<?php
    /**
     * 后台登录验证
     * 跨域处理，以及请求头token验证
     */
    header('Access-Control-Allow-Origin:*');
    header("Access-Control-Allow-Methods:GET,POST");
    header("Access-Control-Allow-Headers:Content-Type,token,X-Requested-With");
    if(strtoupper($_SERVER['REQUEST_METHOD'])== 'OPTIONS'){ 
        exit; 
    } 
    if (!isset($_SERVER['HTTP_TOKEN'])) {
        JsonResponse::error('未登录：token验证失败');
    }
    // 是否和管理员密钥保持一致
    $token = $_SERVER['HTTP_TOKEN'];
    $config = include('Common/config.php');
    $enctypt = new Encrypter();
    if (md5($enctypt->decrypt($token)) != $config['admin']) {
        JsonResponse::error('未登录：token验证失败');
    }