Add 路由中间件 MD5 签名

yifei337 · Sep 30, 2019 · dc613b9 · dc613b9
1 parent 5ae8afb
commit dc613b9
Show file tree

Hide file tree

Showing 4 changed files with 128 additions and 1 deletion.
diff --git a/app/config/config.go b/app/config/config.go
@@ -5,6 +5,13 @@ const (
 	AppPort = ":9999"
 	AppName = "go-gin-api"
 
+	// MD5 密钥
+	AppSignSecret = "4OhYXtDYNYxQsGetqASVOTP37jGt5gGY"
+
+	// MD5 签名超时时间 120s
+	AppSignExpiry = "120"
+
+
 	// 超时时间
 	AppReadTimeout  = 120
 	AppWriteTimeout = 120

diff --git a/app/route/middleware/sign/md5/md5.go b/app/route/middleware/sign/md5/md5.go
@@ -0,0 +1,107 @@
+package sign_md5
+
+import (
+	"errors"
+	"fmt"
+	"github.com/gin-gonic/gin"
+	"go-gin-api/app/config"
+	"go-gin-api/app/util"
+	"net/url"
+	"sort"
+	"strconv"
+	"time"
+)
+
+// MD5 组合加密
+func SetUp() gin.HandlerFunc {
+
+	return func(c *gin.Context) {
+		utilGin := util.Gin{Ctx: c}
+
+		sign, err := verifyMD5Sign(c)
+
+		if sign != nil {
+			utilGin.Response(-1, "Debug Sign", sign)
+			c.Abort()
+			return
+		}
+
+		if err != nil {
+			utilGin.Response(-1, err.Error(), sign)
+			c.Abort()
+			return
+		}
+
+		c.Next()
+	}
+}
+
+// 创建签名
+func createMD5Sign(params url.Values) string {
+	var key []string
+	var str = ""
+	for k := range params {
+		if k != "sn" && k != "ts" && k != "debug" {
+			key = append(key, k)
+		}
+	}
+	sort.Strings(key)
+	for i := 0; i < len(key); i++ {
+		if i == 0 {
+			str = fmt.Sprintf("%v=%v", key[i], params.Get(key[i]))
+		} else {
+			str = str + fmt.Sprintf("&%v=%v", key[i], params.Get(key[i]))
+		}
+	}
+
+	// 自定义签名算法
+	sign := util.MD5(config.AppSignSecret + str + config.AppSignSecret)
+	return sign
+}
+
+// 验证签名
+func verifyMD5Sign(c *gin.Context) (map[string]string, error) {
+	var method = c.Request.Method
+	var ts int64
+	var sn string
+	var req url.Values
+	var debug string
+
+	if method == "GET" {
+		req = c.Request.URL.Query()
+		sn = c.Query("sn")
+		debug = c.Query("debug")
+		ts, _ = strconv.ParseInt(c.Query("ts"), 10, 64)
+	} else if method == "POST" {
+		_ = c.Request.ParseForm()
+		req = c.Request.PostForm
+		sn = c.PostForm("sn")
+		debug = c.PostForm("debug")
+		ts, _ = strconv.ParseInt(c.PostForm("ts"), 10, 64)
+	} else {
+		return nil, errors.New("非法请求")
+	}
+
+	if debug == "1" {
+		res := map[string]string{
+			"ts": strconv.FormatInt(util.GetCurrentUnix(), 10),
+			"sn": createMD5Sign(req),
+		}
+		return res, nil
+	}
+
+	exp, _ := strconv.ParseInt(config.AppSignExpiry, 10, 64)
+
+	// 验证过期时间
+	timestamp := time.Now().Unix()
+	if ts > timestamp || timestamp - ts >= exp {
+		return nil, errors.New("ts Error")
+	}
+
+	// 验证签名
+	if sn == "" || sn != createMD5Sign(req) {
+		return nil, errors.New("sn Error")
+	}
+
+	return nil, nil
+}
diff --git a/app/route/route.go b/app/route/route.go
@@ -7,6 +7,7 @@ import (
 	"go-gin-api/app/route/middleware/exception"
 	"go-gin-api/app/route/middleware/jaeger"
 	"go-gin-api/app/route/middleware/logger"
+	signMD5 "go-gin-api/app/route/middleware/sign/md5"
 	"go-gin-api/app/util"
 )
 
@@ -31,7 +32,7 @@ func SetupRouter(engine *gin.Engine) {
 
 	//@todo 记录请求超时的路由
 
-	ProductRouter := engine.Group("/product")
+	ProductRouter := engine.Group("/product").Use(signMD5.SetUp())
 	{
 		// 新增产品
 		ProductRouter.POST("", product.Add)

diff --git a/app/util/md5.go b/app/util/md5.go
@@ -0,0 +1,12 @@
+package util
+
+import (
+	"crypto/md5"
+	"encoding/hex"
+)
+
+func MD5(str string) string {
+	s := md5.New()
+	s.Write([]byte(str))
+	return hex.EncodeToString(s.Sum(nil))
+}