fix:修复部分 token 的过期异常未被 catch 的问题

2024-11-21 14:41:29 +00:00 · 2024-03-28 16:27:02 +08:00 · 2024-03-28 16:27:02 +08:00 · f748f60e27
commit f748f60e27
parent 8c8f0447a3
2 changed files with 19 additions and 11 deletions
--- a/app/api/controller/Index.php
+++ b/app/api/controller/Index.php
@ -5,9 +5,9 @@ namespace app\api\controller;
 use ba\Tree;
 use Throwable;
 use think\facade\Db;
-use think\facade\Cookie;
 use think\facade\Config;
 use app\common\controller\Frontend;
+use app\common\library\token\TokenExpirationException;

 class Index extends Frontend
 {
@ -42,12 +42,15 @@ class Index extends Frontend
            // 若是从前台会员中心内发出的请求，要求必须登录，否则会员中心异常
            $requiredLogin = $this->request->get('requiredLogin/b', false);
            if ($requiredLogin) {
-                $token = $this->request->server('HTTP_BA_USER_TOKEN', $this->request->request('ba-user-token', Cookie::get('ba-user-token') ?: false));

-                // 若过期可触发过期判定
-                $this->auth->init($token);
+                // 触发可能的 token 过期异常
+                try {
+                    $token = get_auth_token(['ba', 'user', 'token']);
+                    $this->auth->init($token);
+                } catch (TokenExpirationException) {
+                    $this->error(__('Token expiration'), [], 409);
+                }

-                // 未过期或无token，直接要求登录
                $this->error(__('Please login first'), [
                    'type' => $this->auth::NEED_LOGIN
                ], $this->auth::LOGIN_RESPONSE_CODE);
--- a/extend/ba/Terminal.php
+++ b/extend/ba/Terminal.php
@ -14,10 +14,10 @@ namespace ba;
 use Throwable;
 use think\Response;
 use think\facade\Config;
-use think\facade\Cookie;
 use app\admin\library\Auth;
 use app\admin\library\module\Manage;
 use think\exception\HttpResponseException;
+use app\common\library\token\TokenExpirationException;

 class Terminal
 {
@ -190,11 +190,16 @@ class Terminal
        }

        if ($authentication) {
-            $token = request()->server('HTTP_BATOKEN', request()->request('batoken', Cookie::get('batoken') ?: false));
-            $auth  = Auth::instance();
-            $auth->init($token);
-            if (!$auth->isLogin() || !$auth->isSuperAdmin()) {
-                $this->execError("You are not super administrator or not logged in", true);
+            try {
+                $token = get_auth_token();
+                $auth  = Auth::instance();
+                $auth->init($token);
+
+                if (!$auth->isLogin() || !$auth->isSuperAdmin()) {
+                    $this->execError("You are not super administrator or not logged in", true);
+                }
+            } catch (TokenExpirationException) {
+                $this->execError(__('Token expiration'));
            }
        }