OTHER_COMPANY_PROJECTS / ota

Download as
Browse Code »

Commit 831c9f5b8a69fe952e1494a86a1ad080f19117e2

Authored by xu
1 parent 22c5f500
Exists in master

1. 设备授权接口添加设备ID ,厂商,项目,型号,生产日期的校验

Showing 2 changed files with 27 additions and 11 deletions   Show diff stats
app-api/controllers/AuthDeviceController.php
  Diff comments   View file @831c9f5
@@ -31,7 +31,7 @@ use function time; @@ -31,7 +31,7 @@ use function time;
31 */ 31 */
32 class AuthDeviceController extends BaseController 32 class AuthDeviceController extends BaseController
33 { 33 {
34 - const SIGN_SALT = '13456'; 34 + private static $SIGN_SALT = '13456';
35 35
36 private static function myLog($str) 36 private static function myLog($str)
37 { 37 {
@@ -64,10 +64,25 @@ class AuthDeviceController extends BaseController @@ -64,10 +64,25 @@ class AuthDeviceController extends BaseController
64 $productionNo = isset($getPostData['production'])?$getPostData['production']:''; 64 $productionNo = isset($getPostData['production'])?$getPostData['production']:'';
65 $timestamp = isset($getPostData['timestamp'])?$getPostData['timestamp']:''; 65 $timestamp = isset($getPostData['timestamp'])?$getPostData['timestamp']:'';
66 $sign = isset($getPostData['sign'])?$getPostData['sign']:''; 66 $sign = isset($getPostData['sign'])?$getPostData['sign']:'';
  67 + if (empty($deviceId) || empty($manufactureNo) || empty($projectNo) || empty($modelNo) || empty($productionNo)) {
  68 + $e->message = '传入的数据部分为空';
  69 + return $e;
  70 + }
  71 + $pattern = "/^[a-zA-Z0-9]+$/";
  72 + $dexPattern = "/^[0-9a-fA-F]+$/";
  73 + if (!preg_match($pattern, $deviceId) || !preg_match($dexPattern, $manufactureNo) || !preg_match($dexPattern, $modelNo) || !preg_match($dexPattern, $productionNo)) {
  74 + $e->status = 9;
  75 + $e->message = '传入的数据字段格式不对';
  76 + return $e;
  77 + }
  78 + if (isset(Yii::$app->params['secretKey']) && !empty(Yii::$app->params['secretKey'])) {
  79 + $salt = Yii::$app->params['secretKey'];
  80 + } else {
  81 + $salt = isset(Yii::$app->params['secretKey'])? Yii::$app->params['secretKey']: self::$SIGN_SALT;
  82 + }
67 83
68 - $salt = self::SIGN_SALT;  
69 $makeSign = md5($manufactureNo . $projectNo. $modelNo . $productionNo . $timestamp . $deviceId. $salt); 84 $makeSign = md5($manufactureNo . $projectNo. $modelNo . $productionNo . $timestamp . $deviceId. $salt);
70 - if ($sign != $makeSign) { 85 + if ($sign != $makeSign || empty($sign)) {
71 $e->status = 2; 86 $e->status = 2;
72 $e->message = '签名出错'; 87 $e->message = '签名出错';
73 return $e; 88 return $e;
console/controllers/TestController.php
  Diff comments   View file @831c9f5
@@ -22,7 +22,8 @@ class TestController extends Controller @@ -22,7 +22,8 @@ class TestController extends Controller
22 22
23 public function actionGen() 23 public function actionGen()
24 { 24 {
25 - echo sprintf('%04x', 1); 25 + $no = hexdec('000A') + 1;
  26 + echo sprintf('%04X', $no);
26 } 27 }
27 28
28 public function actionCheckSign() 29 public function actionCheckSign()
@@ -34,13 +35,13 @@ class TestController extends Controller @@ -34,13 +35,13 @@ class TestController extends Controller
34 35
35 public function actionDeviceAuth() 36 public function actionDeviceAuth()
36 { 37 {
37 - //$url = 'http://kingb:8012/app-api/web/authDevice';  
38 - $url = 'http://47.107.95.101/app-api/web/authDevice';  
39 - $manufactureNo = '0003';  
40 - $device_id = '000000010108';  
41 - $projectNo = '0003';  
42 - $modelNo = '0002';  
43 - $productionNo = '0004'; 38 + $url = 'http://kingb:8012/app-api/web/authDevice';
  39 + //$url = 'http://47.107.95.101/app-api/web/authDevice';
  40 + $manufactureNo = '0001';
  41 + $device_id = 'DEVICE00000A';
  42 + $projectNo = '0001';
  43 + $modelNo = '0001';
  44 + $productionNo = '0001';
44 $timestamp = time(); 45 $timestamp = time();
45 $salt = 13456; 46 $salt = 13456;
46 $sign = md5($manufactureNo. $projectNo. $modelNo . $productionNo . $timestamp .$device_id. $salt); 47 $sign = md5($manufactureNo. $projectNo. $modelNo . $productionNo . $timestamp .$device_id. $salt);