class A
{
public function setToken($name, $id)
{
//用户名、此时的时间戳,并将过期时间拼接在一起
$admin = $name; //获取前台传来的用户账号
$time = time();
$aging = 86400;
$end_time = time() + $aging;
$tTr =
t
h
i
s
−
>
n
u
m
b
e
r
e
n
c
r
y
p
t
(
this->number_encrypt(
this−>numberencrypt(time); //自定义方法(给数字进行加密,可解密,下方有实例)
$tEtr =
t
h
i
s
−
>
n
u
m
b
e
r
e
n
c
r
y
p
t
(
this->number_encrypt(
this−>numberencrypt(end_time);
$idS =
t
h
i
s
−
>
n
u
m
b
e
r
e
n
c
r
y
p
t
(
this->number_encrypt(
this−>numberencrypt(id);
$info = $admin . ‘.’ . $id . ‘.’ . $time . ‘.’ . $end_time;
i
n
f
o
E
=
b
a
s
e
6
4
e
n
c
o
d
e
(
infoE = base64_encode(
infoE=base64encode(admin) . ‘.’ . $idS . ‘.’ . $tTr . ‘.’ . $tEtr;
//根据以上信息信息生成签名(密钥为 siasqr)
$signature = hash_hmac(‘md5’, $info, ‘siasqr’);
//最后将这两部分拼接起来,得到最终的Token字符串
$token = $infoE . ‘.’ . $signature;
return [
‘token’ => $token,
‘name’ => $admin,
‘id’ => $id,
‘aging’ => $aging + 10
];
}
/**
*数字自定义加密
*/
public function number_encrypt($n)
{
$dictionary = ['0' => 'aZ', '1' => 'Bw', '2' => 'cYq', '3' => 'Dx', '4' => 'eV', '5' => 'FvU', '6' => 'gT', '7' => 'Hs', '8' => 'iRp', '9' => 'Jo', '.' => 'kL'];
$nS = (string)$n;
$nA = str_split($nS);
$r = '';
foreach ($nA as $val) {
$r .= isset($dictionary[$val]) ? $dictionary[$val] : '';
}
return $r;
}
/**
*数字解密
*/
public function number_decrypt($s)
{
$dictionary = [0 => '/aZ/', 1 => '/Bw/', 2 => '/cYq/', 3 => '/Dx/', 4 => '/eV/', 5 => '/FvU/', 6 => '/gT/', 7 => '/Hs/', 8 => '/iRp/', 9 => '/Jo/', 10 => '/kL/'];
$rp = [0 => '0', 1 => '1', 2 => '2', 3 => '3', 4 => '4', 5 => '5', 6 => '6', 7 => '7', 8 => '8', 9 => '9', 10 => '.'];
$r = preg_replace($dictionary, $rp, $s);
return $r;
}
/**
*检查token
*/
public function check_token($token)
{
/**** api传来的token ****/
if (!isset($token) || empty($token)) {
$msg['error'] = 1;
$msg['msg'] = 'Illegal request';
return $msg;
}
//对比token
$explode = explode('.', $token);//以.分割token为数组
if (!empty($explode[0]) && !empty($explode[1]) && !empty($explode[2]) && !empty($explode[3]) && !empty($explode[4])) {
$stTime = $this->number_decrypt($explode[2]);
$edTime = $this->number_decrypt($explode[3]);
$name = base64_decode($explode[0]);
$id = $this->number_decrypt($explode[1]);
if ($edTime - $stTime > 604800) {
$msg['error'] = 1;
$msg['msg'] = 'Illegal request';
return $msg;
}
if ($stTime > time()) {
$msg['error'] = 1;
$msg['msg'] = 'Illegal request';
return $msg;
}
$info = $name . '.' . $id . '.' . $stTime . '.' . $edTime;//信息部分
$true_signature = hash_hmac('md5', $info, 'siasqr');//正确的签名
if (time() > $this->number_decrypt($explode[3])) {
$msg['error'] = 1;
$msg['msg'] = 'Token已过期,请重新登录';
return $msg;
}
if ($true_signature == $explode[4]) {
//检查是否有刷新
$rf = $this->refresh_token(['name' => $name, 'id' => $id, 'stTime' => $stTime]);
if ($rf == false) {
$msg['name'] = $name;
$msg['id'] = $id;
$msg['rfs'] = 0;
return $msg;
}
$msg['aging'] = $rf['aging'];
$msg['token'] = $rf['token'];
$msg['name'] = $name;
$msg['id'] = $id;
$msg['rfs'] = 1;
return $msg;
} else {
$msg['error'] = 1;
$msg['msg'] = 'Signature failed';
return $msg;
}
} else {
$msg['error'] = 1;
$msg['msg'] = 'Signature failed';
return $msg;
}
}
/**
*刷新token
*/
private function refresh_token($exToken)
{
if (time() - $exToken['stTime'] >= 420) {
return $this->setToken($exToken['name'], $exToken['id']);
}
return false;
}
}
$model = new A;
$res = $model->setToken(‘zhq123’,1);
$res2 =
m
o
d
e
l
−
>
c
h
e
c
k
t
o
k
e
n
(
model->check_token(
model−>checktoken(res[‘token’]);