check.go 1.7 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576
  1. package middleware
  2. import (
  3. "crypto/md5"
  4. "encoding/hex"
  5. "errors"
  6. "fmt"
  7. "go-common/library/ecode"
  8. "go-common/library/log"
  9. bm "go-common/library/net/http/blademaster"
  10. "strconv"
  11. "time"
  12. )
  13. // CheckSecretkey 鉴权
  14. func TXCheckSecretkey(c *bm.Context) {
  15. req := c.Request
  16. q := req.URL.Query()
  17. wsSecret := q.Get("wsSecret")
  18. wsTime := q.Get("wsTime")
  19. url := fmt.Sprintf("http://%s%s", c.Request.Host, req.URL.Path)
  20. log.Warn("request url = %s", url)
  21. key := "xtCTceP0fdH8"
  22. err := check(wsSecret, wsTime, url, key)
  23. if err != nil {
  24. c.JSONMap(map[string]interface{}{"message": err.Error()}, ecode.AccessTokenExpires)
  25. c.Abort()
  26. return
  27. }
  28. }
  29. // BvcCheckSecret 鉴权
  30. func BvcCheckSecret(c *bm.Context) {
  31. req := c.Request
  32. q := req.URL.Query()
  33. wsSecret := q.Get("wsSecret")
  34. wsTime := q.Get("wsTime")
  35. url := fmt.Sprintf("http://%s%s", c.Request.Host, req.URL.Path)
  36. log.Warn("request url = %s", url)
  37. key := "cMRvgcQXZdph"
  38. err := check(wsSecret, wsTime, url, key)
  39. if err != nil {
  40. c.JSONMap(map[string]interface{}{"message": err.Error()}, ecode.AccessTokenExpires)
  41. c.Abort()
  42. return
  43. }
  44. }
  45. func check(wsSecret string, wsTime string, url string, key string) error {
  46. if wsSecret == "" || wsTime == "" {
  47. return errors.New("secret or time is empty")
  48. }
  49. wsTimeInt, err := strconv.ParseInt(wsTime, 10, 64)
  50. //log.Warn("%d, %d", time.Now().Unix(), wsTimeInt)
  51. if err != nil || time.Now().Unix() > wsTimeInt {
  52. return errors.New("request time expired")
  53. }
  54. notCheckStr := fmt.Sprintf("%s%s%s", key, url, wsTime)
  55. log.Warn("%s", notCheckStr)
  56. h := md5.New()
  57. h.Write([]byte(notCheckStr))
  58. cipherStr := h.Sum(nil)
  59. sign := hex.EncodeToString(cipherStr)
  60. if wsSecret != sign {
  61. return errors.New("auth failed")
  62. }
  63. return nil
  64. }