app.php
<?php
/**
* Created by PhpStorm.
* User: tong
* Date: 2017/11/20
* Time: 11:43
*/
return [
'password_pre_halt' => '_#sing_ty',//密码加密言
'aeskey' => 'sgg45747ss223455',//aes密钥,服务端和客户端必须保持一致
'apptypes' => [
'ios',
'android',
],
'app_sign_time' => 6000,//sign失效时间
'app_sign_cache_time' => 12000,//sign缓存失效时间
];
Test.php
<?php
/**
* Created by PhpStorm.
* User: tong
* Date: 2017/11/21
* Time: 11:24
*/
namespace app\api\controller;
use app\common\lib\Aes;
class Test extends Common
{
public function index()
{
return [
'sososo',
'sdsds'
];
}
public function update($id = 0)
{
halt(input('put.'));
}
/**
* post
* @return \think\response\Json
*/
public function save()
{
$data = input('post.');
return show(1, 'OK', (new Aes())->encryt(json_encode(input('post.'))), 201);
}
}
IAuth.php
<?php
/**
* Created by PhpStorm.
* User: tong
* Date: 2017/11/20
* Time: 13:56
*/
namespace app\common\lib;
use think\Cache;
class IAuth
{
public static function setPassword($data)
{
return md5($data . config('app.password_pre_halt'));
}
public static function setSign($data = [])
{
ksort($data);
$string = http_build_query($data);
$string = (new Aes())->encryt($string);
return $string;
}
/**
* 检查sign是否正常
* @param string $sign
* @param $data
* @return boolean
*/
public static function checkSignPass($data)
{
$str = (new Aes())->decrypt($data['sign']);
if (empty($str)) {
return false;
}
//diid=xx&app_type=3
parse_str($str, $arr);
/**
* array (size=2)
* 'did' => string '12345dg' (length=7)
* 'version' => string '1' (length=1)
*/
//halt($arr);
if (!is_array($arr) || empty($arr['did'])
|| $arr['did'] != $data['did']
) {
return false;
}
if ((time() - ceil($arr['time'] / 1000)) > config('app.app_sign_time')) {
return false;
}
//int 1
//halt(Cache::get($data['sign']));
//唯一性判定
if (Cache::get($data['sign'])) {
return false;
}
return true;
}
}
if (Cache::get($data['sign'])) {
return false;
}
Common.php
<?php
/**
* Created by PhpStorm.
* User: tong
* Date: 2017/11/21
* Time: 14:26
*/
namespace app\api\controller;
use app\common\lib\exception\ApiException;
use app\common\lib\IAuth;
use app\common\lib\Time;
use think\Cache;
use think\Controller;
class Common extends Controller
{
/**
* @var string
*/
public $headers = '';
protected function _initialize()
{
$this->checkRequestAuth();
}
public function checkRequestAuth()
{
$headers = request()->header();
// $this->testAes();
//sign加密需要客户端工程师 解密 服务端工程师
// 1 headers body 仿照sign 做参数的加解密
// 2 加密数据步骤客户端服务端工程师共同约定
// 3
//基础检验
if (empty($headers['sign'])) {
throw new ApiException('sign不存在', 400);
}
if (!in_array($headers['app_type'], config('app.apptypes'))) {
throw new ApiException('app_type不合法', 400);
}
if (!IAuth::checkSignPass($headers)) {
throw new ApiException('授权码sign失败', 401);
}
Cache::set($headers['sign'], 1, config('app.app_sign_cache_time'));
//1.文件缓存(单一服务器) 2.mysql(分布式) 3 redis(分布式 数据量大)
$this->headers = $headers;
}
public function testAes()
{
$data = [
'did' => '12345dg',
'version' => 1,
'time' => Time::get13TimeStamp(),
];
//col9j6cqegAKiiey3IrXWi5kTf508OkMmPu9zrTihQ8IVnKDb7Rin03dOqY2qLWP
//echo IAuth::setSign($data);exit;
//exit;
}
}
缓存位置
image.png
image.png
image.png
