增加ApiBase中间件，分离Controller中的用户和商户判断

app/Http/Controllers/Controller.php

@@ -2,8 +2,6 @@
 
 namespace App\Http\Controllers;
 
-use App\Models\Agent;
-use App\Models\User;
 use Illuminate\Support\Facades\Cache;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Foundation\Bus\DispatchesJobs;
@@ -25,25 +23,12 @@ class Controller extends BaseController
 		$auth = request()->header('Authentication');
 		$appid = request()->header('appid');
 
-		//检查用户
+		//代理商和用户已经在中间件中检查过了，这里不再重复检查，也避免后台出错
 		if ($auth) {
 			$this->user_id = Cache::get($auth);
-			if ($this->user_id) {
-				$user = User::query()->firstWhere(['id' => $this->user_id, 'status' => 1]);
-			}
-			if (empty($user)) {
-				$this->error('用户不存在或已被禁用' . $this->user_id);
-				exit();
-			}
 		}
 
-		//检查代理商
-		$agent = Agent::query()->firstWhere(['appid' => $appid, 'status' => 1]);
-		if (!$agent) {
-			$this->error('商户不存在或已被禁用');
-			exit();
-		}
-		$this->agent_id = $agent->id;
+		$this->agent_id = Cache::get($appid, 0);
     }
 
     protected function success($data = [], $msg = 'success', $code = 0, $status = 200)
@@ -54,7 +39,7 @@ class Controller extends BaseController
             'data' => $data,
             'status' => $status,
 			'debug_time' => microtime(true) - LARAVEL_START
-       ])->send();
+       ]);
     }
 
     protected function error($msg = 'error', $code = -1, $status = 500)
@@ -65,6 +50,6 @@ class Controller extends BaseController
             'data' => [],
             'status' => $status,
 			'debug_time' => microtime(true) - LARAVEL_START
-        ])->send();
+        ]);
     }
 }

app/Http/Middleware/AuthApi.php → app/Http/Middleware/ApiAuth.php

@@ -2,38 +2,41 @@
 
 namespace App\Http\Middleware;
 
+use App\Models\User;
 use Closure;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cache;
 
-class AuthApi
+class ApiAuth
 {
     /**
      * Handle an incoming request.
      *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
+     * @param Request $request
+     * @param Closure $next
      * @return mixed
      */
     public function handle(Request $request, Closure $next)
     {
     	$auth = $request->header('Authentication');
-    	$appid = $request->header('appid');
-    	if (!$auth || !$appid) {
+
+    	if (empty($auth)) {
 			return response()->json([
 				'code' => -1,
-				'msg' => 'header参数缺失',
+				'msg' => '关键认证参数缺失',
 				'data' => [],
 				'status' => 500,
 			]);
 		}
-    	// TODO 登录部分待优化
-    	if (!Cache::get($auth)) {
+
+		//检查用户 TODO 登录部分待优化
+		$user_id = Cache::get($auth);
+		if (empty($user_id) || $user_id != User::query()->where(['id' => $user_id, 'status' => 1])->value('id')) {
 			return response()->json([
 				'code' => -1,
-				'msg' => '请先登录',
+				'msg' => '登录已超时或用户不存在，请重新登录',
 				'data' => [],
-				'status' => 500,
+				'status' => 403,
 			]);
 		}
         return $next($request);

app/Http/Middleware/ApiBase.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace App\Http\Middleware;
+use App\Models\Agent;
+use App\Models\User;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Cache;
+
+class ApiBase
+{
+	public function handle(Request $request, Closure $next)
+	{
+		$appid = request()->header('appid');
+
+		if (empty($appid)) {
+			return response()->json([
+				'code' => -1,
+				'msg' => '商户信息缺失',
+				'data' => [],
+				'status' => 500,
+			]);
+		}
+
+		//检查代理商
+		$agent_id = Cache::get($appid);
+		if (empty($agent_id) || $agent_id != Agent::query()->where(['appid' => $appid, 'status' => 1])->value('id')) {
+			return response()->json([
+				'code' => -1,
+				'msg' => '商户不存在或已被禁用',
+				'data' => [],
+				'status' => 403,
+			]);
+		}
+		Cache::put($appid, $agent_id);
+		return $next($request);
+	}
+}

routes/api.php

@@ -22,7 +22,9 @@ use Illuminate\Support\Facades\Route;
 Route::post('login', 'App\Http\Controllers\Api\LoginController@login');
 
 # 无需登录可获取数据
-Route::namespace('App\Http\Controllers\Api')->group(function () {
+Route::namespace('App\Http\Controllers\Api')
+	->middleware(App\Http\Middleware\ApiBase::class)
+	->group(function () {
 	# 首页
 	Route::post('index', 'IndexController@index');
 
@@ -77,7 +79,7 @@ Route::namespace('App\Http\Controllers\Api')->group(function () {
 
 # 需要登录才能请求
 Route::namespace('App\Http\Controllers\Api')
-	->middleware(App\Http\Middleware\AuthApi::class)
+	->middleware([App\Http\Middleware\ApiBase::class, App\Http\Middleware\ApiAuth::class])
 	->group(function () {
     # 我的频道
     Route::prefix('user_channel')->group(function () {