base_auth.go 5.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201
  1. package controllers
  2. import (
  3. "encoding/json"
  4. "errors"
  5. "eta/eta_hub/models"
  6. "eta/eta_hub/models/system"
  7. "eta/eta_hub/utils"
  8. "fmt"
  9. "github.com/beego/beego/v2/server/web"
  10. "net/http"
  11. "net/url"
  12. "strings"
  13. )
  14. type BaseAuthController struct {
  15. web.Controller
  16. SysUser *system.Admin
  17. Appid string
  18. }
  19. func (this *BaseAuthController) Prepare() {
  20. fmt.Println("enter prepare")
  21. method := this.Ctx.Input.Method()
  22. uri := this.Ctx.Input.URI()
  23. ip := this.Ctx.Input.IP()
  24. fmt.Println("Url:", uri)
  25. if method != "HEAD" {
  26. //校验签名
  27. nonce := this.Ctx.Input.Header("nonce")
  28. timestamp := this.Ctx.Input.Header("timestamp")
  29. appid := this.Ctx.Input.Header("appid")
  30. signature := this.Ctx.Input.Header("signature")
  31. this.Appid = appid
  32. checkSign, errMsg, err := getCheckSignStr(appid, nonce, timestamp, ip)
  33. if err != nil {
  34. this.JSON(models.BaseResponse{Ret: 400, Msg: errMsg, ErrMsg: errMsg}, false, false)
  35. this.StopRun()
  36. return
  37. }
  38. if signature != checkSign {
  39. fmt.Printf("用户提交签名:%s;\n系统生成签名:%s\n", signature, checkSign)
  40. errMsg := "签名错误"
  41. this.JSON(models.BaseResponse{Ret: 401, Msg: "", ErrMsg: errMsg}, false, false)
  42. this.StopRun()
  43. return
  44. }
  45. if method != "GET" && method != "POST" {
  46. errMsg := "无效的请求方式"
  47. this.JSON(models.BaseResponse{Ret: 501, Msg: "", ErrMsg: errMsg}, false, false)
  48. this.StopRun()
  49. return
  50. }
  51. } else {
  52. this.JSON(models.BaseResponse{Ret: 500, Msg: "系统异常,请联系客服!", ErrMsg: "method:" + method}, false, false)
  53. this.StopRun()
  54. return
  55. }
  56. }
  57. func (c *BaseAuthController) ServeJSON(encoding ...bool) {
  58. //所有请求都做这么个处理吧,目前这边都是做编辑、刷新逻辑处理(新增的话,并没有指标id,不会有影响)
  59. var (
  60. hasIndent = false
  61. hasEncoding = false
  62. )
  63. if web.BConfig.RunMode == web.PROD {
  64. hasIndent = false
  65. }
  66. if len(encoding) > 0 && encoding[0] == true {
  67. hasEncoding = true
  68. }
  69. if c.Data["json"] == nil {
  70. //go utils.SendEmail("异常提醒:", "接口:"+"URI:"+c.Ctx.Input.URI()+";无返回值", utils.EmailSendToUsers)
  71. //body := "接口:" + "URI:" + c.Ctx.Input.URI() + ";无返回值"
  72. //go alarm_msg.SendAlarmMsg(body, 1)
  73. return
  74. }
  75. baseRes := c.Data["json"].(*models.BaseResponse)
  76. if baseRes != nil && baseRes.Ret != 408 {
  77. //body, _ := json.Marshal(baseRes)
  78. //var requestBody string
  79. //method := c.Ctx.Input.Method()
  80. //if method == "GET" {
  81. // requestBody = c.Ctx.Request.RequestURI
  82. //} else {
  83. // requestBody, _ = url.QueryUnescape(string(c.Ctx.Input.RequestBody))
  84. //}
  85. //if baseRes.Ret != 200 && baseRes.IsSendEmail {
  86. // go utils.SendEmail(utils.APP_NAME_CN+"【"+utils.RunMode+"】"+"失败提醒", "URI:"+c.Ctx.Input.URI()+"<br/> "+"Params"+requestBody+" <br/>"+"ErrMsg:"+baseRes.ErrMsg+";<br/>Msg:"+baseRes.Msg+";<br/> Body:"+string(body)+"<br/>", utils.EmailSendToUsers)
  87. //}
  88. // 记录错误日志, 并清掉错误信息避免暴露给外部
  89. //if baseRes.ErrMsg != "" {
  90. // utils.FileLog.Info(baseRes.ErrMsg)
  91. // baseRes.ErrMsg = ""
  92. //}
  93. }
  94. c.JSON(c.Data["json"], hasIndent, hasEncoding)
  95. }
  96. func (c *BaseAuthController) JSON(data interface{}, hasIndent bool, coding bool) error {
  97. c.Ctx.Output.Header("Content-Type", "application/json; charset=utf-8")
  98. var content []byte
  99. var err error
  100. if hasIndent {
  101. content, err = json.MarshalIndent(data, "", " ")
  102. } else {
  103. content, err = json.Marshal(data)
  104. }
  105. if err != nil {
  106. http.Error(c.Ctx.Output.Context.ResponseWriter, err.Error(), http.StatusInternalServerError)
  107. return err
  108. }
  109. ip := c.Ctx.Input.IP()
  110. requestBody, err := url.QueryUnescape(string(c.Ctx.Input.RequestBody))
  111. if err != nil {
  112. requestBody = string(c.Ctx.Input.RequestBody)
  113. }
  114. if requestBody == "" {
  115. requestBody = c.Ctx.Input.URI()
  116. }
  117. c.logUri(content, requestBody, ip)
  118. if coding {
  119. content = []byte(utils.StringsToJSON(string(content)))
  120. }
  121. return c.Ctx.Output.Body(content)
  122. }
  123. func (c *BaseAuthController) logUri(respContent []byte, requestBody, ip string) {
  124. var reqData interface{}
  125. err := json.Unmarshal([]byte(requestBody), &reqData)
  126. if err != nil {
  127. utils.ApiLog.Info("uri:%s, requestBody:%s, ip:%s", c.Ctx.Input.URI(), requestBody, ip)
  128. } else {
  129. utils.ApiLog.Info("uri:%s, requestBody:%s, ip:%s", c.Ctx.Input.URI(), requestBody, ip)
  130. }
  131. return
  132. }
  133. // getCheckSignStr
  134. // @Description: 获取校验签名字符串
  135. // @author: Roc
  136. // @datetime 2025-07-03 16:51:30
  137. // @param appid string
  138. // @param nonce string
  139. // @param timestamp string
  140. // @param ip string
  141. // @return checkSignStr string
  142. // @return errMsg string
  143. // @return err error
  144. func getCheckSignStr(appid, nonce, timestamp, ip string) (checkSignStr, errMsg string, err error) {
  145. if nonce == "" {
  146. errMsg = "随机字符串不能为空"
  147. err = errors.New(errMsg)
  148. return
  149. }
  150. if timestamp == "" {
  151. errMsg = "时间戳不能为空"
  152. err = errors.New(errMsg)
  153. return
  154. }
  155. secret := utils.Secret
  156. if appid != utils.AppId {
  157. openApiUserInfo, tmpErr := models.GetByAppid(appid)
  158. if tmpErr != nil {
  159. if tmpErr.Error() == utils.ErrNoRow() {
  160. errMsg = "商家AppId错误,请核查"
  161. } else {
  162. err = errors.New("系统异常,请联系管理员")
  163. }
  164. err = errors.New(errMsg)
  165. return
  166. }
  167. if openApiUserInfo == nil {
  168. errMsg = "商家AppId错误,请核查"
  169. err = errors.New(errMsg)
  170. return
  171. }
  172. //如果有ip限制,那么就添加ip
  173. if openApiUserInfo.Ip != "" {
  174. if !strings.Contains(openApiUserInfo.Ip, ip) {
  175. errMsg = fmt.Sprintf("无权限访问该接口,ip:%v,请联系管理员", ip)
  176. err = errors.New(errMsg)
  177. return
  178. }
  179. }
  180. secret = openApiUserInfo.Secret
  181. }
  182. checkSignStr = utils.GetSignV2(nonce, timestamp, appid, secret)
  183. return
  184. }