app/middleware/ActionHook.php

<?php
namespace app\middleware;

use Override;
use support\Container;
use Webman\MiddlewareInterface;
use Webman\Http\Response;
use Webman\Http\Request;
use Webman\Route;

class ActionHook implements MiddlewareInterface
{
    public function process(Request $request, callable $next) : Response
    {
        if ($request->controller) {
            $headers = [
                'Access-Control-Allow-Credentials' => 'true',
                'Access-Control-Allow-Origin' => $request->header('origin', '*'),
                'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),
                'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),
            ];
            if($request->method() == 'OPTIONS'){
                $response = response('',204,$headers);
                return $response;
            }
            // 禁止直接访问beforeAction afterAction
            if (substr($request->action,0,9) === '__before_' || substr($request->action,0,8) === '__after_') {
                $callback = Route::getFallback() ?? function () {
                    return new Response(404, [], \file_get_contents(public_path() . '/404.html'));
                };
                $reponse = $callback($request);
                return $reponse instanceof Response ? $reponse : \response($reponse);
            }
            $controller = Container::get($request->controller);
            $beforeAction = '__before_'.$request->action.'__';
            if (method_exists($controller, $beforeAction)) {
                $before_response = call_user_func([$controller, $beforeAction], $request);
                if ($before_response instanceof Response) {
                    return $before_response;
                }
            }
            $response = $next($request);
            $afterAction = '__after_'.$request->action.'__';
            if (method_exists($controller, $afterAction)) {
                $after_response = call_user_func([$controller, $afterAction], $request, $response);
                if ($after_response instanceof Response) {
                    return $after_response;
                }
            }
            if($request->controller == '\\hg\\apidoc\\Controller' && !$response->getHeader('Access-Control-Allow-Methods')){
                $response->withHeaders($headers);
            }
            return $response;
        }
        return $next($request);
    }
}
init admin 2025-11-07 09:56:20 +08:00			`<?php`
			`namespace app\middleware;`

4 2025-12-24 16:59:05 +08:00			`use Override;`
init admin 2025-11-07 09:56:20 +08:00			`use support\Container;`
			`use Webman\MiddlewareInterface;`
			`use Webman\Http\Response;`
			`use Webman\Http\Request;`
			`use Webman\Route;`

			`class ActionHook implements MiddlewareInterface`
			`{`
			`public function process(Request $request, callable $next) : Response`
			`{`
			`if ($request->controller) {`
11 2026-02-24 21:02:17 +08:00			`$headers = [`
			`'Access-Control-Allow-Credentials' => 'true',`
			`'Access-Control-Allow-Origin' => $request->header('origin', '*'),`
			`'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),`
			`'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),`
			`];`
			`if($request->method() == 'OPTIONS'){`
			`$response = response('',204,$headers);`
			`return $response;`
			`}`
init admin 2025-11-07 09:56:20 +08:00			`// 禁止直接访问beforeAction afterAction`
			`if (substr($request->action,0,9) === '__before_' \|\| substr($request->action,0,8) === '__after_') {`
			`$callback = Route::getFallback() ?? function () {`
			`return new Response(404, [], \file_get_contents(public_path() . '/404.html'));`
			`};`
			`$reponse = $callback($request);`
			`return $reponse instanceof Response ? $reponse : \response($reponse);`
			`}`
			`$controller = Container::get($request->controller);`
			`$beforeAction = '__before_'.$request->action.'__';`
			`if (method_exists($controller, $beforeAction)) {`
			`$before_response = call_user_func([$controller, $beforeAction], $request);`
			`if ($before_response instanceof Response) {`
			`return $before_response;`
			`}`
			`}`
			`$response = $next($request);`
			`$afterAction = '__after_'.$request->action.'__';`
			`if (method_exists($controller, $afterAction)) {`
			`$after_response = call_user_func([$controller, $afterAction], $request, $response);`
			`if ($after_response instanceof Response) {`
			`return $after_response;`
			`}`
			`}`
11 2026-02-24 21:02:17 +08:00			`if($request->controller == '\\hg\\apidoc\\Controller' && !$response->getHeader('Access-Control-Allow-Methods')){`
			`$response->withHeaders($headers);`
			`}`
init admin 2025-11-07 09:56:20 +08:00			`return $response;`
			`}`
			`return $next($request);`
			`}`
			`}`