From 2c86d804e005a62591fcc6a78c845d7a295aebcf Mon Sep 17 00:00:00 2001
From: Helius <wangdoubleone@gmail.com>
Date: Thu, 26 May 2022 19:40:45 +0800
Subject: [PATCH] add dapp login

---
 src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java |   30 ++++++++++++++++++++++++++----
 1 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java b/src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java
index a997db1..2c4927e 100644
--- a/src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java
+++ b/src/main/java/cc/mrbird/febs/common/interceptor/DappInterceptor.java
@@ -1,5 +1,6 @@
 package cc.mrbird.febs.common.interceptor;
 
+import cc.mrbird.febs.common.contants.AppContants;
 import cc.mrbird.febs.common.entity.FebsResponse;
 import cc.mrbird.febs.common.utils.RedisUtils;
 import cc.mrbird.febs.common.utils.SpringContextUtil;
@@ -8,12 +9,15 @@
 import cn.hutool.core.util.StrUtil;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.web.servlet.HandlerInterceptor;
+import org.web3j.crypto.Hash;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
+import java.util.Map;
 
 /**
  * @author 
@@ -23,22 +27,40 @@
 public class DappInterceptor implements HandlerInterceptor {
 
     private final DappMemberDao dappMemberDao = SpringContextUtil.getBean(DappMemberDao.class);
+    private final RedisUtils redisUtils = SpringContextUtil.getBean(RedisUtils.class);
 
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         if ("OPTIONS".equals(request.getMethod().toUpperCase())) {
             return true;
         }
+        String headAddress = request.getHeader("address");
+        String key = request.getHeader("key");
+        String path = request.getServletPath().replace("/dapi", "");
+        log.info("进入拦截:{}, {}", headAddress, path);
 
-        String headAddress = request.getHeader("token");
         String chain = request.getHeader("chain");
-        log.info("进入拦截:{}", headAddress);
-        if (StrUtil.isBlank(headAddress)) {
+        if (StrUtil.isBlank(headAddress) || StrUtil.isBlank(key)) {
             responseUnAuth(response);
             return false;
         }
 
-        DappMemberEntity memberEntity = dappMemberDao.selectByAddress(headAddress, chain);
+        Map<Object, Object> signKey = redisUtils.hmget(AppContants.REDIS_KEY_SIGN);
+        Object signObj = signKey.get(headAddress);
+
+        if (signObj == null) {
+            responseUnAuth(response);
+            return false;
+        }
+        String sign = (String) signObj;
+
+        String calKey = Hash.sha3(sign + path + headAddress).replace("0x", "");
+        if (!calKey.equals(key)) {
+            responseUnAuth(response);
+            return false;
+        }
+
+        DappMemberEntity memberEntity = dappMemberDao.selectByAddress(headAddress, null);
         if (memberEntity == null) {
             responseUnAuth(response);
             return false;

--
Gitblit v1.9.1