AccessControl.php
3.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
namespace soa\components\filters;
use Yii;
use yii\helpers\ArrayHelper;
use yii\web\ForbiddenHttpException;
use common\lib\security\AuthCode;
/**
* 访问校验
* @author wuxiao
* @date 2016-8-19
*/
class AccessControl extends \yii\filters\AccessControl
{
/**
* @var array a list of access rule objects or configuration arrays for creating the rule objects.
* If a rule is specified via a configuration array, it will be merged with [[ruleConfig]] first
* before it is used for creating the rule object.
* @see ruleConfig
*/
public $rules = [
[
'allow' => false,
],
];
/**
* @var array list of action IDs that this filter should apply to. If this property is not set,
* @see except
*/
public $only;
/**
* @var array list of action IDs that this filter should not apply to.
* @see only
*/
public $except = [];
public function init()
{
if (isset(Yii::$app->params['verifySign']) && !Yii::$app->params['verifySign'])
{
//不检验client_secret参数
$this->rules = ArrayHelper::merge([[
'allow' => true,
],], $this->rules);
}else{
//通过client_secret参数做请求数据校验
$params = $this->requests();
$clientSecret = @$params['client_secret'];
unset($params['client_secret'], $params['project'], $params['version'], $params['class_name'], $params['method_name']);
$params['private_key'] = @AuthCode::$privateKey[strtolower($params['client_type'])];
$_params = AuthCode::packageSort($params);
$_makeKey = AuthCode::makeSign($_params);
$verifySign = AuthCode::verifySign($_makeKey, $clientSecret);
if ($verifySign == true) {
$this->rules = ArrayHelper::merge([[
'allow' => true,
],], $this->rules);
}
}
$this->denyCallback = function ($rule, $action) {
//throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
echo json_encode([
'code' => 500,
'message' => '数据验证错误',
'data' => [],
'timestamp' => time(),
'md5' => md5(json_encode([]))
]);
Yii::$app->end();
};
parent::init();
}
public function beforeAction($action)
{
return parent::beforeAction($action);
}
/**
* 请求参数
* @return array|mixed
*/
protected function requests($name = null, $defaultValue = null)
{
$params = array_merge(Yii::$app->request->get(), Yii::$app->request->post());
if ($name === null) {
return isset($params['parameters']) ? json_decode($params['parameters'], true) : $params;
} else {
return isset($params[$name]) ? $params[$name] : $defaultValue;
}
}
}