Accueil Explorer Aide
S'inscrire Connexion
wugg
/
useraccount
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: f4211a16b5
Branches Tags
useraccount
/
app
/
middleware
/
CheckAuth.php

CheckAuth.php 2.2 KB
Historique Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. <?php
    2. 

  2. declare (strict_types = 1);
    3. 

  3. 

  4. namespace app\middleware;
    5. 

  5. 

  6. use think\facade\Db;
    7. 

  7. 

  8. use think\middleware\AllowCrossDomain;
    9. 

  9. 

  10. class CheckAuth
    11. 

  11. {
    12. 

  12. 	protected $noCheck=[];
    13. 

  13. 	// header头配置
    14. 

  14. 	protected $header = [
    15. 

  15. 		'Access-Control-Allow-Credentials' => 'true',
    16. 

  16. 		'Access-Control-Max-Age'           => 1800,
    17. 

  17. 		'Access-Control-Allow-Methods'     => 'GET, POST, PATCH, PUT, DELETE, OPTIONS',
    18. 

  18. 		'Access-Control-Allow-Headers'     => 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token',
    19. 

  19. 	];
    20. 

  20.     /**
    21. 

  21.      * 处理请求
    22. 

  22.      *
    23. 

  23.      * @param \think\Request $request
    24. 

  24.      * @param \Closure       $next
    25. 

  25.      * @return Response|\think\response\Json
    26. 

  26.      */
    27. 

  27.     public function handle($request, \Closure $next)
    28. 

  28.     {
    29. 

  29.     	if($request->isOptions()){
    30. 

  30.     		return json();
    31. 

  31.     	}
    32. 

  32. //    	$header =$request->header();
    33. 

  33. //	    $header = !empty($header) ? array_merge($this->header, $header) : $this->header;
    34. 

  34. //	    if (!isset($header['Access-Control-Allow-Origin'])) {
    35. 

  35. //		    $origin = $request->header('origin');
    36. 

  36. //		    $header['Access-Control-Allow-Origin'] = $origin;
    37. 

  37. //	    }
    38. 

  38. //
    39. 

  39. 	    $param =$request->post();
    40. 

  40. //    	if($header['is_strict_login']==True){
    41. 

  41. //    	    $check =$this->check($header,$param);
    42. 

  42. //	         if($check['code']==1){
    43. 

  43. //		        return json_show(104,$check['msg']);
    44. 

  44. //			}
    45. 

  45. //    	}
    46. 

  46.     
    47. 

  47.        return $next($request);
    48. 

  48.     }
    49. 

  49. 

  50. 	/**数据接口签名验证
    51. 

  51. 	* @param $data
    52. 

  52. 	* @param $param
    53. 

  53. 	* @return array
    54. 

  54. 	*/
    55. 

  55.     private  function check($data,$param){
    56. 

  56.         //check sign
    57. 

  57.         if (!isset($data['appid']) || !$data['appid']) {
    58. 

  58.             return ['code'=>1,'msg'=>'发送的应用参数不存在'];
    59. 

  59.         }
    60. 

  60.         $appinf =Db::name("auth")->where(["app_id"=>$data['appid'],"is_del"=>0,"status"=>1])->findOrEmpty();
    61. 

  61.         if(empty($appinf)){
    62. 

  62.         	  return ['code'=>1,'msg'=>'发送的应用参数错误'];
    63. 

  63.         }
    64. 

  64. 		$mege=["appid"=>$data['appid'],"noce"=>$data['noce']??'',"sign"=>$data['sign']??'',"timestamp"=>$data['timestamp']??''];
    65. 

  65.         $value =array_merge($mege,$param);
    66. 

  66.         $Sign= new \Sign($appinf['app_id'],$appinf['app_key']);
    67. 

  67.         $result =$Sign->verifySign($value);
    68. 

  68.         return $result;
    69. 

  69.     }
    70. 

  70. }
    71.