function __invoke($req, $res, $next)
{
$apip = apip::getInstance();
$captchaType = $req->getAttribute('route')->getArgument('AliceSPA_CaptchaType');
$body = $req->getParsedBody();
if (!empty($captchaType) && !empty($body) && !empty($body['AliceSPA_Captcha'])) {
$captcha = $body['AliceSPA_Captcha'];
$validTime = null;
if ($captchaType === 'image') {
$validTime = configHelper::getCoreConfig()['imageCaptchaValidTime'];
}
if ($captchaType === 'SMS') {
$validTime = configHelper::getCoreConfig()['SMSCaptchaValidTime'];
}
$r = VCManager::getInstance()->check($captcha['id'], $captcha['code'], $captchaType, $validTime);
if ($r === false) {
$apip->pushError(6);
return $res;
}
} else {
$apip->pushError(6);
return $res;
}
return $next($req, $res);
}
function setAPIException($e)
{
if (configHelper::getCoreConfig()['showAPIExceptoin']) {
$edata = [];
$edata['code'] = $e->getCode();
$edata['message'] = $e->getMessage();
$edata['file'] = $e->getFile();
$edata['line'] = $e->getLine();
$edata['trace'] = $e->getTrace();
$this->data['APIException'] = $edata;
}
}
public function authenticateByWebToken($userId, $webToken)
{
$db = db::getInstance();
$user = $db->get('aspa_account', '*', ['AND' => ['id' => $userId, 'web_token' => $webToken]]);
if (!$user) {
throw new APIException(1);
return false;
}
$web_token_create_time = $user['web_token_create_time'];
if (empty($web_token_create_time)) {
return false;
}
if (time() - utils::datetimeMysql2PHP($web_token_create_time) > configHelper::getCoreConfig()['webTokenValidTime']) {
return false;
}
unset($user['password']);
unset($user['web_token_create_time']);
$this->isLoggedIn = true;
$this->userInfo = $user;
return $this->userInfo;
}
<?php
$APP_PATH = dirname(dirname(__FILE__));
$SERVER_PATH = dirname($APP_PATH);
$AliceSPA_PATH = $SERVER_PATH . '/AliceSPA';
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use AliceSPA\Helper\Config as configHelper;
require $SERVER_PATH . '/vendor/autoload.php';
require $APP_PATH . '/Config/load.php';
$app = new \Slim\App(['settings' => $AliceSPAConfig['slimConfig']]);
require $AliceSPA_PATH . '/Exception/load.php';
require $AliceSPA_PATH . '/Service/load.php';
require $AliceSPA_PATH . '/Middleware/load.php';
require $AliceSPA_PATH . '/Helper/load.php';
//API
require $AliceSPA_PATH . '/API/load.php';
//--API
configHelper::setConfig($AliceSPAConfig);
configHelper::setErrors($AliceSPAErrors);
if (!empty(configHelper::getCoreConfig()['CORSOrigin'])) {
$app->options('/{routes:.+}', function ($request, $response, $args) {
return $response;
});
$app->add(function ($req, $res, $next) {
$response = $next($req, $res);
return $response->withHeader('Access-Control-Allow-Origin', configHelper::getCoreConfig()['CORSOrigin'])->withHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Accept, Origin, Authorization' . ', AliceSPA-UserID, AliceSPA-WebToken, AliceSPA-SessionID')->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
});
}
$app->run();
public function clearSessions()
{
$db = db::getInstance();
$db->delete('aspa_session', ['create_time[<]' => utils::datetimePHP2Mysql(time() - configHelper::getCoreConfig()['sessionValidTime'])]);
return true;
}