43 lines
1.1 KiB
PHP
43 lines
1.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use App\Services\Auth\TokenService;
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
class ValidateAccessToken
|
|
{
|
|
public function __construct(
|
|
private readonly TokenService $tokenService
|
|
) {}
|
|
|
|
public function handle(Request $request, Closure $next): Response
|
|
{
|
|
$bearerToken = $request->bearerToken();
|
|
|
|
if (!$bearerToken) {
|
|
return response()->json([
|
|
'error' => 'unauthorized',
|
|
'message' => '未授权,令牌无效或未提供。',
|
|
], 401);
|
|
}
|
|
|
|
$tokenData = $this->tokenService->validateAccessToken($bearerToken);
|
|
|
|
if (!$tokenData) {
|
|
return response()->json([
|
|
'error' => 'unauthorized',
|
|
'message' => '访问令牌无效或已过期。',
|
|
], 401);
|
|
}
|
|
|
|
// Add client information to the request for later use
|
|
$request->merge(['client_id' => $tokenData['client_id']]);
|
|
|
|
return $next($request);
|
|
}
|
|
}
|