auth v2 ok

app/Http/Controllers/Wap/BaseController.php

@@ -70,7 +70,7 @@ class BaseController extends Controller
             $auth_uid = $request->get('auth_uid');
             $atime = $request->get('atime');
             $sign = $request->get('sign');
-            if(get_sign(compact('auth_uid','atime')) == $sign ){
+            if(get_sign(compact('auth_uid','atime')) == $sign && (time() - $atime) < 6){
                 $this->uid = $auth_uid;
             }
         }

app/Http/Middleware/ReadOauth.php

@@ -1105,7 +1105,7 @@ class ReadOauth
         $sign = $request->get('sign');
         if (!$auth_uid || !$atime || !$sign) return 0;
         if (!is_numeric($auth_uid) || !is_numeric($atime)) return 0;
-        if ((time() - $atime) > 20) return 0;
+        if ((time() - $atime) > 5) return 0;
         if (get_sign(compact('auth_uid', 'atime')) !== $sign) return 0;
         Cookie::queue(env('COOKIE_AUTH_WEB_WECHAT'), $auth_uid, env('U_COOKIE_EXPIRE'), null, null, false, false);
         return $auth_uid;
@@ -1129,7 +1129,9 @@ class ReadOauth
         $params['channel_id'] = $distribution_channel_id;
         $params['sid'] = $send_order_id;
         $params['sign'] = $this->getSign($params, env('OAUTH_KEY'));
-
+        if(isset($params['auth_uid'])) unset($params['auth_uid']);
+        if(isset($params['atime'])) unset($params['atime']);
+        if(isset($params['sign'])) unset($params['sign']);
         //新的授权
         $auth_redirect_one_appids = specialChannelAuthInfoV2();
         $auth_redirect_two_appids = specialChannelAuthInfo();