/**
* PHPWebDevelopers\Api\Common\Http\Response constructor
*
* @param string $content
* @param int $code
* @param string $status
*/
public function __construct($content = null, $code = null, $status = null)
{
parent::__construct($content, $code, $status);
$request = new PhalconRequest();
//@TODO Security fail!! Please do not go with this BETA
$origin = $request->getHeader("ORIGIN");
if (!empty($origin)) {
parent::setHeader("Access-Control-Allow-Origin", $origin);
}
parent::setContentType(self::CONTENT_TYPE_JSON, self::CHARSET);
parent::setHeader("Access-Control-Allow-Methods", self::ALLOW_METHODS);
parent::setHeader("Access-Control-Allow-Headers", self::ALLOW_HEADERS);
parent::setHeader("Access-Control-Allow-Credentials", self::ALLOW_CREDENTIALS);
}
/**
* 验证token
* @return bool false为非法 否则返回储存在数据库的token值
*/
public function verifyToken()
{
$request = new Request();
$token = $request->getHeader('token');
if (!empty($token)) {
session_id($token);
$cacheToken = json_decode($this->session->get('token'));
//从缓存中取得token
if (null == $cacheToken) {
$tokenModel = new Token();
// 避免缓存失效,再去数据库里面拿
$cacheToken = $tokenModel->findToken($token);
if (false == $cacheToken) {
return false;
}
}
$offset = time() - intval($cacheToken->expire);
if ($offset > 0) {
// 过期
return false;
}
if (!empty($cacheToken->logout_time)) {
// 已经退出登录
return false;
}
session_id($token);
// 设置session,方便取session的值
return $cacheToken;
}
// 为空,直接返回false
return false;
}
/**
* I fetch a value from pathparams and request
* @todo wrap pathparams and request in a composite
* @param $pathParams
* @param Request $Request
* @return bool
* @throws \Exception
*/
public function fetch($pathParams, Request $Request)
{
$this->value = null;
$this->_hasFetched = false;
$filters = [];
$name = $this->_data->name;
switch ($this->_data->in) {
case 'path':
if (array_key_exists($name, $pathParams)) {
$this->_hasFetched = true;
$this->setValue($pathParams[$name]);
}
break;
case 'query':
$this->_hasFetched = $Request->hasQuery($name);
$this->setValue($Request->getQuery($name, $filters, null));
break;
case 'header':
// this syntax won't work... yet???
//$value = $Request->getHeader($name, $filters, null);
$nameWithHttpPrefix = strtoupper(str_replace('-', '_', $name));
if ($Request->hasServer($name) || $Request->hasServer($nameWithHttpPrefix)) {
$this->setValue($Request->getHeader($name));
$this->_hasFetched = true;
}
break;
case 'formData':
switch (strtolower($Request->getMethod())) {
case 'post':
if ($Request->hasPost($name)) {
$this->_hasFetched = true;
$this->setValue($Request->getPost($name, $filters, null));
}
break;
case 'put':
if ($Request->hasPut($name)) {
$this->_hasFetched = true;
$this->setValue($Request->getPut($name, $filters, null));
}
break;
// parameters on delete request not supported yet
// parameters on delete request not supported yet
case 'delete':
default:
throw new \Exception('TBI: ' . $Request->getMethod());
}
break;
case 'body':
throw new \Exception('TBI');
break;
default:
throw new \Exception('invalid or not implemented "in" value: ' . $this->_data->in);
}
return $this->_hasFetched;
}
/**
* 验证token
* @return bool false为非法 否则返回储存在数据库的token值
*/
public function verifyToken()
{
$request = new Request();
$token = $request->getHeader('token');
if (!empty($token)) {
session_id($token);
$cacheToken = $this->session->get('token');
//从session中取得token
if (null == $cacheToken) {
$tokenModel = new Token();
// 避免缓存失效,再去数据库里面拿
$cacheToken = $tokenModel->findFirst("token='" . $token . "'");
if (false == $cacheToken) {
return false;
} else {
$this->session->set('token', $token);
// 再次存进session中去
}
}
$offset = time() - intval($cacheToken->expire);
if ($offset > 0) {
// 过期
$this->session->set('token', null);
return false;
}
if (!empty($cacheToken->logout_time)) {
// 已经退出登录
$this->session->set('token', null);
return false;
}
return $cacheToken;
}
// 为空,直接返回false
return false;
}
/**
* @param $header
* @return string
*/
public function getHeader($header)
{
return $this->request->getHeader($header);
}
