Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
wugg
/
useraccount
1
0
Салаа 0
Файлууд Асуудлууд 0 Хуулах хүсэлтүүд 0 Мэдлэгийн сан
Мод: d615589f34
Салаанууд Тагууд
useraccount
/
app
/
middleware
/
CheckAuth.php

CheckAuth.php 2.1 KB
Түүх Анхны өгөгдөл

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. <?php
    2. 

  2. declare (strict_types = 1);
    3. 

  3. 

  4. namespace app\middleware;
    5. 

  5. 

  6. use think\facade\Db;
    7. 

  7. class CheckAuth
    8. 

  8. {
    9. 

  9. 	protected $noCheck=[];
    10. 

  10. 	// header头配置
    11. 

  11. 	protected $header = [
    12. 

  12. 		'Access-Control-Allow-Credentials' => 'true',
    13. 

  13. 		'Access-Control-Max-Age'           => 1800,
    14. 

  14. 		'Access-Control-Allow-Methods'     => 'GET, POST, PATCH, PUT, DELETE, OPTIONS',
    15. 

  15. 		'Access-Control-Allow-Headers'     => 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token',
    16. 

  16. 	];
    17. 

  17.     /**
    18. 

  18.      * 处理请求
    19. 

  19.      *
    20. 

  20.      * @param \think\Request $request
    21. 

  21.      * @param \Closure       $next
    22. 

  22.      * @return Response|\think\response\Json
    23. 

  23.      */
    24. 

  24.     public function handle($request, \Closure $next)
    25. 

  25.     {
    26. 

  26.     	if($request->isOptions()){
    27. 

  27.     		return json();
    28. 

  28.     	}
    29. 

  29. //    	$header =$request->header();
    30. 

  30. //	    $header = !empty($header) ? array_merge($this->header, $header) : $this->header;
    31. 

  31. //	    if (!isset($header['Access-Control-Allow-Origin'])) {
    32. 

  32. //		    $origin = $request->header('origin');
    33. 

  33. //		    $header['Access-Control-Allow-Origin'] = $origin;
    34. 

  34. //	    }
    35. 

  35. //
    36. 

  36. 	    $param =$request->post();
    37. 

  37. //    	if($header['is_strict_login']==True){
    38. 

  38. //    	    $check =$this->check($header,$param);
    39. 

  39. //	         if($check['code']==1){
    40. 

  40. //		        return json_show(104,$check['msg']);
    41. 

  41. //			}
    42. 

  42. //    	}
    43. 

  43.     
    44. 

  44.        return $next($request);
    45. 

  45.     }
    46. 

  46. 

  47. 	/**数据接口签名验证
    48. 

  48. 	* @param $data
    49. 

  49. 	* @param $param
    50. 

  50. 	* @return array
    51. 

  51. 	*/
    52. 

  52.     private  function check($data,$param){
    53. 

  53.         //check sign
    54. 

  54.         if (!isset($data['appid']) || !$data['appid']) {
    55. 

  55.             return ['code'=>1,'msg'=>'发送的应用参数不存在'];
    56. 

  56.         }
    57. 

  57.         $appinf =Db::name("auth")->where(["app_id"=>$data['appid'],"is_del"=>0,"status"=>1])->findOrEmpty();
    58. 

  58.         if(empty($appinf)){
    59. 

  59.         	  return ['code'=>1,'msg'=>'发送的应用参数错误'];
    60. 

  60.         }
    61. 

  61. 		$mege=["appid"=>$data['appid'],"noce"=>$data['noce']??'',"sign"=>$data['sign']??'',"timestamp"=>$data['timestamp']??''];
    62. 

  62.         $value =array_merge($mege,$param);
    63. 

  63.         $Sign= new \Sign($appinf['app_id'],$appinf['app_key']);
    64. 

  64.         $result =$Sign->verifySign($value);
    65. 

  65.         return $result;
    66. 

  66.     }
    67. 

  67. }
    68.