新闻页加验证

Modules/Camera/Routes/api.php

@@ -53,7 +53,7 @@ Route::namespace('Api')->group(function () {
     Route::get('camera/get_total_string', 'CameraApiController@getTotalString');//宁煤摄像头统计字符串
     Route::get('test', 'CameraApiController@test');
     Route::post('oss_url','CameraApiController@ossUrl');//文章图片上传至阿里云
-    Route::post('article_list','CameraApiController@articleList');//文章列表
+    Route::post('article_list','CameraApiController@articleList')->middleware('accesskey');//文章列表
     Route::post('duty_information','CameraApiController@dutyInformation');//值班信息
     Route::post('type_list','CameraApiController@typeList');//分类列表
     Route::post('camera_record_insert','CameraApiController@cameraRecordInsert');//摄像托访问记录入库
@@ -105,4 +105,4 @@ Route::namespace('Api')->group(function () {
     Route::post('task_xixuan/dahua_talk','CameraApiController@dahuaTalk');//大华语音对讲
     Route::post('task_xixuan/dahua_stop_talk','CameraApiController@dahuaStopTalk');//大华语音对讲
     Route::post('task_xixuan/hik_talk','CameraApiController@hikTalk');//海康语音对讲
-});
+});

app/Http/Kernel.php

@@ -60,6 +60,7 @@ class Kernel extends HttpKernel
         'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
         'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
+        'accesskey' => \App\Http\Middleware\AccessKeyMiddleware::class,
     ];
 
     /**

app/Http/Middleware/AccessKeyMiddleware.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Config;
+
+class AccessKeyMiddleware
+{
+    public function handle(Request $request, Closure $next)
+    {
+        $clientIp = $request->header('X-Forwarded-For');
+        if (!$clientIp) {
+            $clientIp = $request->ip();
+        }
+        $accessKeyInHeader = $request->header('accesskey');
+        $accessKeyInEnv = env('VALID_ACCESS_KEY');
+        $internalIpRanges = [
+            '10.0.0.0/8',
+            '172.16.0.0/12',
+            '192.168.0.0/16'
+        ];
+        $isInternalIp = false;
+        foreach ($internalIpRanges as $range) {
+            if (strpos($range, '/')!== false) {
+                list($subnet, $bits) = explode('/', $range);
+                $ipLong = ip2long($clientIp);
+                $subnetLong = ip2long($subnet);
+                $mask = -1 << (32 - $bits);
+                if (($ipLong & $mask) === ($subnetLong & $mask)) {
+                    $isInternalIp = true;
+                    break;
+                }
+            } elseif ($clientIp === $range) {
+                $isInternalIp = true;
+                break;
+            }
+        }
+
+        if ($accessKeyInHeader == $accessKeyInEnv && !empty($accessKeyInHeader)) {
+            return $next($request);
+        } else if($isInternalIp) {
+            return $next($request);
+        } else  {
+            return response()->json(['message' => 'Access denied'], 403);
+        }
+    }
+
+
+}