From 8b9ba965295fc094d0bd34ac04a16a96a93ee658 Mon Sep 17 00:00:00 2001 From: 王家文 Date: Tue, 16 Apr 2024 12:02:35 +0800 Subject: [PATCH] refactor♻️:项目目录重构 --- controllers/base.go | 2 +- middleware/sdk/sdk.go | 155 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ middleware/sign/index.go | 309 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ sdk/sdk.go | 155 ----------------------------------------------------------------------------------------------------------------------------------------------------------- sign/index.go | 309 --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 5 files changed, 465 insertions(+), 465 deletions(-) create mode 100644 middleware/sdk/sdk.go create mode 100644 middleware/sign/index.go delete mode 100644 sdk/sdk.go delete mode 100644 sign/index.go diff --git a/controllers/base.go b/controllers/base.go index a66f3c4..6bdb4ef 100644 --- a/controllers/base.go +++ b/controllers/base.go @@ -1,8 +1,8 @@ package controllers import ( + "apigame/middleware/sign" "apigame/service/constd" - "apigame/sign" "encoding/json" "github.com/astaxie/beego" ) diff --git a/middleware/sdk/sdk.go b/middleware/sdk/sdk.go new file mode 100644 index 0000000..d8979fe --- /dev/null +++ b/middleware/sdk/sdk.go @@ -0,0 +1,155 @@ +package sdk + +import ( + "apigame/util/util-lx/lxalilog" + "apigame/util/util-lx/lxbeego" + "apigame/util/util-lx/lxredis" + "encoding/json" + "errors" + "fmt" + "strings" + + "github.com/astaxie/beego" +) + +type MapSdkTokenRet struct { + Code string `json:"code"` + Data struct { + Ttl int `json:"ttl"` + } `json:"data"` + Msg string `json:"msg"` +} + +type MapSDKMemberInfo struct { + Code string `json:"code"` + Data struct { + Uid int64 `json:"uid"` + Channel string `json:"channel"` + Scene string `json:"scene"` + Openid string `json:"openid"` + Unionid string `json:"unionid"` + Nickname string `json:"nickname"` + Headurl string `json:"headurl"` + Sex int `json:"sex"` + Shareuid int64 `json:"shareuid"` + Status int `json:"status"` + FirstLogin string `json:"first_login"` + Logindays int `json:"logindays"` + CreateTime int64 `json:"create_time"` + LastloginTime int64 `json:"lastlogin_time"` + UpdateTime int64 `json:"update_time"` + } `json:"data"` + Msg string `json:"msg"` +} + +func ckecklocaldb(gameid string, uid int64, token string) (err error) { + + _redis := lxredis.LXredis{ + Name: fmt.Sprintf("token::%s::%d", gameid, uid), + Db: beego.AppConfig.String("redis::sdkdb"), + Prefix: beego.AppConfig.String("redis::sdkprefix"), + } + + tstr, err := _redis.GET() + if err != nil { + lxalilog.Errors(err, "_redis GET:") + return + } + + if tstr == "" { + err = errors.New("tsrt") + lxalilog.Errors(err, "tstr empty:") + return + } + + redistoken := strings.Split(tstr, "|")[0] + if redistoken != token { + err = errors.New("token error") + lxalilog.Errors(err, "redistoken:", redistoken, ",token:", token) + return + } + + return +} + +// 验证SDKtoken +func CheckSdkToken(gameid string, uid int64, token string) (err error) { + + if uid == 99 || token == "fb0ba80fad895664c7aea7c8ce462505" { + return + } + + return ckecklocaldb(gameid, uid, token) + + // var ( + // gconfig = service_config.GetGameConfigByGameID(gameid) + // apiurl = beego.AppConfig.String("sdk::checktoken") + gconfig.Appkey + // ) + + // content, httpcode, err := lurl.PostBody(apiurl, map[string]interface{}{ + // "gameid": gameid, + // "uid": uid, + // "token": token, + // }) + + // if err != nil { + // lxalilog.Errors("lurl.PostBody error:", err, gameid, uid, token) + // return + // } + + // if httpcode != 200 { + // err = errors.New("httpcode!= 200") + // lxalilog.Errors("httpcode error:", err, gameid, uid, token, httpcode) + // return + // } + + // var ret MapSdkTokenRet + // err = json.Unmarshal(content, &ret) + // if err != nil { + // lxalilog.Errors("json.Unmarshal error:", err, gameid, uid, token, string(content)) + // return + // } + + // if ret.Code != "0" { + // err = errors.New("ret.Code != 0") + // lxalilog.Errors(err, gameid, uid, token, string(content)) + // return + // } + + // return +} + +// 获取SDK用户信息 +func GetSdkMemberInfo(gameid string, uid int64) (member MapSDKMemberInfo, err error) { + + var ( + apiurl = fmt.Sprintf("%s?gameid=%s&uid=%d", beego.AppConfig.String("sdk::getmemberinfo"), gameid, uid) + ) + + content, httpcode, err := lxbeego.Get(apiurl) + + if err != nil { + lxalilog.Errors("lxbeego.lxbeego error:", err, apiurl) + return + } + + if httpcode != 200 { + err = errors.New("httpcode!= 200") + lxalilog.Errors("httpcode error:", err, apiurl) + return + } + + err = json.Unmarshal(content, &member) + if err != nil { + lxalilog.Errors("json.Unmarshal error:", err, apiurl, string(content)) + return + } + + if member.Code != "0" { + err = errors.New("ret.Code != 0") + lxalilog.Errors(err, apiurl, string(content)) + return + } + + return +} diff --git a/middleware/sign/index.go b/middleware/sign/index.go new file mode 100644 index 0000000..20c17f8 --- /dev/null +++ b/middleware/sign/index.go @@ -0,0 +1,309 @@ +package sign + +import ( + "apigame/api-common/config" + "apigame/middleware/sdk" + "apigame/service/constd" + "apigame/util/util-lx/lxalilog" + "apigame/util/util-lx/lxarray" + "apigame/util/util-lx/lxconv" + "apigame/util/util-lx/lxlimit" + "apigame/util/util-lx/lxtime" + "encoding/json" + "errors" + "fmt" + + "sort" + "strings" + "unicode/utf8" + + "github.com/astaxie/beego/validation" +) + +type MCheckConfig struct { + CheckUrlGameID bool + CheckToken bool + CheckSign bool + FunName string + Bodys []byte + Ip lxlimit.MFuncItem `json:"ip"` + Kernel lxlimit.MFuncItem `json:"kernel"` + Member lxlimit.MFuncItem `json:"member"` + Url string `json:"url"` + Params map[string]string `json:"params"` +} + +func getTimeStamp(time_stamp interface{}) (timestamp int64) { + if time_stamp == nil { + return + } + + tsp := "" + + switch tp := time_stamp.(type) { + case string: + tsp = fmt.Sprintf("%s", tp) + } + + if tsp == "" { + return + } + + timestamp = lxconv.ParseInt64(tsp) + lth := utf8.RuneCountInString(tsp) + if lth > 10 { + timestamp = timestamp / 1000 + } + + return + +} + +func InitCheck(postdata interface{}, cgg MCheckConfig) (code string, gameconfig config.MApiGameConfig, err error) { + + var ( + postGameId string + urlGameId string + ty string + c lxlimit.MFuncConfig + nowtime = lxtime.NowUninx() + time_stamp int64 + JG = int64(2) + ) + + // 检查时间戳 + tempData := make(map[string]interface{}) + _ = json.Unmarshal(cgg.Bodys, &tempData) + + time_stamp = getTimeStamp(tempData["time_stamp"]) + if time_stamp < (nowtime-JG) || time_stamp > (nowtime+JG) { + code = constd.RECODE_REQUESTTIME_ERROR + err = errors.New(code) + lxalilog.Errors("RECODE_REQUESTTIME_ERROR error:", string(cgg.Bodys)) + return + } + + c.Ip = cgg.Ip + c.Kernel = cgg.Kernel + c.Params = cgg.Params + c.Url = cgg.Url + c.BodyBy = cgg.Bodys + if cgg.FunName == "" { + c.FunName = c.Url + } + c.Member = cgg.Member + + for k, v := range c.Params { + if k == ":gameid" { + urlGameId = v + } + } + + if cgg.CheckUrlGameID && urlGameId == "" { + code = constd.RECODE_PARAMERROR + err = errors.New(code) + lxalilog.Errors("urlGameid error:") + return + } + + postGameId, ty = lxlimit.CheckLimit(c) + + if cgg.CheckUrlGameID && postGameId != urlGameId { + code = constd.RECODE_PARAMERROR + err = errors.New(code) + lxalilog.Errors("urlGameid !=postGameId:", urlGameId, postdata) + return + } + + if ty != "" { + code = constd.RECODE_REQUESTXIANLIU_ERROR + err = errors.New(ty) + return + } + + err = json.Unmarshal(cgg.Bodys, &postdata) + if err != nil { + code = constd.RECODE_PARAMERROR + lxalilog.Errors("json.Unmarshal error:", err, string(cgg.Bodys)) + return + } + + valid := validation.Validation{} + + var b bool + + b, err = valid.Valid(postdata) + if err != nil { + code = constd.RECODE_PARAMERROR + lxalilog.Errors("valid.Valid error:", err, string(cgg.Bodys), valid.Errors) + return + } + + if !b { + code = constd.RECODE_PARAMERROR + err = errors.New(code) + lxalilog.Errors("valid.Valid error:", err, string(cgg.Bodys), valid.Errors) + return + } + + if cgg.CheckSign { + code, gameconfig, err = CheckSign(postdata, cgg.CheckToken) + if err != nil { + return + } + } + + return +} + +// Check 检查签名 +func Check(req []byte, postdata interface{}, checkSign bool, checkToken bool) (code string, err error) { + + err = json.Unmarshal(req, &postdata) + if err != nil { + code = constd.RECODE_PARAMERROR + lxalilog.Errors("json.Unmarshal error:", err, string(req)) + return + } + + valid := validation.Validation{} + + var b bool + + b, err = valid.Valid(postdata) + if err != nil { + code = constd.RECODE_PARAMERROR + lxalilog.Errors("valid.Valid error:", err, string(req), valid.Errors) + return + } + + if !b { + code = constd.RECODE_PARAMERROR + err = errors.New(code) + lxalilog.Errors("valid.Valid error:", err, string(req), valid.Errors) + return + } + + if checkSign { + code, _, err = CheckSign(postdata, checkToken) + if err != nil { + return + } + } + + return +} + +// CheckSign 校验签名 +func CheckSign(data interface{}, checkToken bool) (code string, gameconfig config.MApiGameConfig, err error) { + + var ( + logstr string + ) + + jsonBody, _ := json.Marshal(data) + + logstr += string(jsonBody) + + var newdata = make(map[string]interface{}) + + err = json.Unmarshal(jsonBody, &newdata) + if err != nil { + code = constd.RECODE_SIGNERROR + lxalilog.Errors("json.Unmarshal error:", err) + return + } + + if newdata["gameid"] == "" || newdata["channel"] == "" || newdata["sign"] == "" || newdata["sign_type"] == "" || newdata["time_stamp"] == "" || newdata["ver"] == "" { + code = constd.RECODE_SIGNERROR + err = errors.New("签名错误,参数错误" + logstr) + lxalilog.Errors(err) + return + } + + gameid := newdata["gameid"].(string) + + gameconfig, err = config.GetApiGameConfig(gameid) + if err != nil { + lxalilog.Errors(err) + return + } + + if newdata["sign"].(string) == "fb0ba80fad895664c7aea7c8ce462505" { + return + } + + appkey := gameconfig.Appkey + + if appkey == "" { + code = constd.RECODE_SIGNERROR + err = errors.New("签名错误,参数错误" + gameid + "no appkey") + lxalilog.Errors(err) + return + } + + sign := newdata["sign"] + + sortdata := make([]string, 0, len(newdata)) + + fiterword := "and|exec|insert|select|delete|update|count|master|truncate|declare|char(|mid(|chr(|'" + fiterwords := strings.Split(fiterword, "|") + var fiterkey []interface{} + + for k, v := range newdata { + newv := lxconv.InterfaceToStr(v) + + if b := lxarray.InArray(newv, fiterwords); b { + fiterkey = append(fiterkey, k) + } + if newv != "" && newv != "0" && k != "sign" && k != "ver" && k != "dev" && k != "dever" && k != "pkv" { + sortdata = append(sortdata, k) + } + } + + if len(fiterkey) > 0 { + code = constd.RECODE_WEIXINAZIFU_ERROR + err = errors.New("fiterkey error" + logstr) + lxalilog.Errors(err, lxconv.JsonEncode(fiterkey), "data:", lxconv.JsonEncode(newdata)) + return + } + + sort.Strings(sortdata) + valstr := "" + for _, k := range sortdata { // 先下标,再数值 + v := lxconv.InterfaceToStr(newdata[k]) + valstr += k + "=" + v + } + + valstr += appkey + + logstr += ",valstr:(" + valstr + ")" + + md5key := strings.ToLower(lxconv.EncryMD5(valstr)) + + if md5key != sign { + code = constd.RECODE_SIGNERROR + err = errors.New(code) + lxalilog.Errors("sign error,md5key::", md5key, ",sign:", sign, logstr, "data:", lxconv.JsonEncode(newdata)) + return + } + + if checkToken { + + if newdata["uid"] == nil || newdata["token"] == nil { + code = constd.RECODE_PARAMERROR + err = errors.New(code) + lxalilog.Errors("no uid or token", "data:", lxconv.JsonEncode(newdata)) + return + } + + err = sdk.CheckSdkToken(gameid, lxconv.ToInt64(newdata["uid"]), lxconv.InterfaceToStr(newdata["token"])) + if err != nil { + code = constd.RECODE_LOGINCHECK_ERROR + return + } + + } + + return +} diff --git a/sdk/sdk.go b/sdk/sdk.go deleted file mode 100644 index d8979fe..0000000 --- a/sdk/sdk.go +++ /dev/null @@ -1,155 +0,0 @@ -package sdk - -import ( - "apigame/util/util-lx/lxalilog" - "apigame/util/util-lx/lxbeego" - "apigame/util/util-lx/lxredis" - "encoding/json" - "errors" - "fmt" - "strings" - - "github.com/astaxie/beego" -) - -type MapSdkTokenRet struct { - Code string `json:"code"` - Data struct { - Ttl int `json:"ttl"` - } `json:"data"` - Msg string `json:"msg"` -} - -type MapSDKMemberInfo struct { - Code string `json:"code"` - Data struct { - Uid int64 `json:"uid"` - Channel string `json:"channel"` - Scene string `json:"scene"` - Openid string `json:"openid"` - Unionid string `json:"unionid"` - Nickname string `json:"nickname"` - Headurl string `json:"headurl"` - Sex int `json:"sex"` - Shareuid int64 `json:"shareuid"` - Status int `json:"status"` - FirstLogin string `json:"first_login"` - Logindays int `json:"logindays"` - CreateTime int64 `json:"create_time"` - LastloginTime int64 `json:"lastlogin_time"` - UpdateTime int64 `json:"update_time"` - } `json:"data"` - Msg string `json:"msg"` -} - -func ckecklocaldb(gameid string, uid int64, token string) (err error) { - - _redis := lxredis.LXredis{ - Name: fmt.Sprintf("token::%s::%d", gameid, uid), - Db: beego.AppConfig.String("redis::sdkdb"), - Prefix: beego.AppConfig.String("redis::sdkprefix"), - } - - tstr, err := _redis.GET() - if err != nil { - lxalilog.Errors(err, "_redis GET:") - return - } - - if tstr == "" { - err = errors.New("tsrt") - lxalilog.Errors(err, "tstr empty:") - return - } - - redistoken := strings.Split(tstr, "|")[0] - if redistoken != token { - err = errors.New("token error") - lxalilog.Errors(err, "redistoken:", redistoken, ",token:", token) - return - } - - return -} - -// 验证SDKtoken -func CheckSdkToken(gameid string, uid int64, token string) (err error) { - - if uid == 99 || token == "fb0ba80fad895664c7aea7c8ce462505" { - return - } - - return ckecklocaldb(gameid, uid, token) - - // var ( - // gconfig = service_config.GetGameConfigByGameID(gameid) - // apiurl = beego.AppConfig.String("sdk::checktoken") + gconfig.Appkey - // ) - - // content, httpcode, err := lurl.PostBody(apiurl, map[string]interface{}{ - // "gameid": gameid, - // "uid": uid, - // "token": token, - // }) - - // if err != nil { - // lxalilog.Errors("lurl.PostBody error:", err, gameid, uid, token) - // return - // } - - // if httpcode != 200 { - // err = errors.New("httpcode!= 200") - // lxalilog.Errors("httpcode error:", err, gameid, uid, token, httpcode) - // return - // } - - // var ret MapSdkTokenRet - // err = json.Unmarshal(content, &ret) - // if err != nil { - // lxalilog.Errors("json.Unmarshal error:", err, gameid, uid, token, string(content)) - // return - // } - - // if ret.Code != "0" { - // err = errors.New("ret.Code != 0") - // lxalilog.Errors(err, gameid, uid, token, string(content)) - // return - // } - - // return -} - -// 获取SDK用户信息 -func GetSdkMemberInfo(gameid string, uid int64) (member MapSDKMemberInfo, err error) { - - var ( - apiurl = fmt.Sprintf("%s?gameid=%s&uid=%d", beego.AppConfig.String("sdk::getmemberinfo"), gameid, uid) - ) - - content, httpcode, err := lxbeego.Get(apiurl) - - if err != nil { - lxalilog.Errors("lxbeego.lxbeego error:", err, apiurl) - return - } - - if httpcode != 200 { - err = errors.New("httpcode!= 200") - lxalilog.Errors("httpcode error:", err, apiurl) - return - } - - err = json.Unmarshal(content, &member) - if err != nil { - lxalilog.Errors("json.Unmarshal error:", err, apiurl, string(content)) - return - } - - if member.Code != "0" { - err = errors.New("ret.Code != 0") - lxalilog.Errors(err, apiurl, string(content)) - return - } - - return -} diff --git a/sign/index.go b/sign/index.go deleted file mode 100644 index e36bb6a..0000000 --- a/sign/index.go +++ /dev/null @@ -1,309 +0,0 @@ -package sign - -import ( - "apigame/api-common/config" - "apigame/sdk" - "apigame/service/constd" - "apigame/util/util-lx/lxalilog" - "apigame/util/util-lx/lxarray" - "apigame/util/util-lx/lxconv" - "apigame/util/util-lx/lxlimit" - "apigame/util/util-lx/lxtime" - "encoding/json" - "errors" - "fmt" - - "sort" - "strings" - "unicode/utf8" - - "github.com/astaxie/beego/validation" -) - -type MCheckConfig struct { - CheckUrlGameID bool - CheckToken bool - CheckSign bool - FunName string - Bodys []byte - Ip lxlimit.MFuncItem `json:"ip"` - Kernel lxlimit.MFuncItem `json:"kernel"` - Member lxlimit.MFuncItem `json:"member"` - Url string `json:"url"` - Params map[string]string `json:"params"` -} - -func getTimeStamp(time_stamp interface{}) (timestamp int64) { - if time_stamp == nil { - return - } - - tsp := "" - - switch tp := time_stamp.(type) { - case string: - tsp = fmt.Sprintf("%s", tp) - } - - if tsp == "" { - return - } - - timestamp = lxconv.ParseInt64(tsp) - lth := utf8.RuneCountInString(tsp) - if lth > 10 { - timestamp = timestamp / 1000 - } - - return - -} - -func InitCheck(postdata interface{}, cgg MCheckConfig) (code string, gameconfig config.MApiGameConfig, err error) { - - var ( - postGameId string - urlGameId string - ty string - c lxlimit.MFuncConfig - nowtime = lxtime.NowUninx() - time_stamp int64 - JG = int64(2) - ) - - // 检查时间戳 - tempData := make(map[string]interface{}) - _ = json.Unmarshal(cgg.Bodys, &tempData) - - time_stamp = getTimeStamp(tempData["time_stamp"]) - if time_stamp < (nowtime-JG) || time_stamp > (nowtime+JG) { - code = constd.RECODE_REQUESTTIME_ERROR - err = errors.New(code) - lxalilog.Errors("RECODE_REQUESTTIME_ERROR error:", string(cgg.Bodys)) - return - } - - c.Ip = cgg.Ip - c.Kernel = cgg.Kernel - c.Params = cgg.Params - c.Url = cgg.Url - c.BodyBy = cgg.Bodys - if cgg.FunName == "" { - c.FunName = c.Url - } - c.Member = cgg.Member - - for k, v := range c.Params { - if k == ":gameid" { - urlGameId = v - } - } - - if cgg.CheckUrlGameID && urlGameId == "" { - code = constd.RECODE_PARAMERROR - err = errors.New(code) - lxalilog.Errors("urlGameid error:") - return - } - - postGameId, ty = lxlimit.CheckLimit(c) - - if cgg.CheckUrlGameID && postGameId != urlGameId { - code = constd.RECODE_PARAMERROR - err = errors.New(code) - lxalilog.Errors("urlGameid !=postGameId:", urlGameId, postdata) - return - } - - if ty != "" { - code = constd.RECODE_REQUESTXIANLIU_ERROR - err = errors.New(ty) - return - } - - err = json.Unmarshal(cgg.Bodys, &postdata) - if err != nil { - code = constd.RECODE_PARAMERROR - lxalilog.Errors("json.Unmarshal error:", err, string(cgg.Bodys)) - return - } - - valid := validation.Validation{} - - var b bool - - b, err = valid.Valid(postdata) - if err != nil { - code = constd.RECODE_PARAMERROR - lxalilog.Errors("valid.Valid error:", err, string(cgg.Bodys), valid.Errors) - return - } - - if !b { - code = constd.RECODE_PARAMERROR - err = errors.New(code) - lxalilog.Errors("valid.Valid error:", err, string(cgg.Bodys), valid.Errors) - return - } - - if cgg.CheckSign { - code, gameconfig, err = CheckSign(postdata, cgg.CheckToken) - if err != nil { - return - } - } - - return -} - -// Check 检查签名 -func Check(req []byte, postdata interface{}, checkSign bool, checkToken bool) (code string, err error) { - - err = json.Unmarshal(req, &postdata) - if err != nil { - code = constd.RECODE_PARAMERROR - lxalilog.Errors("json.Unmarshal error:", err, string(req)) - return - } - - valid := validation.Validation{} - - var b bool - - b, err = valid.Valid(postdata) - if err != nil { - code = constd.RECODE_PARAMERROR - lxalilog.Errors("valid.Valid error:", err, string(req), valid.Errors) - return - } - - if !b { - code = constd.RECODE_PARAMERROR - err = errors.New(code) - lxalilog.Errors("valid.Valid error:", err, string(req), valid.Errors) - return - } - - if checkSign { - code, _, err = CheckSign(postdata, checkToken) - if err != nil { - return - } - } - - return -} - -// CheckSign 校验签名 -func CheckSign(data interface{}, checkToken bool) (code string, gameconfig config.MApiGameConfig, err error) { - - var ( - logstr string - ) - - jsonBody, _ := json.Marshal(data) - - logstr += string(jsonBody) - - var newdata = make(map[string]interface{}) - - err = json.Unmarshal(jsonBody, &newdata) - if err != nil { - code = constd.RECODE_SIGNERROR - lxalilog.Errors("json.Unmarshal error:", err) - return - } - - if newdata["gameid"] == "" || newdata["channel"] == "" || newdata["sign"] == "" || newdata["sign_type"] == "" || newdata["time_stamp"] == "" || newdata["ver"] == "" { - code = constd.RECODE_SIGNERROR - err = errors.New("签名错误,参数错误" + logstr) - lxalilog.Errors(err) - return - } - - gameid := newdata["gameid"].(string) - - gameconfig, err = config.GetApiGameConfig(gameid) - if err != nil { - lxalilog.Errors(err) - return - } - - if newdata["sign"].(string) == "fb0ba80fad895664c7aea7c8ce462505" { - return - } - - appkey := gameconfig.Appkey - - if appkey == "" { - code = constd.RECODE_SIGNERROR - err = errors.New("签名错误,参数错误" + gameid + "no appkey") - lxalilog.Errors(err) - return - } - - sign := newdata["sign"] - - sortdata := make([]string, 0, len(newdata)) - - fiterword := "and|exec|insert|select|delete|update|count|master|truncate|declare|char(|mid(|chr(|'" - fiterwords := strings.Split(fiterword, "|") - var fiterkey []interface{} - - for k, v := range newdata { - newv := lxconv.InterfaceToStr(v) - - if b := lxarray.InArray(newv, fiterwords); b { - fiterkey = append(fiterkey, k) - } - if newv != "" && newv != "0" && k != "sign" && k != "ver" && k != "dev" && k != "dever" && k != "pkv" { - sortdata = append(sortdata, k) - } - } - - if len(fiterkey) > 0 { - code = constd.RECODE_WEIXINAZIFU_ERROR - err = errors.New("fiterkey error" + logstr) - lxalilog.Errors(err, lxconv.JsonEncode(fiterkey), "data:", lxconv.JsonEncode(newdata)) - return - } - - sort.Strings(sortdata) - valstr := "" - for _, k := range sortdata { // 先下标,再数值 - v := lxconv.InterfaceToStr(newdata[k]) - valstr += k + "=" + v - } - - valstr += appkey - - logstr += ",valstr:(" + valstr + ")" - - md5key := strings.ToLower(lxconv.EncryMD5(valstr)) - - if md5key != sign { - code = constd.RECODE_SIGNERROR - err = errors.New(code) - lxalilog.Errors("sign error,md5key::", md5key, ",sign:", sign, logstr, "data:", lxconv.JsonEncode(newdata)) - return - } - - if checkToken { - - if newdata["uid"] == nil || newdata["token"] == nil { - code = constd.RECODE_PARAMERROR - err = errors.New(code) - lxalilog.Errors("no uid or token", "data:", lxconv.JsonEncode(newdata)) - return - } - - err = sdk.CheckSdkToken(gameid, lxconv.ToInt64(newdata["uid"]), lxconv.InterfaceToStr(newdata["token"])) - if err != nil { - code = constd.RECODE_LOGINCHECK_ERROR - return - } - - } - - return -} -- libgit2 0.21.0