lihai-oa/app/api/middleware/Auth.php

52 lines
1.8 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* @copyright Copyright (c) 2021 勾股工作室
* @license https://opensource.org/licenses/GPL-3.0
* @link https://www.gougucms.com
*/
namespace app\api\middleware;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use think\facade\Request;
use think\Response;
class Auth
{
public function handle($request, \Closure $next)
{
$token = Request::header('Token');
if ($token) {
if (count(explode('.', $token)) != 3) {
return json(['code'=>404,'msg'=>'非法请求']);
}
$config = get_system_config('token');
try {
JWT::$leeway = 60;//当前时间减去60把时间留点余地
$decoded = JWT::decode($token, new Key($config['secrect'], 'HS256')); //HS256方式这里要和签发的时候对应
$decoded_array = json_decode(json_encode($decoded),TRUE);
$jwt_data = $decoded_array['data'];
define('JWT_UID', $jwt_data['userid']);
$response = $next($request);
return $response;
} catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确
return json(['code'=>403,'msg'=>'签名错误']);
}catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用
return json(['code'=>401,'msg'=>'token失效']);
}catch(\Firebase\JWT\ExpiredException $e) { // token过期
return json(['code'=>401,'msg'=>'token已过期']);
}catch(Exception $e) { //其他错误
return json(['code'=>404,'msg'=>'非法请求']);
}catch(\UnexpectedValueException $e) { //其他错误
return json(['code'=>404,'msg'=>'非法请求']);
} catch(\DomainException $e) { //其他错误
return json(['code'=>404,'msg'=>'非法请求']);
}
} else {
return json(['code'=>404,'msg'=>'token不能为空']);
}
return $next($request);
}
}