Home Explore Help
Register Sign In
sunlight
/
menu
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Commits 71 Releases 0 Wiki

菜谱项目

Tree: d8dd918c2d
Branches Tags
menu
/
app
/
Http
/
Middleware
/
SignToken.php

SignToken.php 1.9KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. <?php
    2. 

  2. 

  3. namespace App\Http\Middleware;
    4. 

  4. 

  5. use Closure;
    6. 

  6. use App\User;
    7. 

  7. use App\Error;
    8. 

  8. 

  9. class SignToken
    10. 

  10. {
    11. 

  11.     /**
    12. 

  12.      * Handle an incoming request.
    13. 

  13.      *
    14. 

  14.      * @param  \Illuminate\Http\Request  $request
    15. 

  15.      * @param  \Closure  $next
    16. 

  16.      * @return mixed
    17. 

  17.      */
    18. 

  18.     public function handle($request, Closure $next)
    19. 

  19.     {
    20. 

  20.        $sign=$request->get('sign');
    21. 

  21.        if(!empty($sign)){
    22. 

  22.        	 $flag = $this->validSign($request);
    23. 

  23.        }else{
    24. 

  24.        	 $flag = $this->checkToken($request);
    25. 

  25.        }
    26. 

  26. 	   if($flag) {
    27. 

  27.          return $next($request);
    28. 

  28. 	   } else {
    29. 

  29. 	     return json_encode(['rst'=>['msg'=>'sign or token is error'], 'errno'=>'401', 'err'=>Error::getError(401),'timestamp'=>time().'']);
    30. 

  30. 	   }
    31. 

  31.     }
    32. 

  32.     //验证token是否有效
    33. 

  33.     private function checkToken($request) {
    34. 

  34.        $token = $request->headers->get('token') ? $request->headers->get('token') : ($request->get('token') ? $request->get('token') : null);
    35. 

  35.        if(empty($token)) return false;
    36. 

  36.        $data = User::parseToken($token);   
    37. 

  37.        if(empty($data) || ($token!=$data->token && (($data->last_login_time - 30 *86400) > time()))) {
    38. 

  38.            return false;
    39. 

  39.        }
    40. 

  40.        return true;
    41. 

  41.     }
    42. 

  42.     public function validSign($request) {
    43. 

  43.        // print_r($request->all());exit;
    44. 

  44.        $params=$request->all();
    45. 

  45.        $sign=$request->get('sign');
    46. 

  46.        if(empty($sign)){
    47. 

  47.         return false;
    48. 

  48.        }
    49. 

  49.        $makesign = $this->getSignature($params, Config('constants.SMS_SECRET_KEY'));
    50. 

  50.        if($makesign == $sign) {
    51. 

  51.            return true;
    52. 

  52.        }
    53. 

  53.        return false;
    54. 

  54.     }
    55. 

  55. 

  56.     public function getSignature($params, $secret_key) {
    57. 

  57.         // 按数组键名 正序排序
    58. 

  58.         ksort($params);
    59. 

  59.         $tem = array();
    60. 

  60.         foreach ($params as $k => $v) {
    61. 

  61.             if ($k !== 'sign') {
    62. 

  62.                 $tem[] = "$k=$v";
    63. 

  63.             }
    64. 

  64.         }
    65. 

  65.         $sk = implode('&', $tem) . $secret_key;
    66. 

  66.         return md5($sk);
    67. 

  67.     }  
    68. 

  68. }
    69. 

  69.