我正在使用https://github.com/tuupola/slim-jwt-auth苗条中间件在我正在开发的应用中进行身份验证。我有两种中间件,可用于根据应用程序的访问方式进行身份验证。我想在中间件确定身份验证是否有效之后,在应用程序级别并基于设置的变量运行这两部分。
是这样的:(Middleware.php)
$container = $app->getContainer();
$userAuthMiddleware = new JwtAuthentication([
'cookie' => $container->get('settings')['JWT']['cookieName'],
'secret' => $container->get('settings')['JWT']['secret'],
'secure' => $container->get('settings')['JWT']['secure'],
'algorithm' => [JWT::HASH_ALGORITHM],
'path' => ['/'],
'passthrough' => [
'/users/login',
'/users/logout',
'/users/reset-request',
'/users/reset-password',
'/leads/super'
],
'relaxed' => ['localhost'],
'error' => function(Request $request, Response $response, array $params) use ($container) {
//Handle error here
},
'callback' => function(Request $request, Response $response, array $params) use ($container) {
// attach the decoded token to the container
$container['jwt'] = $params['decoded'];
$container['user'] = UserHelper::getUser($container['jwt']->id, DaoFactory::getInstance()->user());
}
]);
// This should be the final piece of middleware that check if authentication is valid
$authMiddleware = function($request, $response, $next) use ($container) {
// $container['accessToken'] is in a 'AccessPoint' class
if (!isset($container['user']) && !isset($container['accessToken']))
return $response->withStatus(401)->withJson(GeneralErrors::response(GeneralErrors::UNAUTHORIZED));
};
$app->add($authMiddleware)
->add($userAuthMiddleware)
->add(new \MyApp\Middleware\AccessPointMiddleware());
我的问题是JwtAuthentication如果jwt无效而不返回下一个中间件,则将返回401。我似乎找不到找到调用下一个中间件$authMiddleware天气的方法,或者jwt是无效的。