base_auth.go 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173
  1. package controllers
  2. import (
  3. "encoding/json"
  4. "eta/eta_mini_bridge/models"
  5. "eta/eta_mini_bridge/utils"
  6. "fmt"
  7. "net/http"
  8. "net/url"
  9. "strings"
  10. "github.com/beego/beego/v2/server/web"
  11. )
  12. type BaseAuthController struct {
  13. web.Controller
  14. Token string
  15. }
  16. func (this *BaseAuthController) Prepare() {
  17. method := this.Ctx.Input.Method()
  18. uri := this.Ctx.Input.URI()
  19. fmt.Println("Url:", uri)
  20. header := this.Ctx.Request.Header
  21. headerBody, err := json.Marshal(header)
  22. fmt.Println(err)
  23. fmt.Println("header:" + string(headerBody))
  24. if method != "HEAD" {
  25. //校验签名
  26. nonce := this.Ctx.Input.Header("Nonce")
  27. timestamp := this.Ctx.Input.Header("Timestamp")
  28. appid := this.Ctx.Input.Header("Appid")
  29. signature := this.Ctx.Input.Header("Signature")
  30. if nonce == "" {
  31. errMsg := "随机字符串不能为空"
  32. this.JSON(models.BaseResponse{Ret: 400, Msg: "", ErrMsg: errMsg}, false, false)
  33. this.StopRun()
  34. return
  35. }
  36. if timestamp == "" {
  37. errMsg := "时间戳不能为空"
  38. this.JSON(models.BaseResponse{Ret: 400, Msg: "", ErrMsg: errMsg}, false, false)
  39. this.StopRun()
  40. return
  41. }
  42. checkSign := utils.GetSign(nonce, timestamp, appid, utils.ETA_MINI_API_SECRET)
  43. if signature != checkSign {
  44. errMsg := "签名错误"
  45. this.JSON(models.BaseResponse{Ret: 401, Msg: "", ErrMsg: errMsg}, false, false)
  46. this.StopRun()
  47. return
  48. }
  49. if method != "GET" && method != "POST" {
  50. errMsg := "无效的请求方式"
  51. this.JSON(models.BaseResponse{Ret: 501, Msg: "", ErrMsg: errMsg}, false, false)
  52. this.StopRun()
  53. return
  54. }
  55. } else {
  56. this.JSON(models.BaseResponse{Ret: 500, Msg: "系统异常,请联系客服!", ErrMsg: "method:" + method}, false, false)
  57. this.StopRun()
  58. return
  59. }
  60. }
  61. func (c *BaseAuthController) ServeJSON(encoding ...bool) {
  62. //所有请求都做这么个处理吧,目前这边都是做编辑、刷新逻辑处理(新增的话,并没有指标id,不会有影响)
  63. var (
  64. hasIndent = false
  65. hasEncoding = false
  66. )
  67. if web.BConfig.RunMode == web.PROD {
  68. hasIndent = false
  69. }
  70. if len(encoding) > 0 && encoding[0] == true {
  71. hasEncoding = true
  72. }
  73. if c.Data["json"] == nil {
  74. utils.ApiLog.Info("异常提醒:", "接口:"+"URI:"+c.Ctx.Input.URI()+";无返回值")
  75. return
  76. }
  77. baseRes := c.Data["json"].(*models.BaseResponse)
  78. if baseRes != nil && baseRes.Ret != 408 {
  79. body, _ := json.Marshal(baseRes)
  80. var requestBody string
  81. method := c.Ctx.Input.Method()
  82. if method == "GET" {
  83. requestBody = c.Ctx.Request.RequestURI
  84. } else {
  85. requestBody, _ = url.QueryUnescape(string(c.Ctx.Input.RequestBody))
  86. }
  87. if baseRes.Ret != 200 {
  88. content := "URI:" + c.Ctx.Input.URI() + "<br/> " + "Params" + requestBody + " <br/>" + "ErrMsg:" + baseRes.ErrMsg + ";<br/>Msg:" + baseRes.Msg + ";<br/> Body:" + string(body) + "<br/>"
  89. utils.ApiLog.Notice(content)
  90. }
  91. }
  92. c.JSON(c.Data["json"], hasIndent, hasEncoding)
  93. }
  94. func (c *BaseAuthController) JSON(data interface{}, hasIndent bool, coding bool) error {
  95. c.Ctx.Output.Header("Content-Type", "application/json; charset=utf-8")
  96. var content []byte
  97. var err error
  98. if hasIndent {
  99. content, err = json.MarshalIndent(data, "", " ")
  100. } else {
  101. content, err = json.Marshal(data)
  102. }
  103. if err != nil {
  104. http.Error(c.Ctx.Output.Context.ResponseWriter, err.Error(), http.StatusInternalServerError)
  105. return err
  106. }
  107. ip := c.Ctx.Input.IP()
  108. requestBody, err := url.QueryUnescape(string(c.Ctx.Input.RequestBody))
  109. if err != nil {
  110. requestBody = string(c.Ctx.Input.RequestBody)
  111. }
  112. if requestBody == "" {
  113. requestBody = c.Ctx.Input.URI()
  114. }
  115. c.logUri(content, requestBody, ip)
  116. if coding {
  117. content = []byte(utils.StringsToJSON(string(content)))
  118. }
  119. return c.Ctx.Output.Body(content)
  120. }
  121. func (c *BaseAuthController) logUri(respContent []byte, requestBody, ip string) {
  122. authorization := ""
  123. method := c.Ctx.Input.Method()
  124. uri := c.Ctx.Input.URI()
  125. if method != "HEAD" {
  126. if method == "POST" || method == "GET" {
  127. authorization = c.Ctx.Input.Header("authorization")
  128. if authorization == "" {
  129. authorization = c.Ctx.Input.Header("Authorization")
  130. }
  131. if authorization == "" {
  132. newAuthorization := c.GetString("authorization")
  133. if newAuthorization != `` {
  134. authorization = "authorization=" + newAuthorization
  135. } else {
  136. newAuthorization = c.GetString("Authorization")
  137. authorization = "authorization=" + newAuthorization
  138. }
  139. } else {
  140. if strings.Contains(authorization, ";") {
  141. authorization = strings.Replace(authorization, ";", "$", 1)
  142. }
  143. }
  144. if authorization == "" {
  145. strArr := strings.Split(uri, "?")
  146. for k, v := range strArr {
  147. fmt.Println(k, v)
  148. }
  149. if len(strArr) > 1 {
  150. authorization = strArr[1]
  151. authorization = strings.Replace(authorization, "Authorization", "authorization", -1)
  152. fmt.Println(authorization)
  153. }
  154. }
  155. }
  156. }
  157. utils.ApiLog.Info("uri:%s, authorization:%s, requestBody:%s, responseBody:%s, ip:%s", c.Ctx.Input.URI(), authorization, requestBody, respContent, ip)
  158. return
  159. }