php Basic HTTP与Digest HTTP 应用
Basic HTTP 认证范例
<?php
//Basic HTTP 认证
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="test"');
header('HTTP/1.0 401 Unauthorized');
} else {
if($_SERVER['PHP_AUTH_USER']=='admin' && $_SERVER['PHP_AUTH_PW']=='123456'){
echo "<p>HI {$_SERVER['PHP_AUTH_USER']}.</p>";
echo "<p>恭喜你登录成功!</p>";
}else{
header('WWW-Authenticate: Basic realm="test"');
header('HTTP/1.0 401 Unauthorized');
}
}
?>
Digest HTTP 认证范例
<?php
$realm = 'Restricted area';
$username = 'ser'; //帐号
$passowrd = '666666'; //密码
if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
header('HTTP/1.1 401 Unauthorization Required'); //此头弹出登录窗口
header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth", nonce="'.uniqid().'", opaque="'.md5($realm).'"');
die('您取消了本次登录,若重新登录,请刷新此页面。');
}else{
//使用函数http_digest_parse解析验证信息
if (!($data = http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) || $data['username']!=$username){
header("HTTP/1.1 401 Unauthorization Required");
header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth", nonce="'.uniqid().'", opaque="'.md5($realm).'"');//IE 8 需要重新发送,不然不弹窗
die('账号错误!');
}
//拼接字符串
$A1 = md5($username . ':' . $realm . ':' . $passowrd);
$A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);
if ($data['response'] != $valid_response){
header("HTTP/1.1 401 Unauthorization Required");
header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth", nonce="'.uniqid().'", opaque="'.md5($realm).'"');
die('账号/密码错误!');
}
echo 'Hi '.$username.',恭喜你登录成功!';
}
// 解析字符串方法
function http_digest_parse($txt)
{
// protect against missing data
$needed_parts = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1, 'uri'=>1, 'response'=>1);
$data = array();
preg_match_all('@(\w+)=([\'"]?)([a-zA-Z0-9=./\_-]+)\2@', $txt, $matches, PREG_SET_ORDER);
//print_r($matches);
foreach ($matches as $m) {
$data[$m[1]] = $m[3];
unset($needed_parts[$m[1]]);
}
return $needed_parts ? false : $data;
}
?>
