From 08d5c76dc776c64efeb2a7d8fa33f90ee5132bfe Mon Sep 17 00:00:00 2001
From: Helius <wangdoubleone@gmail.com>
Date: Sun, 04 Sep 2022 12:10:36 +0800
Subject: [PATCH] fix
---
src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java | 37 ++++++++++++++++++++++++-------------
1 files changed, 24 insertions(+), 13 deletions(-)
diff --git a/src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java b/src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java
index c906df8..a0d0218 100644
--- a/src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java
+++ b/src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java
@@ -2,15 +2,20 @@
import cc.mrbird.febs.common.contants.AppContants;
import cc.mrbird.febs.common.entity.FebsResponse;
+import cc.mrbird.febs.common.properties.SystemProperties;
import cc.mrbird.febs.common.utils.LoginUserUtil;
import cc.mrbird.febs.common.utils.RedisUtils;
import cc.mrbird.febs.common.utils.SpringContextUtil;
import cc.mrbird.febs.dapp.entity.DappMemberEntity;
import cc.mrbird.febs.dapp.mapper.DappMemberDao;
import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.SecureUtil;
+import cn.hutool.crypto.asymmetric.KeyType;
+import com.alibaba.fastjson.JSONObject;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.HandlerInterceptor;
import org.web3j.crypto.Hash;
@@ -30,6 +35,8 @@
private final DappMemberDao dappMemberDao = SpringContextUtil.getBean(DappMemberDao.class);
private final RedisUtils redisUtils = SpringContextUtil.getBean(RedisUtils.class);
+ private SystemProperties systemProperties = SpringContextUtil.getBean(SystemProperties.class);
+
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if ("OPTIONS".equals(request.getMethod().toUpperCase())) {
@@ -38,7 +45,6 @@
String headAddress = request.getHeader("address");
String key = request.getHeader("key");
String path = request.getServletPath().replace("/dapi", "");
- log.info("进入拦截:{}, {}, {}", headAddress, path, key);
String chain = request.getHeader("chain");
if (StrUtil.isBlank(headAddress) || StrUtil.isBlank(key)) {
@@ -46,19 +52,21 @@
return false;
}
- Map<Object, Object> signKey = redisUtils.hmget(AppContants.REDIS_KEY_SIGN);
- Object signObj = signKey.get(headAddress);
+ if (!systemProperties.isDebug()) {
+ Map<Object, Object> signKey = redisUtils.hmget(AppContants.REDIS_KEY_SIGN);
+ Object signObj = signKey.get(headAddress);
- if (signObj == null) {
- responseUnAuth(response);
- return false;
- }
- String sign = (String) signObj;
+ if (signObj == null) {
+ responseUnAuth(response);
+ return false;
+ }
+ String sign = (String) signObj;
- String calKey = LoginUserUtil.sha3(sign + path + headAddress).replace("0x", "");
- if (!calKey.equals(key)) {
- responseUnAuth(response);
- return false;
+ String calKey = LoginUserUtil.sha3(sign + path + headAddress).replace("0x", "");
+ if (!calKey.equals(key)) {
+ responseUnAuth(response);
+ return false;
+ }
}
DappMemberEntity memberEntity = dappMemberDao.selectByAddress(headAddress, null);
@@ -74,7 +82,10 @@
private void responseUnAuth(HttpServletResponse response) throws IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
- response.getWriter().write(new ObjectMapper().writeValueAsString(new FebsResponse().code(HttpStatus.UNAUTHORIZED)));
+
+ FebsResponse code = new FebsResponse().code(HttpStatus.UNAUTHORIZED);
+ String encryptBase64 = SecureUtil.rsa(AppContants.RESP_PRIVATE_KEY, AppContants.RESP_PUBLIC_KEY).encryptBase64(JSONObject.toJSONString(code).getBytes(), KeyType.PublicKey);
+ response.getWriter().write(new ObjectMapper().writeValueAsString(encryptBase64));
}
public static void main(String[] args) {
--
Gitblit v1.9.1