Главная Обзор Помощь
Вход
zhouzhendong
/
baoshi-was
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 013d76c30b
Ветки Метки
baoshi-was
/
app
/
Http
/
Middleware
/
AuthorizingApi.php

AuthorizingApi.php 2.1 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. <?php
    2. 

  2. 

  3. namespace App\Http\Middleware;
    4. 

  4. 

  5. use App\Services\UserService;
    6. 

  6. use Closure;
    7. 

  7. use Firebase\JWT\ExpiredException;
    8. 

  8. use Firebase\JWT\JWT;
    9. 

  9. use Illuminate\Http\Request;
    10. 

  10. use Illuminate\Support\Facades\Auth;
    11. 

  11. use Illuminate\Support\Facades\Cache;
    12. 

  12. 

  13. class AuthorizingApi
    14. 

  14. {
    15. 

  15.     /**
    16. 

  16.      * Handle an incoming request.
    17. 

  17.      *
    18. 

  18.      * @param  Request  $request
    19. 

  19.      * @param  Closure  $next
    20. 

  20.      * @return mixed
    21. 

  21.      */
    22. 

  22.     public function handle(Request $request, Closure $next)
    23. 

  23.     {
    24. 

  24.         $token = $request->header("token");
    25. 

  25.         /**
    26. 

  26.          * @var UserService $service
    27. 

  27.          */
    28. 

  28.         $service = app("UserService");
    29. 

  29.         if (!$token) return response()->json([
    30. 

  30.                         'message' => '没有认证,请前去认证',
    31. 

  31.                         'status_code' => 401,
    32. 

  32.                     ]);
    33. 

  33.         try {
    34. 

  34.             $publicKey = Cache::remember("TOKEN_PUBLIC_KEY",7200,function (){
    35. 

  35.                 return file_get_contents(base_path().'/public.pem');
    36. 

  36.             });
    37. 

  37.         }catch (\Exception $e){
    38. 

  38.             $response["status_code"] = 410;
    39. 

  39.             if (strpos($e->getMessage(),"No such file or directory")!==false)$response["message"] = "服务器异常,资源丢失";
    40. 

  40.             else $response["message"] = "访问某些资源失败";
    41. 

  41.             return response()->json($response);
    42. 

  42.         }
    43. 

  43.         try {
    44. 

  44.             $payload = JWT::decode($token, $publicKey, ['RS256']);
    45. 

  45.             $user = $service->getOrRefreshCache($payload->data->id,$payload->exp);
    46. 

  46.             if (!$service->verifySingleTag($user->id, $token)){
    47. 

  47.                 $response["status_code"] = 407;
    48. 

  48.                 $response["message"] = "账号已在别处登录";
    49. 

  49.                 return response()->json($response);
    50. 

  50.             }
    51. 

  51.         }catch (ExpiredException $e){
    52. 

  52.             $response["status_code"] = 401;
    53. 

  53.             $response["message"] = "token失效";
    54. 

  54.             return response()->json($response);
    55. 

  55.         } catch (\Exception $e){
    56. 

  56.             $response["status_code"] = 401;
    57. 

  57.             $response["message"] = "token非法";
    58. 

  58.             return response()->json($response);
    59. 

  59.         }
    60. 

  60.         Auth::setUser($user);
    61. 

  61.         return $next($request);
    62. 

  62.     }
    63. 

  63. }
    64.