php think make:middleware CheckToken
<?phpdeclare (strict_types = 1);namespace app\middleware;use app\warmtips\Result\Result; //统一返回处理class CheckToken{/*** 处理请求** @param \think\Request $request* @param \Closure $next* @return Response*/public function handle($request, \Closure $next){//// var_dump('中间件CheckToken');// return $next($request);// 获取token$token = $request->param('token');// 验证token是否存在if(empty($token)){return Result::Error(0,'token不能为空');}else{$res = checkToken($token);if($res['code'] != 1){return Result::Error($res['code'],$res['msg']);}}return $next($request);}}
return [// 注册中间件(验证token)\app\middleware\CheckToken::class];
<?php// 这是系统自动生成的middleware定义文件return [\app\middleware\Test::class];
protected $middleware = [\app\middleware\CheckToken::class => ['except' => ['login','index']]];
Route::get('hello/:name', 'index/hello')->middleware(\app\middleware\CheckToken::class);
/*** 生成token* $uid 输入用户openid&&id*/if(!function_exists('signToken')){// 生成验签function signToken($uid){$key = '!@#$%*&'; //这里是自定义的一个随机字串,应该写在config文件中的,解密时也会用,相当 于加密中常用的 盐 salt$token = array("iss" => '', //签发者 可以为空"aud" => '', //面象的用户,可以为空"iat" => time(), //签发时间"nbf" => time(), //在什么时候jwt开始生效 (这里表示生成60秒后才生效)"exp" => time() + 120, //token 过期时间 (这里表示过期时间为120秒)'data' => $uid //记录的userid的信息,这里是自已添加上去的,如果有其它信息,可以再添加数组的键值对);$jwt = JWT::encode($token, $key, "HS256"); //根据参数生成了 tokenreturn $jwt;}}/*** 验证token* $token 生成的token值*/if(!function_exists('checkToken')){// 验证tokenfunction checkToken($token){$key = '!@#$%*&';$status = array("code"=>2);try {// JWT::$leeway = 60; //当前时间减去60,把时间留点余地JWT::$leeway = 0;$decode = JWT::decode($token,new Key($key,'HS256')); //HS256方式,这里要和签发的时候对应$arr = (array)$decode;$res['code'] = 1;$res['data'] = $arr['data'];return $res;} catch (SignatureInvalidException $e) { //签名不正确$status['msg'] = "签名不正确";return $status;} catch (BeforeValidException $e) { // 签名在某个时间点之后才能用$status['msg'] = "token未生效";return $status;} catch (ExpiredException $e) { // token过期$status['msg'] = "token失效";return $status;} catch (Exception $e) { //其他错误$status['msg'] = "未知错误";return $status;}}}/*** 检验当前登录用户id,以便验证接口权限*/if(!function_exists(uidGet)){function uidGet($token){$key = '!@#$%*&';JWT::$leeway = 0;$decode = JWT::decode($token,new Key($key,'HS256')); //HS256方式,这里要和签发的时候对应$arr = (array)$decode;return $arr['data'];}}
<?php// 中间件配置return [// 别名或分组 (对于经常要使用的中间件定义一个别名)'alias' => ['CheckToken' => \app\middleware\CheckToken::class,'Auth' => \app\middleware\Auth::class],// 优先级设置,此数组中的中间件会按照数组中的顺序优先执行'priority' => [],];
protected $middleware = ['CheckToken' => ['except' => ['login','index']]];
Copyright 2014-2025 https://www.php.cn/ All Rights Reserved | php.cn | 湘ICP备2023035733号
收藏
