package cc.mrbird.febs.common.interceptor; import cc.mrbird.febs.common.contants.AppContants; import cc.mrbird.febs.common.entity.FebsResponse; import cc.mrbird.febs.common.utils.LoginUserUtil; import cc.mrbird.febs.common.utils.RedisUtils; import cc.mrbird.febs.common.utils.SpringContextUtil; import cc.mrbird.febs.dapp.entity.DappMemberEntity; import cc.mrbird.febs.dapp.mapper.DappMemberDao; import cn.hutool.core.util.StrUtil; import cn.hutool.crypto.SecureUtil; import cn.hutool.crypto.asymmetric.KeyType; import com.alibaba.fastjson.JSONObject; import com.fasterxml.jackson.databind.ObjectMapper; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.web.servlet.HandlerInterceptor; import org.web3j.crypto.Hash; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Map; /** * @author * @date 2022-03-17 **/ @Slf4j public class DappInterceptor implements HandlerInterceptor { private final DappMemberDao dappMemberDao = SpringContextUtil.getBean(DappMemberDao.class); private final RedisUtils redisUtils = SpringContextUtil.getBean(RedisUtils.class); @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if ("OPTIONS".equals(request.getMethod().toUpperCase())) { return true; } String headAddress = request.getHeader("address"); String key = request.getHeader("key"); String path = request.getServletPath().replace("/dapi", ""); String chain = request.getHeader("chain"); if (StrUtil.isBlank(headAddress) || StrUtil.isBlank(key)) { responseUnAuth(response); return false; } Map signKey = redisUtils.hmget(AppContants.REDIS_KEY_SIGN); Object signObj = signKey.get(headAddress); if (signObj == null) { responseUnAuth(response); return false; } String sign = (String) signObj; String calKey = LoginUserUtil.sha3(sign + path + headAddress).replace("0x", ""); if (!calKey.equals(key)) { responseUnAuth(response); return false; } DappMemberEntity memberEntity = dappMemberDao.selectByAddress(headAddress, null); if (memberEntity == null) { responseUnAuth(response); return false; } request.getSession().setAttribute("member", memberEntity); return true; } private void responseUnAuth(HttpServletResponse response) throws IOException { response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); FebsResponse code = new FebsResponse().code(HttpStatus.UNAUTHORIZED); String encryptBase64 = SecureUtil.rsa(AppContants.RESP_PRIVATE_KEY, AppContants.RESP_PUBLIC_KEY).encryptBase64(JSONObject.toJSONString(code).getBytes(), KeyType.PublicKey); response.getWriter().write(new ObjectMapper().writeValueAsString(encryptBase64)); } public static void main(String[] args) { String headAddress = "0x971c09aa9735eb98459b17ec8b48932d24cbb931"; String path = "/member/walletInfo"; String sign = "0x1fd3f82895ca4615daa10ec245d628ca230358e08423df71c8f6c8d3d4163520"; // System.out.println(Hash.sha3(sign + path + headAddress)); } }