Halaman utama Jelajahi Bantuan
Daftar Masuk
zhuishuyun
/
zhuishuyun_quickapp
10
0
Fork 0
Berkas Masalah 0 Tarik Permintaan 0 Wiki
Pohon: f463d7898e
Ranting Tag
zhuishuyun_q...
/
app
/
Http
/
Middleware
/
CheckSign.php

CheckSign.php 2.4 KB
Riwayat Mentahan

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. <?php
    2. 

  2. 

  3. namespace App\Http\Middleware;
    4. 

  4. 

  5. use App\Consts\SysConsts;
    6. 

  6. use Closure;
    7. 

  7. 

  8. class CheckSign
    9. 

  9. {
    10. 

  10.     /**
    11. 

  11.      * Handle an incoming request.
    12. 

  12.      * changeLog: 2022-07-13
    13. 

  13.      * - 新版签名不使用device_info参与
    14. 

  14.      * - 为了和已经上架的快应用保持兼容,现在,两种签名方法通过一种就可以认为是签名通过
    15. 

  15.      *
    16. 

  16.      * @param \Illuminate\Http\Request $request
    17. 

  17.      * @param \Closure                 $next
    18. 

  18.      * @return mixed
    19. 

  19.      */
    20. 

  20.     public function handle($request, Closure $next)
    21. 

  21.     {
    22. 

  22.         $key       = 'a!A&AFRWT65Nb3NlklezUiqHyQAA@Z8M';
    23. 

  23. 

  24.         \Log::info('[CheckSign]请求的request参数:', $request->all());
    25. 

  25.         if($this->oldSignPass($request, $key) || $this->newSignPass($request, $key)) {
    26. 

  26.             return $next($request);
    27. 

  27.         } else {
    28. 

  28.             return response()->error('QAPP_SIGN_ERROR');
    29. 

  29.         }
    30. 

  30.     }
    31. 

  31. 

  32.     private function oldSignPass($request, $key) {
    33. 

  33.         $params    = $request->except(['_url']);
    34. 

  34.         $timestamp = $request->post('timestamp', 0);
    35. 

  35.         $sign      = $request->post('sign', '');
    36. 

  36.         $backendSign = _sign($params, $key);
    37. 

  37.         \Log::info('[CheckSign]旧版校验sign:', [
    38. 

  38.             'front_sign' => $sign,
    39. 

  39.             'backent_sign' => $backendSign,
    40. 

  40.             'device_no' => $request->input('device_no', '')
    41. 

  41.         ]);
    42. 

  42.         if ($timestamp && time() - $timestamp <= (SysConsts::ONE_HOUR_SECONDS * 10) && $sign == $backendSign) {
    43. 

  43.             \Log::info('[CheckSign]旧版校验通过');
    44. 

  44.             return true;
    45. 

  45.         } else {
    46. 

  46.             \Log::info('[CheckSign]旧版校验没有通过');
    47. 

  47.             return false;
    48. 

  48.         }
    49. 

  49.     }
    50. 

  50. 

  51.     private function newSignPass($request, $key) {
    52. 

  52.         $params = $request->except(['_url', 'device_info']);
    53. 

  53.         $timestamp = $request->post('timestamp', 0);
    54. 

  54.         $sign      = $request->post('sign', '');
    55. 

  55.         $backendSign = _sign($params, $key);
    56. 

  56.         \Log::info('[CheckSign]新版校验sign:', [
    57. 

  57.             'front_sign' => $sign,
    58. 

  58.             'backent_sign' => $backendSign,
    59. 

  59.             'device_no' => $request->input('device_no', '')
    60. 

  60.         ]);
    61. 

  61.         if ($timestamp && time() - $timestamp <= (SysConsts::ONE_HOUR_SECONDS * 10) && $sign == $backendSign) {
    62. 

  62.             \Log::info('[CheckSign]新版校验通过');
    63. 

  63.             return true;
    64. 

  64.         } else {
    65. 

  65.             \Log::info('[CheckSign]新版校验没有通过');
    66. 

  66.             return false;
    67. 

  67.         }
    68. 

  68.     }
    69. 

  69. }
    70.