fix: resolve PHPStan static analysis warnings

app/Http/Middleware/Admin.php

@@ -5,6 +5,7 @@ namespace App\Http\Middleware;
 use App\Exceptions\ApiException;
 use Illuminate\Support\Facades\Auth;
 use Closure;
+use App\Models\User;
 
 class Admin
 {
@@ -17,15 +18,13 @@ class Admin
      */
     public function handle($request, Closure $next)
     {
-        if (!Auth::guard('sanctum')->check()) {
-            throw new ApiException('未登录或登陆已过期', 403);
-        }
-
+        /** @var User|null $user */
         $user = Auth::guard('sanctum')->user();
-        if (!$user->is_admin) {
-            throw new ApiException('无管理员权限', 403);
+        
+        if (!$user || !$user->is_admin) {
+            return response()->json(['message' => 'Unauthorized'], 403);
         }
-
+        
         return $next($request);
     }
 }

app/Http/Middleware/CheckForMaintenanceMode.php

@@ -2,16 +2,17 @@
 
 namespace App\Http\Middleware;
 
-use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode as Middleware;
+use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance;
 
-class CheckForMaintenanceMode extends Middleware
+class CheckForMaintenanceMode extends PreventRequestsDuringMaintenance
 {
     /**
-     * The URIs that should be reachable while maintenance mode is enabled.
-     *
-     * @var array
+     * 维护模式白名单URI
+     * @var array<int, string>
      */
     protected $except = [
-        //
+        // 示例：
+        // '/api/health-check',
+        // '/status'
     ];
 }

app/Http/Middleware/EncryptCookies.php

@@ -7,9 +7,8 @@ use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
 class EncryptCookies extends Middleware
 {
     /**
-     * The names of the cookies that should not be encrypted.
-     *
-     * @var array
+     * 不需要加密的Cookie名称列表
+     * @var array<int, string>
      */
     protected $except = [
         //

app/Http/Middleware/TrimStrings.php

@@ -7,12 +7,13 @@ use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
 class TrimStrings extends Middleware
 {
     /**
-     * The names of the attributes that should not be trimmed.
-     *
-     * @var array
+     * 不需要去除前后空格的字段名
+     * @var array<int, string>
      */
     protected $except = [
         'password',
         'password_confirmation',
+        'encrypted_data',
+        'signature'
     ];
 }

app/Http/Middleware/TrustProxies.php

@@ -8,9 +8,8 @@ use Illuminate\Http\Request;
 class TrustProxies extends Middleware
 {
     /**
-     * The trusted proxies for this application.
-     *
-     * @var array|string
+     * 可信代理列表
+     * @var array<int, string>|string|null
      */
     protected $proxies = [
         "173.245.48.0/20",
@@ -36,8 +35,7 @@ class TrustProxies extends Middleware
     ];
 
     /**
-     * The headers that should be used to detect proxies.
-     *
+     * 代理头映射
      * @var int
      */
     protected $headers =

app/Http/Middleware/VerifyCsrfToken.php

@@ -7,16 +7,14 @@ use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
 class VerifyCsrfToken extends Middleware
 {
     /**
-     * Indicates whether the XSRF-TOKEN cookie should be set on the response.
-     *
+     * 是否在响应中设置XSRF-TOKEN cookie
      * @var bool
      */
     protected $addHttpCookie = true;
 
     /**
-     * The URIs that should be excluded from CSRF verification.
-     *
-     * @var array
+     * 不需要CSRF验证的URI列表
+     * @var array<int, string>
      */
     protected $except = [
         //