eta_server
/
eta_hub


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201
							package controllers

import (
	"encoding/json"
	"errors"
	"eta/eta_hub/models"
	"eta/eta_hub/models/system"
	"eta/eta_hub/utils"
	"fmt"
	"github.com/beego/beego/v2/server/web"
	"net/http"
	"net/url"
	"strings"
)

type BaseAuthController struct {
	web.Controller
	SysUser *system.Admin
	Appid   string
}

func (this *BaseAuthController) Prepare() {
	fmt.Println("enter prepare")
	method := this.Ctx.Input.Method()
	uri := this.Ctx.Input.URI()
	ip := this.Ctx.Input.IP()
	fmt.Println("Url:", uri)
	if method != "HEAD" {
		//校验签名
		nonce := this.Ctx.Input.Header("nonce")
		timestamp := this.Ctx.Input.Header("timestamp")
		appid := this.Ctx.Input.Header("appid")
		signature := this.Ctx.Input.Header("signature")
		this.Appid = appid

		checkSign, errMsg, err := getCheckSignStr(appid, nonce, timestamp, ip)
		if err != nil {
			this.JSON(models.BaseResponse{Ret: 400, Msg: errMsg, ErrMsg: errMsg}, false, false)
			this.StopRun()
			return
		}
		if signature != checkSign {
			fmt.Printf("用户提交签名：%s；\n系统生成签名：%s\n", signature, checkSign)
			errMsg := "签名错误"
			this.JSON(models.BaseResponse{Ret: 401, Msg: "", ErrMsg: errMsg}, false, false)
			this.StopRun()
			return
		}
		if method != "GET" && method != "POST" {
			errMsg := "无效的请求方式"
			this.JSON(models.BaseResponse{Ret: 501, Msg: "", ErrMsg: errMsg}, false, false)
			this.StopRun()
			return
		}
	} else {
		this.JSON(models.BaseResponse{Ret: 500, Msg: "系统异常，请联系客服!", ErrMsg: "method:" + method}, false, false)
		this.StopRun()
		return
	}
}

func (c *BaseAuthController) ServeJSON(encoding ...bool) {
	//所有请求都做这么个处理吧，目前这边都是做编辑、刷新逻辑处理（新增的话，并没有指标id，不会有影响）
	var (
		hasIndent   = false
		hasEncoding = false
	)
	if web.BConfig.RunMode == web.PROD {
		hasIndent = false
	}
	if len(encoding) > 0 && encoding[0] == true {
		hasEncoding = true
	}
	if c.Data["json"] == nil {
		//go utils.SendEmail("异常提醒:", "接口:"+"URI:"+c.Ctx.Input.URI()+";无返回值", utils.EmailSendToUsers)
		//body := "接口:" + "URI:" + c.Ctx.Input.URI() + ";无返回值"
		//go alarm_msg.SendAlarmMsg(body, 1)
		return
	}

	baseRes := c.Data["json"].(*models.BaseResponse)
	if baseRes != nil && baseRes.Ret != 408 {
		//body, _ := json.Marshal(baseRes)
		//var requestBody string
		//method := c.Ctx.Input.Method()
		//if method == "GET" {
		//	requestBody = c.Ctx.Request.RequestURI
		//} else {
		//	requestBody, _ = url.QueryUnescape(string(c.Ctx.Input.RequestBody))
		//}
		//if baseRes.Ret != 200 && baseRes.IsSendEmail {
		//	go utils.SendEmail(utils.APP_NAME_CN+"【"+utils.RunMode+"】"+"失败提醒", "URI:"+c.Ctx.Input.URI()+"<br/> "+"Params"+requestBody+" <br/>"+"ErrMsg:"+baseRes.ErrMsg+";<br/>Msg:"+baseRes.Msg+";<br/> Body:"+string(body)+"<br/>", utils.EmailSendToUsers)
		//}

		// 记录错误日志, 并清掉错误信息避免暴露给外部
		//if baseRes.ErrMsg != "" {
		//	utils.FileLog.Info(baseRes.ErrMsg)
		//	baseRes.ErrMsg = ""
		//}
	}
	c.JSON(c.Data["json"], hasIndent, hasEncoding)
}

func (c *BaseAuthController) JSON(data interface{}, hasIndent bool, coding bool) error {
	c.Ctx.Output.Header("Content-Type", "application/json; charset=utf-8")
	var content []byte
	var err error
	if hasIndent {
		content, err = json.MarshalIndent(data, "", "  ")
	} else {
		content, err = json.Marshal(data)
	}
	if err != nil {
		http.Error(c.Ctx.Output.Context.ResponseWriter, err.Error(), http.StatusInternalServerError)
		return err
	}
	ip := c.Ctx.Input.IP()
	requestBody, err := url.QueryUnescape(string(c.Ctx.Input.RequestBody))
	if err != nil {
		requestBody = string(c.Ctx.Input.RequestBody)
	}
	if requestBody == "" {
		requestBody = c.Ctx.Input.URI()
	}
	c.logUri(content, requestBody, ip)
	if coding {
		content = []byte(utils.StringsToJSON(string(content)))
	}
	return c.Ctx.Output.Body(content)
}

func (c *BaseAuthController) logUri(respContent []byte, requestBody, ip string) {
	var reqData interface{}
	err := json.Unmarshal([]byte(requestBody), &reqData)
	if err != nil {
		utils.ApiLog.Info("uri:%s, requestBody:%s, ip:%s", c.Ctx.Input.URI(), requestBody, ip)
	} else {
		utils.ApiLog.Info("uri:%s, requestBody:%s, ip:%s", c.Ctx.Input.URI(), requestBody, ip)
	}
	return
}

// getCheckSignStr
// @Description: 获取校验签名字符串
// @author: Roc
// @datetime 2025-07-03 16:51:30
// @param appid string
// @param nonce string
// @param timestamp string
// @param ip string
// @return checkSignStr string
// @return errMsg string
// @return err error
func getCheckSignStr(appid, nonce, timestamp, ip string) (checkSignStr, errMsg string, err error) {
	if nonce == "" {
		errMsg = "随机字符串不能为空"
		err = errors.New(errMsg)
		return
	}

	if timestamp == "" {
		errMsg = "时间戳不能为空"
		err = errors.New(errMsg)
		return
	}

	secret := utils.Secret

	if appid != utils.AppId {
		openApiUserInfo, tmpErr := models.GetByAppid(appid)
		if tmpErr != nil {
			if tmpErr.Error() == utils.ErrNoRow() {
				errMsg = "商家AppId错误，请核查"
			} else {
				err = errors.New("系统异常，请联系管理员")
			}
			err = errors.New(errMsg)
			return
		}

		if openApiUserInfo == nil {
			errMsg = "商家AppId错误，请核查"
			err = errors.New(errMsg)
			return
		}

		//如果有ip限制，那么就添加ip
		if openApiUserInfo.Ip != "" {
			if !strings.Contains(openApiUserInfo.Ip, ip) {
				errMsg = fmt.Sprintf("无权限访问该接口,ip:%v，请联系管理员", ip)
				err = errors.New(errMsg)
				return
			}
		}
		secret = openApiUserInfo.Secret
	}

	checkSignStr = utils.GetSignV2(nonce, timestamp, appid, secret)

	return
}