api接口数据-验证-整理 · 从基础到运用-ThinkPHP6有哪些核心能力

http://www.thinkphp.cn/topic/66124.html 整理一下，前端向接口请求数据时的验证：比如我写了一个文章列表数据接口，那么我需要验证哪些规则，由此，我想了一下，**除开签名验证，大概就只有ssl协议，白名单\[ip,域名,url\]，黑名单\[ip,域名,url\]，请求频率\[eg:每10秒，最大请求数\]，设备【电脑,手机】，终端浏览器\[微信,qq,...\],设置请求方式并禁用curl获取数据\[保证用户只能在页面使用ajax请求\]**。如果不做请求方式的限制，那么就其他人就能通过curl方式获取到数据，于是写了下面一个例子，暂时还没有加入签名验证，后续有时间将把签名加进去。今天先整理这些：` 1. <?php 2. /** 3. * +---------------------------------------------------------------------- 4. * | ThinkPHP [ WE CAN DO IT JUST THINK ] 5. * +---------------------------------------------------------------------- 6. * | Copyright (c) 2019 ahai574 All rights reserved. 7. * +---------------------------------------------------------------------- 8. * | Licensed ( ++++ahai574++++ ) 9. * +---------------------------------------------------------------------- 10. * | Author: 阿海 <764882431@qq.com> 11. * +---------------------------------------------------------------------- 12. */ 13. /** 14. * 请求验证 15. * demo: 16. * $checkRequest = new CheckRequest(); 17. * $checkRequest->setAjax('get',true); 18. * $checkRequest->setBlackList('10.0.0.155',false); 19. * $checkRequest->setWhiteList('10.0.0.15'); 20. * $checkRequest->setDevice('mobile,pc',false); 21. * $checkRequest->setTerminal('uc,weixin',false); 22. * $checkRequest->setFrequent(10,3,true); 23. * $checkRequest->setSsl(false); 24. * $result = $checkRequest->check(); 25. * if(!$result['result']) return json($result); 26. */ 28. namespace app\common\library; 30. use think\Controller; 31. use think\Exception; 32. use think\facade\Request; 34. classCheckRequestextendsController 35. { 36. /** 37. * 开启协议请求必须是 https 38. * boolean 39. */ 40. private $isSsl =false; 42. /** 43. * 开启验证请求为【页面内】ajax请求 44. * boolean 45. */ 46. private $isAjax =true; 48. /** 49. * ajax请求方式[eg:[post,get,put]] 50. * array 51. */ 52. private $ajax =[]; 54. /** 55. * 是否开启频繁请求验证 56. * boolean 57. */ 58. private $isFrequently =false; 60. /** 61. * 频繁请求的秒数 62. * int 63. */ 64. private $requestTime =10; 66. /** 67. * 频繁请求 ($requestTime)10秒内的最大访问次数 68. * int 69. */ 70. private $frequency =50; 72. /** 73. * 是否开启白名单验证 74. * boolean 75. */ 76. private $isWhiteList =false; 78. /** 79. * ip白名单或者域名白名单 80. * [ 81. * 完整的域名(eg:http:test.baidu.com)，主域名(eg:baidu.com)， 82. * 子域名[eg:test.baidu.com]，url完整路径(eg:http://test.baidu.com/test/test.html) 83. * ] 84. * array 85. */ 86. private $whiteList =['127.0.0.1']; 88. /** 89. * 是否开启黑名单验证【优先级大于白名单】 90. * boolean 91. */ 92. private $isBlackList =false; 94. /** 95. * ip黑名单或者域名黑名单 96. * [ 97. * 完整的域名(eg:http:test.baidu.com)，主域名(eg:baidu.com)， 98. * 子域名[eg:test.baidu.com]，url完整路径(eg:http://test.baidu.com/test/test.html) 99. * ] 100. * array 101. */ 102. private $blackList =[]; 104. /** 105. * 是否开启设备验证 106. * boolean 107. */ 108. private $isDevice =false; 110. /** 111. * 设备类型手机[mobile] 电脑['pc'] 112. * array 113. */ 114. private $device =['mobile']; 116. /** 117. * 是否开启终端验证 118. * boolean 119. */ 120. private $isTerminal =false; 122. /** 123. * 终端浏览器类型 (eg:['weixin','qq','baidu','uc']) 124. * array 125. */ 126. private $terminal =['weixin']; 128. /** 129. * 构造函数 constructor. 130. */ 131. publicfunction __construct($config =[]) 132. { 133. parent::__construct(); 135. if(isset($config)&&!is_array($config)){ 136. thrownewException("构造参数config必须是数组"); 137. } 139. $this->isSsl = isset($config['isSsl'])&&!empty($config['isSsl'])? $config['isSsl']: $this->isSsl; 141. $this->isAjax = isset($config['isAjax'])&&!empty($config['isAjax'])? $config['isAjax']: $this->isAjax; 142. $this->ajax = isset($config['ajax'])&& is_array($config['ajax'])? $config['ajax']: $this->ajax; 144. $this->isFrequently = isset($config['isFrequently'])&&!empty($config['isFrequently'])? $config['isFrequently']: $this->isFrequently; 145. $this->requestTime = isset($config['requestTime'])&&!empty($config['requestTime'])? $config['requestTime']: $this->requestTime; 146. $this->frequency = isset($config['frequency'])&&!empty($config['frequency'])? $config['frequency']: $this->frequency; 148. $this->isWhiteList = isset($config['isWhiteList'])&&!empty($config['isWhiteList'])? $config['isWhiteList']: $this->isWhiteList; 149. $this->whiteList = isset($config['whiteList'])&& is_array($config['whiteList'])? array_merge($this->whiteList, $config['whiteList']): $this->whiteList; 151. $this->isBlackList = isset($config['isBlackList'])&&!empty($config['isBlackList'])? $config['isBlackList']: $this->isBlackList; 152. $this->blackList = isset($config['blackList'])&& is_array($config['blackList'])? array_merge($this->blackList, $config['blackList']): $this->blackList; 154. $this->isDevice = isset($config['isDevice'])&&!empty($config['isDevice'])? $config['isDevice']: $this->isDevice; 155. $this->device = isset($config['device'])&& is_array($config['device'])? $config['device']: $this->device; 157. $this->isTerminal = isset($config['isTerminal'])&& is_array($config['isTerminal'])? $config['isTerminal']: $this->isTerminal; 158. $this->terminal = isset($config['terminal'])&& is_array($config['terminal'])? $config['terminal']: $this->terminal; 160. } 162. /** 163. * 检测请求行为 164. * @return boolean 165. */ 166. publicfunction check() 167. { 168. //验证黑名单-- 169. if($this->isBlackList){ 170. //ip，主域名，包含协议域名，请求的url完整路径, 主域名 171. $requestList =[Request::ip(),Request::host(),Request::domain(),Request::url(true),Request::rootDomain()]; 173. if(!empty(array_intersect($this->blackList, $requestList))){ 174. return['result'=>false,'errorMsg'=>'域名[ip]已被禁用','code'=>200]; 175. }else{ 176. //读取数据库黑名单表 177. $list = db('request_blacklist') 178. ->whereOr('ip','eq',Request::ip()) 179. ->whereOr('domain','eq',Request::domain()) 180. ->whereOr('domain','eq',Request::host()) 181. ->whereOr('domain','eq',Request::rootDomain()) 182. ->whereOr('domain','eq',Request::url(true)) 183. ->find(); 184. if(!is_null($list)){ 185. return['result'=>false,'errorMsg'=>'域名[ip]已被禁用','code'=>200]; 186. } 187. } 190. } 192. //验证ssl协议 193. if($this->isSsl){ 194. if(!Request::isSsl()){ 195. return['result'=>false,'errorMsg'=>'请求协议必须是https协议','code'=>200]; 196. } 197. } 199. //验证是否ajax 必须是页面内的请求 [避开curl请求,浏览器直接输入地址] 200. if($this->isAjax){ 201. if(empty($this->ajax)){ 202. if(!Request::isAjax()){ 203. return['result'=>false,'errorMsg'=>'非法请求','code'=>200]; 204. } 205. }else{ 206. if(!in_array(Request::method(), $this->ajax)) 207. { 208. return['result'=>false,'errorMsg'=>'非法请求','code'=>200]; 209. } 210. } 211. } 213. //验证请求频率 214. if($this->isFrequently){ 215. $data =[ 216. 'method'=>Request::method(), 217. 'param'=> json_encode(Request::param()), 218. 'ip'=>Request::ip(), 219. 'url'=>Request::url(true), 220. 'http_user_agent'=> $_SERVER['HTTP_USER_AGENT'], 221. 'is_mobile'=>Request::isMobile()?1:0, 222. 'create_time'=> time() 223. ]; 224. db('request_log')->insert($data); 225. $where =[ 226. ['ip','=',Request::ip()], 227. ['create_time',">=",time()-$this->requestTime] 228. ]; 229. $list = db('request_log')->where($where)->count('id'); 230. if($list > $this->frequency){ 231. $data =[ 232. 'ip'=>Request::ip(), 233. 'domain'=>Request::domain(), 234. 'content'=>'频繁请求', 235. 'create_time'=> time() 236. ]; 237. db('request_blacklist')->insert($data); 238. return['result'=>false,'errorMsg'=>'请求过于频繁，请稍后再进行请求','code'=>200]; 239. } 240. } 242. //验证ip域名白名单 243. if($this->isWhiteList){ 244. //ip，主域名，包含协议域名，请求的url完整路径, 主域名 245. $requestList =[Request::ip(),Request::host(),Request::domain(),Request::url(true),Request::rootDomain()]; 246. if( empty(array_intersect($this->whiteList, $requestList))){ 247. //读取数据库黑名单表 248. $list = db('request_whitelist') 249. ->whereOr('ip','eq',Request::ip()) 250. ->whereOr('domain','eq',Request::domain()) 251. ->whereOr('domain','eq',Request::host()) 252. ->whereOr('domain','eq',Request::rootDomain()) 253. ->whereOr('domain','eq',Request::url(true)) 254. ->find(); 255. if(is_null($list)){ 256. return['result'=>false,'errorMsg'=>'域名[ip]不在白名单中','code'=>200]; 257. } 258. } 259. } 261. //验证设备类型 262. if($this->isDevice){ 263. $requestDevice =Request::isMobile()?'mobile':'pc'; 264. if(!in_array($requestDevice, $this->device)){ 265. return['result'=>false,'errorMsg'=>'不支持当前设备','code'=>200]; 266. } 267. } 269. //验证终端-- 270. if($this->isTerminal){ 271. $requestTerminal = $this->getBrowser(); 272. if(!in_array($requestTerminal, $this->terminal)){ 273. return['result'=>false,'errorMsg'=>'不支持当前浏览器','code'=>200]; 274. } 275. } 277. return['result'=>true,'msg'=>'请求通过','code'=>200]; 279. } 281. /** 282. * 设置 ip 域名白名单 283. * @param $blackList array 284. * @param $isBlackList boolean 285. */ 286. publicfunction setBlackList($blackList =[], $isBlackList =true) 287. { 288. if(!is_array($blackList)) 289. { 290. $blackList = explode(",", $blackList); 291. } 293. if(!is_bool($isBlackList)) 294. { 295. thrownewException("参数isBlackList必须是boolean"); 296. } 298. $this->blackList = array_merge($this->blackList, $blackList); 299. $this->isBlackList = $isBlackList; 301. return $this; 302. } 304. /** 305. * 判断是否微信浏览器 306. */ 307. privatefunction getBrowser() 308. { 309. $agent = $_SERVER['HTTP_USER_AGENT']; 310. if(strpos($agent,'MicroMessenger')!==false) 311. { 312. return"weixin"; 313. }elseif(strpos($agent,'QQBrowser')!==false) 314. { 315. return"qq"; 316. }elseif(strpos($_SERVER['HTTP_USER_AGENT'],'UCBrowser')!==false||strpos($_SERVER['HTTP_USER_AGENT'],'UCWEB')!==false) 317. { 318. return"uc"; 319. }elseif(strpos($agent,'baidu')!==false) 320. { 321. return"baidu"; 322. }else 323. { 324. return"other"; 325. } 326. } 328. /** 329. * 设置是否开启 ajax请求验证 330. * @param $ajax array [post,get] 331. * @param $isAjax boolean 332. */ 333. publicfunction setAjax( $ajax =[],$isAjax =true) 334. { 335. if(!is_array($ajax)){ 336. $ajax = explode(",", $ajax); 337. } 339. if(!is_bool($isAjax)){ 340. thrownewException("参数isAjax必须是boolean类型"); 341. } 343. $this->ajax = array_map('strtoupper',$ajax); 344. $this->isAjax = $isAjax; 346. return $this; 347. } 349. /** 350. * 设置是否开启协议验证 351. * @param $isSsl boolean 352. */ 353. publicfunction setSsl( $isSsl =true) 354. { 355. if(!is_bool($isSsl)){ 356. thrownewException("参数isSsl必须是boolean类型"); 357. } 359. $this->isSsl = $isSsl; 361. return $this; 362. } 364. /** 365. * 设置频繁请求的参数 366. * @param $isFrequently 是否开启验证 367. * @param $requestTime 设置验证的时间数 368. * @param $frequently 设置在规定的时间内的最大请求数 369. */ 370. publicfunction setFrequent($requestTime =10, $frequency =50, $isFrequently =true) 371. { 372. if(!is_int($requestTime)||!is_int($frequency)){ 373. thrownewException("参数[requestTime,requestTime]必须是integer类型"); 374. } 376. if(!is_bool($isFrequently)){ 377. thrownewException("参数frequently必须是boolean类型"); 378. } 380. $this->requestTime = $requestTime; 381. $this->frequency = $frequency; 382. $this->isFrequently = $isFrequently; 384. return $this; 385. } 387. /** 388. * 设置 ip 域名白名单 389. * @param $whiteList array 390. * @param $isWhiteList boolean 391. */ 392. publicfunction setWhiteList($whiteList =[], $isWhiteList =true) 393. { 394. if(!is_array($whiteList)) 395. { 396. $whiteList = explode(",", $whiteList); 397. } 399. if(!is_bool($isWhiteList)) 400. { 401. thrownewException("参数isWhiteList必须是boolean"); 402. } 404. $this->whiteList = array_merge($this->whiteList, $whiteList); 405. $this->isWhiteList = $isWhiteList; 407. return $this; 408. } 410. /** 411. * 设置设备类型 412. * @param $device array | string 413. * @param $isDevice 是否开启验证 414. */ 415. publicfunction setDevice($device =[], $isDevice =true) 416. { 417. if(!is_array($device)) 418. { 419. $device = explode(",", $device); 420. } 422. if(!is_bool($isDevice)) 423. { 424. thrownewException("参数isDevice必须是boolean"); 425. } 427. $this->device = $device; 428. $this->isDevice = $isDevice; 430. return $this; 431. } 433. /** 434. * 设置设备类型 435. * @param $terminal array | string 436. * @param $isTerminal 是否开启验证 437. */ 438. publicfunction setTerminal($terminal =[], $isTerminal =true) 439. { 441. if(!is_array($terminal)) 442. { 443. $terminal = explode(",", $terminal); 444. } 446. if(!is_bool($isTerminal)) 447. { 448. thrownewException("参数isTerminal必须是boolean"); 449. } 451. $this->terminal = $terminal; 452. $this->isTerminal = $isTerminal; 454. return $this; 455. } 459. } 复制代码 `暂时记录这些...