login接口CheckSign中间件采用两种校验方式

*旧版保留device_info参与sign，新版去除device_info

app/Http/Middleware/CheckSign.php

@@ -9,6 +9,9 @@ class CheckSign
 {
     /**
      * Handle an incoming request.
+     * changeLog: 2022-07-13
+     * - 新版签名不使用device_info参与
+     * - 为了和已经上架的快应用保持兼容，现在，两种签名方法通过一种就可以认为是签名通过
      *
      * @param \Illuminate\Http\Request $request
      * @param \Closure                 $next
@@ -16,15 +19,51 @@ class CheckSign
      */
     public function handle($request, Closure $next)
     {
-        $sign      = $request->post('sign', '');
-        $timestamp = $request->post('timestamp', 0);
         $key       = 'a!A&AFRWT65Nb3NlklezUiqHyQAA@Z8M';
-        $params    = $request->except('_url');
-        if ($timestamp && time() - $timestamp <= (SysConsts::ONE_HOUR_SECONDS * 10) && $sign == _sign($params, $key)) {
+
+        \Log::info('[CheckSign]请求的request参数:', $request->all());
+        if($this->oldSignPass($request, $key) || $this->newSignPass($request, $key)) {
             return $next($request);
         } else {
-            myLog('sign_error')->error($request->all());
             return response()->error('QAPP_SIGN_ERROR');
         }
     }
+
+    private function oldSignPass($request, $key) {
+        $params    = $request->except(['_url']);
+        $timestamp = $request->post('timestamp', 0);
+        $sign      = $request->post('sign', '');
+        $backendSign = _sign($params, $key);
+        \Log::info('[CheckSign]旧版校验sign:', [
+            'front_sign' => $sign,
+            'backent_sign' => $backendSign,
+            'device_no' => $request->input('device_no', '')
+        ]);
+        if ($timestamp && time() - $timestamp <= (SysConsts::ONE_HOUR_SECONDS * 10) && $sign == $backendSign) {
+            \Log::info('[CheckSign]旧版校验通过');
+            return true;
+        } else {
+            \Log::info('[CheckSign]旧版校验没有通过');
+            return false;
+        }
+    }
+
+    private function newSignPass($request, $key) {
+        $params = $request->except(['_url', 'device_info']);
+        $timestamp = $request->post('timestamp', 0);
+        $sign      = $request->post('sign', '');
+        $backendSign = _sign($params, $key);
+        \Log::info('[CheckSign]新版校验sign:', [
+            'front_sign' => $sign,
+            'backent_sign' => $backendSign,
+            'device_no' => $request->input('device_no', '')
+        ]);
+        if ($timestamp && time() - $timestamp <= (SysConsts::ONE_HOUR_SECONDS * 10) && $sign == $backendSign) {
+            \Log::info('[CheckSign]新版校验通过');
+            return true;
+        } else {
+            \Log::info('[CheckSign]新版校验没有通过');
+            return false;
+        }
+    }
 }