9
This commit is contained in:
commie
+33
-39
@@ -19,14 +19,14 @@ class Auth implements MiddlewareInterface
|
||||
*/
|
||||
public function process(Request $request, callable $next): Response
|
||||
{
|
||||
$headers = [
|
||||
'Access-Control-Allow-Credentials' => 'true',
|
||||
'Access-Control-Allow-Origin' => $request->header('origin', '*'),
|
||||
'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),
|
||||
'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),
|
||||
];
|
||||
if($request->method() == 'OPTIONS'){
|
||||
$headers = [
|
||||
'Access-Control-Allow-Credentials' => 'true',
|
||||
'Access-Control-Allow-Origin' => $request->header('origin', '*'),
|
||||
'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),
|
||||
'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),
|
||||
];
|
||||
$response = response('200',200,$headers);
|
||||
$response = response('',204,$headers);
|
||||
return $response;
|
||||
}
|
||||
$lang = $request->input('lang','zh-Hans');
|
||||
@@ -49,28 +49,29 @@ class Auth implements MiddlewareInterface
|
||||
//检测是否登录
|
||||
try {
|
||||
if (!\support\Jwt::isLogin()) {
|
||||
return json([
|
||||
return new Response(401,$headers,json_encode([
|
||||
"code"=>401,
|
||||
"data"=>[],
|
||||
"msg"=>__('Please login first')
|
||||
]);
|
||||
]));
|
||||
}
|
||||
} catch (\Exception $e) {
|
||||
return json([
|
||||
return new Response(401,$headers,json_encode([
|
||||
"code"=>401,
|
||||
"data"=>[],
|
||||
"msg"=>__('Please login first')
|
||||
]);
|
||||
]));
|
||||
}
|
||||
$user = \support\Jwt\JwtToken::getUser();
|
||||
if(!$user['status']){
|
||||
return json([
|
||||
return new Response(403,$headers,json_encode([
|
||||
"code"=>403,
|
||||
"data"=>[],
|
||||
"msg"=>__('Account is locked')
|
||||
]);
|
||||
]));
|
||||
}
|
||||
|
||||
|
||||
// $key = "debounce_" . $request->path() . "_" . ($user->id ?? 'guest');
|
||||
// $ttl = 1; // 防抖时间(秒)
|
||||
// $redishandler = new \Redis;
|
||||
@@ -91,27 +92,27 @@ class Auth implements MiddlewareInterface
|
||||
$actionname = strtolower(get_action_name());
|
||||
$path = str_replace('.', '/', $controllername) . '/' . $actionname;
|
||||
if (!\support\Jwt::check($path)) {
|
||||
return json([
|
||||
return new Response(405,$headers,json_encode([
|
||||
"code"=>405,
|
||||
"data"=>[],
|
||||
"msg"=>__('You have no permission')
|
||||
]);
|
||||
"msg"=>__('have no permission')
|
||||
]));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($request->client!='web'){
|
||||
$data = $request->post('data');
|
||||
if($data){
|
||||
$data = str_replace('%3D','=',$data);
|
||||
$data = str_replace(' ','+',$data);
|
||||
//var_dump($data);
|
||||
$data = aesdecode($data);
|
||||
$data = json_decode($data,true);
|
||||
//var_dump($data);
|
||||
$request->withBody($data);
|
||||
}
|
||||
}
|
||||
// if($request->client!='web'){
|
||||
// $data = $request->post('data');
|
||||
// if($data){
|
||||
// $data = str_replace('%3D','=',$data);
|
||||
// $data = str_replace(' ','+',$data);
|
||||
// //var_dump($data);
|
||||
// $data = aesdecode($data);
|
||||
// $data = json_decode($data,true);
|
||||
// //var_dump($data);
|
||||
// $request->withBody($data);
|
||||
// }
|
||||
// }
|
||||
$config = Config('site');
|
||||
$config['debug'] = config('app.debug');
|
||||
$config['controller'] = $request->controller_name;
|
||||
@@ -126,13 +127,6 @@ class Auth implements MiddlewareInterface
|
||||
]);
|
||||
$request->IM = $IM;
|
||||
$response = $next($request);
|
||||
$headers = [
|
||||
'Access-Control-Allow-Credentials' => 'true',
|
||||
'Access-Control-Allow-Origin' => $request->header('origin', '*'),
|
||||
'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),
|
||||
'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),
|
||||
];
|
||||
$response->withHeaders($headers);
|
||||
//cp('auth');
|
||||
//\support\Log::alert('auth');
|
||||
$body = str_replace([
|
||||
@@ -140,10 +134,10 @@ class Auth implements MiddlewareInterface
|
||||
],[
|
||||
request()->path()
|
||||
],$response->rawBody());
|
||||
if($request->app=="api" && $request->client!='web'){
|
||||
$body = aesencode($body);
|
||||
}
|
||||
$response->withBody($body)->getStatusCode();
|
||||
// if($request->app=="api" && $request->client!='web'){
|
||||
// $body = aesencode($body);
|
||||
// }
|
||||
$response->withHeaders($headers)->withBody($body)->getStatusCode();
|
||||
$time = microtime() - $request->start_time;
|
||||
//echo("响应时间:".$request->uri().':'.$time.PHP_EOL);
|
||||
//$response = $next($request);
|
||||
|
||||
Reference in New Issue
Block a user