'true', 'Access-Control-Max-Age' => 1800, 'Access-Control-Allow-Methods' => 'GET, POST, PATCH, PUT, DELETE, OPTIONS', 'Access-Control-Allow-Headers' => 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token', ]; /** * 处理请求 * * @param \think\Request $request * @param \Closure $next * @return Response|\think\response\Json */ public function handle($request, \Closure $next) { if($request->isOptions()){ return json(); } // $header =$request->header(); // $header = !empty($header) ? array_merge($this->header, $header) : $this->header; // if (!isset($header['Access-Control-Allow-Origin'])) { // $origin = $request->header('origin'); // $header['Access-Control-Allow-Origin'] = $origin; // } // $param =$request->post(); // if($header['is_strict_login']==True){ // $check =$this->check($header,$param); // if($check['code']==1){ // return json_show(104,$check['msg']); // } // } return $next($request); } /**数据接口签名验证 * @param $data * @param $param * @return array */ private function check($data,$param){ //check sign if (!isset($data['appid']) || !$data['appid']) { return ['code'=>1,'msg'=>'发送的应用参数不存在']; } $appinf =Db::name("auth")->where(["app_id"=>$data['appid'],"is_del"=>0,"status"=>1])->findOrEmpty(); if(empty($appinf)){ return ['code'=>1,'msg'=>'发送的应用参数错误']; } $mege=["appid"=>$data['appid'],"noce"=>$data['noce']??'',"sign"=>$data['sign']??'',"timestamp"=>$data['timestamp']??'']; $value =array_merge($mege,$param); $Sign= new \Sign($appinf['app_id'],$appinf['app_key']); $result =$Sign->verifySign($value); return $result; } }