<?php namespace app\middleware; use Closure; use app\service\Jwt as JwtService; /** * API登录认证(需要先调用JWT解析用户信息) * Class ApiLogin * @package app\middleware */ class ApiLogin { public function handle($request, Closure $next) { $authorization = $request->authorization ?? ''; if (empty($authorization)) { return json(['code' => 6001, 'msg' => '请填写token']); } if (!JwtService::validate($authorization)) { return json(['code' => 6001, 'msg' => 'token验证失败或已失效']); } $userInfo = $request->user ?? []; if (!isset($userInfo['user_id']) || empty($userInfo['user_id'])) { return json(['code' => 6001, 'msg' => 'token已失效']); } // 自定义过期时间校验。 if(isset($userInfo['expire_time']) && time() >= $userInfo['expire_time']) { return json(['code' => 6001, 'msg' => 'token已失效']); } return $next($request); } }