Shulou(Shulou.com)06/03 Report--

This article mainly introduces "what are the three mechanisms of php interface security". In daily operation, I believe many people have doubts about what the three mechanisms of php interface security are. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful for you to answer the doubts about "what are the three mechanisms of php interface security?" Next, please follow the editor to study!

1. Token authorization mechanism, after the user logs in with a user name and password, the server returns the Token to the client.

2. Timeout mechanism. Users will bring the current timestamp timestamp with each request.

After the server receives the timestamp, compared with the current time, if the time difference is greater than a certain time (for example, 5 minutes), the request is considered invalid. Timestamp timeout mechanism is an effective means to defend against DOS attacks.

3. Signature mechanism.

Add other request parameters to the Token and timestamp, and then encrypt them with the MD5 or SHA-1 algorithm.

Example

/ * * @ desc accepts parameter processing * / private function dealParam () {/ / accepts header parameter-system parameter $systemParam=getAllHeadersParam (); / / accepts body data-business parameter (json format) $data=file_get_contents ('php://input'); / / reads private key information in configuration file $api_apiKey=C (' api_apiKey'); $privatekey=$api_apiKey [$systemParam ['token']] $arr ['token'] = $systemParam [' token']; / / identity assigned by the server (different clients need to use different identities) $arr ['timestamp'] = $systemParam [' timestamp']; / / timestamp, UTC time, subject to Beijing time Zone 8 (+ 8) $arr ['version'] = $systemParam [' version']; / / version number $arr ['sign'] = $systemParam [' sign'] / / sign $arr ['source'] = $systemParam [' source']; / / Source (0-Android / 1-IOS/2-H5/3-PC/4-php/5-java) $arr ['data'] = json_decode ($data,true); / / Business parameter json format $arr [' method'] = $data ['method']; / / access interface, format: model name. Method name return $arr;} at this point, the study on "what are the three mechanisms of php interface security" is over, hoping to solve everyone's doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.