AuthorizeMiddleware.php

<?php

namespace Meibuyu\Micro\Middleware;

use Meibuyu\Micro\Model\Auth;
use Meibuyu\Micro\Service\Interfaces\User\AuthenticationServiceInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Hyperf\Di\Annotation\Inject;

class AuthorizeMiddleware implements MiddlewareInterface
{

    /**
     * @Inject()
     * @var AuthenticationServiceInterface
     */
    private $authorizationService;

    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        $route = $request->getUri()->getPath();
        $token = token();
        $applicationName = env('APP_NAME');

        if (empty($route)) return $handler->handle($request);
        //获取对应的 route 对应的权限，如果 route 是不需要登录鉴权，直接返回
        $passed  = $this->routerAuth($applicationName, $route, $token);
        if ($passed)  {
            return $handler->handle($request);
        }

        return response()->withStatus(403);     //鉴权失败，错误码 403 forbidden
        //route 是需要登录鉴权的，判断当前用户是佛有对应  route 的权限

    }


    /**
     * 获取对应路由的权限，调用 RPC 服务
     * @param $applicationName
     * @param $route
     * @param $token
     * @return bool
     */
    protected function routerAuth($applicationName, $route, $token):  bool
    {
        $userId = $this->getUserIdByToken($token);

        return $this->authorizationService->authByRouter($applicationName, $route, $userId);
    }


    /**
     * 根据 token 获取对应的 user_id
     * @param $token
     * @return int|mixed
     */
    protected function getUserIdByToken($token)
    {
        if (empty($token)) return 0;
        $user = redis()->get($token);
        if ( ! $user)  return 0;

        $userArr =   \json_decode($user, true);
        return !empty($userArr['id']) ? $userArr['id'] : 0;
    }
}