Merge branch 'master' into ETA_1.2.6

# Conflicts:
#	routers/router.go
#	utils/common.go
#	utils/config.go

controllers/base_auth.go

@@ -7,11 +7,9 @@ import (
 	"eta/eta_hub/utils"
 	"fmt"
 	"github.com/beego/beego/v2/server/web"
-	"github.com/shopspring/decimal"
 	"github.com/sirupsen/logrus"
 	"net/http"
 	"net/url"
-	"reflect"
 )
 
 type BaseAuthController struct {
@@ -24,105 +22,54 @@ func (this *BaseAuthController) Prepare() {
 	uri := this.Ctx.Input.URI()
 	fmt.Println("Url:", uri)
 	if method != "HEAD" {
-		//if method == "POST" {
-		//	ok, errMsg := checkSign(this)
-		//	if !ok {
-		//		this.JSON(models.BaseResponse{Ret: 408, Msg: "签名错误！", ErrMsg: errMsg}, false, false)
-		//		this.StopRun()
-		//		return
-		//	}
-		//} else {
-		//	this.JSON(models.BaseResponse{Ret: 408, Msg: "请求异常，请联系客服!", ErrMsg: "POST之外的请求，暂不支持"}, false, false)
-		//	this.StopRun()
-		//	return
-		//}
+		//校验签名
+		nonce := this.Ctx.Input.Header("nonce")
+		timestamp := this.Ctx.Input.Header("timestamp")
+		appid := this.Ctx.Input.Header("appid")
+		signature := this.Ctx.Input.Header("signature")
+
+		if nonce == "" {
+			errMsg := "随机字符串不能为空"
+			this.JSON(models.BaseResponse{Ret: 400, Msg: "", ErrMsg: errMsg}, false, false)
+			this.StopRun()
+			return
+		}
+
+		if timestamp == "" {
+			errMsg := "时间戳不能为空"
+			this.JSON(models.BaseResponse{Ret: 400, Msg: "", ErrMsg: errMsg}, false, false)
+			this.StopRun()
+			return
+		}
+
+		if appid != utils.AppId {
+			errMsg := "商家AppId错误，请核查"
+			this.JSON(models.BaseResponse{Ret: 400, Msg: "", ErrMsg: errMsg}, false, false)
+			this.StopRun()
+			return
+		}
+
+		checkSign := utils.GetSign(nonce, timestamp)
+		if signature != checkSign {
+			errMsg := "签名错误"
+			this.JSON(models.BaseResponse{Ret: 401, Msg: "", ErrMsg: errMsg}, false, false)
+			this.StopRun()
+			return
+		}
+		if method != "GET" && method != "POST" {
+			errMsg := "无效的请求方式"
+			this.JSON(models.BaseResponse{Ret: 501, Msg: "", ErrMsg: errMsg}, false, false)
+			this.StopRun()
+			return
+		}
 	} else {
-		this.JSON(models.BaseResponse{Ret: 408, Msg: "请求异常，请联系客服!", ErrMsg: "method:" + method}, false, false)
+		this.JSON(models.BaseResponse{Ret: 500, Msg: "系统异常，请联系客服!", ErrMsg: "method:" + method}, false, false)
 		this.StopRun()
 		return
 	}
 }
 
-//func checkSign(c *BaseAuthController) (ok bool, errMsg string) {
-//	method := c.Ctx.Input.Method()
-//	signData := make(map[string]string)
-//
-//	switch method {
-//	case "GET":
-//		//requestBody = c.Ctx.Request.RequestURI
-//		params := c.Ctx.Request.URL.Query()
-//		signData = convertParam(params)
-//	case "POST":
-//		//requestBody, _ = url.QueryUnescape(string(c.Ctx.Input.RequestBody))
-//
-//		//请求类型
-//		contentType := c.Ctx.Request.Header.Get("content-type")
-//		//fmt.Println("contentType:", contentType)
-//		//fmt.Println("c.Ctx.Input.RequestBody:", string(c.Ctx.Input.RequestBody))
-//
-//		switch contentType {
-//		case "multipart/form-data":
-//			//文件最大5M
-//			err := c.Ctx.Request.ParseMultipartForm(-int64(5 << 20))
-//			if err != nil {
-//				errMsg = fmt.Sprintf("获取参数失败，%v", err)
-//				return
-//			}
-//			params := c.Ctx.Request.Form
-//			signData = convertParam(params)
-//		case "application/x-www-form-urlencoded":
-//			err := c.Ctx.Request.ParseForm()
-//			if err != nil {
-//				errMsg = fmt.Sprintf("获取参数失败，%v", err)
-//				return
-//			}
-//			params := c.Ctx.Request.Form
-//			signData = convertParam(params)
-//		case "application/json":
-//			//var v interface{}
-//			params := make(map[string]interface{})
-//			err := json.Unmarshal(c.Ctx.Input.RequestBody, &params)
-//			if err != nil {
-//				errMsg = fmt.Sprintf("获取参数失败，%v", err)
-//				return
-//			}
-//			//fmt.Println("params:", params)
-//
-//			signData = convertParamInterface(params)
-//			//tmpV := v.(map[string]string)
-//			//fmt.Println("tmpV:", tmpV)
-//			//fmt.Sprintln("list type is v%", tmpV["list"])
-//		default: //正常应该是其他方式获取解析的，暂时这么处理吧
-//			err := c.Ctx.Request.ParseForm()
-//			if err != nil {
-//				errMsg = fmt.Sprintf("获取参数失败，%v", err)
-//				return
-//			}
-//			params := c.Ctx.Request.Form
-//			signData = convertParam(params)
-//		}
-//	}
-//
-//	// 开始校验数据
-//	ip := c.Ctx.Input.IP()
-//	err := checkSignData(signData, ip)
-//	if err != nil {
-//		errMsg = fmt.Sprintf("签名校验失败，%v", err)
-//		return
-//	}
-//
-//	ok = true
-//	return
-//}
-
 func (c *BaseAuthController) ServeJSON(encoding ...bool) {
-	// 方法处理完后，需要后置处理的业务逻辑
-	//if handlerList, ok := AfterHandlerUrlMap[c.Ctx.Request.URL.Path]; ok {
-	//	for _, handler := range handlerList {
-	//		handler(c.Ctx.Input.RequestBody)
-	//	}
-	//}
-
 	//所有请求都做这么个处理吧，目前这边都是做编辑、刷新逻辑处理（新增的话，并没有指标id，不会有影响）
 	var (
 		hasIndent   = false
@@ -186,47 +133,6 @@ func (c *BaseAuthController) JSON(data interface{}, hasIndent bool, coding bool)
 	return c.Ctx.Output.Body(content)
 }
 
-// 将请求传入的数据格式转换成签名需要的格式
-func convertParam(params map[string][]string) (signData map[string]string) {
-	signData = make(map[string]string)
-	for key := range params {
-		signData[key] = params[key][0]
-	}
-	return signData
-}
-
-// 将请求传入的数据格式转换成签名需要的格式（目前只能处理简单的类型，数组、对象暂不支持）
-func convertParamInterface(params map[string]interface{}) (signData map[string]string) {
-	signData = make(map[string]string)
-	for key := range params {
-		val := ``
-		//fmt.Println("key", key, ";val:", params[key], ";type:", reflect.TypeOf(params[key]))
-		//signData[key] = params[key][0]
-		tmpVal := params[key]
-		switch reflect.TypeOf(tmpVal).Kind() {
-		case reflect.String:
-			val = fmt.Sprint(tmpVal)
-		case reflect.Int, reflect.Int16, reflect.Int64, reflect.Int32, reflect.Int8:
-			val = fmt.Sprint(tmpVal)
-		case reflect.Uint, reflect.Uint32, reflect.Uint16, reflect.Uint8, reflect.Uint64:
-			val = fmt.Sprint(tmpVal)
-		case reflect.Bool:
-			val = fmt.Sprint(tmpVal)
-		case reflect.Float64:
-			decimalNum := decimal.NewFromFloat(tmpVal.(float64))
-			val = decimalNum.String()
-			//val = strconv.FormatFloat(tmpVal.(float64), 'E', -1, 64) //float64
-		case reflect.Float32:
-			decimalNum := decimal.NewFromFloat32(tmpVal.(float32))
-			val = decimalNum.String()
-		}
-		signData[key] = val
-	}
-	return signData
-}
-
-
-
 func (c *BaseAuthController) logUri(data interface{}, requestBody, ip string) {
 	var reqData interface{}
 	err := json.Unmarshal([]byte(requestBody), &reqData)

models/base.go

@@ -1,18 +1,15 @@
 package models
 
 type BaseResponse struct {
-	Ret         int
-	Msg         string
-	ErrMsg      string
-	ErrCode     string
-	Data        interface{}
-	Success     bool `description:"true 执行成功，false 执行失败"`
-	IsSendEmail bool `json:"-" description:"true 发送邮件，false 不发送邮件"`
-	IsAddLog    bool `json:"-" description:"true 新增操作日志，false 不新增操作日志" `
+	Ret     int
+	Msg     string
+	ErrMsg  string
+	ErrCode string
+	Data    interface{}
 }
 
 func (r *BaseResponse) Init() *BaseResponse {
-	return &BaseResponse{Ret: 403, IsSendEmail: true}
+	return &BaseResponse{Ret: 403}
 }
 
 type BaseRequest struct {

utils/common.go

@@ -2,9 +2,11 @@ package utils
 
 import (
 	"bufio"
+	"crypto/hmac"
 	"crypto/md5"
 	cryRand "crypto/rand"
 	"crypto/sha1"
+	"crypto/sha256"
 	"encoding/base64"
 	"encoding/hex"
 	"encoding/json"
@@ -22,6 +24,7 @@ import (
 	"os/exec"
 	"path"
 	"regexp"
+	"sort"
 	"strconv"
 	"strings"
 	"time"
@@ -987,6 +990,40 @@ func GetLocalIP() (ip string, err error) {
 	return
 }
 
+// HmacSha256 计算HmacSha256
+// key 是加密所使用的key
+// data 是加密的内容
+func HmacSha256(key string, data string) []byte {
+	mac := hmac.New(sha256.New, []byte(key))
+	_, _ = mac.Write([]byte(data))
+
+	return mac.Sum(nil)
+}
+
+// HmacSha256ToHex 将加密后的二进制转Base64字符串
+func HmacSha256ToBase64(key string, data string) string {
+	return base64.URLEncoding.EncodeToString(HmacSha256(key, data))
+}
+
+func GetSign(nonce, timestamp string) (sign string) {
+	signStrMap := map[string]string{
+		"nonce":     nonce,
+		"timestamp": timestamp,
+		"appid":     AppId,
+	}
+	keys := make([]string, 0, len(signStrMap))
+	for k := range signStrMap {
+		keys = append(keys, k)
+	}
+	sort.Strings(keys)
+	var signStr string
+	for _, k := range keys {
+		signStr += k + "&" + signStrMap[k]
+	}
+	sign = HmacSha256ToBase64(Secret, signStr)
+	return
+}
+
 // GetLikeKeywordPars
 //
 //	@Description: 获取sql查询中的参数切片
@@ -1013,4 +1050,4 @@ func TimeTransferString(format string, t time.Time) string {
 		return ""
 	}
 	return str
-}
+}

utils/config.go

@@ -10,6 +10,7 @@ import (
 var (
 	RunMode        string //运行模式
 	MYSQL_URL      string //数据库连接
+	MYSQL_URL_DATA string
 	MYSQL_URL_RDDP string
 )
 
@@ -24,6 +25,11 @@ var (
 	LogMaxDays int //日志最大保留天数
 )
 
+var (
+	BusinessCode string //商家编码
+	AppId        string
+	Secret       string
+)
 
 // ES索引配置
 var (
@@ -38,9 +44,6 @@ var (
 	ES_PASSWORD string // ES密码
 )
 
-// BusinessCode 商家编码
-var BusinessCode string
-
 func init() {
 	tmpRunMode, err := web.AppConfig.String("run_mode")
 	if err != nil {
@@ -68,13 +71,30 @@ func init() {
 	}
 	beeLogger.Log.Info(RunMode + " 模式")
 	MYSQL_URL = config["mysql_url"]
+	MYSQL_URL_DATA = config["mysql_url_data"]
 	MYSQL_URL_RDDP = config["mysql_url_rddp"]
-
 	if RunMode == "release" {
 
 	} else {
 
 	}
+
+	//商家编码
+	BusinessCode = config["business_code"]
+	if BusinessCode == "" {
+		panic("商家编码未配置，请先配置商家编码")
+	}
+
+	AppId = config["appid"]
+	if AppId == "" {
+		panic("appid未配置")
+	}
+
+	Secret = config["secret"]
+	if Secret == "" {
+		panic("secret未配置")
+	}
+
 	//日志配置
 	{
 		LogPath = config["log_path"]
@@ -87,10 +107,6 @@ func init() {
 		LogMaxDays, _ = strconv.Atoi(logMaxDaysStr)
 	}
 
-	// 商家编码
-	BusinessCode = config["business_code"]
-
-
 	// ES 索引
 	{
 		EsReportIndexName = config["es_report_index_name"]