/** * authenticate api鉴权方法 */ public function authenticate() { $data = $_SERVER['REQUEST_METHOD'] == 'GET' ? $_GET : $_POST; $type = $_SERVER['REQUEST_METHOD'] == 'GET' ? 'read' : 'write'; $param = new WF_Parameter(); $token = $param->query('token', ''); $ts = $param->query('ts', 0); $ua = $param->query('ua', ''); if (!WF_Config::get("auth.{$type}", false)) { return true; } if (!$token || !$ts || !$ua) { throw new LogicException('授权参数缺失', 403); } if (abs(time() - $ts) > 300) { throw new LogicException('鉴权超时', 403); } $tokenizer = new Token(); if (!$tokenizer->check($token, $ua, $ts, $data)) { throw new LogicException('未授权的访问', 403); } }
public function serialize($data, $seperator = null) { if (is_string($data)) { return $data; } $arr = array(); foreach ($data as $key => $value) { if (is_integer($key)) { array_push($arr, $value); } else { array_push($arr, strtoupper($key)); if (strval($value) === '') { $value = '-'; } array_push($arr, $value); } } if ($seperator == null) { $seperator = WF_Config::get('log_seperator', "\t"); } return implode($seperator, $arr); }