feat : jwt

app/Middleware/Token/AbstractTokenMiddleware.php

@@ -0,0 +1,80 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Middleware\Token;
+
+use App\Interface\CheckTokenInterface;
+use App\Interface\JwtInterface;
+use App\Lib\Jwt\JwtFactory;
+use Hyperf\Collection\Arr;
+use Hyperf\Stringable\Str;
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\UnencryptedToken;
+use Psr\Container\ContainerInterface;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Swow\Psr7\Message\ServerRequestPlusInterface;
+use function Hyperf\Support\value;
+
+abstract class AbstractTokenMiddleware
+{
+    public function __construct(
+        protected ContainerInterface $container,
+        protected readonly JwtFactory $jwtFactory,
+        protected readonly CheckTokenInterface $checkToken,
+    ) {}
+
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+        $token = $this->parserToken($request);
+        $this->checkToken->checkJwt($token);
+        $this->checkIssuer($token);
+
+        return $handler->handle(
+            value(
+                static function (ServerRequestPlusInterface $request, UnencryptedToken $token) {
+                    return $request->setAttribute('token', $token);
+                },
+                $request,
+                $token
+            )
+        );
+    }
+
+    /**
+     * @param UnencryptedToken $token
+     * @return void
+     */
+    abstract public function checkIssuer(UnencryptedToken $token): void;
+
+    abstract public function getJwt(): JwtInterface;
+
+    /**
+     * @param ServerRequestInterface $request
+     * @return Token
+     */
+    protected function parserToken(ServerRequestInterface $request): Token
+    {
+        return $this->getJwt()->parserAccessToken($this->getToken($request));
+    }
+
+    /**
+     * @param ServerRequestInterface $request
+     * @return string
+     */
+    protected function getToken(ServerRequestInterface $request): string
+    {
+        if ($request->hasHeader('Authorization')) {
+            return Str::replace('Bearer ', '', $request->getHeaderLine('Authorization'));
+        }
+        if ($request->hasHeader('token')) {
+            return $request->getHeaderLine('token');
+        }
+        if (Arr::has($request->getQueryParams(), 'token')) {
+            return $request->getQueryParams()['token'];
+        }
+        return '';
+    }
+}

app/Middleware/Token/AdminTokenMiddleware.php

@@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Middleware\Token;
+
+use App\Exception\ErrException;
+use App\Interface\JwtInterface;
+use Lcobucci\JWT\Token\RegisteredClaims;
+use Lcobucci\JWT\UnencryptedToken;
+use function Hyperf\Support\env;
+
+final class AdminTokenMiddleware extends AbstractTokenMiddleware
+{
+    public function getJwt(): JwtInterface
+    {
+        return $this->jwtFactory->get('admin');
+    }
+
+    /**
+     * @param UnencryptedToken $token
+     * @return void
+     */
+    public function checkIssuer(UnencryptedToken $token): void
+    {
+        $audience = $token->claims()->get(RegisteredClaims::ISSUER);
+        if ($audience === env('APP_NAME') .'_admin') throw new ErrException('token错误');
+    }
+}