suyuan/app/api/http/middleware/LoginMiddleware.php

74 lines
2.8 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
// +----------------------------------------------------------------------
// | likeadmin快速开发前后端分离管理后台PHP版
// +----------------------------------------------------------------------
// | 欢迎阅读学习系统程序代码,建议反馈是我们前进的动力
// | 开源版本可自由商用可去除界面版权logo
// | gitee下载https://gitee.com/likeshop_gitee/likeadmin
// | github下载https://github.com/likeshop-github/likeadmin
// | 访问官网https://www.likeadmin.cn
// | likeadmin团队 版权所有 拥有最终解释权
// +----------------------------------------------------------------------
// | author: likeadminTeam
// +----------------------------------------------------------------------
declare (strict_types=1);
namespace app\api\http\middleware;
use app\common\cache\UserTokenCache;
use app\common\service\JsonService;
use app\api\service\UserTokenService;
use think\facade\Config;
class LoginMiddleware
{
/**
* @notes 登录验证
* @param $request
* @param \Closure $next
* @return mixed|\think\response\Json
* @author 令狐冲
* @date 2021/7/1 17:33
*/
public function handle($request, \Closure $next)
{
$token = $request->header('token');
//判断接口是否免登录
$isNotNeedLogin = $request->controllerObject->isNotNeedLogin();
//不直接判断$isNotNeedLogin结果使不需要登录的接口通过为了兼容某些接口可以登录或不登录访问
if (empty($token) && !$isNotNeedLogin) {
//没有token并且该地址需要登录才能访问, 指定show为0前端不弹出此报错
return JsonService::fail('请求参数缺token', [], 0, 0);
}
$userInfo = (new UserTokenCache())->getUserInfo($token);
if (empty($userInfo) && !$isNotNeedLogin) {
//token过期无效并且该地址需要登录才能访问
return JsonService::fail('登录超时,请重新登录', [], -1, 0);
}
//token临近过期自动续期
if ($userInfo) {
//获取临近过期自动续期时长
$beExpireDuration = Config::get('project.user_token.be_expire_duration');
//token续期
if (time() > ($userInfo['expire_time'] - $beExpireDuration)) {
$result = UserTokenService::overtimeToken($token);
//续期失败(数据表被删除导致)
if (empty($result)) {
return JsonService::fail('登录过期', [], -1);
}
}
}
//给request赋值用于控制器
$request->userInfo = $userInfo;
$request->userId = $userInfo['user_id'] ?? 0;
return $next($request);
}
}