
]);
|
||||
}
|
||||
} else {
|
||||
$admin = $this->adminAuthService->authenticateToken(
|
||||
$token,
|
||||
$request->getRealIp(),
|
||||
$request->header('user-agent', '')
|
||||
);
|
||||
if (!$admin) {
|
||||
return json([
|
||||
'code' => 401,
|
||||
'msg' => 'admin unauthorized',
|
||||
'data' => null,
|
||||
]);
|
||||
}
|
||||
|
||||
Context::set('auth.admin_id', (int) $admin->id);
|
||||
Context::set('auth.admin_username', (string) $admin->username);
|
||||
}
|
||||
|
||||
return $handler($request);
|
||||
}
|
||||
}
|
||||
@@ -1,73 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace app\http\admin\middleware;
|
||||
|
||||
use Webman\MiddlewareInterface;
|
||||
use Webman\Http\Request;
|
||||
use Webman\Http\Response;
|
||||
use app\common\utils\JwtUtil;
|
||||
use app\exceptions\UnauthorizedException;
|
||||
|
||||
/**
|
||||
* JWT 认证中间件
|
||||
*
|
||||
* 验证请求中的 JWT token,并将用户信息注入到请求对象中
|
||||
*/
|
||||
class AuthMiddleware implements MiddlewareInterface
|
||||
{
|
||||
/**
|
||||
* 处理请求
|
||||
* @param Request $request 请求对象
|
||||
* @param callable $handler 下一个中间件处理函数
|
||||
* @return Response 响应对象
|
||||
*/
|
||||
public function process(Request $request, callable $handler): Response
|
||||
{
|
||||
// 从请求头中获取 token
|
||||
$auth = $request->header('Authorization', '');
|
||||
if (!$auth) {
|
||||
throw new UnauthorizedException('缺少认证令牌');
|
||||
}
|
||||
|
||||
// 兼容 "Bearer xxx" 或直接 "xxx"
|
||||
if (str_starts_with($auth, 'Bearer ')) {
|
||||
$token = substr($auth, 7);
|
||||
} else {
|
||||
$token = $auth;
|
||||
}
|
||||
|
||||
if (!$token) {
|
||||
throw new UnauthorizedException('认证令牌格式错误');
|
||||
}
|
||||
|
||||
try {
|
||||
// 解析 JWT token
|
||||
$payload = JwtUtil::parseToken($token);
|
||||
|
||||
if (empty($payload) || !isset($payload['user_id'])) {
|
||||
throw new UnauthorizedException('认证令牌无效');
|
||||
}
|
||||
|
||||
// 将用户信息存储到请求对象中,供控制器使用
|
||||
$request->user = $payload;
|
||||
$request->userId = (int) ($payload['user_id'] ?? 0);
|
||||
|
||||
// 继续处理请求
|
||||
return $handler($request);
|
||||
} catch (UnauthorizedException $e) {
|
||||
// 重新抛出业务异常,让框架处理
|
||||
throw $e;
|
||||
} catch (\Throwable $e) {
|
||||
// 根据异常类型返回不同的错误信息
|
||||
$message = $e->getMessage();
|
||||
if (str_contains($message, 'expired') || str_contains($message, 'Expired')) {
|
||||
throw new UnauthorizedException('认证令牌已过期');
|
||||
} elseif (str_contains($message, 'signature') || str_contains($message, 'Signature')) {
|
||||
throw new UnauthorizedException('认证令牌签名无效');
|
||||
} else {
|
||||
throw new UnauthorizedException('认证令牌验证失败:' . $message);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user