/** * PHPWebDevelopers\Api\Common\Http\Response constructor * * @param string $content * @param int $code * @param string $status */ public function __construct($content = null, $code = null, $status = null) { parent::__construct($content, $code, $status); $request = new PhalconRequest(); //@TODO Security fail!! Please do not go with this BETA $origin = $request->getHeader("ORIGIN"); if (!empty($origin)) { parent::setHeader("Access-Control-Allow-Origin", $origin); } parent::setContentType(self::CONTENT_TYPE_JSON, self::CHARSET); parent::setHeader("Access-Control-Allow-Methods", self::ALLOW_METHODS); parent::setHeader("Access-Control-Allow-Headers", self::ALLOW_HEADERS); parent::setHeader("Access-Control-Allow-Credentials", self::ALLOW_CREDENTIALS); }
/** * 验证token * @return bool false为非法 否则返回储存在数据库的token值 */ public function verifyToken() { $request = new Request(); $token = $request->getHeader('token'); if (!empty($token)) { session_id($token); $cacheToken = json_decode($this->session->get('token')); //从缓存中取得token if (null == $cacheToken) { $tokenModel = new Token(); // 避免缓存失效,再去数据库里面拿 $cacheToken = $tokenModel->findToken($token); if (false == $cacheToken) { return false; } } $offset = time() - intval($cacheToken->expire); if ($offset > 0) { // 过期 return false; } if (!empty($cacheToken->logout_time)) { // 已经退出登录 return false; } session_id($token); // 设置session,方便取session的值 return $cacheToken; } // 为空,直接返回false return false; }
/** * I fetch a value from pathparams and request * @todo wrap pathparams and request in a composite * @param $pathParams * @param Request $Request * @return bool * @throws \Exception */ public function fetch($pathParams, Request $Request) { $this->value = null; $this->_hasFetched = false; $filters = []; $name = $this->_data->name; switch ($this->_data->in) { case 'path': if (array_key_exists($name, $pathParams)) { $this->_hasFetched = true; $this->setValue($pathParams[$name]); } break; case 'query': $this->_hasFetched = $Request->hasQuery($name); $this->setValue($Request->getQuery($name, $filters, null)); break; case 'header': // this syntax won't work... yet??? //$value = $Request->getHeader($name, $filters, null); $nameWithHttpPrefix = strtoupper(str_replace('-', '_', $name)); if ($Request->hasServer($name) || $Request->hasServer($nameWithHttpPrefix)) { $this->setValue($Request->getHeader($name)); $this->_hasFetched = true; } break; case 'formData': switch (strtolower($Request->getMethod())) { case 'post': if ($Request->hasPost($name)) { $this->_hasFetched = true; $this->setValue($Request->getPost($name, $filters, null)); } break; case 'put': if ($Request->hasPut($name)) { $this->_hasFetched = true; $this->setValue($Request->getPut($name, $filters, null)); } break; // parameters on delete request not supported yet // parameters on delete request not supported yet case 'delete': default: throw new \Exception('TBI: ' . $Request->getMethod()); } break; case 'body': throw new \Exception('TBI'); break; default: throw new \Exception('invalid or not implemented "in" value: ' . $this->_data->in); } return $this->_hasFetched; }
/** * 验证token * @return bool false为非法 否则返回储存在数据库的token值 */ public function verifyToken() { $request = new Request(); $token = $request->getHeader('token'); if (!empty($token)) { session_id($token); $cacheToken = $this->session->get('token'); //从session中取得token if (null == $cacheToken) { $tokenModel = new Token(); // 避免缓存失效,再去数据库里面拿 $cacheToken = $tokenModel->findFirst("token='" . $token . "'"); if (false == $cacheToken) { return false; } else { $this->session->set('token', $token); // 再次存进session中去 } } $offset = time() - intval($cacheToken->expire); if ($offset > 0) { // 过期 $this->session->set('token', null); return false; } if (!empty($cacheToken->logout_time)) { // 已经退出登录 $this->session->set('token', null); return false; } return $cacheToken; } // 为空,直接返回false return false; }
/** * @param $header * @return string */ public function getHeader($header) { return $this->request->getHeader($header); }