Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
M
meibuyu-micro
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
without authentication
meibuyu-micro
Commits
45426787
Commit
45426787
authored
Mar 31, 2022
by
秦俊坤
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
鉴权部分优化
parent
ae9e4f3f
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
30 additions
and
8 deletions
+30
-8
AuthorizeMiddleware.php
src/Middleware/AuthorizeMiddleware.php
+28
-6
AuthenticationServiceInterface.php
...ervice/Interfaces/User/AuthenticationServiceInterface.php
+2
-2
No files found.
src/Middleware/AuthorizeMiddleware.php
View file @
45426787
...
@@ -2,6 +2,9 @@
...
@@ -2,6 +2,9 @@
namespace
Meibuyu\Micro\Middleware
;
namespace
Meibuyu\Micro\Middleware
;
use
FastRoute\Dispatcher
;
use
Hyperf\HttpServer\Router\DispatcherFactory
;
use
Hyperf\Utils\ApplicationContext
;
use
Meibuyu\Micro\Model\Auth
;
use
Meibuyu\Micro\Model\Auth
;
use
Meibuyu\Micro\Service\Interfaces\User\AuthenticationServiceInterface
;
use
Meibuyu\Micro\Service\Interfaces\User\AuthenticationServiceInterface
;
use
Psr\Http\Message\ResponseInterface
;
use
Psr\Http\Message\ResponseInterface
;
...
@@ -21,20 +24,20 @@ class AuthorizeMiddleware implements MiddlewareInterface
...
@@ -21,20 +24,20 @@ class AuthorizeMiddleware implements MiddlewareInterface
public
function
process
(
ServerRequestInterface
$request
,
RequestHandlerInterface
$handler
)
:
ResponseInterface
public
function
process
(
ServerRequestInterface
$request
,
RequestHandlerInterface
$handler
)
:
ResponseInterface
{
{
$
route
=
$request
->
getUri
()
->
getPath
();
$
path
=
$request
->
getUri
()
->
getPath
();
$token
=
token
();
$token
=
token
();
$applicationName
=
env
(
'APP_NAME'
);
$applicationName
=
env
(
'APP_NAME'
);
$method
=
$request
->
getMethod
();
$method
=
$request
->
getMethod
();
if
(
empty
(
$
route
))
return
$handler
->
handle
(
$request
);
if
(
empty
(
$
path
))
return
$handler
->
handle
(
$request
);
//获取对应的
route 对应的权限,如果 route
是不需要登录鉴权,直接返回
//获取对应的
path 对应的权限,如果 path
是不需要登录鉴权,直接返回
$passed
=
$this
->
authRouter
(
$applicationName
,
$
route
,
$method
,
$token
);
$passed
=
$this
->
authRouter
(
$applicationName
,
$
path
,
$method
,
$token
);
if
(
$passed
)
{
if
(
$passed
)
{
return
$handler
->
handle
(
$request
);
return
$handler
->
handle
(
$request
);
}
}
return
response
()
->
withStatus
(
403
);
//鉴权失败,错误码 403 forbidden
return
response
()
->
withStatus
(
403
);
//鉴权失败,错误码 403 forbidden
//
route 是需要登录鉴权的,判断当前用户是佛有对应 route
的权限
//
path 是需要登录鉴权的,判断当前用户是佛有对应 path
的权限
}
}
...
@@ -46,13 +49,32 @@ class AuthorizeMiddleware implements MiddlewareInterface
...
@@ -46,13 +49,32 @@ class AuthorizeMiddleware implements MiddlewareInterface
* @param $token
* @param $token
* @return bool
* @return bool
*/
*/
protected
function
authRouter
(
$applicationName
,
$
route
,
$method
,
$token
)
:
bool
protected
function
authRouter
(
$applicationName
,
$
path
,
$method
,
$token
)
:
bool
{
{
$userId
=
$this
->
getUserIdByToken
(
$token
);
$userId
=
$this
->
getUserIdByToken
(
$token
);
$route
=
$this
->
getRouterByPath
(
$path
,
$method
);
if
(
empty
(
$route
))
return
true
;
//说明没有匹配到路由,直接 pass,后续执行一定会返回 404, 这里也可以直接 返回 404
return
$this
->
authorizationService
->
authByRouter
(
$applicationName
,
$route
,
$method
,
$userId
);
return
$this
->
authorizationService
->
authByRouter
(
$applicationName
,
$route
,
$method
,
$userId
);
}
}
/**
* 根据 path 和 method 获取对应的 router
* @param string $path
* @param string $method
* @return array|string
*/
private
function
getRouterByPath
(
string
$path
,
string
$method
)
:
array
{
$factory
=
ApplicationContext
::
getContainer
()
->
get
(
DispatcherFactory
::
class
);
$dispatcher
=
$factory
->
getDispatcher
(
'http'
);
$routerMatched
=
$dispatcher
->
dispatch
(
$method
,
$path
);
$founded
=
$routerMatched
[
0
];
if
(
$founded
!=
Dispatcher
::
FOUND
)
return
''
;
//说明没有匹配上路由,可以直接 return 404 not found
$handler
=
$routerMatched
[
1
];
return
$handler
->
route
;
}
/**
/**
* 根据 token 获取对应的 user_id
* 根据 token 获取对应的 user_id
...
...
src/Service/Interfaces/User/AuthenticationServiceInterface.php
View file @
45426787
...
@@ -31,12 +31,12 @@ interface AuthenticationServiceInterface
...
@@ -31,12 +31,12 @@ interface AuthenticationServiceInterface
/**
/**
* 获取对应路由的接口权限结果
* 获取对应路由的接口权限结果
* @param $
path
string 路由名字
* @param $
route
string 路由名字
* @param $applicationName string 应用名字
* @param $applicationName string 应用名字
* @param $method string 请求方法
* @param $method string 请求方法
* @param $userId integer 用户 ID
* @param $userId integer 用户 ID
* @return bool
* @return bool
*/
*/
public
function
authByRouter
(
$applicationName
,
$
path
,
$method
,
$userId
)
:
bool
;
public
function
authByRouter
(
$applicationName
,
$
route
,
$method
,
$userId
)
:
bool
;
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment