header('appid'); $url = $request->header('url'); $timestamp = $request->header('timestamp'); $sign = $request->header('sign'); //验证参数 if(empty($appid) || empty($url) || empty($timestamp) || empty($sign)){ return JsonService::fail('缺少请求头参数', [], 0); } //获取子系统信息 $system = System::field('system_appid,system_appkey,system_url,system_status')->where('system_appid',$appid)->where('system_url',$url)->findOrEmpty(); if($system->isEmpty()){ return JsonService::fail('应用ID无效', [], 0); } if($url != $system['system_url']){ return JsonService::fail('请求来源异常', [], 0); } if($system['system_status'] != 0){ return JsonService::fail('应用已被禁用或注销', [], 0); } //验证签名 $checkSign = ApiSignService::verifySign(['appid'=>$appid,'url'=>$url,'timestamp'=>$timestamp,'sign'=>$sign],$system['system_appkey']); if($checkSign['code'] == 0){ return JsonService::fail($checkSign['msg'],[],0); } return $next($request); } }