From 831c9f5b8a69fe952e1494a86a1ad080f19117e2 Mon Sep 17 00:00:00 2001 From: xu Date: Thu, 7 Nov 2019 12:06:39 +0800 Subject: [PATCH] 1. 设备授权接口添加设备ID ,厂商,项目,型号,生产日期的校验 --- app-api/controllers/AuthDeviceController.php | 21 ++++++++++++++++++--- console/controllers/TestController.php | 17 +++++++++-------- 2 files changed, 27 insertions(+), 11 deletions(-) diff --git a/app-api/controllers/AuthDeviceController.php b/app-api/controllers/AuthDeviceController.php index 8e02b04..95e3d02 100644 --- a/app-api/controllers/AuthDeviceController.php +++ b/app-api/controllers/AuthDeviceController.php @@ -31,7 +31,7 @@ use function time; */ class AuthDeviceController extends BaseController { - const SIGN_SALT = '13456'; + private static $SIGN_SALT = '13456'; private static function myLog($str) { @@ -64,10 +64,25 @@ class AuthDeviceController extends BaseController $productionNo = isset($getPostData['production'])?$getPostData['production']:''; $timestamp = isset($getPostData['timestamp'])?$getPostData['timestamp']:''; $sign = isset($getPostData['sign'])?$getPostData['sign']:''; + if (empty($deviceId) || empty($manufactureNo) || empty($projectNo) || empty($modelNo) || empty($productionNo)) { + $e->message = '传入的数据部分为空'; + return $e; + } + $pattern = "/^[a-zA-Z0-9]+$/"; + $dexPattern = "/^[0-9a-fA-F]+$/"; + if (!preg_match($pattern, $deviceId) || !preg_match($dexPattern, $manufactureNo) || !preg_match($dexPattern, $modelNo) || !preg_match($dexPattern, $productionNo)) { + $e->status = 9; + $e->message = '传入的数据字段格式不对'; + return $e; + } + if (isset(Yii::$app->params['secretKey']) && !empty(Yii::$app->params['secretKey'])) { + $salt = Yii::$app->params['secretKey']; + } else { + $salt = isset(Yii::$app->params['secretKey'])? Yii::$app->params['secretKey']: self::$SIGN_SALT; + } - $salt = self::SIGN_SALT; $makeSign = md5($manufactureNo . $projectNo. $modelNo . $productionNo . $timestamp . $deviceId. $salt); - if ($sign != $makeSign) { + if ($sign != $makeSign || empty($sign)) { $e->status = 2; $e->message = '签名出错'; return $e; diff --git a/console/controllers/TestController.php b/console/controllers/TestController.php index 2541c71..67eeadc 100644 --- a/console/controllers/TestController.php +++ b/console/controllers/TestController.php @@ -22,7 +22,8 @@ class TestController extends Controller public function actionGen() { - echo sprintf('%04x', 1); + $no = hexdec('000A') + 1; + echo sprintf('%04X', $no); } public function actionCheckSign() @@ -34,13 +35,13 @@ class TestController extends Controller public function actionDeviceAuth() { - //$url = 'http://kingb:8012/app-api/web/authDevice'; - $url = 'http://47.107.95.101/app-api/web/authDevice'; - $manufactureNo = '0003'; - $device_id = '000000010108'; - $projectNo = '0003'; - $modelNo = '0002'; - $productionNo = '0004'; + $url = 'http://kingb:8012/app-api/web/authDevice'; + //$url = 'http://47.107.95.101/app-api/web/authDevice'; + $manufactureNo = '0001'; + $device_id = 'DEVICE00000A'; + $projectNo = '0001'; + $modelNo = '0001'; + $productionNo = '0001'; $timestamp = time(); $salt = 13456; $sign = md5($manufactureNo. $projectNo. $modelNo . $productionNo . $timestamp .$device_id. $salt); -- libgit2 0.21.0