wugg
/
phpstock


			
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273
							<?php
declare (strict_types = 1);

namespace app\txx\middleware;

use app\txx\common\Sign;
use think\facade\Db;use think\Response;
use think\facade\Log;
class CheckAuth
{
    /**
     * 处理请求
     *
     * @param \think\Request $request
     * @param \Closure       $next
     * @return Response
     */
    public function handle($request, \Closure $next)
    {
    	$request->isCx=0;
    	$request->uid=0;
    	$request->uname='';
        $param = $request->post();
	    $header = $request->header();
	    Log::write("IPAddr:".$request->server("REMOTE_ADDR"),"info");
	    Log::write("Action:".$request->server("REQUEST_URI"),"info");
	    Log::write("param:".json_encode($param),"info");
	    Log::write("header:".json_encode($header),"info");
	    if(!isset($param['token'])||$param['token']==''){
		    Log::write("Action:".$request->server("REQUEST_URI"),"info");
		    $check =$this->check($header,$param);
		    if($check['code']==1){
			    return json_show(104,$check['msg']);
		    }
	    }else{
			$acct =VerifyTokens($param['token']);
	    	if(!isset($acct['code']) || $acct['code']!=0){
			    return  json_show(102,$acct['message']);
		    }
	        $request->uid=isset($acct['data']['user']['id']) ?$acct['data']['user']['id']:"";
            $request->uname=isset($acct['data']['user']['nickname']) ?$acct['data']['user']['nickname']:"";
	    	$request->isCx=1;
	    }
		$response = $next($request);
	    return $response;


    }
	public function end(Response $response)
	{

	}
	/**数据接口签名验证
	* @param $data
	* @param $param
	 * @return array
	 */
    private  function check($data,$param){
        //check sign
        if (!isset($data['appid']) || !$data['appid']) {
            return ['code'=>1,'msg'=>'发送的应用参数不存在'];
        }
        $appinf =Db::name("act_company")->where(["app_id"=>$data['appid'],"is_del"=>0,"status"=>1])->findOrEmpty();
        if(empty($appinf)){
        	  return ['code'=>1,'msg'=>'发送的应用参数错误'];
        }
		$mege=["appid"=>$data['appid'],"noce"=>$data['noce']??'',"sign"=>$data['sign']??'',"timestamp"=>$data['timestamp']??''];
        $value =array_merge($mege,$param);
        $Sign=new Sign($appinf['app_id'],$appinf['app_key']);
        $result =$Sign->verifySign($value);
        return $result;
    }
}