app/api/middleware/system/ApiPermissions.php

<?php /** @noinspection ALL */

namespace app\api\middleware\system;

use app\common\library\Auth;
use app\common\library\ResultCode;
use Webman\Event\Event;
use Webman\MiddlewareInterface;
use Webman\Http\Response;
use Webman\Http\Request;

/**
 * API权限中间件
 * @package app\api\middleware\system
 * @author meystack <
 */
class ApiPermissions implements MiddlewareInterface
{
    /**
     * 控制器登录鉴权
     * @var bool
     */
    public bool $needLogin = false;

    /**
     * API验证流程
     * @var bool
     */
    public bool $authWorkflow = true;

    /**
     * 非鉴权方法
     * @var array
     */
    public array $noNeedAuth = [];

    /**
     * 校验权限
     * @param Request $request
     * @param callable $handler
     * @return Response
     */
    public function process(Request $request, callable $handler): Response
    {
        $app = request()->getApp();
        $controller = request()->getController();
        $action = request()->getAction();
        $method = $controller . '/' . $action;
        $className = '\app' . $app . '\\controller\\' . $controller;
        $className = str_replace('/', '\\', $className);
        if (class_exists($className)) {
            $refClass = new \ReflectionClass($className);
            $property = $refClass->getDefaultProperties();
            $this->needLogin = $property['needLogin'] ?? false;
            $this->noNeedAuth = $property['noNeedAuth'] ?? [];
        }

        $auth = Auth::instance();
        if ($auth->isLogin()) {
            $request->user_id = $auth->userData['id'];
            $request->userData = $auth->userData;
            if ($this->authWorkflow && Event::hasListener('apiAuth')) {
                $result = Event::emit('apiAuth', ['method' => $method, 'user_id' => $request->user_id], true);
                if (isset($result['code']) && $result['code'] != 200) {
                    return json($result);
                }
            }
        } else {
            if ($this->needLogin && !in_array($action, $this->noNeedAuth)) {
                return json(ResultCode::AUTH_ERROR);
            }
        }

        return $handler($request);
    }
}
first commit 2022-08-19 19:48:37 +08:00			`<?php /** @noinspection ALL */`

			`namespace app\api\middleware\system;`

			`use app\common\library\Auth;`
			`use app\common\library\ResultCode;`
			`use Webman\Event\Event;`
			`use Webman\MiddlewareInterface;`
			`use Webman\Http\Response;`
			`use Webman\Http\Request;`

			`/**`
			`* API权限中间件`
			`* @package app\api\middleware\system`
			`* @author meystack <`
			`*/`
			`class ApiPermissions implements MiddlewareInterface`
			`{`
			`/**`
			`* 控制器登录鉴权`
			`* @var bool`
			`*/`
fix:更新已知bug,优化代码 2022-11-28 19:11:12 +08:00			`public bool $needLogin = false;`
first commit 2022-08-19 19:48:37 +08:00
			`/**`
			`* API验证流程`
			`* @var bool`
			`*/`
fix:更新已知bug,优化代码 2022-11-28 19:11:12 +08:00			`public bool $authWorkflow = true;`
first commit 2022-08-19 19:48:37 +08:00
			`/**`
			`* 非鉴权方法`
			`* @var array`
			`*/`
fix:更新已知bug,优化代码 2022-11-28 19:11:12 +08:00			`public array $noNeedAuth = [];`
first commit 2022-08-19 19:48:37 +08:00
			`/**`
			`* 校验权限`
			`* @param Request $request`
			`* @param callable $handler`
			`* @return Response`
			`*/`
			`public function process(Request $request, callable $handler): Response`
			`{`
			`$app = request()->getApp();`
			`$controller = request()->getController();`
			`$action = request()->getAction();`
			`$method = $controller . '/' . $action;`
			`$className = '\app' . $app . '\\controller\\' . $controller;`
			`$className = str_replace('/', '\\', $className);`
			`if (class_exists($className)) {`
			`$refClass = new \ReflectionClass($className);`
			`$property = $refClass->getDefaultProperties();`
			`$this->needLogin = $property['needLogin'] ?? false;`
			`$this->noNeedAuth = $property['noNeedAuth'] ?? [];`
			`}`

			`$auth = Auth::instance();`
			`if ($auth->isLogin()) {`
fix:更新已知bug,优化代码 2022-11-28 19:11:12 +08:00			`$request->user_id = $auth->userData['id'];`
			`$request->userData = $auth->userData;`
first commit 2022-08-19 19:48:37 +08:00			`if ($this->authWorkflow && Event::hasListener('apiAuth')) {`
fix:更新已知bug,优化代码 2022-11-28 19:11:12 +08:00			`$result = Event::emit('apiAuth', ['method' => $method, 'user_id' => $request->user_id], true);`
first commit 2022-08-19 19:48:37 +08:00			`if (isset($result['code']) && $result['code'] != 200) {`
			`return json($result);`
			`}`
			`}`
			`} else {`
			`if ($this->needLogin && !in_array($action, $this->noNeedAuth)) {`
			`return json(ResultCode::AUTH_ERROR);`
			`}`
			`}`

			`return $handler($request);`
			`}`
			`}`