<?php
declare (strict_types = 1);

namespace app\middleware;

use think\facade\Db;
class CheckAuth
{
	protected $noCheck=[];
    /**
     * 处理请求
     *
     * @param \think\Request $request
     * @param \Closure       $next
     * @return Response|\think\response\Json
     */
    public function handle($request, \Closure $next)
    {
    	if($request->isOptions()){
    		return json();
    	}
    	$header =$request->header();
	    $param =$request->post();
	    if (isset($header['web-auth'])&&$header['web-auth']==1) {
		    $data=[
		    	"origin"=>$header['origin']??"",
		    	"noce"=>$header['noce']??'',
		    	"timestamp"=>$header['timestamp']??'',
		    	"sign"=>$header['sign']??'',
		    	];
	    	$check= \Header::checkHeader($header);
	    }else{
		    $check =$this->check($header,$param);
		    if($check['code']==1){
		        return json_show(104,$check['msg']);
		    }
	    }
    
       return $next($request);
    }

	/**数据接口签名验证
	* @param $data
	* @param $param
	* @return array
	*/
    private  function check($data,$param){
        //check sign
        if (!isset($data['appid']) || !$data['appid']) {
            return ['code'=>1,'msg'=>'发送的应用参数不存在'];
        }
        $appinf =Db::name("auth")->where(["app_id"=>$data['appid'],"is_del"=>0,"status"=>1])->findOrEmpty();
        if(empty($appinf)){
        	  return ['code'=>1,'msg'=>'发送的应用参数错误'];
        }
		$mege=["appid"=>$data['appid'],"noce"=>$data['noce']??'',"sign"=>$data['sign']??'',"timestamp"=>$data['timestamp']??''];
        $value =array_merge($mege,$param);
        $Sign= new \Sign($appinf['app_id'],$appinf['app_key']);
        $result =$Sign->verifySign($value);
        return $result;
    }
}