添加鉴权蹭件

2 years ago · 323b712aec
parent a6ddf7c55e
commit 323b712aec
4 changed files with 59 additions and 5 deletions
--- a/app/admin/controller/AuthController.php
+++ b/app/admin/controller/AuthController.php
@ -2,14 +2,19 @@

 namespace app\admin\controller;

-use support\Request;
 use app\admin\model\User;
+use support\Request;

 /**
 * 用户登录
 */
 class AuthController extends BaseController
 {
+    /**
+     * 不需要登录的方法
+     */
+    protected $noNeedLogin = ['login'];
+
    public function login(Request $request): \support\Response
    {
        $user = new User();
--- a/app/admin/middleware/AuthCheck.php
+++ b/app/admin/middleware/AuthCheck.php
@ -0,0 +1,42 @@
+<?php
+/**
+ * This file is part of webman.
+ *
+ * Licensed under The MIT License
+ * For full copyright and license information, please see the MIT-LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @author    walkor<walkor@workerman.net>
+ * @copyright walkor<walkor@workerman.net>
+ * @link      http://www.workerman.net/
+ * @license   http://www.opensource.org/licenses/mit-license.php MIT License
+ */
+
+namespace app\admin\middleware;
+
+use ReflectionClass;
+use Tinywan\Jwt\JwtToken;
+use Webman\Http\Request;
+use Webman\Http\Response;
+use Webman\MiddlewareInterface;
+
+/**
+ * Class StaticFile
+ * @package app\middleware
+ */
+class AuthCheck implements MiddlewareInterface
+{
+    public function process(Request $request, callable $handler): Response
+    {
+        // 通过反射获取控制器哪些方法不需要登录
+        $controller = new ReflectionClass($request->controller);
+        $noNeedLogin = $controller->getDefaultProperties()['noNeedLogin'] ?? [];
+        var_dump($noNeedLogin);
+        // 访问的方法需要登录
+        if (!in_array($request->action, $noNeedLogin)) {
+            // 拦截请求，返回一个重定向响应，请求停止向洋葱芯穿越
+            JwtToken::verify();
+        }
+        return $handler($request);
+    }
+}
--- a/app/common/middleware/StaticFile.php
+++ b/app/common/middleware/StaticFile.php
@ -12,7 +12,7 @@
 * @license   http://www.opensource.org/licenses/mit-license.php MIT License
 */

-namespace app\wechat\middleware;
+namespace app\common\middleware;

 use Webman\Http\Request;
 use Webman\Http\Response;
@ -24,14 +24,14 @@ use Webman\MiddlewareInterface;
 */
 class StaticFile implements MiddlewareInterface
 {
-    public function process(Request $request, callable $next): Response
+    public function process(Request $request, callable $handler): Response
    {
        // Access to files beginning with. Is prohibited
        if (strpos($request->path(), '/.') !== false) {
            return response('<h1>403 forbidden</h1>', 403);
        }
        /** @var Response $response */
-        $response = $next($request);
+        $response = $handler($request);
        // Add cross domain HTTP header
        $response->withHeaders([
            'Access-Control-Allow-Origin'      => '*',
--- a/config/middleware.php
+++ b/config/middleware.php
@ -12,4 +12,11 @@
 * @license   http://www.opensource.org/licenses/mit-license.php MIT License
 */

-return [];
+return [
+    '' => [
+        App\common\middleware\StaticFile::class,
+    ],
+    'admin' => [
+        App\admin\middleware\AuthCheck::class,
+    ]
+];