صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
tangmz
/
openbilibili
1
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
شاخه: master
شاخه‌ها تگ‌ها
openbilibili
/
app
/
interface
/
main
/
tv
/
http
/
audit.go

audit.go 2.3 KB
لینک دائمی تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 
  1. package http
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto/md5"
    5. 

  5. 	"encoding/json"
    6. 

  6. 	"fmt"
    7. 

  7. 	"io/ioutil"
    8. 

  8. 	"sort"
    9. 

  9. 

  10. 	"go-common/app/interface/main/tv/model"
    11. 

  11. 	"go-common/library/ecode"
    12. 

  12. 	"go-common/library/log"
    13. 

  13. 	bm "go-common/library/net/http/blademaster"
    14. 

  14. )
    15. 

  15. 

  16. // audit season with content
    17. 

  17. func audit(c *bm.Context) {
    18. 

  18. 	if err := auditT(c); err != nil { // if some error, return it
    19. 

  19. 		c.JSON(nil, err)
    20. 

  20. 		return
    21. 

  21. 	}
    22. 

  22. 	c.JSON(nil, nil)
    23. 

  23. }
    24. 

  24. 

  25. func auditT(c *bm.Context) (err error) {
    26. 

  26. 	var (
    27. 

  27. 		audit model.Audit
    28. 

  28. 		req   = c.Request
    29. 

  29. 	)
    30. 

  30. 	defer req.Body.Close()
    31. 

  31. 	body, _ := ioutil.ReadAll(req.Body)
    32. 

  32. 	if err = json.Unmarshal(body, &audit); err != nil {
    33. 

  33. 		log.Error("audit json(%s) error:(%v)", string(body), err)
    34. 

  34. 		err = ecode.RequestErr
    35. 

  35. 		return
    36. 

  36. 	}
    37. 

  37. 	if !validateJSONData(audit) {
    38. 

  38. 		log.Error("audit msg (%s), missing field", string(body))
    39. 

  39. 		err = ecode.RequestErr
    40. 

  40. 		return
    41. 

  41. 	}
    42. 

  42. 	if !checkSign(c, string(body)) {
    43. 

  43. 		log.Error("audit msg (%s), sign error", string(body))
    44. 

  44. 		err = ecode.RequestErr
    45. 

  45. 		return
    46. 

  46. 	}
    47. 

  47. 	return auditSvc.HandleAudits(c, audit.IDList)
    48. 

  48. }
    49. 

  49. 

  50. // validateJSONData check json format whether valid
    51. 

  51. func validateJSONData(a model.Audit) bool {
    52. 

  52. 	if a.OpType == "" {
    53. 

  53. 		return false
    54. 

  54. 	}
    55. 

  55. 	for _, v := range a.IDList {
    56. 

  56. 		if v.Type == "" || v.VID == "" || v.Action == "" {
    57. 

  57. 			return false
    58. 

  58. 		}
    59. 

  59. 	}
    60. 

  60. 	return a.Count > 0
    61. 

  61. }
    62. 

  62. 

  63. // checkSign check sign whether valid
    64. 

  64. func checkSign(c *bm.Context, body string) bool {
    65. 

  65. 	var (
    66. 

  66. 		req   = c.Request.Form
    67. 

  67. 		query = make(map[string]string)
    68. 

  68. 		ts    = req.Get("ts")
    69. 

  69. 		key   = req.Get("key")
    70. 

  70. 		sign  = req.Get("sign")
    71. 

  71. 	)
    72. 

  72. 	if key != signCfg.Key {
    73. 

  73. 		log.Error("The appkey not exists")
    74. 

  74. 		return false
    75. 

  75. 	}
    76. 

  76. 	if ts == "" {
    77. 

  77. 		log.Error("The timestamp not exists")
    78. 

  78. 		return false
    79. 

  79. 	}
    80. 

  80. 	query["ts"] = ts
    81. 

  81. 	query["body"] = body
    82. 

  82. 	query["appkey"] = key
    83. 

  83. 	if sign == "" {
    84. 

  84. 		log.Error("The sign not exists")
    85. 

  85. 		return false
    86. 

  86. 	}
    87. 

  87. 	getSign := signature(query)
    88. 

  88. 	if sign != getSign {
    89. 

  89. 		log.Error("The expected signature is :(%s)", getSign)
    90. 

  90. 		return false
    91. 

  91. 	}
    92. 

  92. 	return sign == getSign
    93. 

  93. }
    94. 

  94. 

  95. func signature(query map[string]string) string {
    96. 

  96. 	secret := signCfg.Secret
    97. 

  97. 	var keys []string
    98. 

  98. 	for k := range query {
    99. 

  99. 		keys = append(keys, k)
    100. 

  100. 	}
    101. 

  101. 	sort.Strings(keys)
    102. 

  102. 	var str string
    103. 

  103. 	for _, v := range keys {
    104. 

  104. 		str += string(v) + "=" + query[v] + "&"
    105. 

  105. 	}
    106. 

  106. 	str = str[:len(str)-1] + secret
    107. 

  107. 	hash := md5.New()
    108. 

  108. 	hash.Write([]byte(str))
    109. 

  109. 	sign := fmt.Sprintf("%x", hash.Sum(nil))
    110. 

  110. 	return sign
    111. 

  111. }
    112.