Home Explore Help
Register Sign In
wugg
/
useraccount
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 7d6e9f70b4
Branches Tags
useraccount
/
app
/
middleware
/
CheckAuth.php

CheckAuth.php 1.7 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 
  1. <?php
    2. 

  2. declare (strict_types = 1);
    3. 

  3. 

  4. namespace app\middleware;
    5. 

  5. 

  6. use think\facade\Db;
    7. 

  7. class CheckAuth
    8. 

  8. {
    9. 

  9. 	protected $noCheck=[];
    10. 

  10.     /**
    11. 

  11.      * 处理请求
    12. 

  12.      *
    13. 

  13.      * @param \think\Request $request
    14. 

  14.      * @param \Closure       $next
    15. 

  15.      * @return Response|\think\response\Json
    16. 

  16.      */
    17. 

  17.     public function handle($request, \Closure $next)
    18. 

  18.     {
    19. 

  19.     	if($request->isOptions()){
    20. 

  20.     		return json();
    21. 

  21.     	}
    22. 

  22.     	$header =$request->header();
    23. 

  23. 	    $param =$request->post();
    24. 

  24. 	    if (isset($header['web-auth'])&&$header['web-auth']==1) {
    25. 

  25. 		    $data=[
    26. 

  26. 		    	"origin"=>$header['origin']??"",
    27. 

  27. 		    	"noce"=>$header['noce']??'',
    28. 

  28. 		    	"timestamp"=>$header['timestamp']??'',
    29. 

  29. 		    	"sign"=>$header['sign']??'',
    30. 

  30. 		    	];
    31. 

  31. 	    	$check= \Header::checkHeader($header);
    32. 

  32. 	    }else{
    33. 

  33. 		    $check =$this->check($header,$param);
    34. 

  34. 		    if($check['code']==1){
    35. 

  35. 		        return json_show(104,$check['msg']);
    36. 

  36. 		    }
    37. 

  37. 	    }
    38. 

  38.     
    39. 

  39.        return $next($request);
    40. 

  40.     }
    41. 

  41. 

  42. 	/**数据接口签名验证
    43. 

  43. 	* @param $data
    44. 

  44. 	* @param $param
    45. 

  45. 	* @return array
    46. 

  46. 	*/
    47. 

  47.     private  function check($data,$param){
    48. 

  48.         //check sign
    49. 

  49.         if (!isset($data['appid']) || !$data['appid']) {
    50. 

  50.             return ['code'=>1,'msg'=>'发送的应用参数不存在'];
    51. 

  51.         }
    52. 

  52.         $appinf =Db::name("auth")->where(["app_id"=>$data['appid'],"is_del"=>0,"status"=>1])->findOrEmpty();
    53. 

  53.         if(empty($appinf)){
    54. 

  54.         	  return ['code'=>1,'msg'=>'发送的应用参数错误'];
    55. 

  55.         }
    56. 

  56. 		$mege=["appid"=>$data['appid'],"noce"=>$data['noce']??'',"sign"=>$data['sign']??'',"timestamp"=>$data['timestamp']??''];
    57. 

  57.         $value =array_merge($mege,$param);
    58. 

  58.         $Sign= new \Sign($appinf['app_id'],$appinf['app_key']);
    59. 

  59.         $result =$Sign->verifySign($value);
    60. 

  60.         return $result;
    61. 

  61.     }
    62. 

  62. }
    63.