| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 |
- <?php
- namespace app\api\middleware;
- use app\Request;
- use interfaces\MiddlewareInterface;
- use think\cache\driver\Redis;
- use think\facade\Config;
- use think\Response;
- use utils\RedisCache;
- class AuthSignMiddleWare implements MiddlewareInterface
- {
- /*
- * 允许跨域的域名
- */
- protected $cookieDomain;
- public function handle(Request $request, \Closure $next)
- {
- $this->cookieDomain = Config::get('cookie.domain', '');
- $header = Config::get('cookie.header');
- $origin = $request->header('origin');
- if ($origin && ('' == $this->cookieDomain || strpos($origin, $this->cookieDomain)))
- $header['Access-Control-Allow-Origin'] = $origin;
- if ($request->method(true) == 'OPTIONS') {
- $response = Response::create('ok')->code(200)->header($header);
- }
- // 站点升级访问验证
- if (env('APP.WEB_IS_UPDATE')){
- $testIp = env('APP.TEST_IPS');
- $testIps = $testIp? $testIp : '';
- $currentIp = get_client_ip();
-
- if($testIps && !preg_match("/{$currentIp}/", $testIps)){
- return api_error_return(['msg'=>'网站正在升级中', 'data'=>['ips'=> $testIps,'ip'=> $currentIp]]);
- }
- }
- if (RedisCache::get('is_update_data')){
- return api_error_return(['msg'=>'更新数据中,请稍后几秒', 'data'=>null]);
- }
- if (env('API.IS_PUBLIC_REQUEST_VERIFY')){
- if (ISNOTREQUESTPASS($request->param())){
- return api_error_return(['msg'=>'参数错误', 'data'=>null]);
- }
- }
- // 验证sign
- if (env('API.IS_SIGN_VERIFY')){
- if (empty($request->param('sign'))){
- return api_error_return(['msg'=>'签名不存在', 'data'=>null]);
- }
- $sign = createApiSign($request->param());
- if ($request->param('sign') != $sign){
- return api_error_return(['msg'=>'签名错误', 'data'=>['aa'=>$sign]]);
- }
- if (time() - $request->post('timestamp') > 20){
- return api_error_return(['msg'=>'请求失败,稍后再试', 'data'=>null]);
- }
- }
- return $next($request);
- }
- }
|
