36 lines
953 B
PHP
36 lines
953 B
PHP
<?php
|
|
namespace app\api\middleware;
|
|
|
|
use Webman\MiddlewareInterface;
|
|
use Webman\Http\Request;
|
|
use Webman\Http\Response;
|
|
use app\common\service\AuthService;
|
|
|
|
class AuthMiddleware implements MiddlewareInterface
|
|
{
|
|
public function process(Request $request, callable $handler): Response
|
|
{
|
|
$token = $this->getBearerToken($request);
|
|
$user = AuthService::getUserByToken($token);
|
|
if (!$user) {
|
|
return jsonResponse(null, '未登录', 401);
|
|
}
|
|
$request->user = $user;
|
|
$request->token = $token;
|
|
return $handler($request);
|
|
}
|
|
|
|
protected function getBearerToken(Request $request): ?string
|
|
{
|
|
$authorization = $request->header('authorization');
|
|
if (!$authorization) {
|
|
return null;
|
|
}
|
|
if (stripos($authorization, 'Bearer ') === 0) {
|
|
return trim(substr($authorization, 7));
|
|
}
|
|
return trim($authorization);
|
|
}
|
|
}
|
|
|