| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 |
- <?php
- namespace App\Http\Middleware;
- use Closure;
- use Illuminate\Support\Facades\Redis;
- use Tymon\JWTAuth\Exceptions\JWTException;
- use Tymon\JWTAuth\Exceptions\TokenExpiredException;
- use Tymon\JWTAuth\Exceptions\TokenInvalidException;
- use Tymon\JWTAuth\Facades\JWTAuth;
- class JwtAuthMiddleware
- {
- /**
- * Handle an incoming request.
- *
- * @param \Illuminate\Http\Request $request
- * @param \Closure $next
- * @return mixed
- */
- public function handle($request, Closure $next)
- {
- try {
- $token = JWTAuth::getToken();
- if(empty($token)){
- $error = [
- 'message' => 'token is required',
- 'code' => 401,
- ];
- return response()->json($error)->setStatusCode(401);
- }
- $data = JWTAuth::decode($token)['user'];
- //检测token是否存在黑名单中
- if(Redis::zscore('blacklist_token', $token->get())){
- $error = [
- 'message' => 'token in blacklist',
- 'code' => 401,
- ];
- return response()->json($error)->setStatusCode(401);
- }
- if ($data->sign !== md5($data->uid . config('customer.jwt_secret'))) {
- $error = [
- 'message' => 'request is not allow',
- 'code' => 401,
- ];
- return response()->json($error);
- }
- } catch (TokenExpiredException $e) {
- $error = [
- 'message' => 'Token is Expired',
- 'code' => 401,
- ];
- return response()->json($error)->setStatusCode(401);
- } catch (TokenInvalidException $e) {
- $error = [
- 'message' => $e->getMessage(),
- 'code' => 401,
- ];
- return response()->json($error)->setStatusCode(401);
- } catch (JWTException $e) {
- $error = [
- 'message' => $e->getMessage(),
- 'code' => 401,
- ];
- return response()->json($error)->setStatusCode(401);
- }catch (\Exception $e){
- $error = [
- 'message' => $e->getMessage(),
- 'code' => 401,
- ];
- return response()->json($error)->setStatusCode(401);
- }
- return $next($request);
- }
- }
|
