|
|
@@ -3,6 +3,7 @@
|
|
|
namespace App\Http\Middleware;
|
|
|
|
|
|
use Closure;
|
|
|
+use Illuminate\Support\Facades\Redis;
|
|
|
use Tymon\JWTAuth\Exceptions\JWTException;
|
|
|
use Tymon\JWTAuth\Exceptions\TokenExpiredException;
|
|
|
use Tymon\JWTAuth\Exceptions\TokenInvalidException;
|
|
|
@@ -30,6 +31,14 @@ class JwtAuthMiddleware
|
|
|
return response()->json($error);
|
|
|
}
|
|
|
$data = JWTAuth::decode($token)['user'];
|
|
|
+ //检测token是否存在黑名单中
|
|
|
+ if(Redis::zscore('blacklist_token', $token->get())){
|
|
|
+ $error = [
|
|
|
+ 'message' => 'token in blacklist',
|
|
|
+ 'code' => 401,
|
|
|
+ ];
|
|
|
+ return response()->json($error);
|
|
|
+ }
|
|
|
if ($data->sign !== md5($data->uid . config('customer.jwt_secret'))) {
|
|
|
$error = [
|
|
|
'message' => 'request is not allow',
|
xielin