erp_yzx/app/common/middleware/VerifySign.php

<?php


namespace app\common\middleware;


use app\exception\BaseException;

const __TEST__ = '!(FAXKJSDdi101-fjLQ91hvl~@#$-we13';

class VerifySign
{
    /**
     * @param $request
     * @param \Closure $next
     * @return mixed
     * @throws BaseException
     */
    public function handle($request, \Closure $next)
    {
        $params = $request->param();
        $is_open = true;
        if(!$is_open || (isset($params['__TEST__']) && $params['__TEST__'] == __TEST__))
            return $next($request);
        $has_upload = strpos($request->url(),'api/upload');
        if($has_upload !== false && $has_upload >= 0) {
            return $next($request);
        }
        predicate(isset($params['sign']),'sign err');
        $sign = $this->signature($params);
        predicate($sign == $params['sign'],'verify sign err');
        return $next($request);
    }

    function joint(array $obj, $ignoreSign = true) {
        $keys = array_keys($obj);
        asort($keys);
        $str = '';
        foreach ($keys as $key) {
            if ($key != 'sign') {
                $str .= strlen($str) > 0 ? '&' : '';
                $value = $obj[$key];
                if (is_array($value)) {
                    $str .= $key."=".join(',', $value);
                } else if(is_object($value)) {
                    $str .= $this->joint($value);
                } else {
                    $str .= $key."=".$value;
                }
            }
        }
        return $str;
    }

    function signature(array $obj) {
        $string = 'oj)$&!@'.$this->joint($obj).'@#jfanb*(.';
        return md5($string);
    }

}