fix secret check and management

3 years ago · dfd028625d
parent a87c16de0d
commit dfd028625d
4 changed files with 18 additions and 12 deletions
--- a/src/api/auth/user_register.go
+++ b/src/api/auth/user_register.go
@ -49,6 +49,10 @@ func UserRegister(c *gin.Context) {
 		c.JSON(http.StatusBadRequest, gin.H{"errCode": 400, "errMsg": err.Error()})
 		return
 	}
+	if params.Secret != config.Config.Secret {
+		c.JSON(http.StatusBadRequest, gin.H{"errCode": 401, "errMsg": "not authorized"})
+		return
+	}
 	pbData := newUserRegisterReq(&params)

 	log.Info("", "", "api user_register is server, [data: %s]", pbData.String())
--- a/src/api/auth/user_token.go
+++ b/src/api/auth/user_token.go
@ -37,6 +37,10 @@ func UserToken(c *gin.Context) {
 		c.JSON(http.StatusBadRequest, gin.H{"errCode": 400, "errMsg": err.Error()})
 		return
 	}
+	if params.Secret != config.Config.Secret {
+		c.JSON(http.StatusBadRequest, gin.H{"errCode": 401, "errMsg": "not authorized"})
+		return
+	}
 	pbData := newUserTokenReq(&params)

 	log.Info("", "", "api user_token is server, [data: %s]", pbData.String())
--- a/src/api/manage/management_chat.go
+++ b/src/api/manage/management_chat.go
@ -35,7 +35,7 @@ type paramsManagementSendMsg struct {
 	SessionType    int32                  `json:"sessionType" binding:"required"`
 }

-func newUserSendMsgReq(token string, params *paramsManagementSendMsg) *pbChat.UserSendMsgReq {
+func newUserSendMsgReq(params *paramsManagementSendMsg) *pbChat.UserSendMsgReq {
 	var newContent string
 	switch params.ContentType {
 	case constant.Text:
@ -53,7 +53,6 @@ func newUserSendMsgReq(token string, params *paramsManagementSendMsg) *pbChat.Us
 	}
 	pbData := pbChat.UserSendMsgReq{
 		ReqIdentifier:  constant.WSSendMsg,
-		Token:          token,
 		SendID:         params.SendID,
 		SenderNickName: params.SenderNickName,
 		SenderFaceURL:  params.SenderFaceURL,
@ -103,15 +102,19 @@ func ManagementSendMsg(c *gin.Context) {
 	}

 	token := c.Request.Header.Get("token")
-	if !utils.IsContain(params.SendID, config.Config.Manager.AppManagerUid) {
-		c.JSON(http.StatusBadRequest, gin.H{"errCode": 400, "errMsg": "not appManager", "sendTime": 0, "MsgID": ""})
+	claims, err := utils.ParseToken(token)
+	if err != nil {
+		log.NewError(params.OperationID, "parse token failed", err.Error())
+		c.JSON(http.StatusBadRequest, gin.H{"errCode": 400, "errMsg": "parse token failed", "sendTime": 0, "MsgID": ""})
+	}
+	if !utils.IsContain(claims.UID, config.Config.Manager.AppManagerUid) {
+		c.JSON(http.StatusBadRequest, gin.H{"errCode": 400, "errMsg": "not authorized", "sendTime": 0, "MsgID": ""})
 		return

 	}
-
 	log.InfoByKv("Ws call success to ManagementSendMsgReq", params.OperationID, "Parameters", params)

-	pbData := newUserSendMsgReq(token, &params)
+	pbData := newUserSendMsgReq(&params)
 	log.Info("", "", "api ManagementSendMsg call start..., [data: %s]", pbData.String())

 	etcdConn := getcdv3.GetConn(config.Config.Etcd.EtcdSchema, strings.Join(config.Config.Etcd.EtcdAddr, ","), config.Config.RpcRegisterName.OpenImOfflineMessageName)
--- a/src/rpc/chat/chat/send_msg.go
+++ b/src/rpc/chat/chat/send_msg.go
@ -42,12 +42,9 @@ type MsgCallBackResp struct {

 func (rpc *rpcChat) UserSendMsg(_ context.Context, pb *pbChat.UserSendMsgReq) (*pbChat.UserSendMsgResp, error) {
 	replay := pbChat.UserSendMsgResp{}
-	log.InfoByKv("sendMsg", pb.OperationID, "args", pb.String())
-	time := utils.GetCurrentTimestampByMill()
+	log.NewDebug(pb.OperationID, "rpc sendMsg come here", pb.String())
 	//if !utils.VerifyToken(pb.Token, pb.SendID) {
 	//	return returnMsg(&replay, pb, http.StatusUnauthorized, "token validate err,not authorized", "", 0)
-	//}
-	log.NewInfo(pb.OperationID, "VerifyToken cost time ", utils.GetCurrentTimestampByMill()-time)
 	serverMsgID := GetMsgID(pb.SendID)
 	pbData := pbChat.WSToMsgSvrChatMsg{}
 	pbData.MsgFrom = pb.MsgFrom
@ -99,10 +96,8 @@ func (rpc *rpcChat) UserSendMsg(_ context.Context, pb *pbChat.UserSendMsgReq) (*
 	}
 	switch pbData.SessionType {
 	case constant.SingleChatType:
-		time := utils.GetCurrentTimestampByMill()
 		err1 := rpc.sendMsgToKafka(&pbData, pbData.RecvID)
 		err2 := rpc.sendMsgToKafka(&pbData, pbData.SendID)
-		log.NewInfo(pb.OperationID, "send kafka cost time ", utils.GetCurrentTimestampByMill()-time)
 		if err1 != nil || err2 != nil {
 			return returnMsg(&replay, pb, 201, "kafka send msg err", "", 0)
 		}