You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 lines
1.2 KiB
40 lines
1.2 KiB
<?php
|
|
namespace app\api\middleware;
|
|
|
|
use app\Request;
|
|
use CsrfVerify\drive\ThinkphpCache;
|
|
use CsrfVerify\entity\CsrfVerifyEntity;
|
|
use CsrfVerify\interfaces\CsrfVerifyInterface;
|
|
use think\facade\Session;
|
|
|
|
class CsrfMiddleware
|
|
{
|
|
use \app\common\traits\JumpTrait;
|
|
|
|
public function handle(Request $request, \Closure $next)
|
|
{
|
|
if (env('EASYADMIN.IS_CSRF', true)) {
|
|
if (!in_array($request->method(), ['GET', 'HEAD', 'OPTIONS'])) {
|
|
|
|
// 跨域校验
|
|
$refererUrl = $request->header('REFERER', null);
|
|
$refererInfo = parse_url($refererUrl);
|
|
$host = $request->host(true);
|
|
if (!isset($refererInfo['host']) || $refererInfo['host'] != $host) {
|
|
$this->error('当前请求不合法!');
|
|
}
|
|
|
|
// CSRF校验
|
|
$ckCsrfToken = $request->post('ckCsrfToken', null);
|
|
$data = !empty($ckCsrfToken) ? ['__token__' => $ckCsrfToken] : [];
|
|
|
|
$check = $request->checkToken('__token__', $data);
|
|
if (!$check) {
|
|
$this->error('请求验证失败,请重新刷新页面!');
|
|
}
|
|
|
|
}
|
|
}
|
|
return $next($request);
|
|
}
|
|
}
|
|
|