*/ class MiniAuth { public function handle($request, \Closure $next) { $auth = $request->header('Authorization', ''); if (!is_string($auth) || !str_starts_with($auth, 'Bearer ')) { return json(['code' => 401, 'msg' => '请先完成授权', 'data' => []]); } $token = trim(substr($auth, 7)); $user = Db::name('mp_user')->where('api_token', $token)->find(); if (!$user) { return json(['code' => 401, 'msg' => '请先登录或重新进入', 'data' => []]); } if ((int) ($user['status'] ?? 1) !== 1) { return json(['code' => 403, 'msg' => '账号已被禁用', 'data' => []]); } AuthContext::setMpUser($user); return $next($request); } }