eta_server
/
eta_hub


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204
							package xy

import (
	"encoding/json"
	"errors"
	"eta/eta_hub/models"
	"eta/eta_hub/models/system"
	"eta/eta_hub/models/xy"
	"eta/eta_hub/utils"
	"fmt"
	"github.com/beego/beego/v2/server/web"
	"net/http"
	"net/url"
	"strings"
)

type BaseAuthXyController struct {
	web.Controller
	SysUser *system.Admin
	Appid   string
}

func (this *BaseAuthXyController) Prepare() {
	fmt.Println("enter prepare")
	method := this.Ctx.Input.Method()
	uri := this.Ctx.Input.URI()
	ip := this.Ctx.Input.IP()
	fmt.Println("Url:", uri)
	if method != "HEAD" {
		var nonce, timestamp, appid, signature string
		headers := this.Ctx.Request.Header
		for name, values := range headers {
			fmt.Println(fmt.Sprintf("%s: %v\n", name, values))
			switch strings.ToLower(name) {
			case `nonce`:
				nonce = values[0]
			case `timestamp`:
				timestamp = values[0]
			case `appid`:
				appid = values[0]
			case `signature`:
				signature = values[0]
			}
		}

		//校验签名
		//nonce := this.Ctx.Input.Header("nonce")
		//timestamp := this.Ctx.Input.Header("timestamp")
		//appid := this.Ctx.Input.Header("appid")
		//signature := this.Ctx.Input.Header("signature")
		this.Appid = appid

		checkSign, errMsg, err := getCheckSignStr(appid, nonce, timestamp, ip)
		if err != nil {
			this.JSON(xy.BaseResponse{ReturnCode: "E", Status: "E", Msg: errMsg, ErrMsg: errMsg}, false, false)
			this.StopRun()
			return
		}

		if signature != checkSign {
			utils.FileLog.Debug("用户提交签名：%s；\n系统生成签名：%s\n", signature, checkSign)
			errMsg := "签名错误"
			this.JSON(xy.BaseResponse{ReturnCode: "E", Status: "E", Msg: errMsg, ErrMsg: errMsg}, false, false)
			this.StopRun()
			return
		}
		if method != "GET" && method != "POST" {
			errMsg := "无效的请求方式"
			this.JSON(xy.BaseResponse{ReturnCode: "E", Status: "E", Msg: "无效的请求方式", ErrMsg: errMsg}, false, false)
			this.StopRun()
			return
		}
	} else {
		this.JSON(xy.BaseResponse{ReturnCode: "E", Status: "E", Msg: "系统异常，请联系客服!", ErrMsg: "method:" + method}, false, false)
		this.StopRun()
		return
	}
}

func (c *BaseAuthXyController) ServeJSON(encoding ...bool) {
	var (
		hasIndent   = false
		hasEncoding = false
	)
	if web.BConfig.RunMode == web.PROD {
		hasIndent = false
	}
	if len(encoding) > 0 && encoding[0] == true {
		hasEncoding = true
	}
	if c.Data["json"] == nil {
		//go utils.SendEmail("异常提醒:", "接口:"+"URI:"+c.Ctx.Input.URI()+";无返回值", utils.EmailSendToUsers)
		//body := "接口:" + "URI:" + c.Ctx.Input.URI() + ";无返回值"
		//go alarm_msg.SendAlarmMsg(body, 1)
		return
	}

	c.JSON(c.Data["json"], hasIndent, hasEncoding)
}

func (c *BaseAuthXyController) JSON(data interface{}, hasIndent bool, coding bool) error {
	c.Ctx.Output.Header("Content-Type", "application/json; charset=utf-8")
	var content []byte
	var err error
	if hasIndent {
		content, err = json.MarshalIndent(data, "", "  ")
	} else {
		content, err = json.Marshal(data)
	}
	if err != nil {
		http.Error(c.Ctx.Output.Context.ResponseWriter, err.Error(), http.StatusInternalServerError)
		return err
	}
	ip := c.Ctx.Input.IP()
	requestBody, err := url.QueryUnescape(string(c.Ctx.Input.RequestBody))
	if err != nil {
		requestBody = string(c.Ctx.Input.RequestBody)
	}
	if requestBody == "" {
		requestBody = c.Ctx.Input.URI()
	}
	c.logUri(content, requestBody, ip)
	if coding {
		content = []byte(utils.StringsToJSON(string(content)))
	}
	return c.Ctx.Output.Body(content)
}

func (c *BaseAuthXyController) logUri(respContent []byte, requestBody, ip string) {
	var reqData interface{}
	err := json.Unmarshal([]byte(requestBody), &reqData)
	if err != nil {
		utils.ApiLog.Info("uri:%s, requestBody:%s, ip:%s", c.Ctx.Input.URI(), requestBody, ip)
	} else {
		utils.ApiLog.Info("uri:%s, requestBody:%s, ip:%s", c.Ctx.Input.URI(), requestBody, ip)
	}
	return
}

// getCheckSignStr
// @Description: 获取校验签名字符串
// @author: Roc
// @datetime 2025-07-03 16:51:30
// @param appid string
// @param nonce string
// @param timestamp string
// @param ip string
// @return checkSignStr string
// @return errMsg string
// @return err error
func getCheckSignStr(appid, nonce, timestamp, ip string) (checkSignStr, errMsg string, err error) {
	if nonce == "" {
		errMsg = "随机字符串不能为空"
		err = errors.New(errMsg)
		return
	}

	if timestamp == "" {
		errMsg = "时间戳不能为空"
		err = errors.New(errMsg)
		return
	}

	if appid == "" {
		errMsg = "appid不能为空"
		err = errors.New(errMsg)
		return
	}

	secret := utils.Secret

	if appid != utils.AppId {
		openApiUserInfo, tmpErr := models.GetByAppid(appid)
		if tmpErr != nil {
			if utils.IsErrNoRow(tmpErr) {
				errMsg = "商家AppId错误，请核查"
			} else {
				err = errors.New("系统异常，请联系管理员")
			}
			err = errors.New(errMsg)
			return
		}

		if openApiUserInfo.Appid == `` {
			errMsg = "商家AppId错误，请核查"
			err = errors.New(errMsg)
			return
		}

		//如果有ip限制，那么就添加ip
		if openApiUserInfo.Ip != "" {
			if !strings.Contains(openApiUserInfo.Ip, ip) {
				errMsg = fmt.Sprintf("无权限访问该接口,ip:%v，请联系管理员", ip)
				err = errors.New(errMsg)
				return
			}
		}
		secret = openApiUserInfo.Secret
	}

	checkSignStr = utils.GetSignV2(nonce, timestamp, appid, secret)

	return
}