PHPackages trappistes/api-sign - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [API Development](/categories/api) 4. / 5. trappistes/api-sign ActiveLibrary[API Development](/categories/api) trappistes/api-sign =================== Laravel API 签名校验 1.1.2(2y ago)127MITPHP Since May 15Pushed 2y ago1 watchersCompare [ Source](https://github.com/trappistes/api-sign)[ Packagist](https://packagist.org/packages/trappistes/api-sign)[ RSS](/packages/trappistes-api-sign/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (6)Used By (0) API 签名校验 ======== [](#api-签名校验) 介绍 -- [](#介绍) Laravel/Lumen API 签名校验包 安装教程 ---- [](#安装教程) ### Laravel [](#laravel) 首选安装包 ``` composer require trappistes/api-sign ``` 发布资源(非必须),仅在需要调整表数据结构时使用 ``` php artisan vendor:publish ``` 执行迁移 ``` php artisan migrate ``` 注册路由中间件,在 app/Http/Kernel.php 中添加 ``` protected $routeMiddleware = [ 'sign' => \Trappistes\ApiSign\Middlewares\SignatureValidate::class ]; ``` ### Lumen [](#lumen) 首选安装包 ``` composer require trappistes/api-sign ``` 需要手动注册服务,在 bootstrap/app.php 中添加 ``` $app->register(\Trappistes\ApiSign\SignatureServiceProvider::class); ``` 发布资源(非必须),仅在需要调整表数据结构时使用 ``` 将 database/migrations/create_access_keys_table.php 复制到 database/migrations 目录下 ``` 执行迁移 ``` php artisan migrate ``` 注册路由中间件, 在 bootstrap/app.php 中添加 ``` $app->routeMiddleware([ 'sign' => \Trappistes\ApiSign\Middlewares\SignatureValidate::class ]); ``` 使用 -- [](#使用) #### 请求参数 [](#请求参数) 参数名类型是否必须描述Signature-Access-Keystring是应用KeySignature-Methodstring否签名类型,默认:md5(支持md5,hmacsha256)Signature-Noncestring是一次性验证随机字符串,长度1-32位任意字符(建议使用时间戳+随机字符串)Signature-Timestampstring是签名时间戳,有效期600s($ttl参数控制)Signature-Stringstring是签名字符串,参考签名规则#### 业务参数 [](#业务参数) > 如果API本身有业务级的参数也必须传入。如:[http://endpoint.com/api/users?group\_id=1&active=1&foo=bar](http://endpoint.com/api/users?group_id=1&active=1&foo=bar)... group\_id=1 active=1 foo=bar 等query\_param需要进行签名。 #### 签名方法 [](#签名方法) 1. 对除`sign`参数外的所有API请求参数(包括公共参数access\_key,method,nonce,timestamp,(不含sign-string)和业务请求参数),根据参数名称的ASCII码表的顺序排序。 如:`foo=1, bar=2, foo_bar=3, foobar=4`排序后的顺序是 `bar=2, foo=1, foo_bar=3, foobar=4`; 2. 将排序好的参数名和参数值拼装在一起,根据上面的示例得到的结果为:`bar2foo1foo_bar3foobar4`; 3. 把拼装好的字符串采用utf-8编码,使用签名算法对编码后的字符串进行摘要; 如:`md5(bar2foo1foo_bar3foobar4 + secret)`,`hash_hmac('sha256', bar2foo1foo_bar3foobar4 + secret, secret)`; 4. 将摘要得到的字节结果使用大写表示。如:`strtoupper($sign_string)`; #### 后端校验方法 [](#后端校验方法) 在需要校验的路由上使用中间件校验 Laravel ``` Route::resource('user',UserController::class)->middleware('sign'); ``` Lumen ``` $router->get('admin/profile','AdminController@showProfile'])->middleware('sign') ``` #### key & secret 管理(略)CURD自行实现 [](#key--secret-管理略curd自行实现) Trappistes\\ApiSign\\Models\\AccessKey; ### Health Score 23 — LowBetter than 27% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity9 Limited adoption so far Community7 Small or concentrated contributor base Maturity48 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~4 days Total 5 Last Release 1073d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/4838f3fd4fa1be60d877abbbacd4432d7cab7fa25711cfc1343779d9f6c8473d?d=identicon)[一百万个答案](/maintainers/%E4%B8%80%E7%99%BE%E4%B8%87%E4%B8%AA%E7%AD%94%E6%A1%88) --- Top Contributors [![trappistes](https://avatars.githubusercontent.com/u/7021963?v=4)](https://github.com/trappistes "trappistes (10 commits)") ### Embed Badge ![Health badge](/badges/trappistes-api-sign/health.svg) ``` [![Health](https://phpackages.com/badges/trappistes-api-sign/health.svg)](https://phpackages.com/packages/trappistes-api-sign) ``` ### Alternatives [stripe/stripe-php Stripe PHP Library 4.0k143.3M475](/packages/stripe-stripe-php)[twilio/sdk A PHP wrapper for Twilio's API 1.6k92.9M270](/packages/twilio-sdk)[knplabs/github-api GitHub API v3 client 2.2k15.8M187](/packages/knplabs-github-api)[facebook/php-business-sdk PHP SDK for Facebook Business 90121.9M34](/packages/facebook-php-business-sdk)[meilisearch/meilisearch-php PHP wrapper for the Meilisearch API 73813.7M114](/packages/meilisearch-meilisearch-php)[google/gax Google API Core for PHP 263103.1M453](/packages/google-gax) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)