/**
* 验证子系统请求头,确保是子系统的请求
*/
public function authenticate($user, $request, $response)
{
$headers = $request->headers;
$ticket = $request->get('ticket');
if (isset($headers['app-id']) && isset($headers['signkey']) && isset($headers['once'])) {
if (!$this->checkHeader($headers)) {
return null;
}
$user = User::findIdentityByTicket($ticket);
if ($user != null) {
\Yii::$app->user->login($user);
return $user;
}
}
if ($ticket !== null) {
$this->handleFailure($response);
}
return null;
}