You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
<?php
declare(strict_types=1);
namespace App\Middleware\Auth;
use App\Model\v3\User;use App\TaskWorker\SSDBTask;use Hashids\Hashids;use Hyperf\HttpServer\Contract\RequestInterface as HttpRequest;use Hyperf\HttpServer\Contract\ResponseInterface as HttpResponse;use Hyperf\HttpServer\Router\Router;use Hyperf\Utils\ApplicationContext;use Psr\Container\ContainerInterface;use Psr\Http\Message\ResponseInterface;use Psr\Http\Server\MiddlewareInterface;use Psr\Http\Message\ServerRequestInterface;use Psr\Http\Server\RequestHandlerInterface;
class ApiMiddleware implements MiddlewareInterface{ /** * @var ContainerInterface */ protected $container;
/** * @var HttpResponse */ protected $response;
/** * @var HttpRequest */ protected $request;
public function __construct(ContainerInterface $container, HttpResponse $response, HttpRequest $request) { $this->container = $container; $this->response = $response; $this->request = $request; }
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface {
// 拦截v1路由
$routePath = $this->request->getPathInfo(); $routePath = explode('/', $routePath); if ($routePath[1] == 'v1') { $content = [ "status" => 'ok', "code" => 99999, "result" => [], "message" => '服务已停止升级,稍后请升级更新小程序(如不能自动更新,请删除小程序后重新进入小程序)' ];
return $this->response->json($content); }
// 签名校验
# 获取参数
$params = $this->request->all();
# 必须参数,签名、时间戳、随机数
if (!( isset($params['sign']) &&isset($params['timestamp']) &&isset($params['rand']) ) && env('APP_ENV') == 'prod') {
$content = [ "status" => 'ok', "code" => 9001, "result" => [], "message" => '接口验签失败:缺少参数' ];
return $this->response->json($content); }
if (!$this->checkSign($params)) {
$content = [ "status" => 'ok', "code" => 9002, "result" => [], "message" => '接口验签失败:签名错误或已失效' ];
return $this->response->json($content); }
$this->request->user = null; $userToken = $params['user_token'] ?? '';
if ($userToken) { $ssdb = ApplicationContext::getContainer()->get(SSDBTask::class);
$exists = $ssdb->exec('exists', $userToken);
// TODO 临时进行登录状态续
if (!$exists) { $ssdb->exec('setnx', $userToken, 1); $loginExpired = config('auth.user.expire_time'); if (isset($loginExpired) && $loginExpired) { $ssdb->exec('expire', $hashIds, $loginExpired); } } else { $hashIds = ApplicationContext::getContainer()->get(Hashids::class); $user = $hashIds->decode($userToken); $userModel = User::query()->find($user[0]); $userModel->userToken = $userToken; $this->request->user = $userModel; } }
// 处理全局默认值
$request = \Hyperf\Utils\Context::override(ServerRequestInterface::class, function (ServerRequestInterface $request) { $preDatas = $request->getParsedBody(); if (isset($preDatas['market_id']) && $preDatas['market_id'] == -1) { $preDatas['market_id'] = 1; }
return $request->withParsedBody($preDatas); });
return $handler->handle($request); }
private function checkSign($params) { if (env('APP_ENV') != 'prod') { return true; } $sign = $params['sign']; unset($params['sign']); $timestamp = $params['timestamp'];
if (empty($sign) || ($timestamp+config('auth.api.sign.expire_time')) < time()) { return false; }
return $sign == $this->signature($params); }
private function signature($params) { ksort($params);
$http_query = []; foreach ($params as $key => $value) { $http_query[] = $key.'='.$value; }
return sha1(md5(implode('&', $http_query)).config('auth.api.sign.secret_key')); }}
|
