From 24073bcc848a45391a1a195e129debff8b3d75a2 Mon Sep 17 00:00:00 2001
From: zhaoxiang <756958008@qq.com>
Date: Tue, 13 Oct 2020 01:06:32 +0800
Subject: [PATCH] =?UTF-8?q?modified=20=E5=AE=8C=E5=96=84=E4=B8=AD=E9=97=B4?=
 =?UTF-8?q?=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controller/api/BuildToken.php | 84 +++++++++++++++++++++++++++++++
 app/middleware/ApiAuth.php        |  6 +--
 app/middleware/ApiLog.php         |  2 +-
 3 files changed, 88 insertions(+), 4 deletions(-)
 create mode 100644 app/controller/api/BuildToken.php

diff --git a/app/controller/api/BuildToken.php b/app/controller/api/BuildToken.php
new file mode 100644
index 0000000..fcf3733
--- /dev/null
+++ b/app/controller/api/BuildToken.php
@@ -0,0 +1,84 @@
+<?php
+/**
+ *
+ * @since   2017-10-26
+ * @author  zhaoxiang <zhaoxiang051405@gmail.com>
+ */
+
+namespace app\controller\api;
+
+use app\model\AdminApp;
+use app\util\ReturnCode;
+use app\util\Strs;
+
+class BuildToken extends Base {
+
+    /**
+     * 构建AccessToken
+     * @return \think\Response
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @author zhaoxiang <zhaoxiang051405@gmail.com>
+     */
+    public function getAccessToken() {
+        $param = $this->request->param();
+        $appInfo = (new AdminApp())->where(['app_id' => $param['app_id'], 'app_status' => 1])->find();
+        if (empty($appInfo)) {
+            return $this->buildFailed(ReturnCode::INVALID, '应用ID非法');
+        }
+
+        $signature = $param['signature'];
+        unset($param['signature']);
+        $sign = $this->getAuthToken($appInfo['app_secret'], $param);
+        $this->debug($sign);
+        if ($sign !== $signature) {
+            return $this->buildFailed(ReturnCode::INVALID, '身份令牌验证失败');
+        }
+        $expires = config('apiadmin.ACCESS_TOKEN_TIME_OUT');
+        $accessToken = cache('AccessToken:' . $param['device_id']);
+        if ($accessToken) {
+            cache('AccessToken:' . $accessToken, null);
+            cache('AccessToken:' . $param['device_id'], null);
+        }
+        $accessToken = $this->buildAccessToken($appInfo['app_id'], $appInfo['app_secret']);
+        $appInfo['device_id'] = $param['device_id'];
+        cache('AccessToken:' . $accessToken, $appInfo, $expires);
+        cache('AccessToken:' . $param['device_id'], $accessToken, $expires);
+        $return['access_token'] = $accessToken;
+        $return['expires_in'] = $expires;
+
+        return $this->buildSuccess($return);
+    }
+
+    /**
+     * 根据AppSecret和数据生成相对应的身份认证秘钥
+     * @param $appSecret
+     * @param $data
+     * @return string
+     */
+    private function getAuthToken($appSecret, $data) {
+        if (empty($data)) {
+            return '';
+        } else {
+            unset($data['APP_CONF_DETAIL'], $data['API_CONF_DETAIL']);
+            $preArr = array_merge($data, ['app_secret' => $appSecret]);
+            ksort($preArr);
+            $preStr = http_build_query($preArr);
+
+            return md5($preStr);
+        }
+    }
+
+    /**
+     * 计算出唯一的身份令牌
+     * @param $appId
+     * @param $appSecret
+     * @return string
+     */
+    private function buildAccessToken($appId, $appSecret) {
+        $preStr = $appSecret . $appId . time() . Strs::keyGen();
+
+        return md5($preStr);
+    }
+}
diff --git a/app/middleware/ApiAuth.php b/app/middleware/ApiAuth.php
index 9c317b8..58ff1c9 100644
--- a/app/middleware/ApiAuth.php
+++ b/app/middleware/ApiAuth.php
@@ -50,11 +50,11 @@ class ApiAuth {
                 }
             }
 
-            $accessToken = $request->header('access-token', '');
+            $accessToken = $request->header('Access-Token', '');
             if (!$accessToken) {
                 return json([
                     'code' => ReturnCode::AUTH_ERROR,
-                    'msg'  => '缺少必要参数access-token',
+                    'msg'  => '缺少必要参数Access-Token',
                     'data' => []
                 ])->header($header);
             }
@@ -66,7 +66,7 @@ class ApiAuth {
             if ($appInfo === false) {
                 return json([
                     'code' => ReturnCode::ACCESS_TOKEN_TIMEOUT,
-                    'msg'  => 'access-token已过期',
+                    'msg'  => 'Access-Token已过期',
                     'data' => []
                 ])->header($header);
             }
diff --git a/app/middleware/ApiLog.php b/app/middleware/ApiLog.php
index 1ddc1d1..3b449ec 100644
--- a/app/middleware/ApiLog.php
+++ b/app/middleware/ApiLog.php
@@ -22,7 +22,7 @@ class ApiLog {
         ApiLogTool::setApiInfo($request->API_CONF_DETAIL);
         ApiLogTool::setAppInfo($request->APP_CONF_DETAIL);
         ApiLogTool::setRequest($requestInfo);
-        ApiLogTool::setResponse($response->getData(), isset($response->getData()['code']) ? $response->getData()['code'] : 'null');
+        ApiLogTool::setResponse($response->getData(), isset($response->getData()['code']) ? strval($response->getData()['code']) : 'null');
         ApiLogTool::setHeader($request->header());
         ApiLogTool::save();