鉴权部分优化

src/Middleware/AuthorizeMiddleware.php

@@ -2,6 +2,9 @@
 
 namespace Meibuyu\Micro\Middleware;
 
+use FastRoute\Dispatcher;
+use Hyperf\HttpServer\Router\DispatcherFactory;
+use Hyperf\Utils\ApplicationContext;
 use Meibuyu\Micro\Model\Auth;
 use Meibuyu\Micro\Service\Interfaces\User\AuthenticationServiceInterface;
 use Psr\Http\Message\ResponseInterface;
@@ -21,20 +24,20 @@ class AuthorizeMiddleware implements MiddlewareInterface
 
     public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
     {
-        $route = $request->getUri()->getPath();
+        $path = $request->getUri()->getPath();
         $token = token();
         $applicationName = env('APP_NAME');
         $method = $request->getMethod();
 
-        if (empty($route)) return $handler->handle($request);
-        //获取对应的 route 对应的权限，如果 route 是不需要登录鉴权，直接返回
-        $passed  = $this->authRouter($applicationName, $route, $method, $token);
+        if (empty($path)) return $handler->handle($request);
+        //获取对应的 path 对应的权限，如果 path 是不需要登录鉴权，直接返回
+        $passed  = $this->authRouter($applicationName, $path, $method, $token);
         if ($passed)  {
             return $handler->handle($request);
         }
 
         return response()->withStatus(403);     //鉴权失败，错误码 403 forbidden
-        //route 是需要登录鉴权的，判断当前用户是佛有对应  route 的权限
+        //path 是需要登录鉴权的，判断当前用户是佛有对应  path 的权限
 
     }
 
@@ -46,13 +49,32 @@ class AuthorizeMiddleware implements MiddlewareInterface
      * @param $token
      * @return bool
      */
-    protected function authRouter($applicationName, $route, $method, $token):  bool
+    protected function authRouter($applicationName, $path, $method, $token):  bool
     {
         $userId = $this->getUserIdByToken($token);
+        $route = $this->getRouterByPath($path, $method);
+        if (empty($route)) return true;     //说明没有匹配到路由，直接 pass，后续执行一定会返回 404， 这里也可以直接  返回 404
 
         return $this->authorizationService->authByRouter($applicationName, $route, $method, $userId);
     }
 
+    /**
+     * 根据 path 和 method 获取对应的 router
+     * @param string $path
+     * @param string $method
+     * @return array|string
+     */
+    private function getRouterByPath(string $path, string $method) : array
+    {
+        $factory = ApplicationContext::getContainer()->get(DispatcherFactory::class);
+        $dispatcher = $factory->getDispatcher('http');
+        $routerMatched = $dispatcher->dispatch($method, $path);
+        $founded =  $routerMatched[0];
+        if ( $founded != Dispatcher::FOUND) return '';        //说明没有匹配上路由，可以直接 return 404 not found
+
+        $handler = $routerMatched[1];
+        return $handler->route;
+    }
 
     /**
      * 根据 token 获取对应的 user_id

src/Service/Interfaces/User/AuthenticationServiceInterface.php

@@ -31,12 +31,12 @@ interface AuthenticationServiceInterface
 
     /**
      * 获取对应路由的接口权限结果
-     * @param $path string 路由名字
+     * @param $route string 路由名字
      * @param $applicationName string 应用名字
      * @param $method string  请求方法
      * @param $userId integer  用户 ID
      * @return bool
      */
-    public function authByRouter($applicationName, $path, $method, $userId):  bool;
+    public function authByRouter($applicationName, $route, $method, $userId):  bool;
 
 }