baiwenju
/
Middlewares-Linux


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138
							#include "TokenList.h"
#include <iostream>
#include <cryptopp/aes.h>
#include <cryptopp/filters.h>
#include <cryptopp/modes.h>
#include <cryptopp/base64.h>
#include <cryptopp/hex.h>
#include "Config.h"

#define TIME_OUT 60
#define TIME_EXPIRE 120

bool TokenList::Auth(const std::int64_t &llConID, const std::string &strData)
{
	std::int64_t  llsubTime = 0;
	std::string  strMark;
	if (!decry_data(strData, llsubTime, strMark)) {
		return false;
	}
	if (llsubTime > TIME_OUT || llsubTime < -TIME_OUT) {
		std::cout << "验证失败，超时 "<<llsubTime << std::endl;
		return false;
	}
	
	std::unique_lock<std::shared_mutex>lock(mut);
	/*for (auto it = this->begin(); it != this->end(); ) {
		decry_data(strData, llsubTime, strMark);
		if (llsubTime > TIME_EXPIRE) {
			it = this->erase(it);
		}
		else {
			++it;
		}
	}*/
	for (auto it = this->begin();it!=this->end();++it) {
		if (it->second == strData) {
			std::cout << "Token验证失败,该Token已被使用" << std::endl;
			return false;
		}
	}
	this->erase(llConID);
	this->insert(std::pair<std::int64_t, std::string>(llConID, strData));
	return true;
}

bool TokenList::exists(const std::int64_t & llConID)
{
	std::unique_lock<std::shared_mutex>lock(mut);
	auto it = this->find(llConID);
	if (it != this->end()) {
		return true;
	}
	return false;
}

void TokenList::remove(const std::int64_t & llConID)
{
	std::unique_lock<std::shared_mutex>lock(mut);
	auto it = this->find(llConID);
	if (it != this->end()) {
		this->erase(it);
	}
}

bool TokenList::decry_data(const std::string & strData, std::int64_t & llsubTime, std::string & strMark)
{
	auto cfg =  CConfig::GetInstance();
	auto key = cfg->aesKey();
	auto mark = cfg->aesMark();
	//unsigned char *ptr = reinterpret_cast<unsigned char*>(const_cast<char*>(key.data()));
	//auto src = aes_decrypt_ecb_base64(strData, ptr, key.length());
	auto src = aes_decrypt_ecb_base64(strData, (std::uint8_t*)key.data(), key.length());
	if (src.length() != (13 + mark.length())) { // 前端发送的至少13位的时间戳
		std::cout << "验证失败,Token不合法" << std::endl;
		return false;
	}
	auto strTime = src.substr(0, 10);// 获取到秒的时间戳
    llsubTime = time(0) - atoi(strTime.c_str());
    strMark = src.substr(13, src.length() - 13);
	if (strMark != mark) {
		std::cout << "验证失败,Token标识不合法" << std::endl;
		return false;
	}
	return true;
}

std::string TokenList::aes_encrypt_ecb_base64(std::string data, unsigned char * key, int keylen)
{
	std::string encrypt_str;
	try
	{
		CryptoPP::ECB_Mode<CryptoPP::AES>::Encryption ecb_encription(key, keylen);
		CryptoPP::StreamTransformationFilter stf_encription(
			ecb_encription,
			new CryptoPP::Base64Encoder(new CryptoPP::StringSink(encrypt_str)),
			CryptoPP::BlockPaddingSchemeDef::DEFAULT_PADDING
		);
		stf_encription.Put(reinterpret_cast<const unsigned char*>(data.c_str()), data.length());
		stf_encription.MessageEnd();
	}
	catch (std::exception e) {
		std::cout << e.what() << std::endl;
	}

	return encrypt_str;
}

std::string TokenList::aes_decrypt_ecb_base64(std::string base64_data, unsigned char * key, int keylen)
{
	try
	{
		std::string aes_encrypt_data;
		CryptoPP::Base64Decoder decoder;
		decoder.Attach(new CryptoPP::StringSink(aes_encrypt_data));
		decoder.Put(reinterpret_cast<const unsigned char*>(base64_data.c_str()), base64_data.length());
		decoder.MessageEnd();

		std::string decrypt_data;
		CryptoPP::ECB_Mode<CryptoPP::AES>::Decryption ebc_description(key, keylen);
		CryptoPP::StreamTransformationFilter stf_description(
			ebc_description,
			new CryptoPP::StringSink(decrypt_data),
			CryptoPP::BlockPaddingSchemeDef::DEFAULT_PADDING
		);

		stf_description.Put(
			reinterpret_cast<const unsigned char*>(aes_encrypt_data.c_str()),
			aes_encrypt_data.length()
		);
		stf_description.MessageEnd();

		return decrypt_data;
	}
	catch (std::exception e) {
		std::cout << e.what() << std::endl;
		return "";
	}
}