mineadmin · luckydog-sunny · Feb 24, 2026 · coderabbitai · Feb 24, 2026 · coderabbitai
diff --git a/app/Http/Common/Middleware/AccessTokenMiddleware.php b/app/Http/Common/Middleware/AccessTokenMiddleware.php
@@ -12,13 +12,51 @@
 
 namespace App\Http\Common\Middleware;
 
+use App\Http\Common\Result;
+use App\Http\Common\ResultCode;
+use Hyperf\Codec\Json;
+use Hyperf\HttpMessage\Stream\SwooleStream;
+use Lcobucci\JWT\Validation\RequiredConstraintsViolated;
 use Mine\Jwt\JwtInterface;
 use Mine\JwtAuth\Middleware\AbstractTokenMiddleware;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Swow\Psr7\Message\ServerRequestPlusInterface;
 
 final class AccessTokenMiddleware extends AbstractTokenMiddleware
 {
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+        try {
+            $token = $this->parserToken($request);
+        } catch (RequiredConstraintsViolated $e) {
+            $isExpired = str_contains($e->getMessage(), 'The token is expired');
+            $result = new Result(
+                code: ResultCode::UNAUTHORIZED,
+                message: $isExpired ? trans('jwt.expired') : trans('jwt.unauthorized'),
+            );
+            /** @var \Swow\Psr7\Message\ResponsePlusInterface $response */
+            $response = \Hyperf\Context\Context::get(ResponseInterface::class);
+            return $response
+                ->setHeader('Content-Type', 'application/json; charset=utf-8')
+                ->setBody(new SwooleStream(Json::encode($result->toArray())));
+        }
+
+        $this->checkToken->checkJwt($token);
+        return $handler->handle(
+            value(
+                static function (ServerRequestPlusInterface $request, \Lcobucci\JWT\UnencryptedToken $token) {
+                    return $request->setAttribute('token', $token);
+                },
+                $request,
+                $token
+            )
+        );
+    }
+
     public function getJwt(): JwtInterface
     {
         return $this->jwtFactory->get();
     }
-}
+}
diff --git a/app/Http/Common/Middleware/RefreshTokenMiddleware.php b/app/Http/Common/Middleware/RefreshTokenMiddleware.php
@@ -12,7 +12,12 @@
 
 namespace App\Http\Common\Middleware;
 
+use App\Http\Common\Result;
+use App\Http\Common\ResultCode;
+use Hyperf\Codec\Json;
+use Hyperf\HttpMessage\Stream\SwooleStream;
 use Lcobucci\JWT\UnencryptedToken;
+use Lcobucci\JWT\Validation\RequiredConstraintsViolated;
 use Mine\Jwt\JwtInterface;
 use Mine\JwtAuth\Middleware\AbstractTokenMiddleware;
 use Psr\Http\Message\ResponseInterface;
@@ -24,16 +29,25 @@ class RefreshTokenMiddleware extends AbstractTokenMiddleware
 {
     public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
     {
-        $this->checkToken->checkJwt($this->parserToken($request));
+        try {
+            $token = $this->parserToken($request);
+        } catch (RequiredConstraintsViolated $e) {
+            $isExpired = str_contains($e->getMessage(), 'The token is expired');
+            $result = new Result(
+                code: ResultCode::UNAUTHORIZED,
+                message: $isExpired ? trans('jwt.expired') : trans('jwt.unauthorized'),
+            );
+            return $this->buildErrorResponse($request, $result);
+        }
+
+        $this->checkToken->checkJwt($token);
         return $handler->handle(
             value(
                 static function (ServerRequestPlusInterface $request, UnencryptedToken $token) {
                     return $request->setAttribute('token', $token);
                 },
                 $request,
-                $this->getJwt()->parserRefreshToken(
-                    $this->getToken($request)
-                )
+                $token
             )
         );
     }
@@ -47,4 +61,13 @@ protected function parserToken(ServerRequestInterface $request): UnencryptedToke
     {
         return $this->getJwt()->parserRefreshToken($this->getToken($request));
     }
-}
+
+    private function buildErrorResponse(ServerRequestInterface $request, Result $result): ResponseInterface
+    {
+        /** @var \Swow\Psr7\Message\ResponsePlusInterface $response */
+        $response = \Hyperf\Context\Context::get(ResponseInterface::class);
+        return $response
+            ->setHeader('Content-Type', 'application/json; charset=utf-8')
+            ->setBody(new SwooleStream(Json::encode($result->toArray())));
+    }
+}