|
@@ -2,6 +2,7 @@ package controllers
|
|
|
|
|
|
import (
|
|
|
"encoding/json"
|
|
|
+ "errors"
|
|
|
"eta/eta_hub/models"
|
|
|
"eta/eta_hub/models/system"
|
|
|
"eta/eta_hub/utils"
|
|
@@ -9,6 +10,7 @@ import (
|
|
|
"github.com/beego/beego/v2/server/web"
|
|
|
"net/http"
|
|
|
"net/url"
|
|
|
+ "strings"
|
|
|
)
|
|
|
|
|
|
type BaseAuthController struct {
|
|
@@ -21,6 +23,7 @@ func (this *BaseAuthController) Prepare() {
|
|
|
fmt.Println("enter prepare")
|
|
|
method := this.Ctx.Input.Method()
|
|
|
uri := this.Ctx.Input.URI()
|
|
|
+ ip := this.Ctx.Input.IP()
|
|
|
fmt.Println("Url:", uri)
|
|
|
if method != "HEAD" {
|
|
|
//校验签名
|
|
@@ -30,28 +33,12 @@ func (this *BaseAuthController) Prepare() {
|
|
|
signature := this.Ctx.Input.Header("signature")
|
|
|
this.Appid = appid
|
|
|
|
|
|
- if nonce == "" {
|
|
|
- errMsg := "随机字符串不能为空"
|
|
|
- this.JSON(models.BaseResponse{Ret: 400, Msg: "", ErrMsg: errMsg}, false, false)
|
|
|
+ checkSign, errMsg, err := getCheckSignStr(appid, nonce, timestamp, ip)
|
|
|
+ if err != nil {
|
|
|
+ this.JSON(models.BaseResponse{Ret: 400, Msg: errMsg, ErrMsg: errMsg}, false, false)
|
|
|
this.StopRun()
|
|
|
return
|
|
|
}
|
|
|
-
|
|
|
- if timestamp == "" {
|
|
|
- errMsg := "时间戳不能为空"
|
|
|
- this.JSON(models.BaseResponse{Ret: 400, Msg: "", ErrMsg: errMsg}, false, false)
|
|
|
- this.StopRun()
|
|
|
- return
|
|
|
- }
|
|
|
-
|
|
|
- if appid != utils.AppId {
|
|
|
- errMsg := "商家AppId错误,请核查"
|
|
|
- this.JSON(models.BaseResponse{Ret: 400, Msg: "", ErrMsg: errMsg}, false, false)
|
|
|
- this.StopRun()
|
|
|
- return
|
|
|
- }
|
|
|
-
|
|
|
- checkSign := utils.GetSign(nonce, timestamp)
|
|
|
if signature != checkSign {
|
|
|
fmt.Printf("用户提交签名:%s;\n系统生成签名:%s\n", signature, checkSign)
|
|
|
errMsg := "签名错误"
|
|
@@ -152,3 +139,63 @@ func (c *BaseAuthController) logUri(respContent []byte, requestBody, ip string)
|
|
|
}
|
|
|
return
|
|
|
}
|
|
|
+
|
|
|
+// getCheckSignStr
|
|
|
+// @Description: 获取校验签名字符串
|
|
|
+// @author: Roc
|
|
|
+// @datetime 2025-07-03 16:51:30
|
|
|
+// @param appid string
|
|
|
+// @param nonce string
|
|
|
+// @param timestamp string
|
|
|
+// @param ip string
|
|
|
+// @return checkSignStr string
|
|
|
+// @return errMsg string
|
|
|
+// @return err error
|
|
|
+func getCheckSignStr(appid, nonce, timestamp, ip string) (checkSignStr, errMsg string, err error) {
|
|
|
+ if nonce == "" {
|
|
|
+ errMsg = "随机字符串不能为空"
|
|
|
+ err = errors.New(errMsg)
|
|
|
+ return
|
|
|
+ }
|
|
|
+
|
|
|
+ if timestamp == "" {
|
|
|
+ errMsg = "时间戳不能为空"
|
|
|
+ err = errors.New(errMsg)
|
|
|
+ return
|
|
|
+ }
|
|
|
+
|
|
|
+ secret := utils.Secret
|
|
|
+
|
|
|
+ if appid != utils.AppId {
|
|
|
+ openApiUserInfo, tmpErr := models.GetByAppid(appid)
|
|
|
+ if tmpErr != nil {
|
|
|
+ if tmpErr.Error() == utils.ErrNoRow() {
|
|
|
+ errMsg = "商家AppId错误,请核查"
|
|
|
+ } else {
|
|
|
+ err = errors.New("系统异常,请联系管理员")
|
|
|
+ }
|
|
|
+ err = errors.New(errMsg)
|
|
|
+ return
|
|
|
+ }
|
|
|
+
|
|
|
+ if openApiUserInfo == nil {
|
|
|
+ errMsg = "商家AppId错误,请核查"
|
|
|
+ err = errors.New(errMsg)
|
|
|
+ return
|
|
|
+ }
|
|
|
+
|
|
|
+ //如果有ip限制,那么就添加ip
|
|
|
+ if openApiUserInfo.Ip != "" {
|
|
|
+ if !strings.Contains(openApiUserInfo.Ip, ip) {
|
|
|
+ errMsg = fmt.Sprintf("无权限访问该接口,ip:%v,请联系管理员", ip)
|
|
|
+ err = errors.New(errMsg)
|
|
|
+ return
|
|
|
+ }
|
|
|
+ }
|
|
|
+ secret = openApiUserInfo.Secret
|
|
|
+ }
|
|
|
+
|
|
|
+ checkSignStr = utils.GetSignV2(nonce, timestamp, appid, secret)
|
|
|
+
|
|
|
+ return
|
|
|
+}
|