| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 |
- package auth
- import (
- "crypto/sha1"
- "errors"
- "fmt"
- "math/rand"
- "strings"
- "git.shuncheng.lu/bigthing/gocommon/pkg/conf"
- "git.shuncheng.lu/bigthing/gocommon/pkg/logger"
- )
- const (
- serviceKey = "30346876b3f45bab965823b9aa64a1a4"
- key = "key"
- name = "name"
- )
- var (
- serviceTokenVerifyFail = errors.New("service token verify fail")
- serviceTokenInvalid = errors.New("service_token invalid")
- )
- //服务Service-token的生成
- func GenerateToken(node string) string {
- // 需要配置 node 的 key 和 name
- keySec := conf.GetString(node, key, "")
- serviceName := conf.GetString(node, name, "")
- randInt := rand.Intn(10000)
- payload := fmt.Sprintf("%s.%d", serviceName, randInt)
- //sha1加密
- str := fmt.Sprintf("%s%s", payload, keySec)
- h := sha1.New()
- h.Write([]byte(str))
- bs := h.Sum(nil)
- return fmt.Sprintf("%s.%x", payload, bs)
- }
- //Service-token的验证
- func VerifyToken(token string) (bool, error) {
- tokenArr := strings.Split(token, ".")
- if len(tokenArr) != 3 {
- return false, serviceTokenInvalid
- }
- h := sha1.New()
- str := fmt.Sprintf("%s.%s%s", tokenArr[0], tokenArr[1], serviceKey)
- _, err := h.Write([]byte(str))
- if err != nil {
- return false, err
- }
- bs := h.Sum(nil)
- sign := fmt.Sprintf("%x", bs)
- if !strings.EqualFold(sign, tokenArr[2]) {
- logger.Errorf("[service-token] service token verify fail, sign: %s, client_token: %s, token: %s, str: %s", sign, tokenArr[2], token, str)
- return false, serviceTokenVerifyFail
- }
- return true, nil
- }
|
