auth/src/Middleware/Authentication.php at main · webman-tech/auth · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?php

namespace WebmanTech\Auth\Middleware;

use WebmanTech\Auth\Auth;
use WebmanTech\Auth\Interfaces\GuardInterface;
use WebmanTech\Auth\Interfaces\IdentityInterface;
use WebmanTech\CommonUtils\Middleware\BaseMiddleware;
use WebmanTech\CommonUtils\Request;
use WebmanTech\CommonUtils\Response;

/**
 * 授权认证中间件
 */
class Authentication extends BaseMiddleware
{
    public function __construct(protected ?string $guardName = null)
    {
    }

    /**
     * @inheritDoc
     */
    public function processRequest(Request $request, \Closure $handler): Response
    {
        if ($this->guardName !== null) {
            SetAuthGuard::setGuardName($request, $this->guardName);
        }

        $guard = $this->getGuard();
        $identity = $guard->getAuthenticationMethod()->authenticate($request);
        if ($identity instanceof IdentityInterface) {
            $guard->login($identity);
            $result = $this->checkIdentity($identity);
            if ($result instanceof Response) {
                return $result;
            }
            return $handler($request);
        }
        if ($this->isOptionalRoute($request)) {
            return $handler($request);
        }

        return $guard->getAuthenticationFailedHandler()->handle($request);
    }

    /**
     * guard
     * @return GuardInterface
     */
    protected function getGuard(): GuardInterface
    {
        return Auth::guard();
    }

    /**
     * 是否是可选的路由
     * @param Request $request
     * @return bool
     */
    protected function isOptionalRoute(Request $request): bool
    {
        $checked = [$request->getPath()];
        if ($route = $request->getRoute()) {
            if ($name = $route->getName()) {
                $checked[] = $name;
            }
            if ($path = $route->getPath()) {
                $checked[] = $path;
            }
        }
        foreach (array_unique($checked) as $item) {
            if (in_array($item, $this->optionalRoutes())) {
                return true;
            }
        }

        return false;
    }

    /**
     * 当挂载了中间件，但是验证不通过时，此处配置的路由将会继续执行
     * 用于某些路由既可以登录也可以不登录访问，如果登录了需要获取用户信息的情况
     * 支出路由的 name 和 path
     * @return array
     */
    protected function optionalRoutes(): array
    {
        return [];
    }

    /**
     * 预留出来可以用来做用户信息检查
     * @param IdentityInterface $identity
     * @return Response|null
     */
    protected function checkIdentity(IdentityInterface $identity): ?Response
    {
        return null;
    }
}