Files
kiri-core/kiri-engine/Jwt/JWTAuthMiddleware.php
T

58 lines
1.4 KiB
PHP
Raw Normal View History

2021-08-06 16:54:17 +08:00
<?php
declare(strict_types=1);
2021-08-11 01:04:57 +08:00
namespace Kiri\Jwt;
2021-08-06 16:54:17 +08:00
2021-09-18 16:54:39 +08:00
use Annotation\Inject;
2021-08-06 16:54:17 +08:00
use Exception;
2021-09-18 16:54:39 +08:00
use Http\Message\ServerRequest;
2021-08-11 01:04:57 +08:00
use Kiri\Kiri;
2021-09-18 16:54:39 +08:00
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Server\Constrict\ResponseInterface;
2021-08-06 16:54:17 +08:00
/**
* Class CoreMiddleware
2021-08-11 01:04:57 +08:00
* @package Kiri\Kiri\Route
2021-08-06 16:54:17 +08:00
* 跨域中间件
*/
2021-09-18 16:54:39 +08:00
class JWTAuthMiddleware implements MiddlewareInterface
2021-08-06 16:54:17 +08:00
{
/** @var int */
public int $zOrder = 0;
2021-09-18 16:54:39 +08:00
#[Inject(ResponseInterface::class)]
public ResponseInterface $response;
2021-08-06 16:54:17 +08:00
/**
2021-09-18 16:54:39 +08:00
* @param ServerRequest $request
* @param RequestHandlerInterface $handler
* @return \Psr\Http\Message\ResponseInterface
2021-08-06 16:54:17 +08:00
* @throws Exception
*/
2021-09-18 16:54:39 +08:00
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): \Psr\Http\Message\ResponseInterface
2021-08-06 16:54:17 +08:00
{
2021-08-28 00:51:27 +08:00
$authorization = $request->getHeaderLine('Authorization');
2021-08-06 16:54:17 +08:00
if (empty($authorization)) {
2021-09-18 16:54:39 +08:00
return $this->response->json(['code' => 401, 'JWT voucher cannot be empty.']);
2021-08-06 16:54:17 +08:00
}
if (!str_starts_with($authorization, 'Bearer ')) {
2021-09-18 16:54:39 +08:00
return $this->response->json(['code' => 401, 'JWT Voucher Format Error.']);
2021-08-06 16:54:17 +08:00
}
$authorization = str_replace('Bearer ', '', $authorization);
2021-08-11 01:04:57 +08:00
$jwt = Kiri::app()->getJwt();
2021-08-06 16:54:17 +08:00
if (!$jwt->validator($authorization)) {
2021-09-18 16:54:39 +08:00
return $this->response->json(['code' => 401, 'JWT Validator fail.']);
2021-08-06 16:54:17 +08:00
}
2021-09-18 16:54:39 +08:00
return $handler->handle($request);
2021-08-06 16:54:17 +08:00
}
}