生成token
$admin = $data['username'];
$time = time();
$end_time = time()+86400;
$info = $admin. '.' .$time.'.'.$end_time;
$signature = hash_hmac('md5',$info,'siasqr');
$token = $info . '.' . $signature;
验证token
public function check_token($token)
{
if(!isset($token) || empty($token))
{
$msg['code']='400';
$msg['msg']='非法请求';
return json_encode($msg,JSON_UNESCAPED_UNICODE);
}
$explode = explode('.',$token);
if(!empty($explode[0]) && !empty($explode[1]) && !empty($explode[2]) && !empty($explode[3]) )
{
$info = $explode[0].'.'.$explode[1].'.'.$explode[2];
$true_signature = hash_hmac('md5',$info,'siasqr');
if(time() > $explode[2])
{
$msg['code']='401';
$msg['msg']='Token已过期,请重新登录';
return json_encode($msg,JSON_UNESCAPED_UNICODE);
}
if ($true_signature == $explode[3])
{
$msg['code']='200';
$msg['msg']='Token合法';
return json_encode($msg,JSON_UNESCAPED_UNICODE);
}
else
{
$msg['code']='400';
$msg['msg']='Token不合法';
return json_encode($msg,JSON_UNESCAPED_UNICODE);
}
}
else
{
$msg['code']='400';
$msg['msg']='Token不合法';
return json_encode($msg,JSON_UNESCAPED_UNICODE);
}
}