wugg
/
phpstock


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145
							<?php

namespace app\abutment\middleware;

use app\abutment\model\SupplierRelationUser;
use app\abutment\model\SupplierUser;
use think\facade\Cache;
use think\facade\Config;
use think\facade\Validate;
use think\Response;
use app\abutment\model\RequestLog as RequestLogModel;

//中间件
class apiMiddleware
{

    //白名单
    private $white_list = ['login','getuserinfo'];

    //请求入口
    public function handle($request, \Closure $next)
    {

        //请求的唯一标识
        $request->request_id = date('YmdHis') . mt_rand(100000, 999999);

        //1.接收参数
        $param = $request->post();

        //判断白名单
        if (!in_array(strtolower(request()->pathinfo()), $this->white_list)) {

            //获取用户信息
            $user = $this->getUserInfo($param);
            if (is_array($user)) $request->user = $user;
            else return $user;//响应信息，说明报错，直接返回给请求方

        }

        //3.记录日志
        RequestLogModel::add($request->request_id, $param);

        return $next($request);

    }


    //请求结束的回调(如果返回数据用的是app_show/error_show,即直接echo，则不会触发该方法)
    public function end(Response $response)
    {
        //只做记录，不做输出
        RequestLogModel::where('request_id', request()->request_id)->save([
            'response' => $response->getContent(),
            'supplierNo' => request()->user['supplierNo'] ?? '',
            'uid' => request()->user['uid'] ?? 0,
            //如果是白名单接口(例如登录接口),这个时候是没有supplierNo和uid字段的
        ]);
    }

    /**
     * //校验相关参数
     * private function checkHeader(array $header = [])
     * {
     * $val = Validate::rule([
     * 'clientid' => 'require',
     * 'timestamp|时间戳' => 'require|number|length:10',
     * 'randomstring|随机字符串' => 'require|alphaNum|length:20',
     * 'sign|签名' => 'require',
     * 'token' => 'require|length:40|alphaNum',
     * ]);
     *
     * if (!$val->check($header)) throw new ValidateException('请求基础参数有误:' . $val->getError());
     *
     * }
     *
     *
     * //获取供应商的信息
     * private function getSupplierInfoByClientID(string $clientID = '')
     * {
     * $key = Config::get('config.redis_key.supplier_info');
     *
     * $key .= $clientID;
     *
     * $data = Cache::get($key);
     *
     * if (!$data) {
     *
     * $data = Db::name('abutment_supplier_development')
     * ->alias('a')
     * ->field('a.id,a.supplierNo,a.supplier,a.clientID,a.clientSecret,s.person,s.personid')
     * ->leftJoin('supplier s', 's.code=a.supplierNo AND s.is_del=0')
     * ->where(['a.clientID' => $clientID, 'a.is_del' => 0])
     * ->findOrEmpty();
     *
     * Cache::set($key, $data, 3600 * 24);
     * }
     *
     * return $data;
     * }
     *
     *
     * //校验签名
     * private function checkSign(array $header = [], string $clientSecret = '')
     * {
     *
     * $str = substr($header['randomstring'], 0, 10) . $header['clientid'] . $header['timestamp'] . $header['token'] . substr($header['randomstring'], 10) . $clientSecret;
     *
     * //签名 = md5(随机字符串前10位 . clientID .时间戳 . token . 随机字符串后10位 . $clientSecret, 时间戳);
     * $sign = md5($str);
     *
     * if ($sign != $header['sign']) throw new ValidateException('签名错误');
     *
     * }
     **/

    //获取用户信息
    public function getUserInfo(array $param = [])
    {
        //101 < code < 104 ,表示用户鉴权错误，需要用户重新登录
        //code==101 token不存在
        //code==102 token已失效
        //code==103 未找到对应的账户
        //code==104 token无效
        $val = Validate::rule(['token|用户token' => 'require|length:40|alphaNum']);
        if (!$val->check($param)) return json_show(101, '参数错误，' . $val->getError());

        $val2 = Validate::rule(['supplierNo|供应商编码' => 'require|length:18|alphaNum']);
        if (!$val2->check($param)) return json_show(1004, '参数错误，' . $val2->getError());

        $data = Cache::get(Config::get('redis_key.user_info_token') . $param['token']);
        $data = json_decode($data, true);

        if (!$data) return json_show(102, 'token已过期');

        $res = SupplierRelationUser::field('id,supplierNo,supplierName')
            ->where(['is_del' => SupplierUser::$is_del_normal, 'supplierNo' => $param['supplierNo'], 'uid' => $data['uid']])
            ->findOrEmpty()
            ->toArray();

        if (empty($res)) return json_show(1004, '你尚未绑定当前供应商');

        return array_merge($data, ['supplierNo' => $param['supplierNo'], 'supplierName' => $res['supplierName']]);
    }

}