<?php

namespace App\Http\Middleware;

use Closure;
use App\User;
use App\Error;

class SignVerify
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
	   $flag = $this->validSign($request);
	   if($flag) {
        return $next($request);
	   } else {
	      return json_encode(['rst'=>['msg'=>'sign is error'], 'errno'=>'401', 'err'=>Error::getError(401),'timestamp'=>time().'']);
	   }
    }
    public function validSign($request) {
       $params=$request->all();
       $sign=$request->get('sign');
       if(empty($sign)){
        return false;
       }
       $makesign = $this->getSignature($params, Config('constants.SMS_SECRET_KEY'));
       if($makesign == $sign) {
           return true;
       }
       return false;
    }

    public function getSignature($params, $secret_key) {
        // 按数组键名 正序排序
        ksort($params);
        $tem = array();
        foreach ($params as $k => $v) {
            if ($k !== 'sign') {
                $tem[] = "$k=$v";
            }
        }
        $sk = implode('&', $tem) . $secret_key;
        return md5($sk);
    }  
}