add middleware

app/Http/Kernel.php

@@ -39,7 +39,7 @@ class Kernel extends HttpKernel
             //\App\Http\Middleware\VerifyCsrfToken::class,
             //\App\Http\Middleware\EnableCrossRequest::class,
         ],
-        'jwttoken'=>[
+        'jwttoken' => [
             \App\Http\Middleware\XchengxuRefreshToken::class,
             \App\Http\Middleware\XchengxuGetUserFromToken::class,
         ],
@@ -58,6 +58,7 @@ class Kernel extends HttpKernel
     protected $routeMiddleware = [
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
-        'EnableCross'=>\App\Http\Middleware\EnableCrossRequest::class,
+        'EnableCross' => \App\Http\Middleware\EnableCrossRequest::class,
+        'ChargeFeedbackCheckSign' => \App\Http\Middleware\ChargeFeedbackCheckSign::class,
     ];
 }

app/Http/Middleware/ChargeFeedbackCheckSign.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Consts\SysConsts;
+use Closure;
+
+/**
+ * 付费回传加密校验
+ */
+class ChargeFeedbackCheckSign
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $params = $request->except('_url');
+        $sign = _sign($params, SysConsts::TIKTOK_KEY);
+        if (isset($params['sign']) && $sign == $params['sign']) {
+            return $next($request);
+        } else {
+            if (isset($params['sign'])) {
+                myLog('sign_error')->info($params);
+                myLog('sign_error')->info('route:' . $request->get('_url') . '; my_sign:' . $sign . '; that_sign:' . $params['sign']);
+            }
+            return response()->error('SIGN_ERROR');
+        }
+    }
+}