大概逻辑就是:客服端发来post数据,在发送的时候给数据加一个sign字段,字段内容是客户端和服务端通过appid和serect进行加密的字符串, 客户端和服务端的appid和serect是一样的。
服务端收到数据后,把数据按照客户端一样的方式生成sign,再进行比较,相等则说明通过,验签主要是为了验证是否是指定用户发来的请求。避免安全隐患
<?php
namespace ThreeTrafficNanchang\Controller;
use ThreeTrafficNanchang\Model\UtilModel;
use Think\Controller;
/**
* 客户端
* @return mixed
* @author Yuanhang Liu & Xiaoyun Liu
* @date 2020/10/14 00:03
*/
class ClientController extends Controller
{
private $appid = "";
private $secret = "";
public function __construct()
{
$this->appid = "xiaoyunyunzhenshidaniuniu";
$this->secret = "xiaohanghangzhenshidaniuniu";
}
public function ClientData()
{
//需要给服务端传的数据
$data['create'][] = [
"Address" => 360100,
"CompanyId" => "1200WLCXEK1J",
"TotalMile" => 36353.0,
"UpdateTime" => 20201027055008,
"VehicleNo" => "贵A370WB"
];
$data['create'][] = [
"Address" => 120000,
"CompanyId" => "1200",
"TotalMile" => 36.0,
"UpdateTime" => 20201051262152,
"VehicleNo" => "湘A370WB"
];
$data['timestamp'] = time();
$appid = $this->appid;
$secret = $this->secret;
//获取签名
$sign = UtilModel::getSign($data,$appid,$secret);
//将sign拼接到数据后
$data['sign'] = $sign;
//curl传值
$res = UtilModel::posturl("www.wanglu.cn/ThreeTrafficNanchang/Servers/getClientData",$data);
print_r($res);
}
}
<?php
namespace ThreeTrafficNanchang\Controller;
use ThreeTrafficNanchang\Model\UtilModel;
use Think\Controller;
/**
* 服务端
* @return mixed
* @author Yuanhang Liu & Xiaoyun Liu
* @date 2020/10/14 00:03
*/
class ServersController extends Controller
{
private $appid = "";
private $secret = "";
public function __construct()
{
$this->appid = "xiaoyunyunzhenshidaniuniu";
$this->secret = "xiaohanghangzhenshidaniuniu";
}
//接收客户端数据
public function getClientData()
{
$appid = $this->appid;
$secret = $this->secret;
$param = json_decode(file_get_contents('php://input'),true);
//判断客户端是否传了sign
if(!isset($param['sign'])||empty($param['sign'])){
return json_encode(['code'=>100,'msg'=>'参数不全']);
}
if(!isset($param['timestamp'])||empty($param['timestamp'])){
return json_encode(['code'=>101,'msg'=>'发送的数据参数不合法']);
}
// 验证请求, 10分钟失效
if(time() - $param['timestamp'] > 600) {
return json_encode(['code'=>101,'msg'=>'验证失效, 请重新发送请求']);
}
//客户端传过来的sign
$clientSign = $param['sign'];
unset($param['sign']);
//服务端获取签名
$sign = UtilModel::getSign($param,$appid,$secret);
if($sign==$clientSign){
echo "验证通过";
//整理数据入库
}else{
echo "验证不通过";
}
}
}
<?php
namespace ThreeTrafficNanchang\Model;
use Think\Model;
class UtilModel extends Model{
public function getSign($data,$appid,$secret){
//对参数进行排序
ksort($data);
//变成url模式
$param = http_build_query($data);
$sign = md5($param.$appid.$secret);
return $sign;
}
public function posturl($url,$data){
$data = json_encode($data);
$headerArray =array("Content-type:application/json;charset='utf-8'","Accept:application/json");
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,FALSE);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl,CURLOPT_HTTPHEADER,$headerArray);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($curl);
curl_close($curl);
return json_decode($output,true);
}
}