OMC/nbi_alarm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

登录回跳

Browse Source
This commit is contained in:
TsMask
2023-08-23 17:22:22 +08:00
parent efd3ff69a1
commit 5b7778b09e
5 changed files with 74 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
handle/api/req_cmca_login_alarm.go
View File

@@ -3,7 +3,8 @@ package api
import ( import (
"omc/core" "omc/core"
"omc/core/manage" "omc/core/manage"
"omc/core/utils" "omc/core/parse"
"omc/handle/service"
"github.com/aceld/zinx/ziface" "github.com/aceld/zinx/ziface"
"github.com/aceld/zinx/zlog" "github.com/aceld/zinx/zlog"
@@ -20,6 +21,16 @@ type ReqCMCALoginAlarm struct {
} }
func (*ReqCMCALoginAlarm) Handle(request ziface.IRequest) { func (*ReqCMCALoginAlarm) Handle(request ziface.IRequest) {
// 登录消息处理
body, err := parse.RequestBodyDecode(request, []string{"user", "key", "cert", "type"})
username := body.Data["user"]
key := body.Data["key"]
tp := body.Data["type"]
if err != nil || username == "" || key == "" || tp == "" {
zlog.Ins().ErrorF("inlaid message body %s", err.Error())
request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.ResultError(ReqLoginAlarmMsgName, err.Error(), ""))
return
}
// 获取当前请求的通道 // 获取当前请求的通道
m := manage.GetManager(request.GetConnection().GetName()) m := manage.GetManager(request.GetConnection().GetName())
@@ -34,13 +45,39 @@ func (*ReqCMCALoginAlarm) Handle(request ziface.IRequest) {
request.GetConnection().Stop() request.GetConnection().Stop()
return return
} }
// seqNo 32位长度 0-9A-Z // 得到连接实例的随机码
seqNo := utils.SeqNo(32) seqNo := m.GetUserByPID(uid.(string)).SeqNo
m.SetSeqNo(uid.(string), seqNo) content := username + ":" + seqNo
// 检查判断是否对应随机码
// 发送信息 if err := service.CMCALogin(content, key); err != nil {
msgData := map[string]string{ zlog.Ins().ErrorF("LoginFail %s", err)
"seqNo": seqNo, request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.Result(ReqLoginAlarmMsgName, map[string]string{
"result": "autherror",
"resDesc": err.Error(),
}))
// 已登录的登录错误超过3次,断开连接
if uid != nil || uid != "" {
isClose, _ := m.LoginFail(uid.(string))
if isClose {
request.GetConnection().Stop()
return
}
}
return
} }
request.GetConnection().SendMsg(ReqCMCALoginAlarmMsgType, core.Result(ReqCMCALoginAlarmMsgName, msgData))
// manager 用户登录更新
err = m.LoginSuccess(uid.(string), username, tp)
if err != nil {
zlog.Ins().ErrorF("manager:%s", err)
request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.Result(ReqLoginAlarmMsgName, map[string]string{
"result": "autherror",
"resDesc": err.Error(),
}))
return
}
zlog.Ins().InfoF("user login loginSuccess,username:%s, type:%s, channel:%s", username, tp, request.GetConnection().GetName())
request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.ResultSuccess(ReqLoginAlarmMsgName, "ok", ""))
} }

83
handle/api/req_cmca_login_seq copy.go
View File

@@ -1,83 +0,0 @@
package api
// import (
// "omc/core"
// "omc/core/manage"
// "omc/core/parse"
// "omc/handle/service"
// "github.com/aceld/zinx/ziface"
// "github.com/aceld/zinx/zlog"
// "github.com/aceld/zinx/znet"
// )
// var ReqCMCALoginSeqMsgID uint32 = 12
// var ReqCMCALoginSeqMsgType uint32 = 13
// var ReqCMCALoginSeqMsgName string = "ackCMCALoginSeq"
// // reqCMCALoginSeq CMCA认证方式登录随机码
// type ReqCMCALoginSeq struct {
// znet.BaseRouter
// }
// // reqCMCALoginAlarm;user=omc;key=base64Key;cert=cer;type=msg"
// func (s *ReqCMCALoginSeq) Handle(request ziface.IRequest) {
// // 登录消息处理
// body, err := parse.RequestBodyDecode(request, []string{"user", "key", "cert", "type"})
// if err != nil {
// zlog.Ins().ErrorF("inlaid message body %s", err.Error())
// request.GetConnection().SendMsg(ReqCMCALoginSeqMsgType, core.ResultError(ReqCMCALoginSeqMsgName, err.Error(), ""))
// return
// }
// // 获取当前请求的通道
// m := manage.GetManager(request.GetConnection().GetName())
// if m == nil {
// zlog.Ins().ErrorF("server internal error")
// request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.ResultError(ReqLoginAlarmMsgName, "server internal error", ""))
// return
// }
// uid, err := request.GetConnection().GetProperty("UID")
// if err != nil {
// zlog.Ins().ErrorF("GetProperty UID error %s", err)
// request.GetConnection().Stop()
// return
// }
// // 账户和消息类型
// username := body.Data["key"]
// tp := body.Data["type"]
// //登录信息check
// seqNo := m.GetUserByPID(uid.(string)).SeqNo
// if ok, err := service.CMCALogin(seqNo, username, body.Data["cert"]); !ok || err != nil {
// zlog.Ins().ErrorF("LoginFail %s", err)
// request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.Result(ReqLoginAlarmMsgName, map[string]string{
// "result": "autherror",
// "resDesc": err.Error(),
// }))
// // 已登录的登录错误超过3次,断开连接
// if uid != nil || uid != "" {
// isClose, _ := m.LoginFail(uid.(string))
// if isClose {
// request.GetConnection().Stop()
// return
// }
// }
// return
// }
// // manager 用户登录更新
// err = m.LoginSuccess(uid.(string), username, tp)
// if err != nil {
// zlog.Ins().ErrorF("manager:%s", err)
// request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.Result(ReqLoginAlarmMsgName, map[string]string{
// "result": "autherror",
// "resDesc": err.Error(),
// }))
// return
// }
// zlog.Ins().InfoF("user login loginSuccess,username:%s, type:%s, channel:%s", username, tp, request.GetConnection().GetName())
// request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.ResultSuccess(ReqLoginAlarmMsgName, "", ""))
// }

2
handle/api/req_cmca_login_seq.go
View File

@@ -39,7 +39,7 @@ func (s *ReqCMCALoginSeq) Handle(request ziface.IRequest) {
seqNo := utils.SeqNo(32) seqNo := utils.SeqNo(32)
m.SetSeqNo(uid.(string), seqNo) m.SetSeqNo(uid.(string), seqNo)
// 发送信息 // 发送随机码去sha256加密
msgData := map[string]string{ msgData := map[string]string{
"seqNo": seqNo, "seqNo": seqNo,
} }

7
handle/api/req_login_alarm.go
View File

@@ -27,6 +27,7 @@ func (s *ReqLoginAlarm) Handle(request ziface.IRequest) {
// 账户密码 // 账户密码
username := body.Data["user"] username := body.Data["user"]
key := body.Data["key"] key := body.Data["key"]
tp := body.Data["type"]
if err != nil || username == "" || key == "" { if err != nil || username == "" || key == "" {
zlog.Ins().ErrorF("inlaid message body %s", err.Error()) zlog.Ins().ErrorF("inlaid message body %s", err.Error())
request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.ResultError(ReqLoginAlarmMsgName, "inlaid message body", "")) request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.ResultError(ReqLoginAlarmMsgName, "inlaid message body", ""))
@@ -67,7 +68,7 @@ func (s *ReqLoginAlarm) Handle(request ziface.IRequest) {
} }
// manager 用户登录更新 // manager 用户登录更新
err = m.LoginSuccess(uid.(string), username, key) err = m.LoginSuccess(uid.(string), username, tp)
if err != nil { if err != nil {
zlog.Ins().ErrorF("manager:%s", err) zlog.Ins().ErrorF("manager:%s", err)
request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.Result(ReqLoginAlarmMsgName, map[string]string{ request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.Result(ReqLoginAlarmMsgName, map[string]string{
@@ -76,6 +77,6 @@ func (s *ReqLoginAlarm) Handle(request ziface.IRequest) {
})) }))
return return
} }
zlog.Ins().InfoF("user login loginSuccess,username:%s, type:%s, channel:%s", username, key, request.GetConnection().GetName()) zlog.Ins().InfoF("user login loginSuccess,username:%s, type:%s, channel:%s", username, tp, request.GetConnection().GetName())
request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.ResultSuccess(ReqLoginAlarmMsgName, "", "")) request.GetConnection().SendMsg(ReqLoginAlarmMsgType, core.ResultSuccess(ReqLoginAlarmMsgName, "ok", ""))
} }

50
handle/service/login.go
View File

@@ -1,15 +1,14 @@
package service package service
import ( import (
"crypto/x509"
"encoding/base64" "encoding/base64"
"encoding/pem"
"errors" "errors"
"omc/ca" "fmt"
"omc/conf" "omc/conf"
"omc/core/db" "omc/core/db"
"omc/core/utils" "omc/core/utils"
"omc/handle/model" "omc/handle/model"
"os"
"github.com/aceld/zinx/zlog" "github.com/aceld/zinx/zlog"
) )
@@ -30,37 +29,34 @@ func UserLogin(name, passwd string) error {
return nil return nil
} }
func CMCALogin(source, sign, cert string) (login bool, err error) { // CMCALogin 验证随机码
defer func() { // content "user:seqNo" 组合的字符
if r := recover(); r != nil { // signatureBase64 签名数据base64编码
zlog.Ins().ErrorF("CMCALogin panic:%v", r) func CMCALogin(content, signatureBase64 string) error {
} // 读取文件内容
}() strByte, err := os.ReadFile(conf.OmcConf.PublicKey)
//base64 解码签名数据
signBytes, err := base64.StdEncoding.DecodeString(sign)
if err != nil { if err != nil {
return false, err return fmt.Errorf("无法读取文件 %v", err)
} }
//证书加载 // 公钥
block, _ := pem.Decode([]byte(cert)) publicKeyPEM := fmt.Sprintf("-----BEGIN RSA PUBLIC KEY-----\n %s \n-----END RSA PUBLIC KEY-----", strByte)
//证书解析 // 解析公钥
certBody, err := x509.ParseCertificate(block.Bytes) publicKey, err := utils.ParsePKCS1PublicKey(publicKeyPEM)
if err != nil { if err != nil {
return false, err fmt.Println("解析公钥失败:", err)
} }
//证书校验 // 解码base64得到签名字节串
if conf.OmcConf.CA.Check { signature, err := base64.StdEncoding.DecodeString(signatureBase64)
if err := ca.VerifyCert(certBody); err != nil { if err != nil {
return false, err fmt.Println("解码签名数据失败:", err)
}
} }
//签名验证 // 验证签名
err = ca.VerifyRSA([]byte(source), signBytes, certBody) valid := utils.VerifySignature(publicKey, []byte(content), signature)
if err != nil { if valid {
return false, err return nil
} }
return true, nil return errors.New("随机码签名验证失败")
} }