|
|
@@ -21,7 +21,14 @@ class JwtAuthMiddleware
|
|
|
{
|
|
|
|
|
|
try {
|
|
|
- $user = JWTAuth::parseToken()->authenticate();
|
|
|
+ $data = JWTAuth::decode(JWTAuth::getToken())['user'];
|
|
|
+ if ($data->sign !== md5($data->uid . env('JWT_SECRET'))) {
|
|
|
+ $error = [
|
|
|
+ 'message' => 'request is not allow',
|
|
|
+ 'code' => 401,
|
|
|
+ ];
|
|
|
+ return response()->json($error);
|
|
|
+ }
|
|
|
} catch (TokenExpiredException $e) {
|
|
|
$error = [
|
|
|
'message' => 'Token is Expired',
|
xielin