weigang
5 years ago
3 changed files with 114 additions and 0 deletions
-
99app/Middleware/Auth/ApiMiddleware.php
-
14config/autoload/auth.php
-
1config/autoload/middlewares.php
@ -0,0 +1,99 @@ |
|||
<?php |
|||
|
|||
declare(strict_types=1); |
|||
|
|||
namespace App\Middleware\Auth; |
|||
|
|||
use Hyperf\HttpServer\Contract\RequestInterface as HttpRequest; |
|||
use Hyperf\HttpServer\Contract\ResponseInterface as HttpResponse; |
|||
use Psr\Container\ContainerInterface; |
|||
use Psr\Http\Message\ResponseInterface; |
|||
use Psr\Http\Server\MiddlewareInterface; |
|||
use Psr\Http\Message\ServerRequestInterface; |
|||
use Psr\Http\Server\RequestHandlerInterface; |
|||
|
|||
class ApiMiddleware implements MiddlewareInterface |
|||
{ |
|||
/** |
|||
* @var ContainerInterface |
|||
*/ |
|||
protected $container; |
|||
|
|||
/** |
|||
* @var HttpResponse |
|||
*/ |
|||
protected $response; |
|||
|
|||
/** |
|||
* @var HttpRequest |
|||
*/ |
|||
protected $request; |
|||
|
|||
public function __construct(ContainerInterface $container, HttpResponse $response, HttpRequest $request) |
|||
{ |
|||
$this->container = $container; |
|||
$this->response = $response; |
|||
$this->request = $request; |
|||
} |
|||
|
|||
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface |
|||
{ |
|||
|
|||
if (env('APP_ENV') == 'dev') { |
|||
return $handler->handle($request); |
|||
} |
|||
|
|||
// 签名校验
|
|||
|
|||
# 获取参数
|
|||
$params = $this->request->all(); |
|||
|
|||
# 必须参数,签名、时间戳、随机数
|
|||
if (!(isset($params['sign'])&&isset($params['timestamp'])&&isset($params['rand']))) { |
|||
|
|||
$content = [ |
|||
"status" => 'ok', |
|||
"code" => 9001, |
|||
"result" => [], |
|||
"message" => '接口验签失败:缺少参数' |
|||
]; |
|||
|
|||
return $this->response->json($content); |
|||
} |
|||
|
|||
if (!$this->checkSign($params)) { |
|||
|
|||
$content = [ |
|||
"status" => 'ok', |
|||
"code" => 9002, |
|||
"result" => [], |
|||
"message" => '接口验签失败:签名错误或已失效' |
|||
]; |
|||
|
|||
return $this->response->json($content); |
|||
} |
|||
|
|||
return $handler->handle($request); |
|||
} |
|||
|
|||
private function checkSign($params) |
|||
{ |
|||
$sign = $params['sign']; |
|||
unset($params['sign']); |
|||
$timestamp = $params['timestamp']; |
|||
|
|||
if (empty($sign) || ($timestamp+config('autoload.auth.api.sign.expire')) < time()) { |
|||
return false; |
|||
} |
|||
|
|||
ksort($params); |
|||
$params = http_build_query($params); |
|||
|
|||
return $sign == $this->signature($params); |
|||
} |
|||
|
|||
private function signature($http_query) |
|||
{ |
|||
return sha1(md5($http_query).config('autoload.auth.api.sign.secret_key')); |
|||
} |
|||
} |
|||
@ -0,0 +1,14 @@ |
|||
<?php |
|||
|
|||
declare(strict_types=1); |
|||
/** |
|||
* 验证相关配置文件,如API接口验证等 |
|||
*/ |
|||
return [ |
|||
'api' => [ |
|||
'sign' => [ |
|||
'secret_key' => 'lanzu@123', |
|||
'expire_time' => 200 |
|||
] |
|||
], |
|||
]; |
|||
Write
Preview
Loading…
Cancel
Save
Reference in new issue