Home Explore Help
Sign In
youyou
/
dms-api
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 0c53860d25
Branches Tags
dms-api
/
config
/
plugin
/
webman
/
push
/
route.php

route.php 3.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * This file is part of webman.
    4. 

  4.  *
    5. 

  5.  * Licensed under The MIT License
    6. 

  6.  * For full copyright and license information, please see the MIT-LICENSE.txt
    7. 

  7.  * Redistributions of files must retain the above copyright notice.
    8. 

  8.  *
    9. 

  9.  * @author    walkor<walkor@workerman.net>
    10. 

  10.  * @copyright walkor<walkor@workerman.net>
    11. 

  11.  * @link      http://www.workerman.net/
    12. 

  12.  * @license   http://www.opensource.org/licenses/mit-license.php MIT License
    13. 

  13.  */
    14. 

  14. 

  15. use support\Request;
    16. 

  16. use Webman\Route;
    17. 

  17. use Webman\Push\Api;
    18. 

  18. 

  19. /**
    20. 

  20.  * 推送js客户端文件
    21. 

  21.  */
    22. 

  22. Route::get('/plugin/webman/push/push.js', function (Request $request) {
    23. 

  23.     return response()->file(base_path().'/vendor/webman/push/src/push.js');
    24. 

  24. });
    25. 

  25. 

  26. /**
    27. 

  27.  * 私有频道鉴权,这里应该使用session辨别当前用户身份,然后确定该用户是否有权限监听channel_name
    28. 

  28.  */
    29. 

  29. Route::post(config('plugin.webman.push.app.auth'), function (Request $request) {
    30. 

  30.     $pusher = new Api(str_replace('0.0.0.0', '127.0.0.1', config('plugin.webman.push.app.api')), config('plugin.webman.push.app.app_key'), config('plugin.webman.push.app.app_secret'));
    31. 

  31.     $channel_name = $request->post('channel_name');
    32. 

  32.     $session = $request->session();
    33. 

  33.     // 这里应该通过session和channel_name判断当前用户是否有权限监听channel_name
    34. 

  34.     $has_authority = true;
    35. 

  35.     if ($has_authority) {
    36. 

  36.         return response($pusher->socketAuth($channel_name, $request->post('socket_id')));
    37. 

  37.     } else {
    38. 

  38.         return response('Forbidden', 403);
    39. 

  39.     }
    40. 

  40. });
    41. 

  41. 

  42. /**
    43. 

  43.  * 当频道上线以及下线时触发的回调
    44. 

  44.  * 频道上线:是指某个频道从没有连接在线到有连接在线的事件
    45. 

  45.  * 频道下线:是指某个频道的所有连接都断开触发的事件
    46. 

  46.  */
    47. 

  47. Route::post(parse_url(config('plugin.webman.push.app.channel_hook'), PHP_URL_PATH), function (Request $request) {
    48. 

  48. 

  49.     // 没有x-pusher-signature头视为伪造请求
    50. 

  50.     if (!$webhook_signature = $request->header('x-pusher-signature')) {
    51. 

  51.         return response('401 Not authenticated', 401);
    52. 

  52.     }
    53. 

  53. 

  54.     $body = $request->rawBody();
    55. 

  55. 

  56.     // 计算签名,$app_secret 是双方使用的密钥,是保密的,外部无从得知
    57. 

  57.     $expected_signature = hash_hmac('sha256', $body, config('plugin.webman.push.app.app_secret'), false);
    58. 

  58. 

  59.     // 安全校验,如果签名不一致可能是伪造的请求,返回401状态码
    60. 

  60.     if ($webhook_signature !== $expected_signature) {
    61. 

  61.         return response('401 Not authenticated', 401);
    62. 

  62.     }
    63. 

  63. 

  64.     // 这里存储这上线 下线的channel数据
    65. 

  65.     $payload = json_decode($body, true);
    66. 

  66. 

  67.     $channels_online = $channels_offline = [];
    68. 

  68. 

  69.     foreach ($payload['events'] as $event) {
    70. 

  70.         if ($event['name'] === 'channel_added') {
    71. 

  71.             $channels_online[] = $event['channel'];
    72. 

  72.         } else if ($event['name'] === 'channel_removed') {
    73. 

  73.             $channels_offline[] = $event['channel'];
    74. 

  74.         }
    75. 

  75.     }
    76. 

  76. 

  77.     // 业务根据需要处理上下线的channel,例如将在线状态写入数据库,通知其它channel等
    78. 

  78.     // 上线的所有channel
    79. 

  79.     echo 'online channels: ' . implode(',', $channels_online) . "\n";
    80. 

  80.     // 下线的所有channel
    81. 

  81.     echo 'offline channels: ' . implode(',', $channels_offline) . "\n";
    82. 

  82. 

  83.     return 'OK';
    84. 

  84. });
    85. 

  85. 

  86. 

  87.