hsm完善+ 日志（未更新服务器）

Laravel/app/Http/Middleware/CheckSign.php

@@ -5,6 +5,7 @@
 use Closure;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
 
 class CheckSign
 {
@@ -24,11 +25,44 @@ public function handle(Request $request, Closure $next)
         $sign=$request->input('sign');
         $timeDiff = abs(time() - $time); // 获取时间差的绝对值
 
-        if ($timeDiff >= 600) return \Yz::echoError1('时间异常');
+        if ($timeDiff >= 600) {
+            Log::error('签名验证失败-时间异常', [
+                'app_id' => $app_id,
+                'time' => $time,
+                'current_time' => time(),
+                'time_diff' => $timeDiff,
+                'nonce' => $nonce,
+                'sign' => $sign,
+                'url' => $request->getPathInfo()
+            ]);
+            return \Yz::echoError1('时间异常');
+        }
+
         $cha_s=DB::table('outside_user')->where(['app_id'=>$app_id])->get();
-        if(!count($cha_s)==1) return \Yz::echoError1('第三方用户不存在');
+        if(!count($cha_s)==1) {
+            Log::error('签名验证失败-第三方用户不存在', [
+                'app_id' => $app_id,
+                'time' => $time,
+                'nonce' => $nonce,
+                'sign' => $sign,
+                'url' => $request->getPathInfo(),
+                'user_count' => count($cha_s)
+            ]);
+            return \Yz::echoError1('第三方用户不存在');
+        }
+
         $s_sign=strtoupper(md5($app_id.$time.$nonce.$cha_s[0]->app_secrect));
-        if($sign<>$s_sign) return \Yz::echoError1('签名验证失败');
+        if($sign<>$s_sign) {
+            Log::error('签名验证失败-签名不匹配', [
+                'app_id' => $app_id,
+                'time' => $time,
+                'nonce' => $nonce,
+                'client_sign' => $sign,
+                'server_sign' => $s_sign,
+                'url' => $request->getPathInfo()
+            ]);
+            return \Yz::echoError1('签名验证失败');
+        }
 
         return $next($request);
     }

Laravel/app/Http/Middleware/Log.php

@@ -4,6 +4,7 @@
 
 use Closure;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log as LaravelLog;
 use App\Services\LogService;
 
 class Log
@@ -19,38 +20,77 @@ public function handle(Request $request, Closure $next)
     {
         $insert_id=0;
         $insert_id=self::requestLog($request,$insert_id);  //记录请求时日志，不含返回信息
-        $response = $next($request);
+
+        try {
+            $response = $next($request);
+        } catch (\Throwable $e) {
+            // 捕获控制器层的异常
+            LaravelLog::error('Log中间件捕获异常-请求处理失败', [
+                'error' => $e->getMessage(),
+                'file' => $e->getFile(),
+                'line' => $e->getLine(),
+                'url' => $request->getPathInfo(),
+                'method' => $request->method(),
+                'post_data' => $request->post(),
+                'get_data' => $request->query()
+            ]);
+            throw $e;  // 重新抛出异常，让Laravel异常处理器处理
+        }
+
         if($request->getPathInfo()=='/api/v1/mH5/GetPersonPdfDetailByLink'){
             return $response;
         }
 
-        $content = $response->getContent();
-        $data = json_decode($content, true); // 解码响应内容为关联数组
+        try {
+            $content = $response->getContent();
+            $data = json_decode($content, true); // 解码响应内容为关联数组
 
-        // 在关联数组中添加 code 字段
-       // $data['code'] = 200;
-        $data['code'] = $response->getStatusCode();
-        $modifiedContent = json_encode($data,JSON_UNESCAPED_UNICODE); // 编码修改后的关联数组为 JSON 字符串
-        $response->setContent($modifiedContent);
+            // 检查JSON解码是否成功
+            if ($data === null && json_last_error() !== JSON_ERROR_NONE) {
+                LaravelLog::error('Log中间件-响应内容JSON解码失败', [
+                    'url' => $request->getPathInfo(),
+                    'json_error' => json_last_error_msg(),
+                    'content_preview' => substr($content, 0, 500),
+                    'status_code' => $response->getStatusCode()
+                ]);
+                return $response;  // 直接返回原始响应，不处理
+            }
 
-        if(env('REQUEST_LOG') and    $response->getStatusCode()==200){   //如果返回状态为200进行log
+            // 在关联数组中添加 code 字段
+           // $data['code'] = 200;
+            $data['code'] = $response->getStatusCode();
+            $modifiedContent = json_encode($data,JSON_UNESCAPED_UNICODE); // 编码修改后的关联数组为 JSON 字符串
+            $response->setContent($modifiedContent);
 
-            $ip=self::getTrustedProxiesIp();  //真实ip
-            $request_header=$request->header(); //请求头
-              //dd($response);
-            $response_data = $response->getData();  //返回data,json格式
-            $post_data=$request->post(); //post请求数据
-            $get_data=$request->query(); //get请求
-            $request_url=$request->getPathInfo();//访问的接口地址
-            $log=app()->make(LogService::class);
-            $log->RequestLog([
-                'ip'=>$ip,
-                'response_data'=>$response_data,
-                'request_header'=>$request_header,
-                'post_data'=>$post_data,
-                'get_data'=>$get_data,
-                'request_url'=>$request_url,
-            ],$insert_id);
+            if(env('REQUEST_LOG') and    $response->getStatusCode()==200){   //如果返回状态为200进行log
+
+                $ip=self::getTrustedProxiesIp();  //真实ip
+                $request_header=$request->header(); //请求头
+                  //dd($response);
+                $response_data = $response->getData();  //返回data,json格式
+                $post_data=$request->post(); //post请求数据
+                $get_data=$request->query(); //get请求
+                $request_url=$request->getPathInfo();//访问的接口地址
+                $log=app()->make(LogService::class);
+                $log->RequestLog([
+                    'ip'=>$ip,
+                    'response_data'=>$response_data,
+                    'request_header'=>$request_header,
+                    'post_data'=>$post_data,
+                    'get_data'=>$get_data,
+                    'request_url'=>$request_url,
+                ],$insert_id);
+            }
+
+        } catch (\Throwable $e) {
+            // 捕获响应处理中的异常
+            LaravelLog::error('Log中间件-响应处理失败', [
+                'error' => $e->getMessage(),
+                'file' => $e->getFile(),
+                'line' => $e->getLine(),
+                'url' => $request->getPathInfo(),
+                'trace' => $e->getTraceAsString()
+            ]);
         }
 
 

Laravel/app/Lib/HSM.php

@@ -1,6 +1,7 @@
 <?php
 namespace App\Lib;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
 
 class HSM
 {
@@ -45,13 +46,13 @@ public static function HsmDecrypt($str){
         $data=json_encode($data);
         $encryptStr=self::post($url,$data);
 
-        $r_data=json_decode($encryptStr, true);
-        if($r_data['status']==0){
-            return ['status'=>true,'data'=>hex2bin($r_data['body']['plain'])];
-        }else{
-            return ['status'=>false];
-        }
-    }
+         $r_data=json_decode($encryptStr, true);
+         if($r_data && $r_data['status']==0){
+             return ['status'=>true,'data'=>hex2bin($r_data['body']['plain'])];
+         }else{
+             return ['status'=>false];
+         }
+     }
     //计算 HMAC
     public static function Hmac($or_str)
     {
@@ -80,28 +81,60 @@ public function post($url, $data_string,$or_str='')
         curl_setopt($curl, CURLOPT_POST, true);
         curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
         curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+        curl_setopt($curl, CURLOPT_TIMEOUT, 30);              // 添加超时：最大执行时间30秒
+        curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);       // 添加超时：连接超时10秒
         curl_setopt($curl, CURLOPT_HTTPHEADER, [
             'Content-Type: application/json; charset=utf-8',
             'Content-Length: ' . strlen($data_string)
         ]);
         curl_setopt($curl, CURLOPT_POSTFIELDS, $data_string);
         $r = curl_exec($curl);
+
+        // 检查curl错误
+        if (curl_errno($curl)) {
+            $error_msg = curl_error($curl);
+            $error_code = curl_errno($curl);
+            curl_close($curl);
+
+            // 记录到Laravel日志
+            Log::error('HSM curl请求失败', [
+                'url' => $url,
+                'error_code' => $error_code,
+                'error_msg' => $error_msg,
+                'request_data' => $or_str,
+                'post_data_preview' => substr($data_string, 0, 500)
+            ]);
+
+            // 返回错误信息
+            return json_encode(['status' => 1, 'message' => 'curl错误: ' . $error_msg]);
+        }
+
         curl_close($curl);
 
         date_default_timezone_set('PRC');
         $table_name='zz_request_log_' . date('ym');
         $formatted_date= date("Y-m-d H:i:s");
-        DB::table($table_name)->insert([
-            'request_ip'=>'',
-            'response_data'=>json_encode($r, JSON_UNESCAPED_UNICODE),
-            'header_data'=>'',
-            'post_data'=>$or_str.'/'.$data_string,
-            'get_data'=>'',
-            'request_url'=>$url,
-            'create_time' => $formatted_date,
-            'update_time' => $formatted_date
 
-        ]);
+        try {
+            DB::table($table_name)->insert([
+                'request_ip'=>'',
+                'response_data'=>json_encode($r, JSON_UNESCAPED_UNICODE),
+                'header_data'=>'',
+                'post_data'=>$or_str.'/'.$data_string,
+                'get_data'=>'',
+                'request_url'=>$url,
+                'create_time' => $formatted_date,
+                'update_time' => $formatted_date
+            ]);
+        } catch (\Throwable $e) {
+            // 数据库日志记录失败不影响主流程，只记录到Laravel日志
+            Log::error('HSM数据库日志记录失败', [
+                'error' => $e->getMessage(),
+                'file' => $e->getFile(),
+                'line' => $e->getLine(),
+                'url' => $url
+            ]);
+        }
 
         return $r;
     }