|
|
@@ -11,7 +11,9 @@ import (
|
|
|
"mtp2_if/rediscli"
|
|
|
"net/http"
|
|
|
"runtime"
|
|
|
+ "strconv"
|
|
|
"strings"
|
|
|
+ "time"
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
)
|
|
|
@@ -117,6 +119,29 @@ func Auth() gin.HandlerFunc {
|
|
|
return
|
|
|
}
|
|
|
|
|
|
+ // 判断时间,10S之内有效
|
|
|
+ t, err := strconv.Atoi(timestamp)
|
|
|
+ if err != nil {
|
|
|
+ c.JSON(http.StatusUnauthorized, gin.H{
|
|
|
+ "code": e.ERROR,
|
|
|
+ "msg": "检验参数错误",
|
|
|
+ "data": struct{}{},
|
|
|
+ })
|
|
|
+
|
|
|
+ c.Abort()
|
|
|
+ return
|
|
|
+ }
|
|
|
+ if time.Now().Unix()-int64(t) > 10 {
|
|
|
+ c.JSON(http.StatusUnauthorized, gin.H{
|
|
|
+ "code": e.ERROR,
|
|
|
+ "msg": "非法调用接口1",
|
|
|
+ "data": struct{}{},
|
|
|
+ })
|
|
|
+
|
|
|
+ c.Abort()
|
|
|
+ return
|
|
|
+ }
|
|
|
+
|
|
|
s := fmt.Sprintf("%s%s", token, timestamp)
|
|
|
hashed := hmac.New(sha256.New, []byte(config.SerCfg.WebCfg.ApiKey))
|
|
|
hashed.Write([]byte(s))
|
|
|
@@ -134,7 +159,7 @@ func Auth() gin.HandlerFunc {
|
|
|
if h != verification {
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{
|
|
|
"code": e.ERROR,
|
|
|
- "msg": "非法调用接口",
|
|
|
+ "msg": "非法调用接口2",
|
|
|
"data": struct{}{},
|
|
|
})
|
|
|
|
