利用帝国cms在做一些会员系统的时候,需要做人脸识别认证,之前接入了某api接口,发现身份证识别率真的低,还好充值的少,否则要出问题,后来发现会员注册率降低了不少,最终还是决定使用腾讯云的人脸识别,虽然费用高一点点,但是人脸识别率高,数据反馈很快。
其中的index.php是执行文件,ecms.php是操作文件,notify.php是数据毁掉文件,代码其实很少,在微信中访问直接跳转到腾讯云的人脸识别,然后自动返回把相应的数据写进数据库,我这里很简单,先进行认证后对数据库的身份进行对比,是否认证过,还会清理之前点击认证最后没有认证完的数据,最大限度的情理无用的信息。
if($enews=='gofaceid') {
//判断该用户是否认证过
$del=$empire->query("delete from {$dbtbpre}member_verify where userid='$user[userid]';");//先删除以前的
class Face {
const SecretId = "apiid";
const SecretKey = "apikey";
const Url = "https://faceid.tencentcloudapi.com";
//算法
const Algo = "sha256";
//规范请求串
const HTTPRequestMethod = "POST";
const CanonicalURI = "/";
const CanonicalQueryString = "";
const CanonicalHeaders = "content-type:application/json; charset=utf-8\nhost:faceid.tencentcloudapi.com\n";
const SignedHeaders = "content-type;host";
//参与签名的头部信息
//签名字符串
const Algorithm = "TC3-HMAC-SHA256";
const Service = "faceid";
const Stop = "tc3_request";
/**
* 实名核身鉴权
*/
public function getDetectAuth() {
$param = [
'RuleId' => "1",//用于细分客户使用场景,申请开通服务后,可以在腾讯云慧眼人脸核身控制台(https://console.cloud.tencent.com/faceid) 自助接入里面创建,审核通过后即可调用
'RedirectUrl' => "跳转地址",//用于细分客户使用场景,申请开通服务后,可以在腾讯云慧眼人脸核身控制台(https://console.cloud.tencent.com/faceid) 自助接入里面创建,审核通过后即可调用
];
return self::getCommonPostRequest("DetectAuth", $param);
}
/**
* 鉴权
* @param string $action 方法
* @param array $param 参数
* @param string $version 版本号
* @return array
*/
private static function getCommonPostRequest($action, array $param = [], $version = "2018-03-01") {
//时间戳
$timeStamp = time();
//$timeStamp = 1586333773;
//参数转化Json
$paramJson = json_encode($param);
//规范请求串
$hashedRequestPayload = self::HashEncryption($paramJson);
$canonicalRequest = self::HTTPRequestMethod . "\n" .
self::CanonicalURI . "\n" .
self::CanonicalQueryString . "\n" .
self::CanonicalHeaders . "\n" .
self::SignedHeaders . "\n" .
$hashedRequestPayload;
//签名字符串
$date = gmdate("Y-m-d", $timeStamp);
//UTC 0时区的值
$credentialScope = $date . "/" . self::Service . "/" . self::Stop;
$hashedCanonicalRequest = self::HashEncryption($canonicalRequest);
$stringToSign = self::Algorithm . "\n" .
$timeStamp . "\n" .
$credentialScope . "\n" .
$hashedCanonicalRequest;
//计算签名
$secretDate = self::HashHmacSha256Encryption($date, 'TC3' . self::SecretKey);
$secretService = self::HashHmacSha256Encryption(self::Service, $secretDate);
$secretSigning = self::HashHmacSha256Encryption(self::Stop, $secretService);
//签名
$signature = self::HashHmacSha256Encryption($stringToSign, $secretSigning, false);
// echo $signature . " \n";
$authorization = self::Algorithm . ' ' .
'Credential=' . self::SecretId . '/' . $credentialScope . ', ' .
'SignedHeaders=' . self::SignedHeaders . ', ' .
'Signature=' . $signature;
//Header头部
$headers = [
"Authorization: $authorization",
"Host: faceid.tencentcloudapi.com",
"Content-Type: application/json; charset=utf-8",
"X-TC-Action: $action",
"X-TC-Version: $version",
"X-TC-Timestamp: $timeStamp",
"X-TC-Region: ap-beijing"
];
//请求
$response = self::get_curl_request(self::Url, $paramJson, self::HTTPRequestMethod, $headers);
echo($paramJson);
//解析
if (!$response) {
return ['code' => 0, 'codeError' => '1002', 'msg' => 'Interface request failed'];
}
$response = json_decode($response, true);
if (!isset($response['Response'])) {
return ['code' => 0, 'codeError' => '1003', 'msg' => 'Response error'];
}
if (isset($response['Response']['Error'])) {
return [
'code' => 0
, 'codeError' => $response['Response']['Error']['Code']
, 'msg' => $response['Response']['Error']['Message']
, 'RequestId' => $response['Response']['RequestId']
];
} else {
return ['code' => 1, 'msg' => 'ok', 'data' => $response['Response']];
}
}
private static function HashEncryption($sign) {
return strtolower(hash(self::Algo, $sign));
}
private static function HashHmacSha256Encryption($sign, $key, $flag = true) {
return hash_hmac(self::Algo, $sign, $key, $flag);
}
/**
* @param $url
* @param array $param
* @param string $mothod
* @param array $headers
* @param int $return_status
* @param int $flag
* @return array|bool|string
*/
public static function get_curl_request($url, $param = [], $mothod = 'POST', $headers = [], $return_status = 0, $flag = 0) {
$ch = curl_init();
if (!$flag) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
}
curl_setopt($ch, CURLOPT_TIMEOUT, 6);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
if (strtolower($mothod) == 'post') {
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
} else {
$url = $url . "?" . http_build_query($param);
}
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 2);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
#curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1");
//代理服务器地址
#curl_setopt($ch, CURLOPT_PROXYPORT, 12639);
//代理服务器端口
$ret = curl_exec($ch);
$code = curl_getinfo($ch);
curl_close($ch);
if ($return_status == "1") {
return array($ret, $code);
}
return $ret;
}
}
//执行
$model = new Face();
$response = $model->getDetectAuth();
// 认证前写进数据库
// 相应信息
$requestId = $response["data"]["RequestId"];
$bizToken = $response["data"]["BizToken"];
// 假设BizToken存在于data中
$starttime=time();
$certifyip=egetip();
$empire->query("insert into {$dbtbpre}member_verify(userid,username,starttime,verifyip,BizToken,RequestId) values('$user[userid]','$name','$starttime','$certifyip','$bizToken','$requestId');");
// 然后您可以根据需要使用这些值,比如打印出来
// echo "RequestId: " . $requestId . "\n";
// echo "BizToken: " . $bizToken . "\n";
//
if ($response["code"] == 1) {
//获取到鉴权URL进行跳转
$url = $response["data"]["Url"];
// echo($url);
//鉴权并且调用人脸核身
header("Location: {$url}");
} else {
printerror2('数据错误','/e/member/cp/');
}
}
这里同时还可以当用户注册人工之后,通知给管理员。