REAPI/app/gateway/service/AuthService.php

<?php

namespace app\gateway\service;

use app\core\Service;

/**
 * 权限业务处理器
 * Class AuthService
 * @package app\gateway\service
 */
class AuthService
{
	/**
     * time
     *
     * @var int
     */
    const TIME = 300;

    /**
     * default token
     *
     * @var string
     */
    private static $token = 'dever_api';

	/**
     * get
     *
     * @return mixed
     */
    public static function get($request, $token = false, $sign_type = 1)
    {
        if ($sign_type == 2) {
            $type = 'md5';
            $request['token'] = $request['token'] ?? $token;
        } else {
            $type = 'sha1';
            $request['time'] = $request['time'] ?? self::timestamp();
            $request['nonce'] = $request['nonce'] ?? self::nonce();
            $request['token'] = $request['token'] ?? self::token($token);
        }
        if(isset($request['version'])){
            $request['sign'] = self::signature($request, $type);
        }else{
            $request['signature'] = self::signature($request, $type);
        }

        unset($request['token']);
        return $request;
    }

    /**
     * check
     * @param      $request
     * @param bool $token
     * @param int  $sign_type
     * @return string
     */
    public static function check($request, $token = false, $sign_type = 1)
    {
        if(isset($request['version']) && isset($request['signature'])){
            return -5;
        }

        if(isset($request['version']) && empty($request['sign'])){
            return -5;
        }

        if (empty($request['signature']) && !isset($request['sign'])) {
            return -5;
        }

        if(isset($request['version'])){
            $check = $request['sign'];
            unset($request['sign']);
        }else{
            $check = $request['signature'];
            unset($request['signature']);
        }

        if(isset($request['controller'])){
            unset($request['controller']);
        }

        if(isset($request['function'])){
            unset($request['function']);
        }



        if ($sign_type == 2) {
            $type = 'md5';
            $request['token'] = $token;
        } else {
            $type = 'sha1';

            if (empty($request['nonce'])) {
                return -6;
            }

            if (empty($request['time'])) {
                return -7;
            }

            if (time() - $request['time'] > self::TIME) {
                return -8;
            }
            $request['token'] = self::token($token);
        }

        # 此处后边要加上防止重复请求的记录，用redis来记录即可
        
        $signature = self::signature($request, $type);

        if ($check != $signature) {
            return -9;
        }

        return $signature;
    }

    /**
     * signature
     *
     * @return mixed
     */
    public static function signature($request = array(), $type = 'sha1', $suffix = '', $empty = true)
    {
        ksort($request);

        if(isset($request['controller'])){
            unset($request['controller']);
        }

        if(isset($request['function'])){
            unset($request['function']);
        }

        if(isset($request['sign'])){
            unset($request['sign']);
        }

        if(isset($request['signature'])){
            unset($request['signature']);
        }

        $signature_string = '';
        foreach ($request as $k => $v) {
            if (strstr($v, 'http') && !strstr($v, '%')) {
                $v = urlencode($v);
            }
            if (!$empty) {
                $signature_string .= $k . '=' . $v . '&';
            } elseif (strlen($v) && $v != 'empty') {
                $signature_string .= $k . '=' . $v . '&';
            }
        }
        if ($suffix != '&') {
            $signature_string = substr($signature_string, 0, -1) . $suffix;
        }
//        var_dump($signature_string);die;
        
        return $type($signature_string);
    }

    /**
     * token
     *
     * @return mixed
     */
    public static function token($token, $type = 'sha1')
    {
    	if ($token) {
    		self::$token = $token;
    	}
        
        return $type(self::$token);
    }

    /**
     * nonce
     *
     * @return mixed
     */
    public static function nonce()
    {
        return substr(sha1(microtime()), rand(10, 15));
    }

    /**
     * timestamp
     *
     * @return mixed
     */
    public static function timestamp()
    {
        list($msec, $sec) = explode(' ', microtime());
        $msectime = (float)sprintf('%.0f', (floatval($msec) + floatval($sec)) * 1000);
        return $msectime;
    }
}