调用接口加密

77c49151 · xianyang · e1156b8f · 77c49151 · 77c49151 · 77c49151
Commit 77c49151 authored May 05, 2023 by xianyang
Showing with 82 additions and 29 deletions

views.py app/api/account/views.py +9 -3

guild.py app/api/statement/guild.py +15 -8

views.py app/api/statement/views.py +1 -1

env.py core/config/env.py +4 -2

functions.py libs/functions.py +53 -15

No files found.
--- a/app/api/account/views.py
+++ b/app/api/account/views.py
@@ -173,17 +173,23 @@ def query_users_info(uuid: str, token=Depends(login_required)):
    if res.status_code != 200:
        return HttpResultResponse(code=500, msg=str(res))
    success = json.loads(res.text)
-    return HttpResultResponse(data=success.get('data'))
+    if success.get('code') != 200:
+        return HttpResultResponse(code=500, msg='php接口:' + success.get('msg'))
+    res_data = functions.AES_Decrypt(success.get('data'))
+    return HttpResultResponse(data=res_data)
 @router.get("/guildInfo")
 def query_guilds_info(uuid: str, token=Depends(login_required)):
-    """查询用户信息"""
+    """查询公会信息"""
    res = functions.query_guild_info(uuid)
    if res.status_code != 200:
        return HttpResultResponse(code=500, msg=str(res))
    success = json.loads(res.text)
-    return HttpResultResponse(data=success.get('data'))
+    if success.get('code') != 200:
+        return HttpResultResponse(code=500, msg='php接口:' + success.get('msg'))
+    res_data = functions.AES_Decrypt(success.get('data'))
+    return HttpResultResponse(data=res_data)
 @router.get("/total")

--- a/app/api/statement/guild.py
+++ b/app/api/statement/guild.py
@@ -11,7 +11,7 @@ from sqlalchemy.orm import Session
 from core.config.env import env, COS_PATH, COS_RERURN_PATH
 from libs.db_link import LinkMysql
 from libs.functions import get_now_timestamp, get_now_datetime, get_order, get_ip, time_str_to_timestamp, \
-    time_int_timestamp, send_json_rpc_request
+    time_int_timestamp, send_json_rpc_request, AES_Decrypt, AES_Encrypt
 from libs.orm import QueryAllData
 from libs.token_verify import get_current_user
 from models.recharge import Settlement, Fitransferlog, FinanceFixLog, Account_log, Paymentlog
@@ -557,8 +557,12 @@ def GuildSettlementAdd(db, data):
                first_sta = 1
                try:
                    url = "http://106.55.103.148:8787/api/guild/editSettlementLog"
-                    json = {'id': guild_data.work_id, 'status': 1}
+                    json_data = {'id': guild_data.work_id, 'status': 1}
-                    res = requests.post(url=url, json=json)
+                    import json
+                    str_data = json.dumps(json_data, separators=(',', ':'))
+                    ciphertext = AES_Encrypt(str_data)
+                    json_data['sign'] = ciphertext
+                    res = requests.post(url=url, json=json_data)
                    if res.status_code != 200:
                        return 400, {"msg": "业务请求失败"}
                except:
@@ -577,8 +581,12 @@ def GuildSettlementAdd(db, data):
        if guild_data.status == 1:
            try:
                url = "http://106.55.103.148:8787/api/guild/editSettlementLog"
-                json = {'id': guild_data.work_id, 'status': 2}
+                json_data = {'id': guild_data.work_id, 'status': 2}
-                res = requests.post(url=url, json=json)
+                import json
+                str_data = json.dumps(json_data, separators=(',', ':'))
+                ciphertext = AES_Encrypt(str_data)
+                json_data['sign'] = ciphertext
+                res = requests.post(url=url, json=json_data)
                if res.status_code != 200:
                    return 400, {"msg": "业务请求失败"}
            except:
@@ -604,13 +612,12 @@ def GuildSettlementAdd(db, data):
    return 200,{"msg": "操作成功"}
 def GuildSettlementmodify(db):
    url ='http://106.55.103.148:8787/api/guild/getGuildSettlementLog'
    response = requests.get(url)
    data = json.loads(response.text)
-    for item in data.get("data"):
+    decode_data = AES_Decrypt(data.get("data"))
+    for item in decode_data:
        guild_data = db.query(GuildSettlementLog).filter(GuildSettlementLog.work_id == item.get("id")).first()
        if guild_data:
            db.query(GuildSettlementLog).filter(GuildSettlementLog.work_id == item.get("id")).update(

--- a/app/api/statement/views.py
+++ b/app/api/statement/views.py
@@ -264,7 +264,7 @@ def menu_list(db: Session = Depends(get_db),menu_type: Optional[int] = ""):
 def guild_add(data: schemas.GuildAddLog, db: Session = Depends(get_db)):
    """公会结算"""
    code, data = GuildSettlementAdd(db, data)
-    return HttpResultResponse(code=code, data=data)
+    return HttpResultResponse(code=code, msg=data.get('msg'))

--- a/core/config/env.py
+++ b/core/config/env.py
@@ -68,6 +68,7 @@ class TestingEnv(Env):
    CLEARING_CENTER_URL: str = 'http://106.55.103.148:6464/'
    CLEARING_CENTER_HOST: str = '106.55.103.148'
    CLEARING_CENTER_PORT: int = 5454
+    KEY = "dK8tZ1jM0wA6oE3j"
 class ProdEnv(Env):
@@ -91,10 +92,11 @@ class ProdEnv(Env):
    CLEARING_CENTER_URL: str = 'http://47.103.144.36:5454/'
    CLEARING_CENTER_HOST: str = '47.103.144.36'
    CLEARING_CENTER_PORT: int = 5454
+    KEY = "dK8tZ1jM0wA6oE3j"
-env = TestingEnv()  # 开发环境
+# env = TestingEnv()  # 开发环境
-# env = ProdEnv()         # 生产环境
+env = ProdEnv()         # 生产环境
 redis_data = env.Redis
 pool = redis.ConnectionPool(host=redis_data.get("host"), port=redis_data.get("port"), password=redis_data.get("password"),

--- a/libs/functions.py
+++ b/libs/functions.py
+import base64
 import hashlib
 import json
 import socket
 import time
 import random
+import binascii
 import uuid as u
 from datetime import datetime, timedelta
 from datetime import datetime
+from Crypto.Cipher import AES
 from dateutil.relativedelta import relativedelta
 import requests
 from core.config.env import env
+from libs.log_utils import Logger
 def get_now_timestamp():
@@ -100,7 +105,9 @@ def wrapper_out():
            param.size = param.size if param.size else 10
            ret = func(db, param)
            return ret
        return inner
    return wrapper
@@ -131,7 +138,6 @@ def send_json_rpc_request(params, method):
    :param method: 传入方法
    """
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
        s.connect((env.CLEARING_CENTER_HOST, env.CLEARING_CENTER_PORT))
        request = {
            "jsonrpc": "2.0",
@@ -162,17 +168,17 @@ def get_ip():
    return res
-def get_month_last_month(month_type,start_time,end_time):
+def get_month_last_month(month_type, start_time, end_time):
-    last_month=0
+    last_month = 0
-    if month_type==2:
+    if month_type == 2:
-       # month_date = datetime.now().date() - relativedelta(months=1)
+        # month_date = datetime.now().date() - relativedelta(months=1)
-       # last_month = month_date.strftime("%Y%m")
+        # last_month = month_date.strftime("%Y%m")
-       last_month =''.join(end_time.split('-')[0:2])
+        last_month = ''.join(end_time.split('-')[0:2])
-       now_month =''.join(start_time.split('-')[0:2])
+        now_month = ''.join(start_time.split('-')[0:2])
    else:
-        now_month= ''.join(start_time.split('-')[0:2])
+        now_month = ''.join(start_time.split('-')[0:2])
-    print(last_month,now_month)
+    print(last_month, now_month)
-    return last_month,now_month
+    return last_month, now_month
 def time_format(utc_timestamp: int):
@@ -185,14 +191,16 @@ def time_format(utc_timestamp: int):
 def query_user_info(user_uuid):
    """获取用户信息"""
    url = "http://106.55.103.148:8787/api/userInfo/getUserInfo"
-    result = requests.post(url=url, json={"uuid": user_uuid})
+    aes_data = AES_Encrypt(user_uuid)
+    result = requests.post(url=url, json={"uuid": user_uuid, "sign": aes_data})
    return result
 def query_guild_info(guild_uuid):
    """获取公会信息"""
    url = "http://106.55.103.148:8787/api/userInfo/getGuildInfo"
-    result = requests.post(url=url, json={"uuid": guild_uuid})
+    aes_data = AES_Encrypt(guild_uuid)
+    result = requests.post(url=url, json={"uuid": guild_uuid, "sign": aes_data})
    return result
@@ -227,9 +235,39 @@ def get_date_list(start, end):
    return tuple(set(data))
-from  datetime import  datetime
+from datetime import datetime
 def time_int_timestamp():
    """时间字符串类型  转为int"""
    time_array = time.strptime(datetime.now().strftime('%Y-%m-%d %H:%M:%S'), "%Y-%m-%d %H:%M:%S")
    return int(time.mktime(time_array))
\ No newline at end of file
+def AES_Decrypt(data):
+    """解密"""
+    ciphertext = binascii.unhexlify(data)
+    # 创建AES解密器对象（ECB模式）
+    cipher = AES.new(env.KEY.encode('utf8'), AES.MODE_ECB)
+    # 解密加密结果
+    plaintext = cipher.decrypt(ciphertext)
+    try:
+        coding_data = plaintext.decode('utf8')
+        num = coding_data.index('}')
+        slice_data = coding_data[:num + 1]
+        res_data = json.loads(slice_data)
+    except Exception as e:
+        Logger(40).logger.error(f"php数据解密异常：{str(e)}，数据：{plaintext}")
+        return list(eval(coding_data))
+    return res_data
+def AES_Encrypt(data):
+    """加密"""
+    pad = lambda s: s + (16 - len(s) % 16) * chr(16 - len(s) % 16)
+    data = pad(data)
+    # 字符串补位
+    cipher = AES.new(env.KEY.encode('utf8'), AES.MODE_ECB)
+    ciphertext = cipher.encrypt(data.encode('utf8'))
+    hex_cipher = binascii.hexlify(ciphertext).decode('utf-8')
+    return hex_cipher