feat(pay): 支付节点需要进行密码输入

slimkit · Sep 7, 2018 · 348f1b9 · 348f1b9
1 parent b60c4d6
commit 348f1b9
Show file tree

Hide file tree

Showing 2 changed files with 65 additions and 0 deletions.
diff --git a/app/Http/Controllers/APIs/V2/PurchaseController.php b/app/Http/Controllers/APIs/V2/PurchaseController.php
@@ -22,13 +22,24 @@
 
 use Illuminate\Http\Request;
 use Zhiyi\Plus\Models\PaidNode as PaidNodeModel;
+use hiyi\Plus\Http\Middleware\VerifyUserPassword;
 use Zhiyi\Plus\Models\WalletCharge as WalletChargeModel;
 use Illuminate\Contracts\Cache\Repository as CacheContract;
 use Zhiyi\Plus\Packages\Currency\Processes\User as UserProcess;
 use Illuminate\Contracts\Routing\ResponseFactory as ResponseContract;
 
 class PurchaseController extends Controller
 {
+    /**
+     * Create the controller instance.
+     */
+    public function __construct()
+    {
+        $this
+            ->middleware(VerifyUserPassword::class)
+            ->only(['pay', 'payByCurrency']);
+    }
+
     /**
      * 获取付费节点和当前用户的付费状态.
      *

diff --git a/app/Http/Middleware/VerifyUserPassword.php b/app/Http/Middleware/VerifyUserPassword.php
@@ -0,0 +1,54 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Zhiyi\Plus\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Contracts\Auth\Guard;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
+
+class VerifyUserPassword
+{
+    /**
+     * The user guard.
+     * @var \Illuminate\Contracts\Auth\Guard
+     */
+    protected $auth;
+
+    /**
+     * Creates a new instance of the middleware.
+     *
+     * @param Guard $auth
+     */
+    public function __construct(Guard $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * The middleware handler.
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure $next
+     * @return mixed
+     * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
+     * @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if ($this->auth->guest()) {
+            throw new UnauthorizedHttpException('请先登录');
+        } elseif ($this->auth->getProvider()->validateCredentials(
+            $this->auth->user(),
+            [
+                'password' => $request->input('password')
+            ]
+        )) {
+            return $next($request);
+        }
+
+        throw new AccessDeniedHttpException('密码验证错误');
+    }
+}