使用hyperf基本是用来做前后端分离的api后端,所以中间件的作用尤为重要
在抛弃传统mvc下,纯接口通信和内存常驻更考验php代码的安全性(注入,滥用),其带来的是高并发高可用
1.注册全局中间件middlewares
首先在App/Middleware中新建一个全局中间件文件 例如 ApiMiddleware.php
如下,其主要意义为处理OPTIONS和header中的防跨域作为全局http中间件
然后在config/ middlewares.php中进行注册
'http' => [
\App\Middleware\ApiMiddleware::class
],
ApiMiddleware.php 内容如下
<?php
declare(strict_types=1);
namespace App\Middleware;
use Hyperf\HttpServer\Contract\RequestInterface;
use Psr\Container\ContainerInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Hyperf\HttpServer\Contract\ResponseInterface as HttpResponse;
use Hyperf\Utils\Context;
class ApiMiddleware implements MiddlewareInterface
{
/**
* @var ContainerInterface
*/
protected $container;
/**
* @var RequestInterface
*/
protected $request;
/**
* @var HttpResponse
*/
protected $response;
public function __construct(ContainerInterface $container, RequestInterface $request, HttpResponse $response)
{
$this->container = $container;
$this->request = $request;
$this->response = $response;
}
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
$response = Context::get(ResponseInterface::class);
$response = $response->withHeader('Access-Control-Allow-Origin', '*')
->withHeader('Access-Control-Allow-Credentials', 'true')
// Headers 可以根据实际情况进行改写,目的是防跨域。
->withHeader('Access-Control-Allow-Headers', 'DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,token');
Context::set(ResponseInterface::class, $response);
if ($request->getMethod() == 'OPTIONS') {
return $response;
}
setlog($this->request->getHeaders(),$this->request->getServerParams(),$this->request->all());
return $handler->handle($request);
}
}
2.局部中间件
全局中间件等于是四合院的大门,同来统一规范进出入,而局部中间件等于四合院中的每件小房,用来甄别什么人才能进哪屋
同样是在在App/Middleware中新建一个N个自定义中间件文件 例如 AdminMiddleware.php (假设用来给管理员应用目录的鉴权)
<?php
declare(strict_types=1);
namespace App\Middleware;
use Psr\Container\ContainerInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Hyperf\Utils\Context;
use App\Model\AdminUser;
class AdminMiddleware implements MiddlewareInterface
{
/**
* @var ContainerInterface
*/
protected $container;
public function __construct(ContainerInterface $container)
{
$this->container = $container;
}
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
$headers = $request->getHeaders();
$loginStatus=false;
//这里可以加入用户权限鉴定,loginStatus如果false,则返回201
if(isset($headers['token']) && $headers['token'][0]){
$user = AdminUser::query()->where('token',$headers['token'][0])->first();
if($user){
Context::set('uid', $user['id']);
$loginStatus=true;
}
}
if($loginStatus){
return $handler->handle($request);
}else{
return $this->response->json(
[
'code' => 201,
'data' => [
'error' => true,
],
]
);
}
}
}
然后在config/routes.php中 在对应管理员接口中配置中间件即可
use App\Middleware\AdminMiddleware;
/*管理员-auth*/
Router::addGroup(
'/admin', function () {
Router::post('/info', [\App\Controller\Admin\UserController::class, 'info']);
Router::post('/logout', [\App\Controller\Admin\UserController::class, 'logout']);
Router::post('/user/list', [\App\Controller\Admin\MemberController::class, 'index']);
Router::post('/user/add', [\App\Controller\Admin\MemberController::class, 'add']);
Router::post('/user/edit', [\App\Controller\Admin\MemberController::class, 'edit']);
Router::post('/user/status', [\App\Controller\Admin\MemberController::class, 'status']);
Router::post('/user/del', [\App\Controller\Admin\MemberController::class, 'del']);
Router::post('/config/select', [\App\Controller\Admin\ConfigController::class, 'select']);
Router::post('/config/save', [\App\Controller\Admin\ConfigController::class, 'save']);
Router::post('/slider/list', [\App\Controller\Admin\IndexController::class, 'slider_list']);
Router::post('/slider/add', [\App\Controller\Admin\IndexController::class, 'slider_add']);
Router::post('/slider/edit', [\App\Controller\Admin\IndexController::class, 'slider_edit']);
Router::post('/slider/del', [\App\Controller\Admin\IndexController::class, 'slider_del']);
Router::post('/slider/status', [\App\Controller\Admin\IndexController::class, 'slider_status']);
Router::post('/box/list', [\App\Controller\Admin\IndexController::class, 'box_list']);
Router::post('/box/add', [\App\Controller\Admin\IndexController::class, 'box_add']);
Router::post('/box/edit', [\App\Controller\Admin\IndexController::class, 'box_edit']);
Router::post('/box/del', [\App\Controller\Admin\IndexController::class, 'box_del']);
Router::post('/box/status', [\App\Controller\Admin\IndexController::class, 'box_status']);
},
['middleware' => [AdminMiddleware::class]]
);
如果你喜欢博主,清点一下关注并点一下赞 祝大家写代码永无BUG
本文全网原创,转载请注明出处 CSDN@PHP全栈狼