danny50610/VerifyBaHaData.php

## VerifyBaHaData.php
<?php

namespace App\Http\Middleware;

use Closure;

class VerifyBaHaData
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $signature = $request->header('x-baha-data-signature');
        if (is_null($signature)) {
            return response()->json(['msg' => 'Need signature']);
        }

        // 未來需要考慮多 bot 的情況
        $app_secret = config('services.haha-gamer.bot.magic_conch.app_secret');
        if (empty($app_secret)) {
            return response()->json(['msg' => 'App secret is empty']);
        }

        if (!hash_equals($signature,
            'sha1=' . hash_hmac('sha1', $request->getContent(), $app_secret))) {
            return response()->json(['msg' => 'Wrong signature']);
        }

        return $next($request);
    }
}
	<?php

	namespace App\Http\Middleware;

	use Closure;

	class VerifyBaHaData
	{
	/**
	* Handle an incoming request.
	*
	* @param \Illuminate\Http\Request $request
	* @param \Closure $next
	* @return mixed
	*/
	public function handle($request, Closure $next)
	{
	$signature = $request->header('x-baha-data-signature');
	if (is_null($signature)) {
	return response()->json(['msg' => 'Need signature']);
	}

	// 未來需要考慮多 bot 的情況
	$app_secret = config('services.haha-gamer.bot.magic_conch.app_secret');
	if (empty($app_secret)) {
	return response()->json(['msg' => 'App secret is empty']);
	}

	if (!hash_equals($signature,
	'sha1=' . hash_hmac('sha1', $request->getContent(), $app_secret))) {
	return response()->json(['msg' => 'Wrong signature']);
	}

	return $next($request);
	}
	}