diff --git a/.env.example b/.env.example index cd06cc8..9806745 100644 --- a/.env.example +++ b/.env.example @@ -33,3 +33,6 @@ PUSHER_APP_ID= PUSHER_APP_KEY= PUSHER_APP_SECRET= PUSHER_APP_CLUSTER=mt1 + +SIGN_SECRET=sdfasdfs +ENCRY_SECRET=sdfasdfs diff --git a/app/Http/Controllers/OutController.php b/app/Http/Controllers/OutController.php new file mode 100644 index 0000000..64fe0a4 --- /dev/null +++ b/app/Http/Controllers/OutController.php @@ -0,0 +1,99 @@ +get('ts'); + $sign = $this->getSign($ts, 'get_config'); + if ($sign != $request->get('sign')) { + $this->returnJson([], 400, "签名不对"); + exit; + } + $data = System::find(1); + $arr = [ + 'app_address' => $this->decry_data($data->app_address) ?: "", + 'app_key' => $this->decry_data($data->app_key) ?: "", + 'gui_address' => $this->decry_data($data->gui_address) ?: "", + ]; + $this->returnJson($arr); + exit; + } catch (\Exception $e) { + $msg = $e->getMessage(); + } + $this->returnJson([], 400, $msg); + exit; + } + + public function updateConfig(Request $request){ + try { + + $ts = $request->get('ts'); + $sign = $this->getSign($ts, 'edit_config'); + + if ($sign != $request->get('sign')) { + $this->returnJson([], 400, "签名不对"); + exit; + } + $app_address=$request->post('app_address'); + $app_key=$request->post('app_key'); + $gui_address=$request->post('gui_address'); + + System::where(['id'=>1])->update( + [ + 'app_address' => $this->encry_data($app_address), + 'app_key' => $this->encry_data($app_key), + 'gui_address' => $this->encry_data($gui_address), + ] + ); + $arr = [ + 'app_address' => $app_address, + 'app_key' => $app_key, + 'gui_address' => $gui_address, + ]; + + $this->returnJson($arr); + exit; + } catch (\Exception $e) { + $msg = $e->getMessage(); + } + $this->returnJson([], 400, $msg); + } + + private function getSign($ts,$api): string + { + $sinArr = [ + 'secret' => config('secret.sign_key') , + 'ts' => $ts, + 'api' => $api, + ]; + $str = implode("|", $sinArr); + return md5($str); + } + + private function returnJson($data,$code=200,$msg=""){ + $data = [ + 'code' => $code, + 'msg' => $msg, + 'data' => (object)$data, + ]; + echo json_encode($data, 256); + exit; + } + + + private function encry_data($data){ + $key = config('secret.encry_key'); + return openssl_encrypt($data, 'AES-256-ECB', $key); + } + + private function decry_data($endata){ + $key = config('secret.encry_key'); + return openssl_decrypt($endata, 'AES-256-ECB', $key); + } +} diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php index 25577f3..5aba05f 100644 --- a/app/Http/Middleware/VerifyCsrfToken.php +++ b/app/Http/Middleware/VerifyCsrfToken.php @@ -12,6 +12,7 @@ class VerifyCsrfToken extends Middleware * @var array */ protected $except = [ - '/lang' + '/lang', + '/edit_config' ]; } diff --git a/config/secret.php b/config/secret.php new file mode 100644 index 0000000..5198f0c --- /dev/null +++ b/config/secret.php @@ -0,0 +1,5 @@ + env('SIGN_SECRET', '111111'),//api签名密钥 + 'encry_key' => env('ENCRY_SECRET', '222222')//加密密钥 +]; diff --git a/routes/web.php b/routes/web.php index a934f93..b68b37e 100644 --- a/routes/web.php +++ b/routes/web.php @@ -11,6 +11,10 @@ use App\Tool\Google; | contains the "web" middleware group. Now create something great! | */ +Route::group([],function ($route){ + $route->get('get_config', 'OutController@getConfig'); + $route->post('edit_config', 'OutController@updateConfig'); +}); Route::any('/lang', 'LangController@language');