Git Product home page Git Product logo

Comments (2)

avatar commented on May 27, 2024

给你一个例子, 通过hook实现签名验证:
(下次咨询问题可以发我邮件, 或者到qq群185193529, 别提issues)

class AuthHook
{
    /**
     * 需要签名验证的部分接口
     * @route({"GET","/apihub/"}) apihub前缀的GET请求
     * @route({"POST","/apihub/"}) apihub前缀的POST请求
     * @param({"get","$._GET"})
     * @param({"post","$._POST"})
     */
    public function verifySign($get=[],$post=[]){
        $data = $get + $post;

        \phprs\util\Verify::isTrue(isset($data['uid']), new \phprs\util\exceptions\BadRequest('param uid required'));
        \phprs\util\Verify::isTrue(isset($data['t']), new \phprs\util\exceptions\BadRequest('param t required'));
        \phprs\util\Verify::isTrue(isset($data['sign']), new \phprs\util\exceptions\BadRequest('param sign required'));
        $sign = $data['sign'];
        unset($data['sign']);

        $sing2 = $this->getSignature($data,$this->getSecretKey($data['uid']));

        \phprs\util\Verify::isTrue(
            $sign == $sing2,
            new \exceptions\InvalidSign()
        );
    }

    function getSecretKey($uid){
        $key = $this->cache->get("secretkey_$uid");
        if(!$key){
            $key = $this->users->getUser($uid)['secretKey'];
            $this->cache->set("secretkey_$uid",$key,15*60); //缓存15分钟
        }
        return $key;
    }
    function getSignature($params, $secret)
    {
        $str = '';  //待签名字符串
        //先将参数以其参数名的字典序升序进行排序
        ksort($params);
        //遍历排序后的参数数组中的每一个key/value对
        foreach ($params as $k => $v) {
            //为key/value对生成一个key=value格式的字符串,并拼接到待签名字符串后面
            $str .= "$k=$v";
        }
        //将签名密钥拼接到签名字符串最后面
        $str .= $secret;
        //通过md5算法为签名字符串生成一个md5签名,该签名就是我们要追加的sign参数值
        return md5($str);
    }

    /**
     * @property({"default":"@sessionCache"})
     * @var \phprs\util\KVCatchInterface
     */
    public $cache;

    /**
     * @property({"default":"@Users"})
     * @var Users
     */
    public $users;
}

from phpboot.

wind-fire avatar wind-fire commented on May 27, 2024

好的,非常感谢,已经加了群

from phpboot.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.