|
|
@ -0,0 +1,99 @@ |
|
|
|
|
|
<?php |
|
|
|
|
|
|
|
|
|
|
|
declare(strict_types=1); |
|
|
|
|
|
|
|
|
|
|
|
namespace App\Middleware\Auth; |
|
|
|
|
|
|
|
|
|
|
|
use Hyperf\HttpServer\Contract\RequestInterface as HttpRequest; |
|
|
|
|
|
use Hyperf\HttpServer\Contract\ResponseInterface as HttpResponse; |
|
|
|
|
|
use Psr\Container\ContainerInterface; |
|
|
|
|
|
use Psr\Http\Message\ResponseInterface; |
|
|
|
|
|
use Psr\Http\Server\MiddlewareInterface; |
|
|
|
|
|
use Psr\Http\Message\ServerRequestInterface; |
|
|
|
|
|
use Psr\Http\Server\RequestHandlerInterface; |
|
|
|
|
|
|
|
|
|
|
|
class ApiMiddleware implements MiddlewareInterface |
|
|
|
|
|
{ |
|
|
|
|
|
/** |
|
|
|
|
|
* @var ContainerInterface |
|
|
|
|
|
*/ |
|
|
|
|
|
protected $container; |
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
|
* @var HttpResponse |
|
|
|
|
|
*/ |
|
|
|
|
|
protected $response; |
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
|
* @var HttpRequest |
|
|
|
|
|
*/ |
|
|
|
|
|
protected $request; |
|
|
|
|
|
|
|
|
|
|
|
public function __construct(ContainerInterface $container, HttpResponse $response, HttpRequest $request) |
|
|
|
|
|
{ |
|
|
|
|
|
$this->container = $container; |
|
|
|
|
|
$this->response = $response; |
|
|
|
|
|
$this->request = $request; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface |
|
|
|
|
|
{ |
|
|
|
|
|
|
|
|
|
|
|
if (env('APP_ENV') == 'dev') { |
|
|
|
|
|
return $handler->handle($request); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// 签名校验
|
|
|
|
|
|
|
|
|
|
|
|
# 获取参数
|
|
|
|
|
|
$params = $this->request->all(); |
|
|
|
|
|
|
|
|
|
|
|
# 必须参数,签名、时间戳、随机数
|
|
|
|
|
|
if (!(isset($params['sign'])&&isset($params['timestamp'])&&isset($params['rand']))) { |
|
|
|
|
|
|
|
|
|
|
|
$content = [ |
|
|
|
|
|
"status" => 'ok', |
|
|
|
|
|
"code" => 9001, |
|
|
|
|
|
"result" => [], |
|
|
|
|
|
"message" => '接口验签失败:缺少参数' |
|
|
|
|
|
]; |
|
|
|
|
|
|
|
|
|
|
|
return $this->response->json($content); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if (!$this->checkSign($params)) { |
|
|
|
|
|
|
|
|
|
|
|
$content = [ |
|
|
|
|
|
"status" => 'ok', |
|
|
|
|
|
"code" => 9002, |
|
|
|
|
|
"result" => [], |
|
|
|
|
|
"message" => '接口验签失败:签名错误或已失效' |
|
|
|
|
|
]; |
|
|
|
|
|
|
|
|
|
|
|
return $this->response->json($content); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return $handler->handle($request); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
private function checkSign($params) |
|
|
|
|
|
{ |
|
|
|
|
|
$sign = $params['sign']; |
|
|
|
|
|
unset($params['sign']); |
|
|
|
|
|
$timestamp = $params['timestamp']; |
|
|
|
|
|
|
|
|
|
|
|
if (empty($sign) || ($timestamp+config('autoload.auth.api.sign.expire')) < time()) { |
|
|
|
|
|
return false; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
ksort($params); |
|
|
|
|
|
$params = http_build_query($params); |
|
|
|
|
|
|
|
|
|
|
|
return $sign == $this->signature($params); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
private function signature($http_query) |
|
|
|
|
|
{ |
|
|
|
|
|
return sha1(md5($http_query).config('autoload.auth.api.sign.secret_key')); |
|
|
|
|
|
} |
|
|
|
|
|
} |
