waibao
/
NN2023021801


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
							<?php
declare (strict_types=1);

namespace app\api\middleware;

use app\Request;
use interfaces\MiddlewareInterface;
use think\facade\Config;
use think\Response;

/**
 * 跨域中间件
 * Class AuthRequestMiddleWare
 * @package app\middleware
 */
class AuthRequestMiddleWare implements MiddlewareInterface
{
    /**
     * 允许跨域的域名
     * @var string
     */
    protected $cookieDomain;

    /**
     * @param Request $request
     * @param \Closure $next
     * @return Response
     */
    public function handle (Request $request, \Closure $next)
    {
        $this->cookieDomain = Config::get('cookie.domain', '');
        $header = Config::get('cookie.header');
        $origin = $request->header('origin');

        if ($origin && ('' == $this->cookieDomain || strpos($origin, $this->cookieDomain)))
            $header['Access-Control-Allow-Origin'] = $origin;
        if ($request->method(true) == 'OPTIONS') {
            $response = Response::create('ok')->code(200)->header($header);
        } else {
            $response = $next($request)->header($header);
        }
        $request->filter(['strip_tags', 'addslashes', 'trim']);

//        $c = $request->controller();
//        $a = $request->action();
//        $str = trim($c . '/' . $a);
//        $auth_api = ['v1.Withdrawal/executeAdmin', 'v1.Pay/adminPay'];
//        if (in_array($str, $auth_api) && false) { // 需要检测签名
//            $sign = $request->header('sign');
//            if (empty($sign))
//                return app('json')->json_error('签名不存在');
//            if ($this->createApiSign($request->param()) != $sign)
//                return app('json')->json_error('签名验证失败');
//        }
        return $response;
    }

    /**
     * 获取接口签名
     * @param array $params
     * @return string
     */
//    protected function createApiSign (array $params): string
//    {
//        unset($params['sign']);
//
//        //签名步骤一：按字典序排序数组参数
//        ksort($params);
//        $string = $this->toUrlParams($params);
//        //签名步骤二：在string后加入KEY
//        $app_key = env('app.app_key');
//        $string = trim($string . "&key=" . $app_key);
//        //签名步骤三：MD5加密
//        $string = md5($string);
//        //签名步骤四：所有字符转为大写
//        $result = strtoupper($string);
//        return $result;
//    }

    /**
     * 将参数拼接为url: key=value&key=value
     * @param  $params
     * @return string
     */
    protected function toUrlParams ($params)
    {
        $string = '';
        if (!empty($params)) {
            $array = array();
            foreach ($params as $key => $value) {
                $array[] = $key . '=' . $value;
            }
            $string = implode("&", $array);
        }
        return $string;
    }
}