package controllers import ( "crypto/md5" "errors" "fmt" "hongze/hongze_open_api/models/custom" "hongze/hongze_open_api/models/tables/open_api_user" "hongze/hongze_open_api/utils" "math" "sort" "strconv" "strings" "time" ) // BaseAuth 需要授权token的基类 type BaseAuth struct { BaseCommon AdminWx *custom.AdminWx `description:"管理员信息"` Token string `description:"用户token"` StartSize int `description:"开始数量"` StartPage int `description:"开始页码"` PageSize int `description:"每页数量"` } func (c *BaseAuth) Prepare() { //var requestBody string signData := make(map[string]string) method := c.Ctx.Input.Method() var pageSize,currentIndex int switch method { case "GET": //requestBody = c.Ctx.Request.RequestURI params := c.Ctx.Request.URL.Query() //fmt.Println(params) signData = convertParam(params) pageSize, _ = c.GetInt("_page_size") currentIndex, _ = c.GetInt("_page") case "POST": //requestBody, _ = url.QueryUnescape(string(c.Ctx.Input.RequestBody)) //请求类型 contentType := c.Ctx.Request.Header.Get("content-type") switch contentType { case "multipart/form-data": //文件最大5M err := c.Ctx.Request.ParseMultipartForm(- int64(5<<20)) if err != nil{ c.FailWithMessage(fmt.Sprintf("获取参数失败,%v", err)) //response.FailWithMessage(fmt.Sprintf("获取参数失败,%v", err), c) //c.Abort() return } default: err := c.Ctx.Request.ParseForm() if err != nil{ c.FailWithMessage(fmt.Sprintf("获取参数失败,%v", err)) return } } params := c.Ctx.Request.Form signData = convertParam(params) } //页码数 var startSize int if pageSize <= 0 { pageSize = utils.PageSize20 } //如果超过最大分页数,那么就是按照最大分页数返回 if pageSize > utils.PageMaxSize{ pageSize = utils.PageMaxSize } if currentIndex <= 0 { currentIndex = 1 } startSize = utils.StartIndex(currentIndex, pageSize) c.StartSize = startSize c.PageSize = pageSize c.StartPage = currentIndex ip := c.Ctx.Input.IP() //获取签名秘钥 //key := global.GVA_CONFIG.SignKey.Agent ////签名校验 err := checkSign(signData,ip) if err != nil { c.SignError(fmt.Sprintf("签名校验失败,%v", err)) return } uri := c.Ctx.Input.URI() utils.FileLog.Info(fmt.Sprintf("URI:%s", uri)) } //将请求传入的数据格式转换成签名需要的格式 func convertParam(params map[string][]string)(signData map[string]string) { signData = make(map[string]string) for key := range params { signData[key] = params[key][0] } return signData } //请求参数签名校验 func checkSign(postData map[string]string,ip string) (err error){ isSandbox := postData["is_sandbox"] //如果是测试环境,且是沙箱环境的话,那么绕过测试 if utils.RunMode == "debug" && isSandbox != "" { return } appid :=postData["appid"] if appid == "" { err = errors.New("参数异常,缺少appid") return } openApiUserInfo,tmpErr:= open_api_user.GetByAppid(appid) if tmpErr != nil{ if tmpErr.Error() == utils.ErrNoRow(){ err = errors.New("appid异常,请联系管理员") }else{ err = errors.New("系统异常,请联系管理员") } return } if openApiUserInfo == nil{ err = errors.New("系统异常,请联系管理员") return } //如果有ip限制,那么就添加ip if openApiUserInfo.Ip != ""{ if !strings.Contains(openApiUserInfo.Ip,ip){ err = errors.New(fmt.Sprintf("无权限访问该接口,ip:%v,请联系管理员",ip)) return } } //接口提交的签名字符串 ownSign := postData["sign"] if ownSign == "" { err = errors.New("参数异常,缺少签名字符串") return } if postData["nonce_str"] == "" { err = errors.New("参数异常,缺少随机字符串") return } if postData["timestamp"] == "" { err = errors.New("参数异常,缺少时间戳") return }else{ timeUnix := time.Now().Unix() //当前格林威治时间,int64类型 //将接口传入的时间做转换 timestamp, timeErr := strconv.ParseInt(postData["timestamp"], 10, 64) if timeErr != nil{ err = errors.New("参数异常,时间戳格式异常") return } if math.Abs(float64(timeUnix - timestamp)) > 300 { err = errors.New("当前时间异常,请调整设备时间与北京时间一致") return } } //先取出除sign外的所有的提交的参数key var keys []string for k, _ := range postData { if k != "sign" { keys = append(keys, k) } } //1,根据参数名称的ASCII码表的顺序排序 sort.Strings(keys) //2 根据排序后的参数名称,取出对应的值,并拼接字符串 var signStr string for _, v := range keys { signStr += v + "=" + postData[v] + "&" } //3,全转小写(md5(拼装的字符串后+分配给你的app_secret)) //sign := strings.ToLower(fmt.Sprintf("%x", md5.Sum([]byte(strings.Trim(signStr, "&")+key)))) //md5.Sum([]byte(signStr+"key="+key)) 这是md5加密出来后的每个字符的ascall码,需要再转换成对应的字符 //3,全转大写(md5(拼装的字符串后+分配给你的app_secret)) sign := strings.ToUpper(fmt.Sprintf("%x", md5.Sum([]byte(signStr+"secret="+openApiUserInfo.Secret)))) if sign != ownSign { utils.ApiLog.Println(fmt.Sprintf("签名校验异常,签名字符串:%v;服务端签名值:%v",signStr,sign)) return errors.New("签名校验异常,请核实签名") } return nil }