cxinv/app/admin/middleware/checkToken.php

<?php
declare (strict_types = 1);

namespace app\admin\middleware;
use think\facade\Db;
class checkToken
{

	private $post;
	private $uid=0;
	private $uname='';
	private $roleid='0';
	private $level='0';
	public $novalidate=[
		'admin/systemlast',
		"admin/login",
		"admin/stats",
		"admin/departstat",
		"admin/departEveryDay",
		"admin/companyEveryMonth",
		"admin/wechat_getinfo",
		"admin/wechat_getconfig",
		"admin/totalstat"
		];
    /**
     * 处理请求
     *
     * @param \think\Request $request
     * @param \Closure       $next
     * @return
     */
    public function handle($request, \Closure $next)
    {
        if ($request->isOptions()) {
            return json();
        }
        $data=[
        	"info"=>"",
        	"action"=>"",
        	"url"=>$request->server()['REQUEST_URI'],
        	"param"=>json_encode($request->param(),JSON_UNESCAPED_UNICODE),
        	"name"=>'',
        	"addtime"=>date("Y-m-d H:i:s")
        ];
        Db::name("system_log")->insert($data);
        if(!in_array($request->pathinfo(),$this->novalidate)){
        $result = $this->validateToken($request->param());
	        if($result['code']!=0){
	            return error_show($result['code'],$result['message']);
            }
        }
		$request->uid=$this->uid;
		$request->uname=$this->uname;
		$request->roleid=$this->roleid;
		$request->level=$this->level;

        return $next($request);
    }

         /**
		* @return array
		* @throws \think\db\exception\DataNotFoundException
		* @throws \think\db\exception\DbException
		* @throws \think\db\exception\ModelNotFoundException
		* @throws \think\exception\DbException
		 */
     public function validateToken($request){
            $token = isset($request['token']) ? trim($request['token']) : "";
            $companyNo = isset($request['relaComNo']) ? trim($request['relaComNo']) : "";
            if($token==""){
            	return ["code"=>101,"message"=>"参数token不能为空"];
            }
            $effetc = VerifyTokens($token);
            if(!empty($effetc) && $effetc['code']!=0) {
            	 return ["code"=>$effetc['code'],"message"=>$effetc['message']];
            }
            $this->uid=$effetc['data']['id']??"";
            $this->uname=$effetc['data']['nickname']??"";
            $where=[];
            if($companyNo!=""){
            	$where=["companyNo"=>$companyNo];
            }
            $role = Db::name("user_role")->where(["uid"=>$this->uid,"is_del"=>0])->where($where)->findOrEmpty();
            if(empty($role)){
            	 return ["code"=>101,"message"=>"账户已禁用"];
            }
            $this->roleid=$role['roleid'];
            $level =Db::name("role")->where(["id"=>$role['roleid']])->find();
            if($role['status']==0 || $level['status']==0 ){
            	$this->level='';
            }else $this->level = $effetc['data']['level'];//$this->level=$level['level']>1 ?2 :($level['level']??1);
             return ["code"=>0,"message"=>"验证通过"];
     }
}