From b2460bbc87789c09e1b523e27d211334a405e5ef Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Wed, 23 Aug 2023 17:35:43 +0800 Subject: [PATCH] fix --- .../internal/logic/loginnotifylogic.go | 31 ++++++++++++++++--- .../logic/registeraccountnotifylogic.go | 31 ++++++++++++++++--- server/websocket/internal/types/types.go | 18 ++--------- .../internal/websocket_data/notify_data.go | 8 +++++ server_api/websocket.api | 16 ++-------- 5 files changed, 66 insertions(+), 38 deletions(-) create mode 100644 server/websocket/internal/websocket_data/notify_data.go diff --git a/server/websocket/internal/logic/loginnotifylogic.go b/server/websocket/internal/logic/loginnotifylogic.go index 97c442f9..a532764e 100644 --- a/server/websocket/internal/logic/loginnotifylogic.go +++ b/server/websocket/internal/logic/loginnotifylogic.go @@ -2,9 +2,13 @@ package logic //登录回调 import ( + "encoding/json" "fusenapi/constants" + "fusenapi/server/websocket/internal/websocket_data" "fusenapi/utils/auth" "fusenapi/utils/basic" + "fusenapi/utils/encryption_decryption" + "time" "context" @@ -33,10 +37,29 @@ func NewLoginNotifyLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Login // } func (l *LoginNotifyLogic) LoginNotify(req *types.LoginNotifyReq, userinfo *auth.UserInfo) (resp *basic.Response) { - if req.Data.WebsocketConnId == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,连接标识不能为空") + if req.Data == "" { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "data is empty") } - value, ok := mapConnPool.Load(req.Data.WebsocketConnId) + //解密数据 + data, err := encryption_decryption.CBCDecrypt(req.Data) + if err != nil { + logx.Error("解密失败:", err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "invalid data ") + } + var parseInfo websocket_data.NotifyData + if err = json.Unmarshal([]byte(data), &parseInfo); err != nil { + logx.Error("failed to parse json data:", err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "invalid format of parse data") + } + if parseInfo.WebsocketConnectId == "" { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "websocket connect id is empty") + } + now := time.Now().UTC().Unix() + //请求时间前后20秒都会失效 + if parseInfo.RequestTime < now-20 || parseInfo.RequestTime > now+20 { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "invalid data ,time is not in allowed range") + } + value, ok := mapConnPool.Load(parseInfo.WebsocketConnectId) if !ok { return resp.SetStatusWithMessage(basic.CodeOK, "success,but connection is not found") } @@ -46,7 +69,7 @@ func (l *LoginNotifyLogic) LoginNotify(req *types.LoginNotifyReq, userinfo *auth return resp.SetStatusWithMessage(basic.CodeServiceErr, "断言连接错误") } //发送消息到出口缓冲池 - ws.sendToOutChan(ws.respondDataFormat(constants.WEBSOCKET_LOGIN_NOTIFY, req.Data.Info)) + ws.sendToOutChan(ws.respondDataFormat(constants.WEBSOCKET_LOGIN_NOTIFY, parseInfo.Data)) return resp.SetStatusWithMessage(basic.CodeOK, "success") } diff --git a/server/websocket/internal/logic/registeraccountnotifylogic.go b/server/websocket/internal/logic/registeraccountnotifylogic.go index c72aa4ae..278c2a13 100644 --- a/server/websocket/internal/logic/registeraccountnotifylogic.go +++ b/server/websocket/internal/logic/registeraccountnotifylogic.go @@ -2,9 +2,13 @@ package logic //注册帐号回调 import ( + "encoding/json" "fusenapi/constants" + "fusenapi/server/websocket/internal/websocket_data" "fusenapi/utils/auth" "fusenapi/utils/basic" + "fusenapi/utils/encryption_decryption" + "time" "context" @@ -33,10 +37,29 @@ func NewRegisterAccountNotifyLogic(ctx context.Context, svcCtx *svc.ServiceConte // } func (l *RegisterAccountNotifyLogic) RegisterAccountNotify(req *types.RegisterAccountNotifyReq, userinfo *auth.UserInfo) (resp *basic.Response) { - if req.Data.WebsocketConnId == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,连接标识不能为空") + if req.Data == "" { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "data is empty") } - value, ok := mapConnPool.Load(req.Data.WebsocketConnId) + //解密数据 + data, err := encryption_decryption.CBCDecrypt(req.Data) + if err != nil { + logx.Error("解密失败:", err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "invalid data ") + } + var parseInfo websocket_data.NotifyData + if err = json.Unmarshal([]byte(data), &parseInfo); err != nil { + logx.Error("failed to parse json data:", err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "invalid format of parse data") + } + if parseInfo.WebsocketConnectId == "" { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "websocket connect id is empty") + } + now := time.Now().UTC().Unix() + //请求时间前后20秒都会失效 + if parseInfo.RequestTime < now-20 || parseInfo.RequestTime > now+20 { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "invalid data ,time is not in allowed range") + } + value, ok := mapConnPool.Load(parseInfo.WebsocketConnectId) if !ok { return resp.SetStatusWithMessage(basic.CodeOK, "success,but connection is not found") } @@ -46,7 +69,7 @@ func (l *RegisterAccountNotifyLogic) RegisterAccountNotify(req *types.RegisterAc return resp.SetStatusWithMessage(basic.CodeServiceErr, "断言连接错误") } //发送消息到出口缓冲池 - ws.sendToOutChan(ws.respondDataFormat(constants.WEBSOCKET_REGISTER_NOTIFY, req.Data.Info)) + ws.sendToOutChan(ws.respondDataFormat(constants.WEBSOCKET_REGISTER_NOTIFY, parseInfo.Data)) return resp.SetStatusWithMessage(basic.CodeOK, "success") } diff --git a/server/websocket/internal/types/types.go b/server/websocket/internal/types/types.go index aed31ca9..d409d63a 100644 --- a/server/websocket/internal/types/types.go +++ b/server/websocket/internal/types/types.go @@ -13,25 +13,11 @@ type RenderNotifyReq struct { } type RegisterAccountNotifyReq struct { - Data RegisterAccountData `json:"data"` - Time int64 `json:"time,optional"` //utc时间戳(用于验证签名) - Sign string `json:"sign,optional"` //签名 -} - -type RegisterAccountData struct { - WebsocketConnId string `json:"websocket_conn_id"` //连接标识 - Info map[string]interface{} `json:"info"` + Data string `json:"data"` //aes_cbc加密密文 } type LoginNotifyReq struct { - Data LoginNotifyData `json:"data"` - Time int64 `json:"time,optional"` //utc时间戳(用于验证签名) - Sign string `json:"sign,optional"` //签名 -} - -type LoginNotifyData struct { - WebsocketConnId string `json:"websocket_conn_id"` //连接标识 - Info map[string]interface{} `json:"info"` + Data string `json:"data"` //aes_cbc加密密文 } type Request struct { diff --git a/server/websocket/internal/websocket_data/notify_data.go b/server/websocket/internal/websocket_data/notify_data.go new file mode 100644 index 00000000..67c627ba --- /dev/null +++ b/server/websocket/internal/websocket_data/notify_data.go @@ -0,0 +1,8 @@ +package websocket_data + +// 请求回调接口数据(登录|注册) +type NotifyData struct { + WebsocketConnectId string `json:"websocket_connect_id"` //websocket连接唯一标识 + RequestTime int64 `json:"request_time"` //请求回调时的utc时间 + Data interface{} `json:"data"` //其他数据 +} diff --git a/server_api/websocket.api b/server_api/websocket.api index fd856c33..c37ec39a 100644 --- a/server_api/websocket.api +++ b/server_api/websocket.api @@ -32,21 +32,9 @@ type RenderNotifyReq { } //注册回调 type RegisterAccountNotifyReq { - Data RegisterAccountData `json:"data"` - Time int64 `json:"time,optional"` //utc时间戳(用于验证签名) - Sign string `json:"sign,optional"` //签名 -} -type RegisterAccountData { - WebsocketConnId string `json:"websocket_conn_id"` //连接标识 - Info map[string]interface{} `json:"info"` + Data string `json:"data"` //aes_cbc加密密文 } //登录回调 type LoginNotifyReq { - Data LoginNotifyData `json:"data"` - Time int64 `json:"time,optional"` //utc时间戳(用于验证签名) - Sign string `json:"sign,optional"` //签名 -} -type LoginNotifyData { - WebsocketConnId string `json:"websocket_conn_id"` //连接标识 - Info map[string]interface{} `json:"info"` + Data string `json:"data"` //aes_cbc加密密文 } \ No newline at end of file